Security Researchers Find RSA Even More Completely Compromised By The NSA Than Previously Thought

from the setting-the-decryption-standard dept

Last December, Reuters broke the news that RSA had received $10 million from the NSA to push a weakened crypto standard as the default. This resulted in an incredible amount of backlash against RSA, resulting in many security researchers pulling out of the RSA's conference (which itself was met by a protest conference).

There's more bad news ahead for the RSA, again delivered by Reuters.

Security industry pioneer RSA adopted not just one but two encryption tools developed by the U.S. National Security Agency, greatly increasing the spy agency's ability to eavesdrop on some Internet communications, according to a team of academic researchers.

Reuters reported in December that the NSA had paid RSA $10 million to make a now-discredited cryptography system the default in software used by a wide range of Internet and computer security programs. The system, called Dual Elliptic Curve, was a random number generator, but it had a deliberate flaw - or "back door" - that allowed the NSA to crack the encryption.

A group of professors from Johns Hopkins, the University of Wisconsin, the University of Illinois and elsewhere now say they have discovered that a second NSA tool exacerbated the RSA software's vulnerability.

The professors found that the tool, known as the "Extended Random" extension for secure websites, could help crack a version of RSA's Dual Elliptic Curve software tens of thousands of times faster, according to an advance copy of their research shared with Reuters.
As Reuters notes, Extended Random has not been widely adopted (and now won't be), so the real story here is how the NSA undermines companies (and their aims) under the name of "advising on protection."

Rather belatedly, RSA officials are developing a sense of skepticism towards the NSA's motives.
"We could have been more skeptical of NSA's intentions," RSA Chief Technologist Sam Curry told Reuters. "We trusted them because they are charged with security for the U.S. government and U.S. critical infrastructure."
As has been shown numerous times over the last several years, the government would rather make the connected world less secure -- by stockpiling exploits and preventing holes from being patched -- in the name of "security." There's more than one kind of security, and the definition that works for most normal people runs contrary to the NSA's desire to exploit and collect everything it can.

The NSA has refused to comment on the story and the RSA, for its part, has not disputed what researchers have uncovered. Dual Elliptic Curve is the NSA's $10 million baby, and the addition of Extended Random does nothing more than make the next set of random numbers easier to predict.
Johns Hopkins Professor Matthew Green said it was hard to take the official explanation for Extended Random at face value, especially since it appeared soon after Dual Elliptic Curve's acceptance as a U.S. standard.

"If using Dual Elliptic Curve is like playing with matches, then adding Extended Random is like dousing yourself with gasoline," Green said…

The academic researchers said it took about an hour to crack a free version of BSafe for Java using about $40,000 worth of computer equipment. It would have been 65,000 times faster in versions using Extended Random, dropping the time needed to seconds, according to Stephen Checkoway of Johns Hopkins.
This is what happens when you allow the NSA to not only play with the toys, but to also design them. "Security," in terms of the RSA's chosen standard, is now nothing more than a buzzword appended to its product line. The company learned far too late that the intelligence agency has little need for solid encryption, viewing it as an obstacle to be surmounted rather than a defensive tool that might make computing more secure -- for everybody.

The agency wants it all and it wants to gather it with the least amount of effort possible. While it may have little desire to turn its weapons on Americans ("incidental collections" will still continue, of course…), it has exactly zero compelling legal reasons not to weaponize crippled encryption against the rest of the world. RSA's credulousness (and perhaps $10 million) apparently silenced its better judgement, and now the connected world is open not only to the NSA's exploits, but anyone else with the desire to open the agency's backdoors.


Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: compromised security, dual elliptical curve, encryption, extended random, nsa, security, surveillance, trust
Companies: rsa


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 31 Mar 2014 @ 12:13pm

    Re: The scary part of this...

    nah, there is no chance of it. at all. I mean that would be illegal and nobody would ever do something if it is illegal, right?

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.