Though few companies appear to have embraced Extended Random, RSA did. The company built in support for the protocol in BSafe toolkit versions for the Java programming language about five years ago, when a preeminent Internet standards group – the Internet Engineering Task Force – was considering whether to adopt Extended Random as an industry standard. The IETF decided in the end not to adopt the protocol.
RSA’s Curry said that if Dual Elliptic Curve had been sound, Extended Random would have made it better. “When we realized it was not likely to become a standard, we did not enable it in any other BSafe libraries,” he added.
The academic researchers said it took about an hour to crack a free version of BSafe for Java using about $40,000 worth of computer equipment. It would have been 65,000 times faster in versions using Extended Random, dropping the time needed to seconds, according to Stephen Checkoway of Johns Hopkins.
The researchers said it took them less than 3 seconds to crack a free version of BSafe for the C programming language, even without Extended Random, because it already transmitted so many random bits before the secure connection began. And it was so inexpensive it could easily be scaled up for mass surveillance, the researchers said.
(Editing by Edwin Chan and Tiffany Wu)
Article Appeared @http://www.reuters.com/article/2014/03/31/us-usa-security-nsa-rsa-idUSBREA2U0TY20140331