802:—who were also members of the X9F1 group—wrote a patent application that described a backdoor for Dual_EC_DRBG identical to the NSA one. The patent application also described three ways to neutralize the backdoor. Two of these—ensuring that two arbitrary elliptic curve points P and Q used in Dual_EC_DRBG are independently chosen, and a smaller output length—were added to the standard as an option, though NSA's backdoored version of P and Q and large output length remained as the standard's default option. Kelsey said he knew of no implementers who actually generated their own non-backdoored P and Q, and there have been no reports of implementations using the smaller outlet.
365:
714:
only one of multiple choices available within BSAFE toolkits, and users have always been free to choose whichever one best suits their needs. We continued using the algorithm as an option within BSAFE toolkits as it gained acceptance as a NIST standard and because of its value in FIPS compliance. When concern surfaced around the algorithm in 2007, we continued to rely upon NIST as the arbiter of that discussion. When NIST issued new guidance recommending no further use of this algorithm in
September 2013, we adhered to that guidance, communicated that recommendation to customers and discussed the change openly in the media.
853:' Joseph Menn reported that NSA secretly paid RSA Security $ 10 million in 2004 to set Dual_EC_DRBG as the default CSPRNG in BSAFE. The story quoted former RSA Security employees as saying that "no alarms were raised because the deal was handled by business leaders rather than pure technologists". Interviewed by CNET, Schneier called the $ 10 million deal a bribe. RSA officials responded that they have not "entered into any contract or engaged in any project with the intention of weakening RSA’s products." Menn stood by his story, and media analysis noted that RSA's reply was a
907:) platform, with centralised log-management service that claims to "enable organisations to simplify compliance process as well as optimise security-incident management as they occur." On April 4, 2011, EMC purchased NetWitness and added it to the RSA group of products. NetWitness was a packet capture tool aimed at gaining full network visibility to detect security incidents. This tool was re-branded RSA Security Analytics and was a combination of RSA enVIsion and NetWitness as a SIEM tool that did log and packet capture.
40:
597:
670:. The success of this company is the worst thing that can happen to them. To them, we're the real enemy, we're the real target. We have the system that they're most afraid of. If the U.S. adopted RSA as a standard, you would have a truly international, interoperable, unbreakable, easy-to-use encryption technology. And all those things together are so synergistically threatening to the N.S.A.'s interests that it's driving them into a frenzy.
631:
319:
872:, who cited RSA's denial of the alleged $ 10 million payment by the NSA as suspicious. Hyppönen announced his intention to give his talk, "Governments as Malware Authors", at a conference quickly set up in reaction to the reports: TrustyCon, to be held on the same day and one block away from the RSA Conference.
793:
RSA Security employees should have been aware, at least, that Dual_EC_DRBG might contain a backdoor. Three employees were members of the ANSI X9F1 Tool
Standards and Guidelines Group, to which Dual_EC_DRBG had been submitted for consideration in the early 2000s. The possibility that the random number
713:
We made the decision to use Dual EC DRBG as the default in BSAFE toolkits in 2004, in the context of an industry-wide effort to develop newer, stronger methods of encryption. At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption. This algorithm is
699:
The relationship shifted from adversarial to cooperative after Bidzos stepped down as CEO in 1999, according to Victor Chan, who led RSA's department of engineering until 2005: "When I joined there were 10 people in the labs, and we were fighting the NSA. It became a very different company later on."
845:
published its article, RSA Security recommended that users switch away from Dual_EC_DRBG, but denied that they had deliberately inserted a backdoor. RSA Security officials have largely declined to explain why they did not remove the dubious random number generator once the flaws became known, or why
891:
RSA is most known for its SecurID product, which provides two-factor authentication to hundreds of technologies utilizing hardware tokens that rotate keys on timed intervals, software tokens, and one-time codes. In 2016, RSA re-branded the SecurID platform as RSA SecurID Access. This release added
818:
called the possible NSA backdoor "rather obvious", and wondered why NSA bothered pushing to have Dual_EC_DRBG included, when the general poor quality and possible backdoor would ensure that nobody would ever use it. There does not seem to have been a general awareness that RSA Security had made it
163:
RSA Access
Manager, RSA Adaptive Authentication, RSA Adaptive Authentication for eCommerce, RSA Archer Suite, RSA Authentication Manager, RSA Cybercrime Intelligence, RSA Data Loss Prevention, RSA Digital Certificate Solutions, RSA Federated Identity Manager, RSA FraudAction Services, RSA Identity
809:
standard with the default settings enabling the backdoor, largely at the behest of NSA officials, who had cited RSA Security's early use of the random number generator as an argument for its inclusion. The standard did also not fix the unrelated (to the backdoor) problem that the CSPRNG was
895:
The RSA SecurID Suite also contains the RSA Identity
Governance and Lifecycle software (formally Aveksa). The software provides visibility of who has access to what within an organization and manages that access with various capabilities such as access review, request and provisioning.
813:
ANSI standard group members and
Microsoft employees Dan Shumow and Niels Ferguson made a public presentation about the backdoor in 2007. Commenting on Shumow and Ferguson's presentation, prominent security researcher and cryptographer
910:
The RSA Archer GRC platform is software that supports business-level management of governance, risk management, and compliance (GRC). The product was originally developed by Archer
Technologies, which EMC acquired in 2010.
