Reports of NSA's Deeper Involvement With RSA Raise Questions

Security experts examine whether there's reason to worry about the latest disclosure that the NSA had more impact on RSA cryptography.

Reports that the NSA's involvement with RSA Security's cryptographic tools was greater than first claimed raise many questions. The issue is complicated and requires a detailed look.

In December 2013, a Reuters report alleged that RSA Security had accepted $10 million from the U.S. National Security Agency (NSA) in an effort that ultimately served to weaken security in components of the RSA BSAFE encryption tools. On March 31, Reuters published a new report alleging that NSA involvement affected a wider number of RSA BSAFE cryptographic components.

The report on the second NSA-related RSA vulnerability is based on newly published research from professors working at Johns Hopkins, the University of Wisconsin and the University of Illinois. The tool in question is called the Extended Random extension, and could potentially be used to crack the RSA Dual Elliptic Curve (EC) pseudo-random-number generator that is widely used in the security world today.

The Extended Random extension was published as an Internet Engineering Task Force (IETF) draft in April 2008 and clearly lists the NSA as a co-author of the draft.

"The BSAFE implementations of TLS makes the Dual EC backdoor particularly easy to exploit in two ways," the research report states. "The Java version of BSAFE includes fingerprints in connections, making them easy to identify. The C version of BSAFE allows a drastic speed-up in the attack by broadcasting longer strings of random bits than one would at first imagine to be possible given the TLS standards."

RSA has repeatedly denied that it has ever intentionally weakened encryption to enable an NSA backdoor. At the recent RSA Security conference, Art Coviello, executive vice president of EMC and executive chairman of RSA, said that his company has done a lot of work with the NSA to help improve security. Coviello did not, however, directly address the $10 million contract question.

Whether RSA knew that it was helping the NSA enable a backdoor remains a subject of debate.

Marc Maiffret, CTO of BeyondTrust told eWEEK that revelations such as this continue to show that even security companies cannot blindly put their faith in the government for guidance on securing systems.

"While the NSA has done many things to help improve Internet security, there are also many instances where they have weakened it," Maiffret said. "Companies like RSA that are selling a solution to a problem should know fully their solution, even the parts of it that might have come as ideas from academia or the government; otherwise technology companies will find themselves an easy pass-through for subversion."

There is another perspective that can be taken on the issue, J.J. Thompson, managing director and CEO of Rook Security, told eWEEK. "Real security is dirty, and we should stop acting surprised," Thompson said. "Even if portions of the NSA’s conduct are agreed upon by the public as questionable, it will become critical to know why that line was crossed, not simply to condemn the NSA for crossing that line."

Thompson added that perhaps the risk of not crossing the line was simply too high and the intelligence gained has saved countless lives.

"Regardless, no matter how many Senate intelligence hearings are held, we'll never know; for if the intelligence was valuable enough to break the law for, then its valuable enough to cover up," Thompson said.

While there is some reason to be concerned over the latest information about potential weakness in RSA encryption, the foundational encryption algorithms are themselves still secure, Geoff Webb, senior director for security strategy at NetIQ, told eWEEK. "These attempts to weaken the encryption process have been aimed at random-number generators used as part of the overall securing of data," Webb said. "What this means is that we can still reclaim privacy on the Internet once these weakening elements have been removed."

Webb compares encryption to a symphony orchestra. Most of the players are great, but if you get one bad violinist, then the whole things falls over, he said.
"I do think, however, that while we can get Internet privacy back on track, it may take a long time to reclaim the lost trust and confidence in the security of data transmitted—even when it's supposed to be encrypted," Webb said.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.