791:—who were also members of the X9F1 group—wrote a patent application that described a backdoor for Dual_EC_DRBG identical to the NSA one. The patent application also described three ways to neutralize the backdoor. Two of these—ensuring that two arbitrary elliptic curve points P and Q used in Dual_EC_DRBG are independently chosen, and a smaller output length—were added to the standard as an option, though NSA's backdoored version of P and Q and large output length remained as the standard's default option. Kelsey said he knew of no implementers who actually generated their own non-backdoored P and Q, and there have been no reports of implementations using the smaller outlet.
354:
703:
only one of multiple choices available within BSAFE toolkits, and users have always been free to choose whichever one best suits their needs. We continued using the algorithm as an option within BSAFE toolkits as it gained acceptance as a NIST standard and because of its value in FIPS compliance. When concern surfaced around the algorithm in 2007, we continued to rely upon NIST as the arbiter of that discussion. When NIST issued new guidance recommending no further use of this algorithm in
September 2013, we adhered to that guidance, communicated that recommendation to customers and discussed the change openly in the media.
842:' Joseph Menn reported that NSA secretly paid RSA Security $ 10 million in 2004 to set Dual_EC_DRBG as the default CSPRNG in BSAFE. The story quoted former RSA Security employees as saying that "no alarms were raised because the deal was handled by business leaders rather than pure technologists". Interviewed by CNET, Schneier called the $ 10 million deal a bribe. RSA officials responded that they have not "entered into any contract or engaged in any project with the intention of weakening RSA’s products." Menn stood by his story, and media analysis noted that RSA's reply was a
896:) platform, with centralised log-management service that claims to "enable organisations to simplify compliance process as well as optimise security-incident management as they occur." On April 4, 2011, EMC purchased NetWitness and added it to the RSA group of products. NetWitness was a packet capture tool aimed at gaining full network visibility to detect security incidents. This tool was re-branded RSA Security Analytics and was a combination of RSA enVIsion and NetWitness as a SIEM tool that did log and packet capture.
29:
586:
659:. The success of this company is the worst thing that can happen to them. To them, we're the real enemy, we're the real target. We have the system that they're most afraid of. If the U.S. adopted RSA as a standard, you would have a truly international, interoperable, unbreakable, easy-to-use encryption technology. And all those things together are so synergistically threatening to the N.S.A.'s interests that it's driving them into a frenzy.
620:
308:
861:, who cited RSA's denial of the alleged $ 10 million payment by the NSA as suspicious. Hyppönen announced his intention to give his talk, "Governments as Malware Authors", at a conference quickly set up in reaction to the reports: TrustyCon, to be held on the same day and one block away from the RSA Conference.
782:
RSA Security employees should have been aware, at least, that Dual_EC_DRBG might contain a backdoor. Three employees were members of the ANSI X9F1 Tool
Standards and Guidelines Group, to which Dual_EC_DRBG had been submitted for consideration in the early 2000s. The possibility that the random number
702:
We made the decision to use Dual EC DRBG as the default in BSAFE toolkits in 2004, in the context of an industry-wide effort to develop newer, stronger methods of encryption. At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption. This algorithm is
688:
The relationship shifted from adversarial to cooperative after Bidzos stepped down as CEO in 1999, according to Victor Chan, who led RSA's department of engineering until 2005: "When I joined there were 10 people in the labs, and we were fighting the NSA. It became a very different company later on."
834:
published its article, RSA Security recommended that users switch away from Dual_EC_DRBG, but denied that they had deliberately inserted a backdoor. RSA Security officials have largely declined to explain why they did not remove the dubious random number generator once the flaws became known, or why
880:
RSA is most known for its SecurID product, which provides two-factor authentication to hundreds of technologies utilizing hardware tokens that rotate keys on timed intervals, software tokens, and one-time codes. In 2016, RSA re-branded the SecurID platform as RSA SecurID Access. This release added
807:
called the possible NSA backdoor "rather obvious", and wondered why NSA bothered pushing to have Dual_EC_DRBG included, when the general poor quality and possible backdoor would ensure that nobody would ever use it. There does not seem to have been a general awareness that RSA Security had made it
152:
RSA Access
Manager, RSA Adaptive Authentication, RSA Adaptive Authentication for eCommerce, RSA Archer Suite, RSA Authentication Manager, RSA Cybercrime Intelligence, RSA Data Loss Prevention, RSA Digital Certificate Solutions, RSA Federated Identity Manager, RSA FraudAction Services, RSA Identity
798:
standard with the default settings enabling the backdoor, largely at the behest of NSA officials, who had cited RSA Security's early use of the random number generator as an argument for its inclusion. The standard did also not fix the unrelated (to the backdoor) problem that the CSPRNG was
884:
The RSA SecurID Suite also contains the RSA Identity
Governance and Lifecycle software (formally Aveksa). The software provides visibility of who has access to what within an organization and manages that access with various capabilities such as access review, request and provisioning.
802:
ANSI standard group members and
Microsoft employees Dan Shumow and Niels Ferguson made a public presentation about the backdoor in 2007. Commenting on Shumow and Ferguson's presentation, prominent security researcher and cryptographer
899:
The RSA Archer GRC platform is software that supports business-level management of governance, risk management, and compliance (GRC). The product was originally developed by Archer
Technologies, which EMC acquired in 2010.
