Editing RSA Security (section)

===Relationship with NSA===
[[File:Sink_Clipper_campaign.gif|thumb|right|RSA Security campaigned against the Clipper Chip backdoor in the so-called [[Crypto Wars]], including the use of this iconic poster in the debate.]]

RSA's relationship with the [[National Security Agency|NSA]] has changed over the years. Reuters' Joseph Menn<ref name="reuters">{{cite news|url=https://www.reuters.com/article/us-usa-security-rsa-idUSBRE9BJ1C220131220|title=Exclusive: Secret contract tied NSA and security industry pioneer|author=Joseph Menn|newspaper=Reuters|date=December 20, 2013}}</ref> and cybersecurity analyst [[Jeffrey Carr]]<ref name="carr">Carr, Jeffrey. (2014-01-06) [http://jeffreycarr.blogspot.dk/2014/01/nsas-10m-rsa-contract-origins.html Digital Dao: NSA's $10M RSA Contract: Origins]. Jeffreycarr.blogspot.dk. Retrieved on 2014-05-11.</ref> have noted that the two once had an adversarial relationship. In its early years, RSA and its leaders were prominent advocates of [[strong cryptography]] for public use, while the NSA and the [[George H. W. Bush administration|Bush]] and [[Clinton Administration|Clinton administrations]] sought to prevent its proliferation.

{{blockquote|For almost 10 years, I've been going toe to toe with these people at [[Fort Meade]]. The success of this company <nowiki>[</nowiki>RSA<nowiki>]</nowiki> is the worst thing that can happen to them. To them, we're the real enemy, we're the real target. We have the system that they're most afraid of. If the U.S. adopted RSA as a standard, you would have a truly international, interoperable, unbreakable, easy-to-use encryption technology. And all those things together are so synergistically threatening to the N.S.A.'s interests that it's driving them into a frenzy.|RSA president James Bidzos, June 1994<ref>{{cite web|url=http://www2.nytimes.com/1994/06/12/magazine/battle-of-the-clipper-chip.html?pagewanted=all|title=Battle of the Clipper Chip|work=New York Times|date=12 Jun 1994|access-date=8 Mar 2014|author=Steven Levy}}</ref>}}

In the mid-1990s, RSA and Bidzos led a "fierce" public campaign against the [[Clipper Chip]], an encryption chip with a backdoor that would allow the U.S. government to decrypt communications. The Clinton administration pressed telecommunications companies to use the chip in their devices, and relaxed [[Export of cryptography in the United States|export restrictions]] on products that used it. (Such restrictions had prevented RSA Security from selling its software abroad.) RSA joined [[Civil libertarianism|civil libertarians]] and others in opposing the Clipper Chip by, among other things, distributing posters with a foundering sailing ship and the words "Sink Clipper!"<ref name="NSApaid" /> RSA Security also created the [[DES Challenges]] to show that the widely used DES encryption was breakable by well-funded entities like the NSA.

The relationship shifted from adversarial to cooperative after Bidzos stepped down as CEO in 1999, according to Victor Chan, who led RSA's department of engineering until 2005: "When I joined there were 10 people in the labs, and we were fighting the NSA. It became a very different company later on."<ref name="NSApaid" /> For example, RSA was reported to have accepted $10 million from the NSA in 2004 in a deal to use the NSA-designed [[Dual EC DRBG]] random number generator in their BSAFE library, despite many indications that Dual_EC_DRBG was both of poor quality and possibly backdoored.<ref name="green" /><ref name="schneier" /> RSA Security later released a statement about the Dual_EC_DRBG [[kleptographic]] backdoor:

{{blockquote|We made the decision to use Dual EC DRBG as the default in BSAFE toolkits in 2004, in the context of an industry-wide effort to develop newer, stronger methods of encryption. At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption. This algorithm is only one of multiple choices available within BSAFE toolkits, and users have always been free to choose whichever one best suits their needs. We continued using the algorithm as an option within BSAFE toolkits as it gained acceptance as a NIST standard and because of its value in FIPS compliance. When concern surfaced around the algorithm in 2007, we continued to rely upon NIST as the arbiter of that discussion. When NIST issued new guidance recommending no further use of this algorithm in September 2013, we adhered to that guidance, communicated that recommendation to customers and discussed the change openly in the media.|RSA, The Security Division of EMC<ref>{{cite web|url=https://blogs.rsa.com/news-media/rsa-response/|title=RSA Response to Media Claims Regarding NSA Relationship|access-date=8 Mar 2014|author=RSA|archive-date=March 8, 2014|archive-url=https://web.archive.org/web/20140308180157/https://blogs.rsa.com/news-media/rsa-response/|url-status=dead}}</ref>}}

In March 2014, it was reported by [[Reuters]] that RSA had also adapted the [[extended random]] standard championed by NSA. Later cryptanalysis showed that extended random did not add any security, and it was rejected by the prominent standards group [[Internet Engineering Task Force]]. Extended random did however make NSA's backdoor for Dual_EC_DRBG tens of thousands of times faster to use for attackers with the key to the Dual_EC_DRBG backdoor (presumably only NSA) because the extended [[Cryptographic nonce|nonces]] in extended random made part of the internal state of Dual_EC_DRBG easier to guess. Only RSA Security's [[Java (programming language)|Java]] version was hard to crack without extended random since the caching of Dual_EC_DRBG output in e.g. RSA Security's [[C programming language]] version already made the internal state fast enough to determine. And indeed, RSA Security only implemented extended random in its Java implementation of Dual_EC_DRBG.<ref>{{cite news|first1=Joseph |last1=Menn |url=https://www.reuters.com/article/us-usa-security-nsa-rsa-idUSBREA2U0TY20140331 |title=Exclusive: NSA infiltrated RSA security more deeply than thought - study |newspaper=Reuters |date=31 March 2014 |access-date=4 April 2014}}</ref><ref>{{Cite web|url=https://www.trustnetinc.com/|title=TrustNet Cybersecurity and Compliance Solutions|website=TrustNet Cybersecurity Solutions}}</ref>