[Cryptography] RSA recommends against use of its own products.

Ray Dillinger bear at sonic.net
Fri Sep 20 14:08:00 EDT 2013

More fuel for the fire...


RSA today declared its own BSAFE toolkit and all versions of its
Data Protection Manager insecure, recommending that all customers
immediately discontinue use of these products.

The issue is apparently the Random Number Generator that these
products use, the rather amusingly named "Dual Elliptic Curve
Deterministic Random Bit Generator." *1

And according to more of the Snowden Files released to (or by)
the New York Times last week, that pseudorandom generator is
deliberately flawed in order to allow it to be sod...  um,
excuse me, I should have said, to permit backdoor penetration.

RSA was truly between a rock and a hard place here as I see it.
With the deliberate weakness now made public, they took a terrific
blow to their business.  But failure to follow up with a
recommendation against their own products, no matter how much
additional financial pain that action entails, would have
destroyed all trust in their company and prospects for future
business.  As best I can tell, they have lost $Millions at least
due to the tampering of their products, and American security
and software companies taken as a whole are in the process of
losing $Billions to foreign competitors for the same reasons.

I wonder, would a class action suit seeking compensation for this
wholesale sabotage be within the jurisdiction of the FISA court?


*1 "Anyone who attempts to generate random numbers by
     deterministic means is, of course, living in a
     state of sin." -- John Von Neumann

More information about the cryptography mailing list