489:
In 2009, RSA launched the RSA Share
Project. As part of this project, some of the RSA BSAFE libraries were made available for free. To promote the launch, RSA ran a programming competition with a US$ 10,000 first
673:, an encryption chip with a backdoor that would allow the U.S. government to decrypt communications. The Clinton administration pressed telecommunications companies to use the chip in their devices, and relaxed
725:. Extended random did however make NSA's backdoor for Dual_EC_DRBG tens of thousands of times faster to use for attackers with the key to the Dual_EC_DRBG backdoor (presumably only NSA) because the extended
693:
random number generator in their BSAFE library, despite many indications that Dual_EC_DRBG was both of poor quality and possibly backdoored. RSA Security later released a statement about the Dual_EC_DRBG
868:, former RSA Security Executive Chairman Art Coviello defended RSA Security's choice to keep using Dual_EC_DRBG by saying "it became possible that concerns raised in 2007 might have merit" only after
153:
Governance and
Lifecycle, RSA NetWitness Endpoint, RSA NetWitness Investigator, RSA NetWitness Orchestrator, RSA NetWitness Platform, RSA NetWitness UEBA, RSA SecurID Access, RSA Web Threat Detection
504:
In 2011, RSA introduced a new CyberCrime
Intelligence Service designed to help organizations identify computers, information assets and identities compromised by trojans and other online attacks.
827:
reported, was the Dual_EC_DRBG backdoor. With the renewed focus on Dual_EC_DRBG, it was noted that RSA Security's BSAFE used Dual_EC_DRBG by default, which had not previously been widely known.
819:, revealed that the NSA worked to "Insert vulnerabilities into commercial encryption systems, IT systems, networks, and endpoint communications devices used by targets" as part of the
2137:
1243:
988:
271:
in 2016, RSA became part of the Dell
Technologies family of brands. On 10 March 2020, Dell Technologies announced that they will be selling RSA Security to a consortium, led by
681:
and others in opposing the Clipper Chip by, among other things, distributing posters with a foundering sailing ship and the words "Sink Clipper!" RSA Security also created the
2226:
2250:
1618:
737:
version already made the internal state fast enough to determine. And indeed, RSA Security only implemented extended random in its Java implementation of Dual_EC_DRBG.
750:
1349:
1640:
721:
standard championed by NSA. Later cryptanalysis showed that extended random did not add any security, and it was rejected by the prominent standards group
2187:
2427:
2407:
607:
products. The attack was similar to the Sykipot attacks, the July 2011 SK Communications hack, and the NightDragon series of attacks. RSA called it an
1014:
2442:
1375:
2412:
2402:
2063:
1978:
1477:
1130:
2432:
1922:, "Kleptography: Using Cryptography Against Cryptography" In Proceedings of Eurocrypt '97, W. Fumy (Ed.), Springer-Verlag, pages 62–74, 1997.
1686:
1654:
1295:
2042:
2447:
846:, which denied only that company officials knew about the backdoor when they agreed to the deal, an assertion Menn's story did not make.
674:
2010:
1503:
1062:
992:
1155:
835:
they did not implement the simple mitigation that NIST added to the standard to neutralize the suggested and later verified backdoor.
799:
predictable, which Gjøsteen had pointed out earlier in 2006, and which led Gjøsteen to call Dual_EC_DRBG not cryptographically sound.
2233:
2200:
639:
have noted that the two once had an adversarial relationship. In its early years, RSA and its leaders were prominent advocates of
2417:
2258:
767:. The backdoor could have made data encrypted with these tools much easier to break for the NSA, which would have had the secret
511:
2077:
1525:
432:, a privately held company that developed and delivered digital certificate-based products for securing e-business transactions.
2437:
1949:
1593:
2280:
2091:
1932:
1745:
1270:
377:
2348:
1849:
1812:
2422:
1445:
958:
783:
generator could contain a backdoor was "first raised in an ANSI X9 meeting", according to John Kelsey, a co-author of the
2397:
2151:
556:
products (including the Data Protection Manager product) and customer agreements, including maintenance and support, to
816:
677:
on products that used it. (Such restrictions had prevented RSA Security from selling its software abroad.) RSA joined
689:
For example, RSA was reported to have accepted $ 10 million from the NSA in 2004 in a deal to use the NSA-designed
644:
395:
In 1995, RSA sent a handful of people across the hall to found Digital Certificates International, better known as
775:, and is, essentially, an instance of the Diffie Hellman kleptographic attack published in 1997 by Adam Young and
733:
version was hard to crack without extended random since the caching of Dual_EC_DRBG output in e.g. RSA Security's
219:
company with a focus on encryption and decryption standards. RSA was named after the initials of its co-founders,
1353:
881:
Single-Sign-On capabilities and cloud authentication for resources using SAML 2.0 and other types of federation.
722:
1876:
1104:
571:. RSA became an independent company, one of the world’s largest cybersecurity and risk management organizations.
1203:
1778:
1731:
1713:
1156:"EMC Announces Definitive Agreement to Acquire RSA Security, Further Advancing Information-Centric Security"
1018:
376:
in 1977, founded RSA Data Security in 1982. The company acquired a "worldwide exclusive license" from the
2138:"RSA's 'Denial' Concerning $ 10 Million From The NSA To Promote Broken Crypto Not Really A Denial At All"
730:
1500:"EMC Acquires Aveksa Inc., Leading Provider of Business-Driven Identity and Access Management Solutions"
729:
in extended random made part of the internal state of Dual_EC_DRBG easier to guess. Only RSA Security's
1379:
608:
1834:
1204:"RSA® Emerges as Independent Company Following Completion of Acquisition by Symphony Technology Group"
252:
libraries were also initially owned by RSA. RSA is known for incorporating backdoors developed by the
1985:
1181:
604:
564:
541:
534:
283:
272:
173:
114:
2371:"EMC to Acquire Archer Technologies, Leading Provider Of IT Governance Risk and Compliance Software"
919:
758:
632:
422:
253:
1661:
1305:
914:
849:
In the wake of the reports, several industry experts cancelled their planned talks at RSA's 2014
768:
235:
787:
standard that contains Dual_EC_DRBG. In January 2005, two employees of the cryptography company
685:
to show that the widely used DES encryption was breakable by well-funded entities like the NSA.
