According to a story by Reuters, the NSA paid encryption company RSA $10m to deliberately weaken one of its products by using an encryption algorithm which, presumably, the NSA had already cracked.
Sounds plausible. After all, we know the NSA at least attempted to influence standard-setting bodies to adopt weaker levels of encryption.
But there’s something about this story which doesn’t add up. Once you begin to think about it, this kind of deal doesn’t make sense for either the NSA, or for RSA.
For RSA, doing something like this would be a brain-dead move. Yes, as the Reuters report says, $10m looks big in the context of the $27m made by the division of RSA which allegedly received it. But for the company as a whole, it amounts to less than 2% of its annual revenue of $525m in 2007. And a decision to accept that money would almost certainly have to have been board-level: so why would they have accepted it? Would they undermine their own product – and in a way which they must have known would almost certainly leak at some point? It just looks unlikely.
For the NSA, why bother when there are more effective and secretive ways of achieving the same goal? Why not simply plant an employee in RSA with access to the code? Why not quietly pay a very senior individual (or individuals) to buy their compliance? Why not hack into the company and plant your own back door? After all, this is an organisation capable of planting malware in top secret nuclear facilities of another country – breaking into a commercial organisation, by comparison, is trivial. And using methods like bribery, “human intelligence” or hacking gives you a level of plausible deniability that no direct deal with a company could.
Paying the company money – money which would have to be accounted for somehow “through the books” – is the least secure, most probable to leak and thus least-effective option. It seems pretty unlikely to me that an organisation like the NSA would choose to do that, rather than use one of the more covert (and effective) options at its disposal.
UPDATE: RSA has “categorically denied” it was paid to weaken its security. It’s worth reading this post in its entirety, because it includes some details about its decisions.