RSA chief defends NSA deal, blames agency for security industry mistrust

Advertisement
By Reuters | Updated: 26 February 2014 16:58 IST
The U.S. National Security Agency blurred its spying and cybersecurity missions, and that led to a broad collapse in trust between the private security industry, its customers and the government, the head of security pioneer RSA said on Tuesday.

RSA has come under criticism after a Reuters report in December revealed the company had secretly accepted a $10 million contract from the NSA to make a now-discredited cryptography system the default in software used by all manner of Internet and computer security programs.

The system was based on a formula for generating random numbers that was created by the NSA to embed "back doors" in encryption products that the spy agency could then crack, according to documents leaked by former NSA contractor Edward Snowden.

Advertisement

RSA Executive Chairman Art Coviello said on Tuesday that his company, a unit of EMC Corp , had adopted the formula because it thought it was dealing with NSA officials trying to improve protection for the government and critical security industry.

"When or if the NSA blurs the line between its defensive and intelligence-gathering roles and exploits a position of trust, that's a problem," Coviello said in the opening speech of the RSA Conference, the world's largest gathering of cyber security professionals, in San Francisco.

Advertisement

Coviello said the spy agency should spin off its cyber defensive work to another body to avoid pollution of the mission and distrust. A White House advisory panel had recently made a similar recommendation, though it was not endorsed by President Barack Obama or NSA leaders.

A senior White House official told Reuters on Tuesday that the administration opposed a spinoff, in part because cyber defensive efforts are strengthened by word of threats gleaned through the NSA's vast signal intelligence operation.

Advertisement

Two other recommendations by the advisory panel are still under consideration, the official said. One would sharply reduce the U.S. use of unreported flaws in software to break into networks. The other would bar the NSA from deliberately weakening encryption standards.

Both of those proposals featured in a debate later at the RSA conference featuring former NSA DirectorMichael Hayden and former White House counter terrorism and cybersecurity advisor Richard Clarke, who was one of the authors of the recommendations to President Barack Obama.

Advertisement

Hayden said the White House advisory panel's report had maintained that the government did not subvert cryptography. Clarke retorted: "The report did not say that, because that would not be true."

RSA conference
The speech by Coviello was by far RSA's most expansive remarks on the subject since the Reuters report prompted more than 10 speakers to withdraw from the conference. Still, the event is drawing a record 25,000 attendees.

Coviello said RSA's core cryptographic patents had expired by the time of the NSA deal and that it had turned to standards put forward by industry and government groups, including the National Institute of Standards and Technology.

NIST supported the NSA formula for generating random numbers, called Dual Elliptic Curve, until the Snowden documents suggested it allowed the agency a back door.

Snowden, who is living in temporary asylum in Russia, set off a global furor last year when he exposed some of the U.S. government's most secretive electronic espionage programs. The leaks led to Obama announcing in January a ban on U.S. eavesdropping on the leaders of close allies, and other reforms to rein in the NSA's surveillance practices.

While Obama's proposals were designed to fend off concerns that U.S. surveillance has gone too far, the measures fell short of dismantling electronic spying programs.

Coviello said the United States and all other countries should renounce the use of cyber weapons, likening the severity and the stakes of the burgeoning digital arms race to the Cuban missile crisis.

Washington and other powers have embraced military computer programs such as Stuxnet, which stealthily destroyed Iranian nuclear centrifuges, because they are cost-effective, avoid bloodshed and deniable.

Coviello said the industry should push to reverse that trend because criminals ultimately benefit from such tools and the vulnerabilities in software that are left in place so that the weapons can be deployed.

"Those who seek military advantage riding on the back of this tiger will end up inside," Coviello said."

© Thomson Reuters 2014
 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Poco M8s 5G Debuts Globally With 7,000mAh Battery: See Price, Features
  2. OnePlus Ace 6 Ultra's Key Specifications Surface via Geekbench Listing
  3. Motorola Edge 70 Fusion Review
  4. Redmi K90 Max Debuts With Active Cooling Fan, 8,550mAh Battery: See Price
  5. Oppo Find X9 Ultra Battery, Chipset Details Revealed Ahead of Global Launch
  6. Oppo Find X9 Ultra With 200-Megapixel Periscope Camera Launched Globally
  7. Motorola Razr 2026 Launch Date Teased Alongside Design and Colour Options
  8. Vivo X300 FE Roundup: Expected Price in India, Specifications
  9. iPhone 18 May Not Arrive With Hardware Upgrades as Apple Cuts Costs: Report
  10. Oppo Enco Clip 2 With Open-Ear Design, Launched Alongside Oppo Watch X3 Mini
  1. NASA Shuts Down Voyager 1 Instrument to Extend Mission Life in Deep Space
  2. Oppo Enco Clip 2 With Open-Ear Design, Up to 40 Hours Total Battery Life Launched Alongside Oppo Watch X3 Mini
  3. Vivo Y6t Launched With 6,500mAh Battery, Snapdragon 4 Gen 2 SoC: Price, Specifications
  4. OCBC Partners Lion Global Investors and DigiFT to Launch Tokenised Gold Fund With GOLDX Token
  5. Oppo Pad 5 Pro Launched With 13,380mAh Battery, Snapdragon 8 Elite Gen 5 SoC Alongside Oppo Pad Mini: Price, Features
  6. Redmi K90 Max Launched With Dimensity 9500 SoC, 8,550mAh Battery and Active Cooling Fan: Price, Specifications
  7. Oppo Find X9 Ultra Launched With Snapdragon 8 Elite Gen 5 SoC, 200-Megapixel Periscope Camera: Price, Specifications
  8. Oppo Find X9s Pro Launched With 200-Megapixel Cameras, 7,025mAh Battery: Price, Specifications
  9. OnePlus Ace 6 Ultra Geekbench Listing Reveals MediaTek Dimensity 9500 Chip, 16GB RAM
  10. Motorola Edge 70 Pro+ Leaked Renders Hint at Design, Five Colour Options
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.