734:
648:
611:. Today, SecurID is more commonly used as a software token rather than older physical tokens.
598:
353:
2169:
2117:
1933:
A Few Thoughts on Cryptographic Engineering: A few more notes on NSA random number generators
1463:
1040:
2370:
2323:
1499:
461:
company specializing in online security and anti-fraud solutions for financial institutions.
267:
in 2006 for US$ 2.1 billion and operated as a division within EMC. When EMC was acquired by
1159:
764:
678:
51:
8:
820:
726:
640:
451:
2204:
279:(AlpInvest) for US$ 2.1 billion, the same price when it was bought by EMC back in 2006.
1376:"EMC Completes RSA Security Acquisition, Announces Acquisition of Network Intelligence"
276:
1464:"The file that hacked RSA: How we found it - F-Secure Weblog : News from the Lab"
329:
2004:
1634:
843:
568:
557:
545:
530:
519:
507:
In July 2013, RSA acquired Aveksa the leader in Identity and Access Governance sector
497:
and its most valuable secrets were leaked, compromising the security of all existing
268:
212:
854:
2095:
1300:
1228:
479:
471:
On September 14, 2006, RSA stockholders approved the acquisition of the company by
216:
1853:
959:"Distributed Team Cracks Hidden Message in RSA's 56-Bit RC5 Secret-Key Challenge"
795:
784:
718:
515:
472:
373:
369:
264:
232:
228:
100:
1965:
1331:
2301:
1317:
962:
934:
909:
865:
850:
804:
682:
590:
418:
257:
168:
2391:
1966:
Patent CA2594670A1 - Elliptic curve random number generation - Google Patents
761:
746:
695:
669:
In the mid-1990s, RSA and Bidzos led a "fierce" public campaign against the
2122:
772:
754:
690:
670:
636:
635:
has changed over the years. Reuters' Joseph Menn and cybersecurity analyst
623:
RSA Security campaigned against the Clipper Chip backdoor in the so-called
523:
385:
333:
249:
1877:"Exclusive: NSA infiltrated RSA security more deeply than thought - study"
1422:
2118:"RSA comes out swinging at claims it took NSA's $ 10m to backdoor crypto"
2025:
929:
624:
498:
989:"Growing Up with Alice and Bob: Three Decades with the RSA Cryptosystem"
619:
263:
Founded as an independent company in 1982, RSA Security was acquired by
2064:"We don't enable backdoors in our crypto products, RSA tells customers"
1083:
656:
440:
439:, a privately held company that developed and delivered smart card and
389:
365:
361:
224:
220:
205:
138:
95:
90:
37:
2026:"On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng"
1919:
1568:
808:
the default in some of its products in 2004, until the Snowden leak.
776:
655:
For almost 10 years, I've been going toe to toe with these people at
585:
510:
On September 7, 2016, RSA was acquired by and became a subsidiary of
322:
291:
287:
238:
28:
1779:"Exclusive: Secret contract tied NSA and security industry pioneer"
1714:"Exclusive: Secret contract tied NSA and security industry pioneer"
858:
788:
396:
318:
2188:“TrustyCon” security counter-convention planned for RSA refusniks
2170:"News from the Lab Archive : January 2004 to September 2015"
839:
714:
421:
which led to the first public breaking of a message based on the
242:
380:
to a patent on the RSA cryptosystem technology granted in 1983.
2251:"RSA Changes the Identity Game: Unveils New RSA SecurID® Suite"
1901:
1105:"NSA infiltrated RSA security more deeply than thought - study"
771:
to the backdoor. Scientifically speaking, the backdoor employs
458:
275:, Ontario Teachers’ Pension Plan Board (Ontario Teachers’) and
1446:"The Full Story of the Stunning RSA Hack Can Finally be Told"
924:
553:
549:
533:
announced their intention to sell RSA for $ 2.075 billion to
483:
246:
2043:"Secret Documents Reveal N.S.A. Campaign Against Encryption"
1935:. Blog.cryptographyengineering.com. Retrieved on 2014-05-11.
1621:. July 20, 2023. Archived from the original on July 20, 2023
1550:
1229:"About RSA | Cybersecurity and Digital Risk Management"
1131:"RSA endowed crypto product with second NSA-influenced code"
1401:
893:
869:
2092:"RSA Response to Media Claims Regarding NSA Relationship"
1850:"RSA Response to Media Claims Regarding NSA Relationship"
1569:"Learn About Archer Integrated Risk Management Solutions"
627:, including the use of this iconic poster in the debate.
450:, a privately held company that produced ClearTrust, an
2152:"RSA Conference speakers begin to bail, thanks to NSA"
1423:"Announcing the RSA Share Project Programming Contest"
751:
cryptographically secure pseudorandom number generator
457:
In December 2005, it acquired Cyota, a privately held
1660:. Command Five Pty Ltd. February 2012. Archived from
1378:. Rsasecurity.com. September 18, 2006. Archived from
1332:"Business & Innovation | The Jerusalem Post"
794:
Nevertheless, NIST included Dual_EC_DRBG in its 2006
184:
749:
and Data Protection Manager—that included a default
1968:. Google.com (2011-01-24). Retrieved on 2014-05-11.
1734:. Jeffreycarr.blogspot.dk. Retrieved on 2014-05-11.