500:
In 2009, RSA launched the RSA Share
Project. As part of this project, some of the RSA BSAFE libraries were made available for free. To promote the launch, RSA ran a programming competition with a US$ 10,000 first
684:, an encryption chip with a backdoor that would allow the U.S. government to decrypt communications. The Clinton administration pressed telecommunications companies to use the chip in their devices, and relaxed
736:. Extended random did however make NSA's backdoor for Dual_EC_DRBG tens of thousands of times faster to use for attackers with the key to the Dual_EC_DRBG backdoor (presumably only NSA) because the extended
704:
random number generator in their BSAFE library, despite many indications that Dual_EC_DRBG was both of poor quality and possibly backdoored. RSA Security later released a statement about the Dual_EC_DRBG
879:, former RSA Security Executive Chairman Art Coviello defended RSA Security's choice to keep using Dual_EC_DRBG by saying "it became possible that concerns raised in 2007 might have merit" only after
164:
Governance and
Lifecycle, RSA NetWitness Endpoint, RSA NetWitness Investigator, RSA NetWitness Orchestrator, RSA NetWitness Platform, RSA NetWitness UEBA, RSA SecurID Access, RSA Web Threat Detection
515:
In 2011, RSA introduced a new CyberCrime
Intelligence Service designed to help organizations identify computers, information assets and identities compromised by trojans and other online attacks.
838:
reported, was the Dual_EC_DRBG backdoor. With the renewed focus on Dual_EC_DRBG, it was noted that RSA Security's BSAFE used Dual_EC_DRBG by default, which had not previously been widely known.
830:, revealed that the NSA worked to "Insert vulnerabilities into commercial encryption systems, IT systems, networks, and endpoint communications devices used by targets" as part of the
2148:
1254:
999:
282:
in 2016, RSA became part of the Dell
Technologies family of brands. On 10 March 2020, Dell Technologies announced that they will be selling RSA Security to a consortium, led by
692:
and others in opposing the Clipper Chip by, among other things, distributing posters with a foundering sailing ship and the words "Sink Clipper!" RSA Security also created the
2237:
2261:
1629:
748:
version already made the internal state fast enough to determine. And indeed, RSA Security only implemented extended random in its Java implementation of Dual_EC_DRBG.
761:
1360:
1651:
732:
standard championed by NSA. Later cryptanalysis showed that extended random did not add any security, and it was rejected by the prominent standards group
2198:
2438:
2418:
618:
products. The attack was similar to the Sykipot attacks, the July 2011 SK Communications hack, and the NightDragon series of attacks. RSA called it an
1025:
2453:
1386:
2423:
2413:
2074:
1989:
1488:
1141:
2443:
1933:, "Kleptography: Using Cryptography Against Cryptography" In Proceedings of Eurocrypt '97, W. Fumy (Ed.), Springer-Verlag, pages 62–74, 1997.
1697:
1665:
1306:
2053:
2458:
857:, which denied only that company officials knew about the backdoor when they agreed to the deal, an assertion Menn's story did not make.
685:
2021:
1514:
1073:
1003:
1166:
846:
they did not implement the simple mitigation that NIST added to the standard to neutralize the suggested and later verified backdoor.
810:
predictable, which Gjøsteen had pointed out earlier in 2006, and which led Gjøsteen to call Dual_EC_DRBG not cryptographically sound.
2244:
2211:
650:
have noted that the two once had an adversarial relationship. In its early years, RSA and its leaders were prominent advocates of
2428:
2269:
778:. The backdoor could have made data encrypted with these tools much easier to break for the NSA, which would have had the secret
522:
2088:
1536:
443:, a privately held company that developed and delivered digital certificate-based products for securing e-business transactions.
2448:
1960:
1604:
2291:
2102:
1943:
1756:
1281:
388:
2359:
1860:
1823:
2433:
1456:
969:
794:
generator could contain a backdoor was "first raised in an ANSI X9 meeting", according to John Kelsey, a co-author of the
2408:
2162:
567:
products (including the Data Protection Manager product) and customer agreements, including maintenance and support, to
827:
688:
on products that used it. (Such restrictions had prevented RSA Security from selling its software abroad.) RSA joined
700:
For example, RSA was reported to have accepted $ 10 million from the NSA in 2004 in a deal to use the NSA-designed
655:
406:
In 1995, RSA sent a handful of people across the hall to found Digital Certificates International, better known as
17:
786:, and is, essentially, an instance of the Diffie Hellman kleptographic attack published in 1997 by Adam Young and
744:
version was hard to crack without extended random since the caching of Dual_EC_DRBG output in e.g. RSA Security's
230:
company with a focus on encryption and decryption standards. RSA was named after the initials of its co-founders,
1364:
892:
Single-Sign-On capabilities and cloud authentication for resources using SAML 2.0 and other types of federation.
733:
1887:
1115:
582:. RSA became an independent company, one of the world’s largest cybersecurity and risk management organizations.
1214:
1789:
1742:
1724:
1167:"EMC Announces Definitive Agreement to Acquire RSA Security, Further Advancing Information-Centric Security"
1029:
387:
in 1977, founded RSA Data Security in 1982. The company acquired a "worldwide exclusive license" from the
2149:"RSA's 'Denial' Concerning $ 10 Million From The NSA To Promote Broken Crypto Not Really A Denial At All"
741:
1511:"EMC Acquires Aveksa Inc., Leading Provider of Business-Driven Identity and Access Management Solutions"
740:
in extended random made part of the internal state of Dual_EC_DRBG easier to guess. Only RSA Security's
1390:
619:
1845:
1215:"RSA® Emerges as Independent Company Following Completion of Acquisition by Symphony Technology Group"
263:
libraries were also initially owned by RSA. RSA is known for incorporating backdoors developed by the
1996:
1192:
615:
575:
552:
545:
294:
283:
184:
125:
2382:"EMC to Acquire Archer Technologies, Leading Provider Of IT Governance Risk and Compliance Software"
930:
769:
643:
433:
264:
1672:
1316:
925:
860:
In the wake of the reports, several industry experts cancelled their planned talks at RSA's 2014
779:
246:
798:
standard that contains Dual_EC_DRBG. In January 2005, two employees of the cryptography company
696:
to show that the widely used DES encryption was breakable by well-funded entities like the NSA.
