www.reuters.com Open in urlscan Pro
143.204.98.63 Public Scan

Back to summary

URL:
https://www.reuters.com/article/us-usa-security-rsa-idUSBRE9BJ1C220131220
Submission: On December 28 via api (December 28th 2021, 11:02:46 pm UTC) from US — Scanned from DE

Form analysis
1 forms found in the DOM

<form>
  <p class="NewsletterSignup-label-1xvVJ">Reuters News Now</p>
  <p class="NewsletterSignup-description-Ed-MY">Subscribe to our daily curated newsletter to receive the latest exclusive Reuters coverage delivered to your inbox.</p>
  <div><input class="NewsletterSignup-email-3nj-u" type="email" name="email" spellcheck="false" required="" placeholder="Enter email address"><button class="NewsletterSignup-submit-1jVHY" type="submit" disabled="">Submit</button></div>
</form>

Text Content

Discover Thomson Reuters

Directory of sitesLoginContactSupport
World

Business

Markets

Breakingviews
Video

for-phone-onlyfor-tablet-portrait-upfor-tablet-landscape-upfor-desktop-upfor-wide-desktop-up

Editor's Picks
Invalid DateInvalid DateUpdated 8 years ago

EXCLUSIVE: SECRET CONTRACT TIED NSA AND SECURITY INDUSTRY PIONEER

By Joseph Menn

9 Min Read

SAN FRANCISCO (Reuters) - As a key part of a campaign to embed encryption
software that it could crack into widely used computer products, the U.S.
National Security Agency arranged a secret $10 million contract with RSA, one of
the most influential firms in the computer security industry, Reuters has
learned.

Documents leaked by former NSA contractor Edward Snowden show that the NSA
created and promulgated a flawed formula for generating random numbers to create
a “back door” in encryption products, the New York Times reported in September.
Reuters later reported that RSA became the most important distributor of that
formula by rolling it into a software tool called Bsafe that is used to enhance
security in personal computers and many other products.

Undisclosed until now was that RSA received $10 million in a deal that set the
NSA formula as the preferred, or default, method for number generation in the
BSafe software, according to two sources familiar with the contract. Although
that sum might seem paltry, it represented more than a third of the revenue that
the relevant division at RSA had taken in during the entire previous year,
securities filings show.

The earlier disclosures of RSA’s entanglement with the NSA already had shocked
some in the close-knit world of computer security experts. The company had a
long history of championing privacy and security, and it played a leading role
in blocking a 1990s effort by the NSA to require a special chip to enable spying
on a wide range of computer and communications products.

RSA, now a subsidiary of computer storage giant EMC Corp, urged customers to
stop using the NSA formula after the Snowden disclosures revealed its weakness.

RSA and EMC declined to answer questions for this story, but RSA said in a
statement: “RSA always acts in the best interest of its customers and under no
circumstances does RSA design or enable any back doors in our products.
Decisions about the features and functionality of RSA products are our own.”

The NSA declined to comment.

The RSA deal shows one way the NSA carried out what Snowden’s documents describe
as a key strategy for enhancing surveillance: the systematic erosion of security
tools. NSA documents released in recent months called for using “commercial
relationships” to advance that goal, but did not name any security companies as
collaborators.

The NSA came under attack this week in a landmark report from a White House
panel appointed to review U.S. surveillance policy. The panel noted that
“encryption is an essential basis for trust on the Internet,” and called for a
halt to any NSA efforts to undermine it.

Most of the dozen current and former RSA employees interviewed said that the
company erred in agreeing to such a contract, and many cited RSA’s corporate
evolution away from pure cryptography products as one of the reasons it
occurred.

But several said that RSA also was misled by government officials, who portrayed
the formula as a secure technological advance.

“They did not show their true hand,” one person briefed on the deal said of the
NSA, asserting that government officials did not let on that they knew how to
break the encryption.

STORIED HISTORY

Started by MIT professors in the 1970s and led for years by ex-Marine Jim
Bidzos, RSA and its core algorithm were both named for the last initials of the
three founders, who revolutionized cryptography. Little known to the public,
RSA’s encryption tools have been licensed by most large technology companies,
which in turn use them to protect computers used by hundreds of millions of
people.

At the core of RSA’s products was a technology known as public key cryptography.
Instead of using the same key for encoding and then decoding a message, there
are two keys related to each other mathematically. The first, publicly available
key is used to encode a message for someone, who then uses a second, private key
to reveal it.

