The NSA paid $10 million to the security firm RSA to install a cryptographic backdoor. Post: 302880691

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Urgent Help...Pseudo-Device provides a Backdoor Entry to root.

Can Anybody help to create a pseudo-device and write a device driver for it. The pseudo-device provides a “backdoor” for gaining root access for a particular user. Instead of compiling the device driver into the kernel. Modules are object binaries that can be dynamically loaded into the kernel. ...

2. AIX

Seeking Paid AIX Support ? anyone know where ?

Hello, I was wondering if anyone knows about getting support for AIX ; This forum is a great place but if it has a section for $$$ AIX support where the experts can analyze and answer the questions/queries of the posters ? Is it possible to get any paid support on this forum ?

3. Shell Programming and Scripting

Matching 10 Million file records with 10 Million in other file

Dear All, I have two files both containing 10 Million records each separated by comma(csv fmt). One file is input.txt other is status.txt. Input.txt-> contains fields with one unique id field (primary key we can say) Status.txt -> contains two fields only:1. unique id and 2. status ...

4. Red Hat

How do I install security patches with no internet access?

Hi, I'm pretty new to Linux and I want to download security patches and install them on RHEL 5.4. I've searched the red hat web site but cant seem to find where the download link is.

5. What is on Your Mind?

Increased paranoia of communication companies post NSA revelations

Hi all, I work in the communications field and often have to carry out data gathering/analysis on customer's platforms for issue diagnosis. In the last 2 months I have noticed a huge increase in distrust from African, Middle Eastern and Asian communication system operators of any data...

6. OS X (Apple)

I have a backdoor in my OS X? This is what I found in my bash history

That's what appears at the beginning of my bash history (when you type "open .bash_history" in terminal) sudo -k export PS1="";sudo echo AUTHENTICATED;echo RETRY exit export PS1="" sudo echo AUTHENTICATED ; sudo -k ; echo AUTHENTIKILL ; echo PROCESSEDAUTHENTICATION sudo ls;sudo -k;exit;echo...

7. AIX

Best practices for sugroups for root ? backdoor user access ?

greetings, just ran across a fun situation we had overlooked. We have a backdoor user, no special privileges, which we put on every server so that anyone in the shop can get in (passwd in vault) if they need to, even if they don't have a local account on that server. The point of course is to...

8. What is on Your Mind?

Be aware. Coreboot and the NSA.

NSA Starts Contributing Low-Level Code to UEFI BIOS Alternative

LEARN ABOUT CENTOS

rsa_private_encrypt

RSA_private_encrypt(3)						      OpenSSL						    RSA_private_encrypt(3)

NAME

       RSA_private_encrypt, RSA_public_decrypt - low level signature operations

SYNOPSIS

	#include <openssl/rsa.h>

	int RSA_private_encrypt(int flen, unsigned char *from,
	   unsigned char *to, RSA *rsa, int padding);

	int RSA_public_decrypt(int flen, unsigned char *from,
	   unsigned char *to, RSA *rsa, int padding);

DESCRIPTION

       These functions handle RSA signatures at a low level.

       RSA_private_encrypt() signs the flen bytes at from (usually a message digest with an algorithm identifier) using the private key rsa and
       stores the signature in to. to must point to RSA_size(rsa) bytes of memory.

       padding denotes one of the following modes:

       RSA_PKCS1_PADDING
	   PKCS #1 v1.5 padding. This function does not handle the algorithmIdentifier specified in PKCS #1. When generating or verifying PKCS #1
	   signatures, RSA_sign(3) and RSA_verify(3) should be used.

       RSA_NO_PADDING
	   Raw RSA signature. This mode should only be used to implement cryptographically sound padding modes in the application code.  Signing
	   user data directly with RSA is insecure.

       RSA_public_decrypt() recovers the message digest from the flen bytes long signature at from using the signer's public key rsa. to must
       point to a memory section large enough to hold the message digest (which is smaller than RSA_size(rsa) - 11). padding is the padding mode
       that was used to sign the data.

RETURN VALUES

       RSA_private_encrypt() returns the size of the signature (i.e., RSA_size(rsa)). RSA_public_decrypt() returns the size of the recovered
       message digest.

       On error, -1 is returned; the error codes can be obtained by ERR_get_error(3).

SEE ALSO

       ERR_get_error(3), rsa(3), RSA_sign(3), RSA_verify(3)

HISTORY

       The padding argument was added in SSLeay 0.8. RSA_NO_PADDING is available since SSLeay 0.9.0.

1.0.1e								    2013-02-11						    RSA_private_encrypt(3)