745:
659:
622:. Today, SecurID is more commonly used as a software token rather than older physical tokens.
609:
364:
2180:
2128:
1944:
A Few Thoughts on Cryptographic Engineering: A few more notes on NSA random number generators
1474:
1051:
2381:
2334:
1510:
472:
company specializing in online security and anti-fraud solutions for financial institutions.
278:
in 2006 for US$ 2.1 billion and operated as a division within EMC. When EMC was acquired by
1170:
775:
689:
62:
8:
831:
737:
651:
462:
2215:
290:(AlpInvest) for US$ 2.1 billion, the same price when it was bought by EMC back in 2006.
1387:"EMC Completes RSA Security Acquisition, Announces Acquisition of Network Intelligence"
287:
1475:"The file that hacked RSA: How we found it - F-Secure Weblog : News from the Lab"
340:
2015:
1645:
854:
579:
568:
556:
541:
530:
518:
In July 2013, RSA acquired Aveksa the leader in Identity and Access Governance sector
508:
and its most valuable secrets were leaked, compromising the security of all existing
279:
223:
865:
2106:
1311:
1239:
490:
482:
On September 14, 2006, RSA stockholders approved the acquisition of the company by
227:
1864:
970:"Distributed Team Cracks Hidden Message in RSA's 56-Bit RC5 Secret-Key Challenge"
806:
795:
729:
526:
483:
384:
380:
275:
243:
239:
111:
1976:
1342:
2312:
1328:
973:
945:
920:
876:
861:
815:
693:
601:
429:
268:
179:
2402:
1977:
Patent CA2594670A1 - Elliptic curve random number generation - Google Patents
772:
757:
706:
680:
In the mid-1990s, RSA and Bidzos led a "fierce" public campaign against the
2133:
783:
765:
701:
681:
647:
646:
has changed over the years. Reuters' Joseph Menn and cybersecurity analyst
634:
RSA Security campaigned against the Clipper Chip backdoor in the so-called
534:
396:
344:
260:
1888:"Exclusive: NSA infiltrated RSA security more deeply than thought - study"
1433:
2129:"RSA comes out swinging at claims it took NSA's $ 10m to backdoor crypto"
2036:
940:
635:
509:
1000:"Growing Up with Alice and Bob: Three Decades with the RSA Cryptosystem"
630:
274:
Founded as an independent company in 1982, RSA Security was acquired by
2075:"We don't enable backdoors in our crypto products, RSA tells customers"
1094:
667:
451:
450:, a privately held company that developed and delivered smart card and
400:
376:
372:
235:
231:
216:
149:
106:
101:
48:
2037:"On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng"
1930:
1579:
819:
the default in some of its products in 2004, until the Snowden leak.
787:
666:
For almost 10 years, I've been going toe to toe with these people at
596:
521:
On September 7, 2016, RSA was acquired by and became a subsidiary of
333:
302:
298:
249:
39:
1790:"Exclusive: Secret contract tied NSA and security industry pioneer"
1725:"Exclusive: Secret contract tied NSA and security industry pioneer"
869:
799:
407:
329:
2199:“TrustyCon” security counter-convention planned for RSA refusniks
2181:"News from the Lab Archive : January 2004 to September 2015"
850:
725:
432:
which led to the first public breaking of a message based on the
253:
391:
to a patent on the RSA cryptosystem technology granted in 1983.
2262:"RSA Changes the Identity Game: Unveils New RSA SecurID® Suite"
1912:
1116:"NSA infiltrated RSA security more deeply than thought - study"
782:
to the backdoor. Scientifically speaking, the backdoor employs
469:
286:, Ontario Teachers’ Pension Plan Board (Ontario Teachers’) and
1457:"The Full Story of the Stunning RSA Hack Can Finally be Told"
935:
564:
560:
544:
announced their intention to sell RSA for $ 2.075 billion to
494:
257:
2054:"Secret Documents Reveal N.S.A. Campaign Against Encryption"
1946:. Blog.cryptographyengineering.com. Retrieved on 2014-05-11.
1632:. July 20, 2023. Archived from the original on July 20, 2023
1561:
1240:"About RSA | Cybersecurity and Digital Risk Management"
1142:"RSA endowed crypto product with second NSA-influenced code"
1412:
904:
880:
2103:"RSA Response to Media Claims Regarding NSA Relationship"
1861:"RSA Response to Media Claims Regarding NSA Relationship"
1580:"Learn About Archer Integrated Risk Management Solutions"
638:, including the use of this iconic poster in the debate.
461:, a privately held company that produced ClearTrust, an
2163:"RSA Conference speakers begin to bail, thanks to NSA"
1434:"Announcing the RSA Share Project Programming Contest"
762:
cryptographically secure pseudorandom number generator
468:
In December 2005, it acquired Cyota, a privately held
1671:. Command Five Pty Ltd. February 2012. Archived from
1389:. Rsasecurity.com. September 18, 2006. Archived from
1343:"Business & Innovation | The Jerusalem Post"
805:
Nevertheless, NIST included Dual_EC_DRBG in its 2006
195:
760:
and Data Protection Manager—that included a default
1979:. Google.com (2011-01-24). Retrieved on 2014-05-11.
1745:. Jeffreycarr.blogspot.dk. Retrieved on 2014-05-11.
