It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
When leaked documents claimed to have caught the NSA inserting bad protocols into the national standards board NIST, it raised more questions than answers. Why would the NSA go to the trouble of inserting a inferior standard into NIST's set of four, when most cryptographers would simply ignore the bad algorithm in favor of the others? Even if foul play had occurred, what was the agency getting out of the deal?
"The NSA could subvert the encryption whenever they needed to"
Now, a Reuters exclusive report is showing the other side of the story. The report details a secret deal between the NSA and respected encryption company RSA, in which the agency paid $10 million for RSA to incorporate the weaker algorithm into an encryption product ..
RSA, now a subsidiary of computer storage giant EMC Corp, urged customers to stop using the NSA formula after the Snowden disclosures revealed its weakness.
RSA said in a statement: "RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own."
several (former RSA employees) said that RSA also was misled by government officials, who portrayed the formula as a secure technological advance.
The earlier disclosures of RSA's entanglement with the NSA already had shocked some in the close-knit world of computer security experts. The company had a long history of championing privacy and security, and it played a leading role in blocking a 1990s effort by the NSA to require a special chip to enable spying on a wide range of computer and communications products.
Snarl
reply to post by FarmerGeneral
There's virtually nothing the NSA can't decipher. Some for the reasons you posted.
Encryption draws more attention than it's worth.
Snarl
reply to post by FarmerGeneral
There's virtually nothing the NSA can't decipher. Some for the reasons you posted.
Encryption draws more attention than it's worth.
RedmoonMWC
reply to post by FarmerGeneral
I call Bullpucky on this, these are supposed to be cryptography experts. The only reason, in my humble opinion, that they came clean and recomended customers stop using the NSA formula was because they were busted by Snowden.
Mishmashum
reply to post by FarmerGeneral
It is really hard to imagine Ronald Rivest, Adi Shamir, and Len Adleman pawning off a compromised algorithm. With that much brainpower I have no doubt they were able to figure out it was weak. However it is hard to imagine they knew in advance the entire thing was compromised. It would unequivocally destroy their standing in academia and the security community. That is not worth a paltry 10 million. Somehow they got duped.
TrueBrit
reply to post by FarmerGeneral
I would take the bribe, and promptly use it to pay someone to whack the head of the agency responsible, while simultaneously broadcasting the truth about them from several different locations all over the planet. Corruption is intolerable.
Riffrafter
Snarl
reply to post by FarmerGeneral
There's virtually nothing the NSA can't decipher. Some for the reasons you posted.
Encryption draws more attention than it's worth.
The only thing that remains to be seen is how much "truth" may come to light as a direct or indirect result of Snowden. This one still has a long way to play out...
but we also categorically state that we have never entered into any contract or engaged in any project with the intention of weakening RSA’s products, or introducing potential ‘backdoors’ into our products for anyone’s use.