RSA advises customers to stop using NSA-influenced encryption algorithm
Posted on 20 September 2013.
In the wake of the disclosure that the NSA has influenced NIST to adopt an encryption standard that includes one random bit generator with a weakness known only to the intelligence agency, NIST has reopened the public comment period for the standard so that the public can analyze and comment on it again.

They also promised to work with the cryptographic community to address any vulnerability that may be found, and recommended that the generator in question (Dual_EC_DRBG) no longer be used.

And according to Ars Technica, RSA Security has decided to listen.

The company has sent out an advisory to the developer customers of its BSAFE Toolkits and Data Protection Manager, notifying them that the tools were using the algorithm by default and instructing them on how to change it. All versions of both tools are affected.

According to a company spokesman, RSA is conducting an internal review of all of its products to check whether the algorithm is invoked in any of them, but a source close to the company has confirmed that its flagship product - the two-factor authentication SecurID system - does not use the faulty algorithm.

"At the time, elliptic curves were in vogue and hash-based RNG was under scrutiny. The hope was that elliptic curve techniques—based as they are on number theory—would not suffer many of the same weaknesses as other techniques (like the FIPS 186 SHA-1 generator) that were seen as negative, and Dual_EC_DRBG was an accepted and publicly scrutinized standard," RSA Security CTO Sam Curry explained why the company chose to use the algorithm as default for the two products.

He also added that there were a number of features that made it seem ideal at the time (2004-2005): continuous testing of the output, mandatory re-seeding, optional prediction resistance and the ability to configure for different strengths.

RSA has sent out the advisory to select developers, but this warning should be heeded by many that probably didn't receive it in the email.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th