2078:"Security firm RSA took millions from NSA: report"
603:On March 17, 2011, RSA disclosed an attack on its
1902:"TrustNet Cybersecurity and Compliance Solutions"
745:From 2004 to 2013, RSA shipped security software—
2389:
1639:: CS1 maint: bot: original URL status unknown (
1158:. Rsasecurity.com. June 29, 2006. Archived from
1687:"RSA hit by advanced persistent threat attacks"
757:, that was later suspected to contain a secret
486:company specializing in file and data security.
2227:"RSA Conference 2014 Keynote for Art Coviello"
2201:"Arthur W. Coviello Jr. | RSA Conference"
1813:"RSA warns developers not to use RSA products"
1732:Digital Dao: NSA's $ 10M RSA Contract: Origins
1235:
953:
951:
949:
417:In January 1997, it proposed the first of the
256:in its products. It also organizes the annual
1810:
1150:
1148:
357:RSA headquarters in Chelmsford, Massachusetts
1776:
1526:"BSAFE support and billing update | Dell US"
740:
567:(STG) completed its acquisition of RSA from
494:
1925:
1828:
1826:
1824:
1822:
1743:
1711:
1350:"EMC Newsroom: EMC News and Press Releases"
946:
823:program. One of these vulnerabilities, the
599:SecurID § March 2011 system compromise
552:product line. To that end, RSA transferred
2023:
1832:
1772:
1770:
1768:
1766:
1304:. June 8, 2001. p. 47. Archived from
1145:
580:
548:made the strategic decision to retain the
241:was also named. Among its products is the
2428:Companies based in Bedford, Massachusetts
2408:Software companies based in Massachusetts
2281:"RSA Identity Governance & Lifecycle"
2180:
1943:
1941:
1679:
1655:"Command and Control in the Fifth Domain"
1123:
1097:
982:
980:
890:security information and event management
2324:"Press Release: EMC Acquires Netwitness"
2190:. Ars Technica. Retrieved on 2014-05-11.
1819:
1806:
1804:
1802:
1800:
618:
614:
584:
478:In 2007, RSA acquired Valyd Software, a
352:
2443:Software companies of the United States
2035:
1763:
1705:
1241:
986:
512:Dell EMC Infrastructure Solutions Group
2413:Software companies established in 1982
2403:American companies established in 1982
2390:
2058:
2056:
2009:: CS1 maint: archived copy as title (
1959:
1947:
1938:
977:
643:for public use, while the NSA and the
540:In anticipation of the sale of RSA to
294:, and numerous international offices.
260:, an information security conference.
1797:
1506:from the original on October 27, 2017
1478:"RSA CyberCrime Intelligence Service"
1443:
664:RSA president James Bidzos, June 1994
651:sought to prevent its proliferation.
378:Massachusetts Institute of Technology
2433:1982 establishments in Massachusetts
1912:
1874:
1811:Matthew Green (September 20, 2013).
1724:
1268:
301:
2232:. February 25, 2014. Archived from
2066:. Ars Technica. September 20, 2013.
2053:
1835:"The Strange Story of Dual_EC_DRBG"
1041:"Amit Yoran Named President at RSA"
1015:"Rohit Ghai Named President at RSA"
872:acknowledged the problems in 2013.
61:Network Security and Authentication
13:
2448:Private equity portfolio companies
1777:Menn, Joseph (December 20, 2013).
1063:"RSA Security LLC Company Profile"
987:Kaliski, Burt (October 22, 1997).
961:. October 22, 1997. Archived from
713:In March 2014, it was reported by
16:American computer security company
14:
2459:
1712:Joseph Menn (December 20, 2013).
1502:. EMC Corporation. July 8, 2013.
708:RSA, The Security Division of EMC
1906:TrustNet Cybersecurity Solutions
1182:"Dell Technologies - Who We Are"
522:in a cash and stock deal led by
306:
286:, with regional headquarters in
27:
2363:
2341:
2316:
2294:
2273:
2243:
2219:
2193:
2162:
2144:
2130:
2110:
2084:
2070:
2017:
1971:
1894:
1875:Menn, Joseph (March 31, 2014).
1868:
1847:
1841:
1737:
1647:
1611:
1586:
1561:
1543:
1518:
1492:
1470:
1456:
1437:
1415:
1394:
1368:
1342:
1324:
1296:"RSA Security buys Va. company"
1288:
1269:Levy, Stephen (June 12, 1994).
1262:
1221:
1196:
1174:
723:Internet Engineering Task Force
273:Symphony Technology Group (STG)
2418:Former certificate authorities
2186:Gallagher, Sean. (2014-01-21)
2140:. techdirt. December 23, 2013.
2094:. RSA Security. Archived from
2024:Shumow, Dan; Ferguson, Niels.
1948:Kelsey, John (December 2013).
1133:. Ars Technica. March 31, 2014
1076:
1055:
1033:
1007:
717:that RSA had also adapted the
575:
428:In February 2001, it acquired
321:format but may read better as
1:
2438:2020 mergers and acquisitions
1931:Green, Matthew. (2013-12-28)
1744:Steven Levy (June 12, 1994).
940:
384:In 1994, RSA was against the
1746:"Battle of the Clipper Chip"
1730:Carr, Jeffrey. (2014-01-06)
1271:"Battle of the Clipper Chip"
1242:Bennett, Ralph (July 1985).
857:, a Finnish researcher with
631:RSA's relationship with the
446:In August 2001, it acquired
7:
2423:Computer security companies
903:
875:
514:through the acquisition of
464:In April 2006, it acquired
448:Securant Technologies, Inc.