A National Security Agency (NSA) data gathering facility is seen in Bluffdale,
about 25 miles (40 km) south of Salt Lake City, Utah, December 16, 2013. Jim
Urquhart/REUTERS

From RSA’s earliest days, the U.S. intelligence establishment worried it would
not be able to crack well-engineered public key cryptography. Martin Hellman, a
former Stanford researcher who led the team that first invented the technique,
said NSA experts tried to talk him and others into believing that the keys did
not have to be as large as they planned.

The stakes rose when more technology companies adopted RSA’s methods and
Internet use began to soar. The Clinton administration embraced the Clipper
Chip, envisioned as a mandatory component in phones and computers to enable
officials to overcome encryption with a warrant.

RSA led a fierce public campaign against the effort, distributing posters with a
foundering sailing ship and the words “Sink Clipper!”

A key argument against the chip was that overseas buyers would shun U.S.
technology products if they were ready-made for spying. Some companies say that
is just what has happened in the wake of the Snowden disclosures.

The White House abandoned the Clipper Chip and instead relied on export controls
to prevent the best cryptography from crossing U.S. borders. RSA once again
rallied the industry, and it set up an Australian division that could ship what
it wanted.

“We became the tip of the spear, so to speak, in this fight against government
efforts,” Bidzos recalled in an oral history.

RSA EVOLVES

RSA and others claimed victory when export restrictions relaxed.

But the NSA was determined to read what it wanted, and the quest gained urgency
after the September 11, 2001 attacks.

RSA, meanwhile, was changing. Bidzos stepped down as CEO in 1999 to concentrate
on VeriSign, a security certificate company that had been spun out of RSA. The
elite lab Bidzos had founded in Silicon Valley moved east to Massachusetts, and
many top engineers left the company, several former employees said.

And the BSafe toolkit was becoming a much smaller part of the company. By 2005,
BSafe and other tools for developers brought in just $27.5 million of RSA’s
revenue, less than 9% of the $310 million total.

“When I joined there were 10 people in the labs, and we were fighting the NSA,”
said Victor Chan, who rose to lead engineering and the Australian operation
before he left in 2005. “It became a very different company later on.”

By the first half of 2006, RSA was among the many technology companies seeing
the U.S. government as a partner against overseas hackers.

New RSA Chief Executive Art Coviello and his team still wanted to be seen as
part of the technological vanguard, former employees say, and the NSA had just
the right pitch. Coviello declined an interview request.

An algorithm called Dual Elliptic Curve, developed inside the agency, was on the
road to approval by the National Institutes of Standards and Technology as one
of four acceptable methods for generating random numbers. NIST’s blessing is
required for many products sold to the government and often sets a broader de
facto standard.

RSA adopted the algorithm even before NIST approved it. The NSA then cited the
early use of Dual Elliptic Curve inside the government to argue successfully for
NIST approval, according to an official familiar with the proceedings.

RSA’s contract made Dual Elliptic Curve the default option for producing random
numbers in the RSA toolkit. No alarms were raised, former employees said,
because the deal was handled by business leaders rather than pure technologists.

“The labs group had played a very intricate role at BSafe, and they were
basically gone,” said labs veteran Michael Wenocur, who left in 1999.

Within a year, major questions were raised about Dual Elliptic Curve.
Cryptography authority Bruce Schneier wrote that the weaknesses in the formula
“can only be described as a back door.”

After reports of the back door in September, RSA urged its customers to stop
using the Dual Elliptic Curve number generator.

But unlike the Clipper Chip fight two decades ago, the company is saying little
in public, and it declined to discuss how the NSA entanglements have affected
its relationships with customers.

The White House, meanwhile, says it will consider this week’s panel
recommendation that any efforts to subvert cryptography be abandoned.

Reporting by Joseph Menn; Editing by Jonathan Weber and Grant McCool

Our Standards: The Thomson Reuters Trust Principles.

Trending Stories

Reuters News Now

Subscribe to our daily curated newsletter to receive the latest exclusive
Reuters coverage delivered to your inbox.

Submit

* Apps
* Newsletters
* Advertise with Us
* Advertising Guidelines
* Cookies
* Terms of Use
* Privacy
* Do Not Sell My Personal Information

All quotes delayed a minimum of 15 minutes. See here for a complete list of
exchanges and delays.

