14 DAY TRIAL // Security firm RSA has gotten slammed by the media in the past few months after reports indicated that the National Security Agency had paid the firm to build a backdoor into its service. Now, the company’s head of security is accusing the NSA’s spying practices of being at the core of the lack of trust in the industry.
The fact that the National Security Agency has blurred the lines between spying and cybersecurity has led to a collapse of trust between the private security industry, customers and the government, said Arthur Coviello, RSA executive chairman.
During the discussion, Coviello also addressed the controversial project the RSA had with the NSA, which involved the formula for a random number generator created by the intelligence agency to build back doors in encryption programs so that the agency could easily crack them.
Coviello said that the RSA, a unit of EMC Corp, did indeed adopt the formula, but only because it thought it was dealing with NSA officials trying to improve protection for the government and the security industry.
“When or if the NSA blurs the line between its defensive and intelligence-gathering roles and exploits a position of trust, that’s a problem,” he said during his opening speech at the RSA Conference, an event that was largely boycotted due to the company’s involvement with the NSA.
He also explained that the company’s cryptographic patents had expired before they made the deal with the NSA and the fact that the National Institute of Standards and Technology (NIST) had supported the formula helped them decide to adopt it. Of course, NIST proclaimed to be a supporter of this formula until the Snowden documents indicated that there was more to it than originally thought.
The RSA exec then made a suggestion that the White House NSA review panel had also made a while back, namely for the agency to create a separate cyber defensive team into another body to avoid destroying trust.
The White House has discussed a series of NSA reforms and has even made a huge deal about a series of new ideas it had for the agency. When Barack Obama held his speech, however, everyone was disappointed to hear a very thin list of changes that would, essentially, have very little impact on how the intelligence agency did business.
While huge issues such as encryption backdoors, collection of Internet records and phone localization have been reported on in the past months, the only issue that got any attention from the US government was the phone call metadata program.
You can watch Coviello's full keynote below.