2089:"Security firm RSA took millions from NSA: report"
614:On March 17, 2011, RSA disclosed an attack on its
1913:"TrustNet Cybersecurity and Compliance Solutions"
756:From 2004 to 2013, RSA shipped security software—
2400:
1650:: CS1 maint: bot: original URL status unknown (
1169:. Rsasecurity.com. June 29, 2006. Archived from
1698:"RSA hit by advanced persistent threat attacks"
768:, that was later suspected to contain a secret
497:company specializing in file and data security.
2238:"RSA Conference 2014 Keynote for Art Coviello"
2212:"Arthur W. Coviello Jr. | RSA Conference"
1824:"RSA warns developers not to use RSA products"
1743:Digital Dao: NSA's $ 10M RSA Contract: Origins
1246:
964:
962:
960:
428:In January 1997, it proposed the first of the
267:in its products. It also organizes the annual
1821:
1161:
1159:
368:RSA headquarters in Chelmsford, Massachusetts
1787:
1537:"BSAFE support and billing update | Dell US"
751:
578:(STG) completed its acquisition of RSA from
505:
1936:
1839:
1837:
1835:
1833:
1754:
1722:
1361:"EMC Newsroom: EMC News and Press Releases"
957:
834:program. One of these vulnerabilities, the
610:SecurID § March 2011 system compromise
563:product line. To that end, RSA transferred
2034:
1843:
1783:
1781:
1779:
1777:
1315:. June 8, 2001. p. 47. Archived from
1156:
591:
559:made the strategic decision to retain the
252:was also named. Among its products is the
2439:Companies based in Bedford, Massachusetts
2419:Software companies based in Massachusetts
2292:"RSA Identity Governance & Lifecycle"
2191:
1954:
1952:
1690:
1666:"Command and Control in the Fifth Domain"
1134:
1108:
993:
991:
901:security information and event management
2335:"Press Release: EMC Acquires Netwitness"
2201:. Ars Technica. Retrieved on 2014-05-11.
1830:
1817:
1815:
1813:
1811:
629:
625:
595:
489:In 2007, RSA acquired Valyd Software, a
363:
2454:Software companies of the United States
2046:
1774:
1716:
1252:
997:
523:Dell EMC Infrastructure Solutions Group
14:
2424:Software companies established in 1982
2414:American companies established in 1982
2401:
2069:
2067:
2020:: CS1 maint: archived copy as title (
1970:
1958:
1949:
988:
654:for public use, while the NSA and the
551:In anticipation of the sale of RSA to
305:, and numerous international offices.
271:, an information security conference.
1808:
1517:from the original on October 27, 2017
1489:"RSA CyberCrime Intelligence Service"
1454:
675:RSA president James Bidzos, June 1994
662:sought to prevent its proliferation.
389:Massachusetts Institute of Technology
2444:1982 establishments in Massachusetts
1923:
1885:
1822:Matthew Green (September 20, 2013).
1735:
1279:
312:
2243:. February 25, 2014. Archived from
2077:. Ars Technica. September 20, 2013.
2064:
1846:"The Strange Story of Dual_EC_DRBG"
1052:"Amit Yoran Named President at RSA"
1026:"Rohit Ghai Named President at RSA"
883:acknowledged the problems in 2013.
72:Network Security and Authentication
24:
2459:Private equity portfolio companies
1788:Menn, Joseph (December 20, 2013).
1074:"RSA Security LLC Company Profile"
998:Kaliski, Burt (October 22, 1997).
972:. October 22, 1997. Archived from
724:In March 2014, it was reported by
27:American computer security company
25:
2470:
1723:Joseph Menn (December 20, 2013).
1513:. EMC Corporation. July 8, 2013.
719:RSA, The Security Division of EMC
1917:TrustNet Cybersecurity Solutions
1193:"Dell Technologies - Who We Are"
533:in a cash and stock deal led by
317:
297:, with regional headquarters in
38:
2374:
2352:
2327:
2305:
2284:
2254:
2230:
2204:
2173:
2155:
2141:
2121:
2095:
2081:
2028:
1982:
1905:
1886:Menn, Joseph (March 31, 2014).
1879:
1858:
1852:
1748:
1658:
1622:
1597:
1572:
1554:
1529:
1503:
1481:
1467:
1448:
1426:
1405:
1379:
1353:
1335:
1307:"RSA Security buys Va. company"
1299:
1280:Levy, Stephen (June 12, 1994).
1273:
1232:
1207:
1185:
734:Internet Engineering Task Force
284:Symphony Technology Group (STG)
2429:Former certificate authorities
2197:Gallagher, Sean. (2014-01-21)
2151:. techdirt. December 23, 2013.
2105:. RSA Security. Archived from
2035:Shumow, Dan; Ferguson, Niels.
1959:Kelsey, John (December 2013).
1144:. Ars Technica. March 31, 2014
1087:
1066:
1044:
1018:
728:that RSA had also adapted the
586:
439:In February 2001, it acquired
332:format but may read better as
13:
1:
2449:2020 mergers and acquisitions
1942:Green, Matthew. (2013-12-28)
1755:Steven Levy (June 12, 1994).
951:
395:In 1994, RSA was against the
1757:"Battle of the Clipper Chip"
1741:Carr, Jeffrey. (2014-01-06)
1282:"Battle of the Clipper Chip"
1253:Bennett, Ralph (July 1985).
868:, a Finnish researcher with
642:RSA's relationship with the
457:In August 2001, it acquired
7:
2434:Computer security companies
914:
886:
525:through the acquisition of
475:In April 2006, it acquired
459:Securant Technologies, Inc.
