NIST drops RSA security algorithm over NSA backdoor concerns
The National Security Agency’s vast spying and surveillance powers have already undermined trust in the United States government around the planet. And American businesses are losing billions as global customers look to alternatives far outside of Washington’s jurisdiction.
Now, an important security algorithm—a random number generator at the core of an alleged $10 million contract between RSA Security and the NSA— will no longer carry governmental approval because of strong suspicion that the NSA has tampered with it.
The National Institute of Standards and Technology (NIST) announced Monday that it will remove the so-called Dual Elliptic Curve Deterministic Random Bit Generator—which the NSA championed years ago, back when its input was welcomed—due to weaknesses and a lack of confidence in the algorithm.
"There's a legitimate and obvious reason why we would remove it, based solely on our review and the feedback we received," NIST spokeswoman Jennifer Huergo told the press. The NSIT urged users to back off the encryption algorithm in September after documents leaked by Edward Snowden indicated that it could be backdoored by the NSA.
Perceived problems with the Dual Elliptic Curve Deterministic Random Bit Generator extend back to 2007, when security expert Bruce Schneier revealed that "the algorithm contains a weakness that can only be described as a backdoor." In December, RSA denied it accepted money from the NSA to weaken its security tools.
“We categorically deny this allegation,” RSA wrote in a blog post. “We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it.”
Despite these claims, suspicions of NSA manipulation still cling to the RSA algorithm's reputation.
“We don’t know what’s been tampered with,” Schneier told Threatpost in September. “Nothing can be trusted. Everything is suspect.”
H/T Fierce Government | Photo remix by Jason Reed
Texans are adopting dogs in droves to rescue them from flooded animal shelters
Now this is Southern hospitality.94k
How to play every classic video game on your phone
The best '80s and '90s consoles in the palm of your hand.21k
You can play a giant game of Tetris on the biggest Game Boy ever made
Handheld gaming nostalgia writ extremely large.16k
Shazam can now ID books, movies, and magazines—sort of
Shazam isn't just for music anymore.
Your definitive guide to the best robot butts
Thick, toned and metal.7