71:; 42 years ago
10:
2464:
2398:Cryptography organizations
609:advanced persistent threat
596:
495:suffered a security breach
435:In June 2001, it acquired
297:
245:authentication token. The
1950:"800-90 and Dual EC DRBG"
1619:"Archer History Timeline"
1594:"Archer History Timeline"
1352:. Emc.com. Archived from
741:NSA Dual_EC_DRBG backdoor
605:two-factor authentication
565:Symphony Technology Group
542:Symphony Technology Group
535:Symphony Technology Group
430:Xcert International, Inc.
284:Chelmsford, Massachusetts
179:
174:Symphony Technology Group
167:
157:
148:
135:Rohit Ghai (2017-present)
126:
109:
83:
65:
57:
47:
35:
26:
920:RSA Secret-Key Challenge
759:National Security Agency
441:biometric authentication
423:Data Encryption Standard
402:The company then called
374:RSA encryption algorithm
1184:. Dell Technologies Inc
915:RSA Factoring Challenge
811:In September 2013, the
649:Clinton administrations
581:SecurID security breach
475:for $ 2.1 billion.
437:3-G International, Inc.
330:converting this section
236:public key cryptography
735:C programming language
711:
667:
628:
594:
563:On September 1, 2020,
529:On February 18, 2020,
358:
2349:"RSA Archer Platform"
1021:on September 24, 2020
995:on September 29, 2011
965:on September 29, 2011
838:On 20 December 2013,
700:
653:
622:
615:Relationship with NSA
588:
356:
2174:archive.f-secure.com
2098:on December 23, 2013
1667:on February 27, 2012
1356:on December 10, 2007
372:, who developed the
1402:"RSA Share Project"
1382:on December 9, 2006
1308:on January 23, 2024
1244:"Public-Key Patent"
1162:on October 20, 2006
675:export restrictions
641:strong cryptography
493:In March 2011, RSA
452:identity management
159:Number of employees
23:
1551:"News & Press"
1275:The New York Times
1043:. October 29, 2014
888:RSA enVision is a
679:civil libertarians
629:
595:
359:
332:, if appropriate.
277:AlpInvest Partners
202:RSA Security, Inc.
21:
2261:on August 2, 2017
2239:on July 14, 2014.
1557:. April 24, 2023.
1444:Greenberg, Andy.
853:. Among them was
844:non-denial denial
815:, drawing on the
569:Dell Technologies
558:Dell Technologies
546:Dell Technologies
531:Dell Technologies
520:Dell Technologies
466:PassMark Security
410:in July 1996 and
408:RSA Data Security
404:Security Dynamics
351:
350:
269:Dell Technologies
231:, after whom the
211:, is an American
195:
194:
2455:
2383:
2382:
2380:
2378:
2367:
2361:
2360:
2358:
2356:
2345:
2339:
2338:
2336:
2334:
2320:
2314:
2313:
2311:
2309:
2298:
2292:
2291:
2289:
2287:
2277:
2271:
2270:
2268:
2266:
2257:. Archived from
2247:
2241:
2240:
2238:
2231:
2223:
2217:
2216:
2214:
2212:
2207:on July 16, 2015
2203:. Archived from
2197:
2191:
2184:
2178:
2177:
2166:
2160:
2159:
2148:
2142:
2141:
2134:
2128:
2127:
2114:
2108:
2107:
2105:
2103:
2088:
2082:
2081:
2074:
2068:
2067:
2060:
2051:
2050:
2039:
2033:
2032:
2030:
2021:
2015:
2014:
2008:
2000:
1998:
1996:
1990:
1984:. Archived from
1983:
1975:
1969:
1963:
1957:
1956:
1954:
1945:
1936:
1929:
1923:
1916:
1910:
1909:
1898:
1892:
1891:
1889:
1887:
1872:
1866:
1865:
1863:
1861:
1856:on March 8, 2014
1852:. Archived from
1845:
1839:
1838:
1833:Bruce Schneier.
1830:
1817:
1816:
1808:
1795:
1794:
1792:
1790:
1774:
1761:
1760:
1758:
1756:
1741:
1735:
1728:
1722:
1721:
1709:
1703:
1702:
1700:
1698:
1693:. March 18, 2011
1683:
1677:
1676:
1674:
1672:
1666:
1659:
1651:
1645:
1644:
1638:
1630:
1628:
1626:
1615:
1609:
1608:
1606:
1604:
1590:
1584:
1583:
1581:
1579:
1565:
1559:
1558:
1547:
1541:
1540:
1538:
1536:
1522:
1516:
1515:
1513:
1511:
1496:
1490:
1489:
1487:
1485:
1474:
1468:
1467:
1460:
1454:
1453:
1441:
1435:
1434:
1432:
1430:
1425:. March 24, 2009
1419:
1413:
1412:
1410:
1408:
1398:
1392:
1391:
1389:
1387:
1372:
1366:
1365:
1363:
1361:
1346:
1340:
1339:
1328:
1322:
1321:
1315:
1313:
1301:The Boston Globe
1292:
1286:
1285:
1283:
1281:
1266:
1260:
1259:
1257:
1255:
1239:
1233:
1232:
1225:
1219:
1218:
1216:
1214:
1200:
1194:
1193:
1191:
1189:
1178:
1172:
1171:
1169:
1167:
1152:
1143:
1142:
1140:
1138:
1127:
1121:
1120:
1118:
1116:
1111:. March 31, 2014
1101:
1095:
1094:
1092:
1090:
1080:
1074:
1073:
1071:
1069:
1059:
1053:
1052:
1050:
1048:
1037:
1031:
1030:
1028:
1026:
1017:. Archived from
1011:
1005:
1004:
1002:
1000:
991:. Archived from
984:
975:
974:
972:
970:
955:
709:
665:
560:on July 1, 2020.
