Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Security researcher cancels talk at RSA conference in protest

Mikko Hypponen, chief research officer of F-Secure, said he was protesting reports of a secret RSA-NSA deal

Article comments

Security researcher Mikko Hypponen has canceled his talk at a RSA security conference in San Francisco, reacting to a report that the security division of EMC allegedly received US$10 million from the U.S. National Security Agency to use a flawed random number generator in one of its products.

In an open letter on Monday to Joseph M. Tucci, chairman and CEO of EMC, and(Art Coviello, executive chairman of RSA, Hypponen, who is chief research officer at Finnish security company F-Secure, referred to a report by Reuters which stated that RSA accepted a random number generator from the NSA, and set it as the default option in its product BSafe, in return for the payment from the NSA.

The RSA took money "secretly" from the NSA to embed the Dual EC DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) technology into its BSafe toolkit, according to the report on Friday.

Related Articles on Techworld

The number generator used in a 2006 standard of federal agency National Institute of Standards and Technology came under scrutiny after former NSA contractor Edward Snowden suggested it provided back-door entry to NSA snooping, according to reports.

RSA has denied entering into a secret contract with the NSA. "We made the decision to use Dual EC DRBG as the default in BSAFE toolkits in 2004, in the context of an industry-wide effort to develop newer, stronger methods of encryption. At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption," it said in a statement Sunday.

Hypponen said RSA had not denied receiving $10 million from the NSA to use the random number generator. "You had kept on using the generator for years despite widespread speculation that NSA had backdoored it," he wrote.

The researcher said he didn't expect EMC or the conference to suffer as a result of the alleged deals with the NSA. Nor did he expect other conference speakers to cancel. Most of the speakers at the conference are American so why would they care about surveillance that's not targeted at them but at non-Americans, Hypponen wrote. Surveillance operations by U.S. intelligence agencies are targeted at foreigners, he added.

"However I'm a foreigner. And I'm withdrawing my support from your event," the Finnish researcher wrote. He had earlier tweeted that "If the Reuters story is true, I - for one - will be cancelling my invited talk and my panel participation in the upcoming RSA Conference."

The RSA conference runs from Feb 24 to 28. Among the keynote speakers and other speakers, listed on the website for the conference, are executives from Microsoft, Juniper Networks, Cisco, McAfee, Symantec and Hewlett-Packard. Hypponen was to speak on "Governments as Malware Authors" at the conference. The researcher said he had spoken eight times at RSA conferences in the U.S., Europe and Japan. "You've even featured my picture on the walls of your conference walls among the 'industry experts,'" he wrote in the letter.

EMC could not be immediately reached for comment on Hypponen's decision.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *