Modern Encryption Standard Evaporates | RSA

Promise of Privacy Unravels 


The company is the first to go public with such an announcement in the wake of revelations by the New York Times that the NSA may have (totally) inserted an intentional weakness in the algorithm — known as Dual Elliptic Curve Deterministic Random Bit Generation (or Dual EC DRBG) — and then used its influence to get the algorithm added to a national standard issued by the National Institute of Standards and Technology.

In its advisory, RSA said that ALL versions of RSA BSAFE Toolkits, including all versions of Crypto-C ME, Micro Edition Suite, Crypto-J, Cert-J, SSL-J, Crypto-C, Cert-C, SSL-C were affected.

In addition, ALL versions of RSA Data Protection Manager (DPM) server and clients were affected as well.

The company said, “RSA strongly recommends that customers discontinue use of Dual EC DRBG…”

Read The Ars Technica Story |  Read The Guardian Story 


One thought on “Modern Encryption Standard Evaporates | RSA

  1. Pingback: RSA Denies NSA Ties | The Hard & Fast, Driven Tech Perspective

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s