346:
343:
337:
328:You can help by
310:
309:
302:
282:RSA is based in
217:network security
198:RSA Security LLC
191:
188:
186:
79:
77:
72:
31:
24:
22:RSA Security LLC
20:
2463:
2462:
2458:
2457:
2456:
2454:
2453:
2452:
2388:
2387:
2386:
2376:
2374:
2369:
2368:
2364:
2354:
2352:
2347:
2346:
2342:
2332:
2330:
2322:
2321:
2317:
2307:
2305:
2300:
2299:
2295:
2285:
2283:
2279:
2278:
2274:
2264:
2262:
2249:
2248:
2244:
2236:
2229:
2225:
2224:
2220:
2210:
2208:
2199:
2198:
2194:
2185:
2181:
2168:
2167:
2163:
2150:
2149:
2145:
2136:
2135:
2131:
2116:
2115:
2111:
2101:
2099:
2090:
2089:
2085:
2076:
2075:
2071:
2062:
2061:
2054:
2041:
2040:
2036:
2028:
2022:
2018:
2002:
2001:
1994:
1992:
1991:on May 25, 2011
1988:
1981:
1979:"Archived copy"
1977:
1976:
1972:
1964:
1960:
1952:
1946:
1939:
1930:
1926:
1917:
1913:
1900:
1899:
1895:
1885:
1883:
1873:
1869:
1859:
1857:
1846:
1842:
1831:
1820:
1809:
1798:
1788:
1786:
1785:. San Francisco
1775:
1764:
1754:
1752:
1742:
1738:
1729:
1725:
1710:
1706:
1696:
1694:
1691:Computer Weekly
1685:
1684:
1680:
1670:
1668:
1664:
1657:
1653:
1652:
1648:
1632:
1631:
1624:
1622:
1617:
1616:
1612:
1602:
1600:
1592:
1591:
1587:
1577:
1575:
1567:
1566:
1562:
1549:
1548:
1544:
1534:
1532:
1524:
1523:
1519:
1509:
1507:
1498:
1497:
1493:
1483:
1481:
1476:
1475:
1471:
1462:
1461:
1457:
1442:
1438:
1428:
1426:
1421:
1420:
1416:
1406:
1404:
1400:
1399:
1395:
1385:
1383:
1374:
1373:
1369:
1359:
1357:
1348:
1347:
1343:
1330:
1329:
1325:
1311:
1309:
1294:
1293:
1289:
1279:
1277:
1267:
1263:
1253:
1251:
1240:
1236:
1227:
1226:
1222:
1212:
1210:
1202:
1201:
1197:
1187:
1185:
1180:
1179:
1175:
1165:
1163:
1154:
1153:
1146:
1136:
1134:
1129:
1128:
1124:
1114:
1112:
1103:
1102:
1098:
1088:
1086:
1082:
1081:
1077:
1067:
1065:
1061:
1060:
1056:
1046:
1044:
1039:
1038:
1034:
1024:
1022:
1013:
1012:
1008:
998:
996:
985:
978:
968:
966:
957:
956:
947:
943:
906:
878:
796:NIST SP 800-90A
785:NIST SP 800-90A
743:
719:extended random
710:
707:
666:
663:
617:
601:
591:security tokens
583:
578:
516:EMC Corporation
473:EMC Corporation
370:Leonard Adleman
347:
341:
338:
327:
311:
307:
300:
265:EMC Corporation
229:Leonard Adleman
183:
160:
144:
129:
122:
118:
117:, Massachusetts
105:
101:Leonard Adleman
75:
73:
70:
40:
17:
12:
11:
5:
2461:
2451:
2450:
2445:
2440:
2435:
2430:
2425:
2420:
2415:
2410:
2405:
2400:
2385:
2384:
2362:
2340:
2315:
2302:"RSA Envision"
2293:
2272:
2242:
2218:
2192:
2179:
2161:
2143:
2129:
2109:
2083:
2069:
2052:
2047:New York Times
2034:
2016:
1970:
1958:
1937:
1924:
1911:
1893:
1867:
1840:
1818:
1796:
1762:
1750:New York Times
1736:
1723:
1704:
1678:
1646:
1610:
1585:
1560:
1542:
1517:
1491:
1469:
1455:
1436:
1414:
1393:
1367:
1341:
1323:
1318:Newspapers.com
1287:
1261:
1234:
1220:
1195:
1173:
1144:
1122:
1096:
1075:
1054:
1032:
1006:
976:
944:
942:
939:
938:
937:
935:Software token
932:
927:
922:
917:
912:
910:Hardware token
905:
902:
877:
874:
866:RSA Conference
855:Mikko Hyppönen
851:RSA Conference
832:New York Times
813:New York Times
805:Bruce Schneier
742:
739:
705:
683:DES Challenges
661:
616:
613:
597:Main article:
582:
579:
577:
574:
573:
572:
561:
538:
527:
508:
505:
502:
491:
487:
476:
469:
462:
455:
444:
433:
426:
419:DES Challenges
415:
400:
393:
349:
348:
314:
312:
305:
299:
296:
258:RSA Conference
193:
192:
181:
177:
176:
171:
165:
164:
161:
158:
155:
154:
150:
146:
145:
143:
142:
136:
132:
130:
127:
124:
123:
120:
113:
111:
107:
106:
104:
103:
98:
93:
87:
85:
81:
80:
67:
63:
62:
59:
55:
54:
49:
45:
44:
41:
36:
33:
32:
15:
9:
6:
4:
3:
2:
2460:
2449:
2446:
2444:
2441:
2439:
2436:
2434:
2431:
2429:
2426:
2424:
2421:
2419:
2416:
2414:
2411:
2409:
2406:
2404:
2401:
2399:
2396:
2395:
2393:
2372:
2366:
2350:
2344:
2329:
2325:
2319:
2303:
2297:
2286:September 24,
