Snowden disclosures prompt warning on widely used computer security formula
By Joseph Menn
SAN FRANCISCO
Thu Sep 19, 2013 11:56pm EDT
... Developers who used RSA's "BSAFE" kit wrote code for Web browsers, other software, and hardware components to increase their security. Random numbers are a core part of much modern cryptography, and the ability to guess what they are renders those formulas vulnerable.
The NSA-promoted formula was odd enough that some experts speculated for years that it was flawed by design. A person familiar with the process told Reuters that NIST accepted it in part because many government agencies were already using it.
But after the Times report, NIST said it was inviting public comments as it re-evaluated the formula.
"If vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible," NIST said on September 10 ...
http://www.reuters.com/article/2013/09/20/us-usa-security-snowden-rsa-idUSBRE98J02Z20130920