We all remember the Snowden‘s revelations regarding the support provided my RSA Security, a division of EMC company, to the NSA Intelligence. Snowden accused the RSA to have deliberately inserted an alleged encryption backdoor in the BSafe software.
According the news published by the Reuters agency, documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers.
The flawed random number generator (Dual_EC_DRBG) was used to create a “back door” in popular encryption products, Reuters reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe, a security tool installed in many personal computers.
According the report disclosed by Snowden, the NSA paid a $10 million fee to RSA for the adoption of the flawed algorithm as the default choice in his products, but RSA has always refused the claims.
A group of researchers at Johns Hopkins University, the University of Illinois, has claimed that the choice of the Dual_EC_DRBG systems was not isolated, RSA also adopted another tool called Extended Random extension for secure websites, under the suggestion of the National Security Agency.
The choice for the adoption of the Extended Random extension allows the NSA to crack a version of the Dual Elliptic Curve software tens of thousands of times faster, Reuters reported.
“The professors found that the tool, known as the “Extended Random” extension for secure websites, could help crack a version of RSA’s Dual Elliptic Curve software tens of thousands of times faster, according to an advance copy of their research shared with Reuters. While Extended Random was not widely adopted, the new research sheds light on how the NSA extended the reach of its surveillance under cover of advising companies on protection.“
The researchers demonstrated that it is possible to crack a free version of BSafe for Java in just one hour, using about $40,000 worth of computer equipment.
“It would have been 65,000 times faster in versions using Extended Random, dropping the time needed to seconds, according to Stephen Checkoway of Johns Hopkins.The researchers said it took them less than 3 seconds to crack a free version of BSafe for the C programming language, even without Extended Random, because it already transmitted so many random bits before the secure connection began. And it was so inexpensive it could easily be scaled up for mass surveillance, the researchers said” stated Reuters.
This case is yet another pickaxe to the reputation of US Intelligence,
(Security Affairs – RSA, NSA)