2282:
2276:
2260:
2256:
2252:
2246:
2235:
2228:
2222:
2206:
2202:
2196:
2189:
2183:
2175:
2171:
2165:
2157:
2153:
2147:
2139:
2133:
2125:
2124:
2119:
2113:
2097:
2093:
2087:
2079:
2073:
2065:
2059:
2057:
2048:
2044:
2038:
2027:
2020:
2012:
2006:
1987:
1980:
1974:
1967:
1962:
1951:
1944:
1942:
1934:
1928:
1921:
1915:
1907:
1903:
1897:
1882:
1878:
1871:
1855:
1851:
1844:
1836:
1829:
1827:
1825:
1823:
1814:
1807:
1805:
1803:
1801:
1784:
1780:
1773:
1771:
1769:
1767:
1751:
1747:
1740:
1733:
1727:
1719:
1715:
1708:
1692:
1688:
1682:
1663:
1656:
1650:
1642:
1636:
1620:
1614:
1599:
1595:
1589:
1574:
1570:
1564:
1556:
1552:
1546:
1531:
1527:
1521:
1510:September 24,
1505:
1501:
1495:
1479:
1473:
1465:
1459:
1451:
1447:
1440:
1424:
1418:
1403:
1397:
1381:
1377:
1371:
1355:
1351:
1345:
1337:
1336:www.jpost.com
1333:
1327:
1319:
1307:
1303:
1302:
1297:
1291:
1276:
1272:
1265:
1249:
1245:
1238:
1230:
1224:
1209:
1205:
1199:
1183:
1177:
1161:
1157:
1151:
1149:
1132:
1126:
1110:
1106:
1100:
1085:
1084:"RSA History"
1079:
1064:
1058:
1042:
1036:
1020:
1016:
1010:
994:
990:
983:
981:
964:
960:
954:
952:
950:
945:
936:
933:
931:
928:
926:
923:
921:
918:
916:
913:
911:
908:
907:
901:
897:
895:
891:
886:
882:
873:
871:
867:
862:
860:
856:
852:
847:
845:
841:
836:
833:
828:
826:
822:
818:
817:Snowden leaks
814:
809:
806:
800:
797:
792:
790:
786:
780:
778:
774:
770:
766:
763:
762:kleptographic
760:
756:
752:
748:
747:BSAFE toolkit
738:
736:
732:
728:
724:
720:
716:
704:
699:
697:
696:kleptographic
692:
686:
684:
680:
676:
672:
660:
658:
652:
650:
646:
642:
638:
634:
626:
621:
612:
610:
606:
600:
592:
587:
570:
566:
562:
559:
555:
551:
547:
543:
539:
536:
532:
528:
525:
521:
517:
513:
509:
506:
503:
500:
496:
492:
488:
485:
481:
477:
474:
470:
467:
463:
460:
456:
453:
449:
445:
442:
438:
434:
431:
427:
424:
420:
416:
413:
409:
405:
401:
398:
394:
391:
387:
383:
382:
381:
379:
375:
371:
367:
363:
355:
345:
336:is available.
335:
331:
325:
324:
320:
315:This section
313:
304:
303:
295:
293:
289:
285:
280:
278:
274:
270:
266:
261:
259:
255:
251:
248:
244:
240:
237:
234:
230:
226:
222:
218:
214:
210:
207:
203:
199:
190:
182:
178:
175:
172:
170:
166:
162:
156:
151:
147:
140:
137:
134:
133:
131:
125:
121:United States
116:
112:
108:
102:
99:
97:
94:
92:
89:
88:
86:
82:
68:
64:
60:
56:
53:
50:
46:
42:
39:
34:
30:
25:
19:
2375:. Retrieved
2365:
2355:November 13,
2353:. Retrieved
2343:
2331:. Retrieved
2327:
2318:
2308:December 19,
2306:. Retrieved
2296:
2284:. Retrieved
2275:
2263:. Retrieved
2259:the original
2254:
2245:
2234:the original
2221:
2209:. Retrieved
2205:the original
2195:
2182:
2173:
2164:
2155:
2146:
2132:
2123:The Register
2121:
2112:
2100:. Retrieved
2096:the original
2086:
2072:
2046:
2037:
2019:
1995:November 16,
1993:. Retrieved
1986:the original
1973:
1961:
1927:
1914:
1905:
1896:
1884:. Retrieved
1880:
1870:
1858:. Retrieved
1854:the original
1843:
1789:December 20,
1787:. Retrieved
1782:
1753:. Retrieved
1749:
1739:
1726:
1717:
1707:
1695:. Retrieved
1690:
1681:
1671:February 10,
1669:. Retrieved
1662:the original
1649:
1623:. Retrieved
1613:
1601:. Retrieved
1597:
1588:
1576:. Retrieved
1572:
1563:
1554:
1545:
1535:September 2,
1533:. Retrieved
1530:www.dell.com
1529:
1520:
1508:. Retrieved
1494:
1484:December 19,
1482:. Retrieved
1472:
1458:
1449:
1439:
1427:. Retrieved
1417:
1405:. Retrieved
1396:
1384:. Retrieved
1380:the original
1370:
1358:. Retrieved
1354:the original
1344:
1335:
1326:
1316:– via
1310:. Retrieved
1306:the original
1299:
1290:
1278:. Retrieved
1274:
1264:
1252:. Retrieved
1250:. p. 16
1247:
1237:
1223:
1211:. Retrieved
1207:
1198:
1188:September 9,
1186:. Retrieved
1176:
1164:. Retrieved
1160:the original
1135:. Retrieved
1125:
1113:. Retrieved
1108:
1099:
