RSA denies the message of news agency Reuters that the company has a deal with the Us secret service would have concluded to an algorithm with a backdoor in its products as standard. The wording leaves room that the Reuters message, however, partly correct.
RSA denies an accusation in the press to say that ‘categorically’. The company refers to the claim that there is ‘a secret contract with the NSA to create a random number generator in RSA’s Bsafe-encryptiebibliotheken in to build, which it was known that that was fragile’. Reuters claimed on Saturday that the NSA ten million dollar was paid to RSA to a now controversial algorithm as the default in its security products.
According to RSA was the relationship with the NSA is not secret. The Dual_EC_DRBG algorithm was according to the company in 2004 as a standard set up to make the encryption stronger, and the NSA would then have had in this area. Furthermore, RSA that users always have the choice of have had a different algorithm is selected, and the corresponding number generator (rng) in september 2013 publicly dropped after opinion of the NIST.
Finally, says the company doesn’t have details on contracts with clients: “We have, however, never entered into a contract with the purpose of RSA products vulnerable or potential backdoors to introduce everyone to use.”
The wording leave room open that there is indeed a contract with the NSA was for the rng to set as default. RSA seems to defend himself with a denial that the company knew that the rng was fragile. In september of this year showed that the Us intelligence agency with a backdoor in the algorithm has built-in.