RSA Denies Trading Security For NSA Payout
EMC security subsidiary accused of accepting $10 million from the NSA to purposefully use encryption for which the intelligence agency enjoyed backdoor access
RSA was put on the defensive on Friday, after a report surfaced suggesting that the EMC-owned security firm accepted a $10 million payment from the National Security Agency (NSA) to select a weak random number generator as the default for its BSAFE encryption libraries.
That allegation was first reported by Reuters, which said it based its report on interviews with a dozen current and former employees of RSA. The alleged "secret" $10 million contract, signed in 2006, would have represented more than one third of the annual revenue of EMC's RSA division the year prior to the contract being signed.
More Security Insights
- 10 Steps to Cleaning up Active Directory
- The Active Directory Management and Security You've Always Dreamed of
- Innovations in Integration: Achieving Holistic Rapid Detection and Response
- COBOL in the Big Data Era: A Guide
On Sunday, RSA issued a statement denying that it had "entered into a 'secret contract' with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries."
Read the full article here.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.