security and encryption specialist RSA According to a report by Reuters, $ 10 million from the U.S. Foreign Intelligence National Security Agency (NSA) has received. In this way it should have come to what became known in September faulty implementation of RSA tokens pointed to by Edward Snowden made available documents NSA.
Today EMC subsidiary RSA denies the accusation “categorically”, while Reuters relies on two anonymous informants. The money was allegedly paid to them that RSA installs a backdoor into its encryption product BSafe.
“Now we know that RSA has been bribed,” said security expert Bruce Schneier, who had worked on the analysis of the Snowden documents. “I certainly would not trust them, despite all the statements that the safety of the customer comes first.”
Schneier reminds us of the history. So RSA had contributed in the nineties a significant contribution to stop government plans, which stipulated to make every one of them uniquely identifiable by a chip. But its algorithms are just as already fallen victim to hackers as the sister company Verisign.
The release of Reuters Schneier sees as particularly interesting in terms of the tactics of the NSA. “Do you think that the bribing only one company in the history of their operation? We still do not know who else plays in this drama. That’s why you do not know who can be trusted. “Great provider of encryption systems in addition to RSA nor McAfee, Microsoft and Symantec .
In the opinion of RSA states: “We have worked both as a provider of security solutions, as well as an active member of the security community with the NSA. From this we have never made a secret, but even explicitly noted. Our explicit goal has always been to increase the security of both companies and the government. “Subsequently, RSA, the accusations back individually, including the to have installed a faulty generator of random numbers in its encryption libraries.
In September RSA had warned of the risk of their own product, after newspapers had pointed to weaknesses in the algorithm of BSafe. At that time it was believed that the one involved in the development of the algorithm NSA have used their influence to have only to weaken the technique and then standardize the weakened method.
[With material by Seth Rosenblatt, News.com]
Tip: How confident are you in safety? Check your knowledge – with 15 questions on silicon.de
No comments:
Post a Comment