[Cryptography] Fwd: [IP] RSA Response to Media Claims Regarding NSA Relationship
Tom Mitchell
mitch at niftyegg.com
Fri Dec 27 15:56:28 EST 2013
On Mon, Dec 23, 2013 at 5:30 AM, Phillip Hallam-Baker <hallam at gmail.com> wrote:
> On Mon, Dec 23, 2013 at 12:08 AM, Bill Cox <waywardgeek at gmail.com> wrote:
>>
>> Does this mean RSA denies accepting $10M for making the NSA RNG the
>> default in BSAFE?
.....
> I remember RSA getting money from the NSA to put ECC into BSafe.
>
> It may not have been very public, but it was known in the industry.
I was not in the security community at this time but I also recall
this as well!
I think it is important that US ITAR legislation had astounding and strict rules
about cryptography as a munition. A system with the power of a Raspberry-Pi
was under export restrictions. Recall early M68000 boxes were limited. Later
any system that had two network NICs was restricted because of adaptive routing
capabilities. One IPsec project at a largish TLA company was hobbled
back to one
engineer because the market was too small for the legal work required to
deliver it.
I am of the opinion that RSA was operating honestly and shipped the
best products that the law would allow them to have a market for.
That was then!
Today the rules and players are different. If we care we
have to turn on a bright light and start over knowing that decisions
were made for reasons then classified and now forgotten by all
but a short list of gray haired men and women. And yes I learned
to program FORTRAN on a brand new CDC6400.
i.e. Look at all the moving bits as if they were new and untested.
--
T o m M i t c h e l l
More information about the cryptography
mailing list