Report: RSA endowed crypto product with second NSA-influenced code

    Date03 Apr 2014
    CategoryCryptography
    4039
    Posted ByDave Wreski
    Security provider RSA endowed its BSAFE cryptography toolkit with a second NSA-influenced random number generator (RNG) that's so weak it makes it easier for eavesdroppers to decrypt protected communications, Reuters reported Monday. Citing soon-to-be-published research from several universities, Reuters said the Extended Random extension for secure websites allows attackers to work tens of thousands of times faster when breaking cryptography that uses the Dual EC_DRBG algorithm to generate the random numbers that populate a specific cryptographic key.
    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    12
    radio
    [{"id":"53","title":"Yes","votes":"5","type":"x","order":"1","pct":83.33,"resources":[]},{"id":"54","title":"No","votes":"1","type":"x","order":"2","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.