RSA has issued a response in which they categorically deny being the NSA's stooge:
Recent press coverage has asserted that RSA entered into a “secret contract” with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation.Highlighting by me. The two highlighted items really get to the heart of why the security industry is so angry about what the NSA has been doing. They spent years establishing a relationship of trust with the industry and researchers. Then they exploited that trust for personal gain at the expense of everyone else.
We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it. Our explicit goal has always been to strengthen commercial and government security.
Key points about our use of Dual EC DRBG in BSAFE are as follows:
RSA, as a security company, never divulges details of customer engagements, but we also categorically state that we have never entered into any contract or engaged in any project with the intention of weakening RSA’s products, or introducing potential ‘backdoors’ into our products for anyone’s use.
- We made the decision to use Dual EC DRBG as the default in BSAFE toolkits in 2004, in the context of an industry-wide effort to develop newer, stronger methods of encryption. At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption.
- This algorithm is only one of multiple choices available within BSAFE toolkits, and users have always been free to choose whichever one best suits their needs.
- We continued using the algorithm as an option within BSAFE toolkits as it gained acceptance as a NIST standard and because of its value in FIPS compliance. When concern surfaced around the algorithm in 2007, we continued to rely upon NIST as the arbiter of that discussion.
- When NIST issued new guidance recommending no further use of this algorithm in September 2013, we adhered to that guidance, communicated that recommendation to customers and discussed the change openly in the media.
While I don't at all want to minimize the horrific crime of child abuse, that will give you a bit of the flavor of how the security industry looks at Ft. Meade now. It was a rape, a rape of those who had trusted them as teacher and protector.
This is going to cause enormous problems for NSA. I simply don't see how anyone will ever want to cooperate with them outside a public forum. Nobody who values their reputation will be willing to be accused of slipping an NSA mickey into a crypto library.
And nobody on a standards body will ever again listen to NSA recommendations for changes to algorithms. As a matter of fact, those recommendations will make the hair on the back of people's necks stand up, and lots of people will start to reverse engineer the NSA's math to see what games they're playing.
Bottom line, it's now no longer possible for NSA to help secure the nation, at least from an encryption point of view. May as well shut down the National Computer Security Center.
This is a crying shame, brought about by unbelievably incompetent management. I remember when the NSA were the Good Guys, back before they raped the community.