82:; 42 years ago
10:
2475:
2409:Cryptography organizations
620:advanced persistent threat
607:
506:suffered a security breach
446:In June 2001, it acquired
308:
256:authentication token. The
1961:"800-90 and Dual EC DRBG"
1630:"Archer History Timeline"
1605:"Archer History Timeline"
1363:. Emc.com. Archived from
752:NSA Dual_EC_DRBG backdoor
616:two-factor authentication
576:Symphony Technology Group
553:Symphony Technology Group
546:Symphony Technology Group
441:Xcert International, Inc.
295:Chelmsford, Massachusetts
190:
185:Symphony Technology Group
178:
168:
159:
146:Rohit Ghai (2017-present)
137:
120:
94:
76:
68:
58:
46:
37:
931:RSA Secret-Key Challenge
770:National Security Agency
452:biometric authentication
434:Data Encryption Standard
413:The company then called
385:RSA encryption algorithm
1195:. Dell Technologies Inc
926:RSA Factoring Challenge
822:In September 2013, the
660:Clinton administrations
592:SecurID security breach
486:for $ 2.1 billion.
448:3-G International, Inc.
341:converting this section
247:public key cryptography
746:C programming language
722:
678:
639:
605:
574:On September 1, 2020,
540:On February 18, 2020,
369:
2360:"RSA Archer Platform"
1032:on September 24, 2020
1006:on September 29, 2011
976:on September 29, 2011
849:On 20 December 2013,
711:
664:
633:
626:Relationship with NSA
599:
367:
2185:archive.f-secure.com
2109:on December 23, 2013
1678:on February 27, 2012
1367:on December 10, 2007
383:, who developed the
1413:"RSA Share Project"
1393:on December 9, 2006
1319:on January 23, 2024
1255:"Public-Key Patent"
1173:on October 20, 2006
686:export restrictions
652:strong cryptography
504:In March 2011, RSA
463:identity management
170:Number of employees
34:
1562:"News & Press"
1286:The New York Times
1054:. October 29, 2014
899:RSA enVision is a
690:civil libertarians
640:
606:
370:
343:, if appropriate.
288:AlpInvest Partners
213:RSA Security, Inc.
32:
2272:on August 2, 2017
2250:on July 14, 2014.
1568:. April 24, 2023.
1455:Greenberg, Andy.
864:. Among them was
855:non-denial denial
826:, drawing on the
580:Dell Technologies
569:Dell Technologies
557:Dell Technologies
542:Dell Technologies
531:Dell Technologies
477:PassMark Security
421:in July 1996 and
419:RSA Data Security
415:Security Dynamics
362:
361:
280:Dell Technologies
242:, after whom the
222:, is an American
206:
205:
16:(Redirected from
2466:
2394:
2393:
2391:
2389:
2378:
2372:
2371:
2369:
2367:
2356:
2350:
2349:
2347:
2345:
2331:
2325:
2324:
2322:
2320:
2309:
2303:
2302:
2300:
2298:
2288:
2282:
2281:
2279:
2277:
2268:. Archived from
2258:
2252:
2251:
2249:
2242:
2234:
2228:
2227:
2225:
2223:
2218:on July 16, 2015
2214:. Archived from
2208:
2202:
2195:
2189:
2188:
2177:
2171:
2170:
2159:
2153:
2152:
2145:
2139:
2138:
2125:
2119:
2118:
2116:
2114:
2099:
2093:
2092:
2085:
2079:
2078:
2071:
2062:
2061:
2050:
2044:
2043:
2041:
2032:
2026:
2025:
2019:
2011:
2009:
2007:
2001:
1995:. Archived from
1994:
1986:
1980:
1974:
1968:
1967:
1965:
1956:
1947:
1940:
1934:
1927:
1921:
1920:
1909:
1903:
1902:
1900:
1898:
1883:
1877:
1876:
1874:
1872:
1867:on March 8, 2014
1863:. Archived from
1856:
1850:
1849:
1844:Bruce Schneier.
1841:
1828:
1827:
1819:
1806:
1805:
1803:
1801:
1785:
1772:
1771:
1769:
1767:
1752:
1746:
1739:
1733:
1732:
1720:
1714:
1713:
1711:
1709:
1704:. March 18, 2011
1694:
1688:
1687:
1685:
1683:
1677:
1670:
1662:
1656:
1655:
1649:
1641:
1639:
1637:
1626:
1620:
1619:
1617:
1615:
1601:
1595:
1594:
1592:
1590:
1576:
1570:
1569:
1558:
1552:
1551:
1549:
1547:
1533:
1527:
1526:
1524:
1522:
1507:
1501:
1500:
1498:
1496:
1485:
1479:
1478:
1471:
1465:
1464:
1452:
1446:
1445:
1443:
1441:
1436:. March 24, 2009
1430:
1424:
1423:
1421:
1419:
1409:
1403:
1402:
1400:
1398:
1383:
1377:
1376:
1374:
1372:
1357:
1351:
1350:
1339:
1333:
1332:
1326:
1324:
1312:The Boston Globe
1303:
1297:
1296:
1294:
1292:
1277:
1271:
1270:
1268:
1266:
1250:
1244:
1243:
1236:
1230:
1229:
1227:
1225:
1211:
1205:
1204:
1202:
1200:
1189:
1183:
1182:
1180:
1178:
1163:
1154:
1153:
1151:
1149:
1138:
1132:
1131:
1129:
1127:
1122:. March 31, 2014
1112:
1106:
1105:
1103:
1101:
1091:
1085:
1084:
1082:
1080:
1070:
1064:
1063:
1061:
1059:
1048:
1042:
1041:
1039:
1037:
1028:. Archived from
1022:
1016:
1015:
1013:
1011:
1002:. Archived from
995:
986:
985:
983:
981:
966:
720:
676:
571:on July 1, 2020.
