RSA Sold Us Out! Why We Protest…

RSA Sold Us Out! Why We Protest…

Tuesday, Feb 25 2013-Today, RSA opened their annual security security and Restore the Fourth SF was there to protest.  RSA’s history of bad actions are beyond the pale and could not go unanswered.

Related Articles:

  • In 2004, RSA selected an elliptic curve random number generator called DUAL_EC_DRBG as the default in their products.
  • In 2007, two Microsoft Researchers discovered that DUAL_EC_DRBG has predictable output known only to the designer of the algorithm. This would world permit the NSA to discover secret cryptographic keys generated by this random number generator.
  • In September 2013, the revelations about mass NSA surveillance made the situation with DUAL_EC_DRBG untenable and RSA changed their guidance to customers.
  • In December 2013, Reuters obtained the original contract between RSA and the NSA that specified the selection of DUAL_EC_DRBG and a payment of $10 million dollars.

These questions are a matter of public record. The fundamental question ignorant of the state of the art in cryptography research and thus grossly negligent or were the co conspirators with the NSA?

  • Was RSA aware of patent US2007189527 that discloses the backdoor in DUAL_EC_DRBG?
  • Was RSA aware of publication of the backdoor by Dan Shumow and Niels Ferguson from Microsoft?
The most profound consequence of RSA complicity is that there is circumstantial evidence that this is not an isolated incident. DUAL_EC_DRBG is a part of an NSA program called BULLRUN with an annual budget of $250 million.
Restore the Fourth SF took the annual RSA conference as opportunity to prompt discussion among the attendees of government backdoors and their impact on trustworthiness of the American technology. We handed out badge ribbons with the message “I Support the 4th” or “RSA Sold Us Out”. The latter was far more popular. Restore the Fourth SF volunteers took up positions on the sidewalks to hand out the ribbons. We had some negative encounters with RSA security staff but eventually SFPD accepted that we have free speech rights on public side walks. We distributed approx 1500 badge ribbons to attendees. We were able to educate many people who where unaware of NSA bad practices.

Restore the Fourth SF applauds  RSA Security executive chairman Art Coviello call to breakup the NSA, ban cyber weapons and end mass surveillance. We will be watching RSA’s future actions to see they begin to make amends for the damage caused to their customers and the technology industry as a whole.

 

Leave a Reply

Your email address will not be published. Required fields are marked *