James Delahunty
20 Sep 2013 10:22
Internet security firm RSA is advising developers not to use one of its own encryption algorithms, fearing the NSA may be able to decrypt code that results.
A New York Times report indicated that the NSA may have intentionally introduced a flaw into the SP 800–90A Dual Ellipctic Curve Deterministic Random Bit Generation algorithm before trying to get the National Institute of Standards and Technology to adopt it.
RSA strongly advises customers to switch to other random number generators.
During the 90s, the NSA had argued publicly that it should be able to decrypt all cryptographic systems in order to be able to effectively fight against security threats, but privacy rights and free speech advocates won the day.
Nevertheless, the NSA has been in a tug of war with cryptographers who create increasingly sophisticated encryption systems. The NSA does have considerable super-computing power, and cryptographic expertise of its own too.