357:
354:
348:
339:You can help by
321:
320:
313:
293:RSA is based in
228:network security
209:RSA Security LLC
202:
199:
197:
90:
88:
83:
42:
35:
33:RSA Security LLC
31:
21:
18:RSA Laboratories
2474:
2473:
2469:
2468:
2467:
2465:
2464:
2463:
2399:
2398:
2397:
2387:
2385:
2380:
2379:
2375:
2365:
2363:
2358:
2357:
2353:
2343:
2341:
2333:
2332:
2328:
2318:
2316:
2311:
2310:
2306:
2296:
2294:
2290:
2289:
2285:
2275:
2273:
2260:
2259:
2255:
2247:
2240:
2236:
2235:
2231:
2221:
2219:
2210:
2209:
2205:
2196:
2192:
2179:
2178:
2174:
2161:
2160:
2156:
2147:
2146:
2142:
2127:
2126:
2122:
2112:
2110:
2101:
2100:
2096:
2087:
2086:
2082:
2073:
2072:
2065:
2052:
2051:
2047:
2039:
2033:
2029:
2013:
2012:
2005:
2003:
2002:on May 25, 2011
1999:
1992:
1990:"Archived copy"
1988:
1987:
1983:
1975:
1971:
1963:
1957:
1950:
1941:
1937:
1928:
1924:
1911:
1910:
1906:
1896:
1894:
1884:
1880:
1870:
1868:
1857:
1853:
1842:
1831:
1820:
1809:
1799:
1797:
1796:. San Francisco
1786:
1775:
1765:
1763:
1753:
1749:
1740:
1736:
1721:
1717:
1707:
1705:
1702:Computer Weekly
1696:
1695:
1691:
1681:
1679:
1675:
1668:
1664:
1663:
1659:
1643:
1642:
1635:
1633:
1628:
1627:
1623:
1613:
1611:
1603:
1602:
1598:
1588:
1586:
1578:
1577:
1573:
1560:
1559:
1555:
1545:
1543:
1535:
1534:
1530:
1520:
1518:
1509:
1508:
1504:
1494:
1492:
1487:
1486:
1482:
1473:
1472:
1468:
1453:
1449:
1439:
1437:
1432:
1431:
1427:
1417:
1415:
1411:
1410:
1406:
1396:
1394:
1385:
1384:
1380:
1370:
1368:
1359:
1358:
1354:
1341:
1340:
1336:
1322:
1320:
1305:
1304:
1300:
1290:
1288:
1278:
1274:
1264:
1262:
1251:
1247:
1238:
1237:
1233:
1223:
1221:
1213:
1212:
1208:
1198:
1196:
1191:
1190:
1186:
1176:
1174:
1165:
1164:
1157:
1147:
1145:
1140:
1139:
1135:
1125:
1123:
1114:
1113:
1109:
1099:
1097:
1093:
1092:
1088:
1078:
1076:
1072:
1071:
1067:
1057:
1055:
1050:
1049:
1045:
1035:
1033:
1024:
1023:
1019:
1009:
1007:
996:
989:
979:
977:
968:
967:
958:
954:
917:
889:
807:NIST SP 800-90A
796:NIST SP 800-90A
754:
730:extended random
721:
718:
677:
674:
628:
612:
602:security tokens
594:
589:
527:EMC Corporation
484:EMC Corporation
381:Leonard Adleman
358:
352:
349:
338:
322:
318:
311:
276:EMC Corporation
240:Leonard Adleman
194:
171:
155:
140:
133:
129:
128:, Massachusetts
116:
112:Leonard Adleman
86:
84:
81:
51:
28:
23:
22:
15:
12:
11:
5:
2472:
2462:
2461:
2456:
2451:
2446:
2441:
2436:
2431:
2426:
2421:
2416:
2411:
2396:
2395:
2373:
2351:
2326:
2313:"RSA Envision"
2304:
2283:
2253:
2229:
2203:
2190:
2172:
2154:
2140:
2120:
2094:
2080:
2063:
2058:New York Times
2045:
2027:
1981:
1969:
1948:
1935:
1922:
1904:
1878:
1851:
1829:
1807:
1773:
1761:New York Times
1747:
1734:
1715:
1689:
1657:
1621:
1596:
1571:
1553:
1528:
1502:
1480:
1466:
1447:
1425:
1404:
1378:
1352:
1334:
1329:Newspapers.com
1298:
1272:
1245:
1231:
1206:
1184:
1155:
1133:
1107:
1086:
1065:
1043:
1017:
987:
955:
953:
950:
949:
948:
946:Software token
943:
938:
933:
928:
923:
921:Hardware token
916:
913:
888:
885:
877:RSA Conference
866:Mikko Hyppönen
862:RSA Conference
843:New York Times
824:New York Times
816:Bruce Schneier
753:
750:
716:
694:DES Challenges
672:
627:
624:
608:Main article:
593:
590:
588:
585:
584:
583:
572:
549:
538:
519:
516:
513:
502:
498:
487:
480:
473:
466:
455:
444:
437:
430:DES Challenges
426:
411:
404:
360:
359:
325:
323:
316:
310:
307:
269:RSA Conference
204:
203:
192:
188:
187:
182:
176:
175:
172:
169:
166:
165:
161:
157:
156:
154:
153:
147:
143:
141:
138:
135:
134:
131:
124:
122:
118:
117:
115:
114:
109:
104:
98:
96:
92:
91:
78:
74:
73:
70:
66:
65:
60:
56:
55:
52:
47:
44:
43:
26:
9:
6:
4:
3:
2:
2471:
2460:
2457:
2455:
2452:
2450:
2447:
2445:
2442:
2440:
2437:
2435:
2432:
2430:
2427:
2425:
2422:
2420:
2417:
2415:
2412:
2410:
2407:
2406:
2404:
2383:
2377:
2361:
2355:
2340:
2336:
2330:
2314:
2308:
2297:September 24,
2293:
2287:
2271:
2267:
2263:
2257:
2246:
2239:
2233:
2217:
2213:
2207:
2200:
2194:
2186:
2182:
2176:
2168:
2164:
2158:
2150:
2144:
2136:
2135:
2130:
2124:
2108:
2104:
2098:
2090:
2084:
2076:
2070:
2068:
2059:
2055:
2049:
2038:
2031:
2023:
2017:
1998:
1991:
1985:
1978:
1973:
1962:
1955:
1953:
1945:
1939:
1932:
1926:
1918:
1914:
1908:
1893:
1889:
1882:
1866:
1862:
1855:
1847:
1840:
1838:
1836:
1834:
1825:
1818:
1816:
1814:
1812:
1795:
1791:
1784:
1782:
1780:
1778:
1762:
1758:
1751:
1744:
1738:
1730:
1726:
1719:
1703:
1699:
1693:
1674:
1667:
1661:
1653:
1647:
1631:
1625:
1610:
1606:
1600:
1585:
1581:
1575:
1567:
1563:
1557:
1542:
1538:
1532:
1521:September 24,
1516:
1512:
1506:
1490:
1484:
1476:
1470:
1462:
1458:
1451:
1435:
1429:
1414:
1408:
1392:
1388:
1382:
1366:
1362:
1356:
1348:
1347:www.jpost.com
1344:
1338:
1330:
1318:
1314:
1313:
1308:
1302:
1287:
1283:
1276:
1260:
1256:
1249:
1241:
1235:
1220:
1216:
1210:
1194:
1188:
1172:
1168:
1162:
1160:
1143:
1137:
1121:
1117:
1111:
1096:
1095:"RSA History"
1090:
1075:
1069:
1053:
1047:
1031:
1027:
1021:
1005:
1001:
994:
992:
975:
971:
965:
963:
961:
956:
947:
944:
942:
939:
937:
934:
932:
929:
927:
924:
922:
919:
918:
912:
908:
906:
902:
897:
893:
884:
882:
878:
873:
871:
867:
863:
858:
856:
852:
847:
844:
839:
837:
833:
829:
828:Snowden leaks
825:
820:
817:
811:
808:
803:
801:
797:
791:
789:
785:
781:
777:
774:
773:kleptographic
771:
767:
763:
759:
758:BSAFE toolkit
749:
747:
743:
739:
735:
731:
727:
715:
710:
708:
707:kleptographic
703:
697:
695:
691:
687:
683:
671:
669:
663:
661:
657:
653:
649:
645:
637:
632:
623:
621:
617:
611:
603:
598:
581:
577:
573:
570:
566:
562:
558:
554:
550:
547:
543:
539:
536:
532:
528:
524:
520:
517:
514:
511:
507:
503:
499:
496:
492:
488:
485:
481:
478:
474:
471:
467:
464:
460:
456:
453:
449:
445:
442:
438:
435:
431:
427:
424:
420:
416:
412:
409:
405:
402:
398:
394:
393:
392:
390:
386:
382:
378:
374:
366:
356:
347:is available.
346:
342:
336:
335:
331:
326:This section
324:
315:
314:
306:
304:
300:
296:
291:
289:
285:
281:
277:
272:
270:
266:
262:
259:
255:
251:
248:
245:
241:
237:
233:
229:
225:
221:
218:
214:
210:
201:
193:
189:
186:
183:
181:
177:
173:
167:
162:
158:
151:
148:
145:
144:
142:
136:
132:United States
127:
123:
119:
113:
110:
108:
105:
103:
100:
99:
97:
93:
79:
75:
71:
67:
64:
61:
57:
53:
50:
45:
41:
36:
30:
19:
2386:. Retrieved
2376:
2366:November 13,
2364:. Retrieved
2354:
2342:. Retrieved
2338:
2329:
2319:December 19,
2317:. Retrieved
2307:
2295:. Retrieved
2286:
2274:. Retrieved
2270:the original
2265:
2256:
2245:the original
2232:
2220:. Retrieved
2216:the original
2206:
2193:
2184:
2175:
2166:
2157:
2143:
2134:The Register
2132:
2123:
2111:. Retrieved
2107:the original
2097:
2083:
2057:
2048:
2030:
2006:November 16,
2004:. Retrieved
1997:the original
1984:
1972:
1938:
1925:
1916:
1907:
1895:. Retrieved
1891:
1881:
1869:. Retrieved
1865:the original
1854:
1800:December 20,
1798:. Retrieved
1793:
1764:. Retrieved
1760:
1750:
1737:
1728:
1718:
1706:. Retrieved
1701:
1692:
1682:February 10,
1680:. Retrieved
1673:the original
1660:
1634:. Retrieved
1624:
1612:. Retrieved
1608:
1599:
1587:. Retrieved
1583:
1574:
1565:
1556:
1546:September 2,
1544:. Retrieved
1541:www.dell.com
1540:
1531:
1519:. Retrieved
1505:
1495:December 19,
1493:. Retrieved
1483:
1469:
1460:
1450:
1438:. Retrieved
1428:
1416:. Retrieved
1407:
1395:. Retrieved
1391:the original
1381:
1369:. Retrieved
1365:the original
1355:
1346:
1337:
1327:– via
1321:. Retrieved
1317:the original
1310:
1301:
1289:. Retrieved
1285:
1275:
1263:. Retrieved
1261:. p. 16
1258:
1248:
1234:
1222:. Retrieved
1218:
1209:
1199:September 9,
1197:. Retrieved
1187:
1175:. Retrieved
1171:the original
1146:. Retrieved
1136:
1124:. Retrieved