© 2021 Reuters. All Rights Reserved.
for-phone-onlyfor-tablet-portrait-upfor-tablet-landscape-upfor-desktop-upfor-wide-desktop-up

EUROPEAN UNION INDIVIDUALS

Right to Withdraw Consent under GDPR

If you are an individual located in the E.U. you have the right, at any time, to
withdraw your consent if you previously provided a controller with your consent
to process your personal data. If you previously provided your consent to allow
cookies on your browser, you can choose not to allow some types of cookies. You
may withdraw your consent to our use of non-strictly necessary cookies through
Reuters.com by clicking on the “Show Purpose” button below. However, if you
disable the use of cookies in your browser, it may impact your experience of the
site.

Please also note that withdrawing your consent may not mean you will stop seeing
advertisements, and that you cannot opt-out of strictly necessary cookies that
are required. For more information about your rights as an individual located in
the European Union, please see our Privacy Statement.

Information Our Partners Collect

We want to be transparent about the data our partners collect and how we use it,
so you can best exercise control over your personal information. We use the
following partners on Reuters.com. In accordance with our Privacy Statement,
they may use cookies and other mechanisms to, among other things, connect you
with your social networks and tailor advertising to better match your interests.
You can elect to opt-out of this information collection by clicking here

We process your data to deliver content or advertisements and measure the
delivery of such content or advertisements to extract insights about our
website. We share this information with our partners on the basis of consent and
legitimate interest. You may exercise your right to consent or object to a
legitimate interest, based on a specific purpose below or at a partner level in
the link under each purpose. These choices will be signaled to our vendors
participating in the Transparency and Consent Framework.

Allow All

MANAGE CONSENT PREFERENCES

STRICTLY NECESSARY COOKIES

Always Active
Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to
block or alert you about these cookies, but some parts of the site will not then
work. These cookies do not store any personally identifiable information.

* ENSURE SECURITY, PREVENT FRAUD, AND DEBUG

Required Cookies

Your data can be used to monitor for and prevent fraudulent activity, and
ensure systems and processes work properly and securely.

* TECHNICALLY DELIVER ADS OR CONTENT

Required Cookies

Your device can receive and send information that allows you to see and
interact with ads and content.

* RECEIVE AND USE AUTOMATICALLY-SENT DEVICE CHARACTERISTICS FOR IDENTIFICATION

Required Cookies

Your device might be distinguished from other devices based on information it
automatically sends, such as IP address or browser type.

* LINK DIFFERENT DEVICES

Required Cookies

Different devices can be determined as belonging to you or your household in
support of one or more of purposes.

* MATCH AND COMBINE OFFLINE DATA SOURCES

Required Cookies

Data from offline data sources can be combined with your online activity in
support of one or more purposes

List of IAB Vendors‎ | View Full Legal Text Opens in a new window

SALE OF PERSONAL DATA

Sale of Personal Data

* TARGETING COOKIES

Required Cookies

These cookies may be set through our site by our advertising partners. They
may be used by those companies to build a profile of your interests and show
you relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.

* FUNCTIONAL COOKIES

Required Cookies

These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies
then some or all of these services may not function properly.

* PERFORMANCE COOKIES

Required Cookies

These cookies allow us to count visits and traffic sources so we can measure
and improve the performance of our site. They help us to know which pages are
the most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If
you do not allow these cookies we will not know when you have visited our
site, and will not be able to monitor its performance.

STORE AND/OR ACCESS INFORMATION ON A DEVICE

Store and/or access information on a device

Cookies, device identifiers, or other information can be stored or accessed on
your device for the purposes presented to you.

* ACTIVELY SCAN DEVICE CHARACTERISTICS FOR IDENTIFICATION

Required Cookies

Your device can be identified based on a scan of your device's unique
combination of characteristics.

* USE PRECISE GEOLOCATION DATA

Required Cookies

Your precise geolocation data can be used in support of one or more purposes.
This means your location can be accurate to within several meters.

List of IAB Vendors‎ | View Full Legal Text Opens in a new window

PERSONALISED ADS AND CONTENT, AD AND CONTENT MEASUREMENT, AUDIENCE INSIGHTS AND
PRODUCT DEVELOPMENT

Personalised ads and content, ad and content measurement, audience insights and
product development

* DEVELOP AND IMPROVE PRODUCTS

Required Cookies

Your data can be used to improve existing systems and software, and to
develop new products