NSA Infiltrated RSA Deeper Than Imagined 168
Rambo Tribble (1273454) writes "Reuters is reporting that the U.S. National Security Agency managed to have security firm RSA adopt not just one, but two security tools, further facilitating NSA eavesdropping on Internet communications. The newly discovered software is dubbed 'Extended Random', and is intended to facilitate the use of the already known 'Dual Elliptic Curve' encryption software's back door. Researchers from several U.S. universities discovered Extended Random and assert it could help crack Dual Elliptic Curve encrypted communications 'tens of thousands of times faster'."
Sales plummeted (Score:5, Interesting)
I can only hope that this sort of bullshit maneuver by RSA reflects both globally and in the USA with respect to sales. Name one Government willing to buy this equipment any longer? 10 M compared to what they're going to lose now is nothing.
Desensitizing the masses (Score:5, Interesting)
When the acts of the NSA first came to light as we now know them, there was outrage not just from the tech sector, but from the general population as well. As these stories continue coming at a steady and regular pace, I still see outrage over the infringement of our rights - and the understanding of the general slippery slope creepiness of it - from those technically inclined. But less and less are the major outlets making a fuss, and even when the general population catches wind of each new story it is increasingly met with a sarcastic, "Gee, didn't see that coming." and a shrug of the shoulders. Is the possibility of a tipping point in favor of our rights being eliminated be the increasing apathy of the greater people toward these issues? I suspect we are on the losing side. I suspect that as the stories come out, and people in general not only become desensitized - but worse, it becomes the norm. In becoming the norm it will balloon to scales and scopes unimaginable. I feel we will reach a point where the majority of people will have forgotten that it was ever any other way. Even as it continues to get worse, they will continue to forget.
Re:If you can't beat 'em, join 'em (Score:5, Interesting)
How? Easy for me, I was alive and paying attention.
The problem wasn't so much that good tools from American sources were unavailable, they were just subject to onerous restrictions, that made it hard to distribute. So producers of software were stuck either producing an "international" version which was easy to distribute and download, but had restrictive key length limits and a seperate, harder to download version for the US.
So yes, European tools were generally better, because they were not under such restrictions, and worked just fine in or outside the US. A lot of people in the US even used pgp "international" version just because it was easier.
It really was little more than a lame attempt to stuff a genie back in a bottle; after the bottom was smashed off. The ONLY thing it served to do was make the US into a laughing stock.
Mole in Mozilla / "Eric Rescorla" ? (Score:4, Interesting)
I think Mozilla needs to be cleaned of moles and it seems "Eric Rescorla" is one of them, and look where he is active:
https://tools.ietf.org/html/dr... [ietf.org]
-- snip from reuters story -- .. Information Assurance Directorate, and an outside expert named Eric Rescorla.
Rescorla, who has advocated greater encryption of all Web traffic, works for Mozilla, maker of the Firefox web browser. He and Mozilla declined to comment. Salter did not respond to requests for comment.
-- snip --
Re:Thank goodness for open-source alternatives (Score:5, Interesting)
RSA's name is dirt in the security industry (Score:5, Interesting)
"RSA, now owned by EMC Corp, did not dispute the research when contacted by Reuters for comment. The company said it had not intentionally weakened security on any product and noted that Extended Random did not prove popular and had been removed from RSA's protection software in the last six months
lol. Wonder what new broke ~6 months ago.
FIPS 140-2 4.9.2. The Other Back Door. (Score:5, Interesting)
I think people are being blinded a bit by the dual_EC_DRBG issue. It makes people think the other 3 DRBG algorithms in SP800-90A are OK.
However if your system implements FIPS140-2 compliance, there's another hole which affects all RNGs within the FIPS boundary. Please read section 4.9.2 of FIPS140-2. You will see this. I call it the FIPS entropy destroyer...
"1. If each call to a RNG produces blocks of n bits (where n > 15), the first n-bit block generated
after power-up, initialization, or reset shall not be used, but shall be saved for comparison with
the next n-bit block to be generated. Each subsequent generation of an n-bit block shall be
compared with the previously generated block. The test shall fail if any two compared n-bit
blocks are equal. "
This will eliminate all adjacent pairs, which would otherwise appear with a frequency dictated by the binomial distribution derived from the bit width of the output and for a 16 bit source, is trivially distinguishable from random with less that 1MByte of output data.
For the record, RdRand doesn't do this because I refused to put it in because it's a back door in the spec.
Re:Thank goodness for open-source alternatives (Score:5, Interesting)
Re:Sales plummeted (Score:4, Interesting)
why anybody anywhere would ever invest in proprietary crypto software.
People forced by their customers to buy off of this list (i.e. people who sell to the federal government):
http://csrc.nist.gov/groups/ST... [nist.gov]
Sure there are a couple F/OSS groups that paid the pretty significant cost to get a certificate. But not that many, especially when it comes to networking products.
Re:Could EMC sue? (Score:4, Interesting)
No, because the PHBs at EMC/RSA already accepted payment from the NSA. Someone should be fired over the fact that a $2.6B investment was hugely devalued for a payment of only $10M.