[cp-global] Fwd: [Cryptography] RSA recommends against use of its own products.

Samuel Carlisle samuelcarlisle at gmail.com
Mon Sep 23 10:24:23 GMT 2013

Hash: SHA1

- -------- Original Message --------
Subject: [Cryptography] RSA recommends against use of its own products.
Date: Mon, 23 Sep 2013 10:27:47 +0200
From: Eugen Leitl <eugen at leitl.org>
To: cypherpunks at al-qaeda.net, info at postbiota.org, zs-p2p at zerostate.is

- ----- Forwarded message from Ray Dillinger <bear at sonic.net> -----

Date: Fri, 20 Sep 2013 11:08:00 -0700
From: Ray Dillinger <bear at sonic.net>
To: cryptography at metzdowd.com
Subject: [Cryptography] RSA recommends against use of its own products.
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130828

More fuel for the fire...


RSA today declared its own BSAFE toolkit and all versions of its
Data Protection Manager insecure, recommending that all customers
immediately discontinue use of these products.

The issue is apparently the Random Number Generator that these
products use, the rather amusingly named "Dual Elliptic Curve
Deterministic Random Bit Generator." *1

And according to more of the Snowden Files released to (or by)
the New York Times last week, that pseudorandom generator is
deliberately flawed in order to allow it to be sod...  um,
excuse me, I should have said, to permit backdoor penetration.

RSA was truly between a rock and a hard place here as I see it.
With the deliberate weakness now made public, they took a terrific
blow to their business.  But failure to follow up with a
recommendation against their own products, no matter how much
additional financial pain that action entails, would have
destroyed all trust in their company and prospects for future
business.  As best I can tell, they have lost $Millions at least
due to the tampering of their products, and American security
and software companies taken as a whole are in the process of
losing $Billions to foreign competitors for the same reasons.

I wonder, would a class action suit seeking compensation for this
wholesale sabotage be within the jurisdiction of the FISA court?


*1 "Anyone who attempts to generate random numbers by
    deterministic means is, of course, living in a
    state of sin." -- John Von Neumann
The cryptography mailing list
cryptography at metzdowd.com

- ----- End forwarded message -----
- -- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the global mailing list