View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 21, 2013

NSA paid RSA $10 million for encryption access

Security firm created a 'back door' for NSA by offering flawed security.

By Ben Sullivan

The NSA paid security firm RSA $10 million to provide a workaround for its encryption systems, allowing the National Security Agency to gain access to supposedly encrypted communications all around the world.

In September it was revealed that the NSA may have had access to encrypted communications following further Snowden revelations reported in The Guardian and the New York Times newspapers. The newspapers then accused RSA of deliberately adding the flawed algorithm, but no link between the NSA and RSA was proven and RSA subsequently issued a warning to its customers.

However, according to an exclusive Reuters report, it has been revealed that a sum of $10 million was provided to RSA by the National Security Agency to keep "its back doors open".

Reuters said: "Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract.

"Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show."

Neither the NSA or RSA have acknowledged the payment revelations, but Reuters claims to have heavily vetted the story with RSA secret sources.

In September, RSA said that it "always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own."

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

But several RSA employees interviewed by Reuters said that RSA was "misled by government officials" who portrayed the formula as a secure technological advance.

"They did not show their true hand," one source said of the NSA.

NSA officials continue to defend the agency’s actions, claiming it will put the US at considerable risk if messages from terrorists and spies cannot be deciphered.

But some experts argue that such efforts could actually undermine national security, noting that any back doors inserted into encryption programs can be exploited by those outside the government.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.