Home >> Internet >> RSA denies entering into contract with NSA

RSA denies entering into contract with NSA

Last week Reuters had reported about NSA paying RSA $10 million for embedding an algorithm in its security software, Bsafe. RSA has has denied entering into a contract with NSA and any knowledge of NSA’s backdoor access.


However the company said that it has worked with NSA, only with the “explicit goal” of strengthening security and the relationship never being  a secret.

RSA has revealed the details of the backdoor fiasco in its blog post. The firm claims it had used the random number generator DUAL EC DRBG after being advised by the National Institute of Standards (NIST) that the generator was safe. The post mentions that the algorithm was “only one of  multiple choices available within BSafe toolkits”, though there were concerns of a possible backdoor in the algorithm.

RSA had notified customers after NIST advised against the DUAL EC DRBG in September. The company concludes by saying that its had never entered into any contract or engaged in any project with the intention of weakening RSA’s products, or introducing potential ‘backdoors’ into our products for anyone’s use.

Though RSA claims innocence, it has never denied the fact that NSA had paid $10 million to include the backdoor algorithm in BSafe. Even though RSA was aware of the claims by NIFT, it never advised customers against using the software. The company could also have chosen an optional algorithm as it had mentioned there were “multiple choices available”. These points raises doubts about the company’s denial of entering into a contract with NSA.


About John W Arthur

John is the head of our IT Security team and he writes about Security, IT news on The Next Digit. He was the Employee of the Year 2013 for his selfless support and efficiently setting up the whole security infrastructure. He also occasionally writes on "IT Sec Pro" Print Media of Sweden. All posts by John

Leave a Reply

Your email address will not be published. Required fields are marked *