LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-21-2013, 09:07 AM   #1
Guttorm
Senior Member
 
Registered: Dec 2003
Location: Trondheim, Norway
Distribution: Debian and Ubuntu
Posts: 1,372

Rep: Reputation: 402Reputation: 402Reputation: 402Reputation: 402Reputation: 402
RSA


Hello

I just read this:

http://yro.slashdot.org/story/13/12/...r-10m-from-nsa

I can't really say I understand the details. But it looks like RSA does not deserve any trust anymore. When this Snowden guy managed to get all that stuff from NSA, how can we know other malicious people don't have access to the backdoors?

We have been using RSA keys for ssh login and I think for HTTPS for some servers. Is there anything we can or should do?
 
Old 12-21-2013, 09:42 AM   #2
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,592

Rep: Reputation: 1931Reputation: 1931Reputation: 1931Reputation: 1931Reputation: 1931Reputation: 1931Reputation: 1931Reputation: 1931Reputation: 1931Reputation: 1931Reputation: 1931
Quote:
Originally Posted by Guttorm View Post
But it looks like RSA does not deserve any trust anymore.
...
We have been using RSA keys for ssh login and I think for HTTPS for some servers. Is there anything we can or should do?
http://en.wikipedia.org/wiki/Rsa
Quote:
RSA may refer to:
...
RSA (algorithm), an algorithm for public-key encryption
...
RSA (security firm), a U.S. network security provider, a division of EMC Corporation
RSA the security firm may not deserve trust. RSA the algorithm used for ssh keys and HTTPS is fine (although HTTPS itself has some problems).
 
3 members found this post helpful.
Old 12-21-2013, 01:12 PM   #3
Guttorm
Senior Member
 
Registered: Dec 2003
Location: Trondheim, Norway
Distribution: Debian and Ubuntu
Posts: 1,372

Original Poster
Rep: Reputation: 402Reputation: 402Reputation: 402Reputation: 402Reputation: 402
Thank you! We don't use any of the security firm's products.
 
Old 12-21-2013, 01:54 PM   #4
metaschima
Senior Member
 
Registered: Dec 2013
Distribution: Slackware
Posts: 1,982

Rep: Reputation: 491Reputation: 491Reputation: 491Reputation: 491Reputation: 491
They weakened encryption by using the Dual EC PRNG, which is known to be backdoored by the NSA, and is a NIST standard.

Quote:
An algorithm called Dual Elliptic Curve, developed inside the agency, was on the road to approval by the National Institutes of Standards and Technology as one of four acceptable methods for generating random numbers. NIST's blessing is required for many products sold to the government and often sets a broader de facto standard.

RSA adopted the algorithm even before NIST approved it. The NSA then cited the early use of Dual Elliptic Curve inside the government to argue successfully for NIST approval, according to an official familiar with the proceedings.

RSA's contract made Dual Elliptic Curve the default option for producing random numbers in the RSA toolkit. No alarms were raised, former employees said, because the deal was handled by business leaders rather than pure technologists.

"The labs group had played a very intricate role at BSafe, and they were basically gone," said labs veteran Michael Wenocur, who left in 1999.

Within a year, major questions were raised about Dual Elliptic Curve. Cryptography authority Bruce Schneier wrote that the weaknesses in the formula "can only be described as a back door."
http://www.reuters.com/article/2013/...9BJ1C220131220

So ntubski is right in that this is NOT about the RSA encryption algorithm, but rather about Dual EC PRNG.

The only thing this story really adds is a bribery charge between the NSA and the company RSA.

The backdoor was detected more than a year ago:
http://cyberwarzone.com/did-nsa-put-...ption-standard
 
Old 01-01-2014, 01:50 PM   #5
metaschima
Senior Member
 
Registered: Dec 2013
Distribution: Slackware
Posts: 1,982

Rep: Reputation: 491Reputation: 491Reputation: 491Reputation: 491Reputation: 491
Here is something useful, a proof of concept for the Dual EC PRNG backdoor:
http://blog.0xbadc0de.be/archives/155
It leaks its internal state in 32 bytes of output. It was purposefully introduced as an NIST and FIPS standard by the NSA, and they paid off RSA to use it too.

Note that only the NSA can exploit the weakness that they introduced.

I'm looking forward to seeing more NSA-recommended crypto standards being taken apart to see what is underneath. Not that I can't imagine what is there.

Last edited by metaschima; 01-01-2014 at 01:53 PM.
 
Old 04-23-2014, 11:51 AM   #6
metaschima
Senior Member
 
Registered: Dec 2013
Distribution: Slackware
Posts: 1,982

Rep: Reputation: 491Reputation: 491Reputation: 491Reputation: 491Reputation: 491
The NIST finally removes the compromised Dual_EC_DRBG from their recommendations.
https://www.techdirt.com/articles/20...ndations.shtml
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
RSA to PKCS eantoranz Linux - Security 5 07-14-2017 04:55 PM
RSA SecurID: RSA Web Agent, integration of RSA auth page Linux_Kidd General 1 08-28-2013 05:59 PM
RSA Cards g_paschoal Linux - Hardware 1 04-20-2011 04:50 PM
How to RSA authentication ERBRMN Linux - Security 11 07-29-2005 11:22 AM
Rsa rch General 0 05-19-2003 03:47 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration