NSA-inspired software sped up code-cracking efforts
- 1 April 2014
- From the section Technology
The US National Security Agency persuaded web-encryption company RSA to develop a more vulnerable random-number generator to make it easier to spy on businesses, Reuters has reported.
The news agency reported research suggesting the software had made reading companies' encrypted messages about 65,000 times easier.
RSA said it should "have been more sceptical of NSA's intentions".
The NSA declined to comment on any collaboration with RSA.
The research followed the description of a project to undermine commercial encryption systems in papers leaked by former NSA systems administrator Edward Snowden, published in late 2013.
RSA chief technology officer Sam Curry told Reuters it had trusted the NSA because of the agency's role in securing communications and critical infrastructure for the US government.
He added the NSA-inspired random-number generator had been removed from its product line after proving unpopular with customers.
In December 2013, Reuters reported the NSA had paid RSA $10m (£6m) to insert a flaw or "backdoor" into another, more widely used, software module that also generated random numbers to help with encryption.
At that time, RSA "categorically denied" that accusation and said it had not signed any secret deal with the NSA.