The National Security Agency arranged a clandestine US$10 million contract with computer security power RSA that allowed the spy agency to embed encryption software it could use to infiltrate the company’s widely used products, Reuters reported.
Revelations provided by former NSA contractor Edward Snowden and first reported in September showed that the NSA created and perpetuated a corruptible formula that was ultimately a “back door” into encryption products.
Reuters later reported RSA became the lead distributor of the formula, installing it into a software tool known as BSAFE that is widely used to boost security in personal computers and other products.
Unknown then was the $10 million deal that set the NSA’s formula as the default method for the security measure - in which random numbers are generated on a key for access to a product - in BSAFE, according to Reuters’ sources. Though the sum of money for the deal seems low, it represented over a third of revenue the relevant division at RSA had made the previous year, according to security filings.
RSA was previously known for its crusading fights to protect computer security and privacy in the face of government interests, as it played a major role in blocking an effort by the NSA in the 1990s to require a special chip that would have enabled surveillance on many computer and communication products.
Following the September disclosure, RSA, now a subsidiary of computer storage company EMC Corp, privately warned thousands of its customers to immediately discontinue using all versions of company's BSAFE toolkit and Data Protection Manager (DPM), both using Dual_EC_DRNG (Dual Elliptic Curve Deterministic Random Bit Generator) encryption algorithm to protect sensitive data.
RSA and EMC would not comment to Reuters about the alleged deal, but RSA said in a statement: "RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own."
The NSA declined to comment.
Most of the dozen current and former RSA employees interviewed by Reuters cited the company’s move away from strictly providing cryptography products as a reason the ill-advised deal was made. Though several also said government officials deceived RSA by portraying the corrupt formula as secure.
"They did not show their true hand," said one source that knew of the NSA deal.
RSA’s history as pioneers of trusted cryptography goes back to the 1970s. Their encryption tools have been licensed by many major technology companies, which have used RSA products to secure hundreds of millions of personal computers around the world. Their core technology - public key cryptography - uses two keys rather than one to publicly encode messages, then privately reveal them.
Even in the earliest days of RSA’s existence, it quarreled with US intelligence entities that worried the dual-key format would block government access. As RSA’s products became more widespread, the contention rose. In the 1990s, the Clinton administration pushed the Clipper Chip, a mandatory piece of hardware in phones and computers that would have enabled officials to supersede encryption without a warrant. RSA led a campaign to block the Clipper Chip, arguing products so easily surveilled would cripple overseas sales of US tech products.
The White House then moved to advocating stronger export controls to keep top cryptography in the US, yet RSA again persuaded the industry to oppose the effort. The export restrictions were eventually discarded.
But the attacks of September 11, 2001, flipped some of the power dynamics. In addition, many top engineers of the old fights against the government left the company, and BSAFE was becoming an increasingly smaller share of the company’s revenue.
"When I joined there were 10 people in the labs, and we were fighting the NSA," said Victor Chan, an top RSA engineer before he left in 2005. "It became a very different company later on."
By 2006, RSA was considered a prime government partner in the fight against overseas hackers.
New RSA Chief Executive Art Coviello, who declined an interview request with Reuters, signed on to adopt an algorithm called Dual Elliptic Curve - designed by the NSA - even before the formula was approved for government use. RSA’s use of the algorithm actually helped the NSA win approval with the National Institutes of Standards and Technology, which oversees government tech product usage.
RSA’s contract made Dual Elliptic Curve the default formula for producing random numbers in the company’s encryption tools. Former employees said given company business leaders approved the deal rather than technologists, no alarms were raised.
"The labs group had played a very intricate role at BSAFE, and they were basically gone," said labs veteran Michael Wenocur, who left RSA in 1999.
Though it privately urged customers to stop using the Dual Elliptic Curve following the September revelations, RSA has been publicly quiet about its relationship with the NSA.
The RSA deal again implicates a key strategy the NSA employs for enhanced surveillance, as shown by Snowden’s leaked documents: the weakening of security tools as a result of the agency’s “commercial relationships” with security and tech companies.
A review board established by the White House to investigate the NSA’s controversial surveillance operations said this week it believes the NSA should make changes to spying protocol, including measures that have usurped cryptography.
Among the recommendations, the panel called for the US government to "fully support and not undermine efforts to create encryption standards," and "not in any way subvert, undermine, weaken or make vulnerable generally available commercial software."