1087:. Retrieved
1078:
1066:. Retrieved
1057:
1047:December 29,
1045:. Retrieved
1035:
1023:. Retrieved
1019:the original
1009:
997:. Retrieved
993:the original
969:February 22,
967:. Retrieved
963:the original
898:
889:
887:
883:
879:
864:At the 2014
863:
848:
837:
831:
829:
824:
812:
810:
801:
793:
781:
773:kleptography
755:Dual EC DRBG
744:
712:
701:
691:Dual EC DRBG
687:
671:Clipper Chip
668:
654:
637:Jeffrey Carr
630:
602:
589:RSA SecurID
524:Michael Dell
465:
447:
436:
429:
411:
407:
403:
386:Clipper chip
360:
339:
334:Editing help
316:
281:
262:
250:cryptography
208:
201:
197:
196:
110:Headquarters
48:Company type
18:
2328:www.emc.com
2255:www.rsa.com
2102:January 20,
1312:January 23,
1280:October 19,
1213:November 2,
930:RSA SecurID
769:private key
625:Crypto Wars
576:Controversy
499:RSA SecurID
412:DynaSoft AB
388:during the
200:, formerly
141:(2014-2016)
52:Independent
2392:Categories
2377:August 28,
1918:A. Young,
1429:January 4,
1407:January 4,
1025:January 9,
941:References
830:After the
698:backdoor:
657:Fort Meade
390:Crypto War
366:Adi Shamir
362:Ron Rivest
225:Adi Shamir
221:Ron Rivest
206:trade name
139:Amit Yoran
128:Key people
115:Chelmsford
96:Adi Shamir
91:Ron Rivest
38:Trade name
1598:Genial.ly
1480:. rsa.com
1137:March 31,
1115:March 31,
999:April 29,
777:Moti Yung
480:Hyderabad
443:products.
406:acquired
342:June 2023
292:Singapore
290:(UK) and
288:Bracknell
239:algorithm
2211:July 15,
2005:cite web
1886:April 4,
1860:March 8,
1755:March 8,
1635:cite web
1625:July 20,
1603:July 20,
1578:July 20,
1504:Archived
904:See also
876:Products
859:F-Secure
789:Certicom
765:backdoor
706:—
662:—
454:product.
414:in 1997.
397:VeriSign
213:computer
149:Products
58:Industry
2333:June 6,
2265:June 6,
2080:. CNET.
1955:. NIST.
1920:M. Yung
1881:Reuters
1783:Reuters
1718:Reuters
1386:May 12,
1360:May 12,
1254:May 21,
1208:RSA.com
1166:May 12,
1109:Reuters
1089:June 8,
1068:May 15,
840:Reuters
821:Bullrun
715:Reuters
501:tokens.
482:-based
459:Israeli
298:History
243:SecurID
180:Website
84:Founder
74: (
66:Founded
1697:May 4,
1573:Archer
727:nonces
490:prize.
484:Indian
317:is in
169:Parent
163:2,700+
2373:. EMC
2351:. EMC
2304:. EMC
2237:(PDF)
2230:(PDF)
2029:(PDF)
1989:(PDF)
1982:(PDF)
1953:(PDF)
1848:RSA.
1665:(PDF)
1658:(PDF)
1450:Wired
925:BSAFE
825:Times
554:BSAFE
550:BSAFE
323:prose
247:BSAFE
2379:2018
2357:2015
2335:2017
2310:2012
2288:2018
2267:2017
2213:2015
2156:CNET
2104:2014
2011:link
1997:2007
1888:2014
1862:2014
1791:2013
1757:2014
1699:2011
1673:2012
1641:link
1627:2023
1605:2023
1580:2023
1537:2020
1512:2018
1486:2013
1431:2013
1409:2013
1388:2012
1362:2012
1314:2024
1282:2017
1256:2023
1248:Byte
1215:2020
1190:2016
1168:2012
1139:2014
1117:2014
1091:2011
1070:2013
1049:2014
1027:2017
1001:2017
971:2009
894:SIEM
870:NIST
731:Java
647:and
645:Bush
368:and
319:list
227:and
215:and
204:and
189:.com
187:.rsa
76:1982
69:1982
1555:RSA
633:NSA
518:by
254:NSA
233:RSA
209:RSA
185:www
43:RSA
2394::
2326:.
2253:.
2172:.
2154:.
2120:.
2055:^
2045:.
2007:}}
2003:{{
1940:^
1904:.
1879:.
1821:^
1799:^
1781:.
1765:^
1748:.
1716:.
1689:.
1637:}}
1633:{{
1596:.
1571:.
1553:.
1528:.
1448:.
1334:.
1298:.
1273:.
1246:.
1206:.
1147:^
1107:.
979:^
948:^
779:.
753:,
544:,
364:,
223:,
119:,
2381:.
2359:.
2337:.
2312:.
2290:.
2269:.
2215:.
2176:.
2158:.
2126:.
2106:.
2049:.
2031:.
2013:)
1999:.
1908:.
1890:.
1864:.
1837:.
1815:.
1793:.
1759:.
1720:.
1701:.
1675:.
1643:)
1629:.
1607:.
1582:.
1539:.
1514:.
1488:.
1466:.
1452:.
1433:.
1411:.
1390:.
1364:.
1338:.
1320:.
1284:.
1258:.
1231:.
1217:.
1192:.
1170:.
1141:.
1119:.
1093:.
1072:.
1051:.
1029:.
1003:.
973:.
892:(
593:.
537:.
526:.
468:.
425:.
399:.
392:.
344:)
340:(
326:.
78:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