1119:
1110:
1098:. Retrieved
1089:
1077:. Retrieved
1068:
1058:December 29,
1056:. Retrieved
1046:
1034:. Retrieved
1030:the original
1020:
1008:. Retrieved
1004:the original
980:February 22,
978:. Retrieved
974:the original
909:
900:
898:
894:
890:
875:At the 2014
874:
859:
848:
842:
840:
835:
823:
821:
812:
804:
792:
784:kleptography
766:Dual EC DRBG
755:
723:
712:
702:Dual EC DRBG
698:
682:Clipper Chip
679:
665:
648:Jeffrey Carr
641:
613:
600:RSA SecurID
535:Michael Dell
476:
458:
447:
440:
422:
418:
414:
397:Clipper chip
371:
350:
345:Editing help
327:
292:
273:
261:cryptography
219:
212:
208:
207:
121:Headquarters
59:Company type
29:
2339:www.emc.com
2266:www.rsa.com
2113:January 20,
1323:January 23,
1291:October 19,
1224:November 2,
941:RSA SecurID
780:private key
636:Crypto Wars
587:Controversy
510:RSA SecurID
423:DynaSoft AB
399:during the
211:, formerly
152:(2014-2016)
63:Independent
2403:Categories
2388:August 28,
1929:A. Young,
1440:January 4,
1418:January 4,
1036:January 9,
952:References
841:After the
709:backdoor:
668:Fort Meade
401:Crypto War
377:Adi Shamir
373:Ron Rivest
236:Adi Shamir
232:Ron Rivest
217:trade name
150:Amit Yoran
139:Key people
126:Chelmsford
107:Adi Shamir
102:Ron Rivest
49:Trade name
1609:Genial.ly
1491:. rsa.com
1148:March 31,
1126:March 31,
1010:April 29,
788:Moti Yung
491:Hyderabad
454:products.
417:acquired
353:June 2023
303:Singapore
301:(UK) and
299:Bracknell
250:algorithm
2222:July 15,
2016:cite web
1897:April 4,
1871:March 8,
1766:March 8,
1646:cite web
1636:July 20,
1614:July 20,
1589:July 20,
1515:Archived
915:See also
887:Products
870:F-Secure
800:Certicom
776:backdoor
717:—
673:—
465:product.
425:in 1997.
408:VeriSign
224:computer
160:Products
69:Industry
2344:June 6,
2276:June 6,
2091:. CNET.
1966:. NIST.
1931:M. Yung
1892:Reuters
1794:Reuters
1729:Reuters
1397:May 12,
1371:May 12,
1265:May 21,
1219:RSA.com
1177:May 12,
1120:Reuters
1100:June 8,
1079:May 15,
851:Reuters
832:Bullrun
726:Reuters
512:tokens.
493:-based
470:Israeli
309:History
254:SecurID
191:Website
95:Founder
85: (
77:Founded
1708:May 4,
1584:Archer
738:nonces
501:prize.
495:Indian
328:is in
180:Parent
174:2,700+
2384:. EMC
2362:. EMC
2315:. EMC
2248:(PDF)
2241:(PDF)
2040:(PDF)
2000:(PDF)
1993:(PDF)
1964:(PDF)
1859:RSA.
1676:(PDF)
1669:(PDF)
1461:Wired
936:BSAFE
836:Times
565:BSAFE
561:BSAFE
334:prose
258:BSAFE
2390:2018
2368:2015
2346:2017
2321:2012
2299:2018
2278:2017
2224:2015
2167:CNET
2115:2014
2022:link
2008:2007
1899:2014
1873:2014
1802:2013
1768:2014
1710:2011
1684:2012
1652:link
1638:2023
1616:2023
1591:2023
1548:2020
1523:2018
1497:2013
1442:2013
1420:2013
1399:2012
1373:2012
1325:2024
1293:2017
1267:2023
1259:Byte
1226:2020
1201:2016
1179:2012
1150:2014
1128:2014
1102:2011
1081:2013
1060:2014
1038:2017
1012:2017
982:2009
905:SIEM
881:NIST
742:Java
658:and
656:Bush
379:and
330:list
238:and
226:and
215:and
200:.com
198:.rsa
87:1982
80:1982
1566:RSA
644:NSA
529:by
265:NSA
244:RSA
220:RSA
196:www
54:RSA
2405::
2337:.
2264:.
2183:.
2165:.
2131:.
2066:^
2056:.
2018:}}
2014:{{
1951:^
1915:.
1890:.
1832:^
1810:^
1792:.
1776:^
1759:.
1727:.
1700:.
1648:}}
1644:{{
1607:.
1582:.
1564:.
1539:.
1459:.
1345:.
1309:.
1284:.
1257:.
1217:.
1158:^
1118:.
990:^
959:^
790:.
764:,
555:,
375:,
234:,
130:,
2392:.
2370:.
2348:.
2323:.
2301:.
2280:.
2226:.
2187:.
2169:.
2137:.
2117:.
2060:.
2042:.
2024:)
2010:.
1919:.
1901:.
1875:.
1848:.
1826:.
1804:.
1770:.
1731:.
1712:.
1686:.
1654:)
1640:.
1618:.
1593:.
1550:.
1525:.
1499:.
1477:.
1463:.
1444:.
1422:.
1401:.
1375:.
1349:.
1331:.
1295:.
1269:.
1242:.
1228:.
1203:.
1181:.
1152:.
1130:.
1104:.
1083:.
1062:.
1040:.
1014:.
984:.
903:(
604:.
548:.
537:.
479:.
436:.
410:.
403:.
355:)
351:(
337:.
89:)
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.