RSA Security: Difference between revisions

RSA, The Security Division of EMC

Company type	Division of EMC Corporation
Industry	Encryption and Network Security
Founded	1982[1][2]
Founder	Ron Rivest Adi Shamir Leonard Adleman[1]
Headquarters	Bedford, Massachusetts , United States
Key people	Thomas P. Heiser, President Arthur W. Coviello, Jr., Executive Chairman
Products	Encryption and network security software
Revenue	Not separately disclosed by EMC
Number of employees	1,319 (2007)
Parent	Dell Technologies
Website	www.rsa.com

RSA is an American computer and network security company. RSA was named after the initials of its co-founders, Ron Rivest, Adi Shamir, and Len Adleman, after whom the RSA public key cryptography algorithm was also named.^[3] Among its products include the RSA BSAFE cryptography libraries and the SecurID authentication token. It also organizes the annual RSA Conference, an information security conference.

RSA is currently operated as a subsidiary of EMC Corporation, who acquired the company in 2006 for $2.1 billion.

RSA is based in Bedford, Massachusetts, maintaining offices in Australia, Ireland, Israel, the United Kingdom, Singapore, India, China, Hong Kong and Japan.

History

Ron Rivest, Adi Shamir and Leonard Adleman developed the RSA encryption algorithm in 1977. They founded RSA Data Security in 1982.^[1][2]

• In 1995 RSA sent a handful of people across the hall to found Digital Certificates International, better known as VeriSign.
• The company then called Security Dynamics acquired RSA Data Security in July 1996 and DynaSoft AB in 1997.
• In January 1997 it proposed the first of the DES Challenges which led to the first public breaking of a message based on the Data Encryption Standard.
• In February 2001, it acquired Xcert International, Inc., a privately held company that developed and delivered digital certificate-based products for securing e-business transactions.
• In May 2001, it acquired 3-G International, Inc., a privately held company that developed and delivered smart card and biometric authentication products.
• In August 2001, it acquired Securant Technologies, Inc., a privately held company that produced ClearTrust, an identity management product.
• In December 2005, it acquired Cyota, a privately held Israeli company specializing in online security and anti-fraud solutions for financial institutions.
• In April 2006 it acquired PassMark Security.
• On September 14, 2006, RSA stockholders approved the acquisition of the company by EMC Corporation for $2.1 billion.^[4][5][6]
• On 2007 RSA acquired Valyd Software, a Hyderabad based Indian company specializing in File and Data Security .
• In 2009 RSA launched the RSA Share Project.[4] As part of this project, some of the RSA BSAFE libraries were made available for free. To promote the launch, RSA ran a programming competition with a US$10,000 first prize.[5]
• RSA introduced a new CyberCrime Intelligence Service designed to help organisations identify computers, information assets and identities compromised by trojans and other online attacks.^[7]

Security Breach

On March 17, 2011, approximately a month after announcing its CyberCrime Intelligence Service, RSA disclosed that it had been hacked. It categorized the attack on its two-factor authentication products as an Advanced Persistent Threat,^[8] although some have debated whether the attack was 'advanced'.^[9] The breach has links to the recent Sykipot attacks, the July 2011 SK Communications hack and the NightDragon series of attacks^[10]. These links suggest that the same attackers are behind each of the attacks, and that despite the debate on the matter, RSA was hacked by an APT.

See also

• Hardware token
• RSA Factoring Challenge
• RSA Secret-Key Challenge
• Software token
• RSA SecurID

References

1. "Distributed Team Cracks Hidden Message in RSA's 56-Bit RC5 Secret-Key Challenge". October 22, 1997. Retrieved February 22, 2009.
2. Kaliski, Burt (October 22, 1997). "Growing Up with Alice and Bob: Three Decades with the RSA Cryptosystem". Retrieved February 22, 2009.
3. "RSA History". Retrieved June 8, 2011.
4. [1]
5. [2]
6. [3]
7. RSA launches CyberCrime Intelligence Service
8. "RSA hit by advanced persistent threat attacks". Computer Weekly. March 18, 2011. Retrieved May 4, 2011.
9. "Security Now! Podcast #298". Security Now!. April 28, 2011. Retrieved May 4, 2011. "an Advanced Persistent Threat (APT)" - we saw that with RSA. What that meant was somebody opened their email."
10. "Command and Control in the Fifth Domain" (PDF). Command Five Pty Ltd. February, 2012. Retrieved February 10, 2012. {{cite web}}: Check date values in: |date= (help)

External links

• Oral history interview with James Bidzos, Charles Babbage Institute University of Minnesota, Minneapolis. Bidzos discusses his leadership of software security firm RSA Data Security as it sought to commercialize encryption technology as well as his role in creating the RSA Conference and founding Verisign. Oral history interview 2004, Mill Valley, California.
• Oral history interview with Martin Hellman Oral history interview 2004, Palo Alto, California. Charles Babbage Institute, University of Minnesota, Minneapolis. Hellman describes his invention of public key cryptography with collaborators Whitfield Diffie and Ralph Merkle at Stanford University in the mid-1970s. He also describes the commercialization of cryptography with RSA Data Security and VeriSign. m,nm,nm