Interesting People mailing list archives
IP: Techno-Hero or Public Enemy?
From: Dave Farber <farber () cis upenn edu>
Date: Wed, 06 Nov 1996 07:23:03 -0500
Fortune, November 11, 1996, pp. 172-82.
Techno-Hero or Public Enemy?
James Bidzos of RSA Data Security wants to go global
with a potent shield against computer break-ins. Uncle
Sam's most secretive spy agency wants to stop him. At
stake is the right to privacy and the health of the
U.S. software industry.
By David Stipp
If you work with a computer, chances are that embedded in
your machine is a nifty little piece of software that FBI
Director Louis Freeh calls a terrorist tool. Made by RSA
Data Security, the software is woven into some 90 million
copies of various applications, from Netscape browsers to
Lotus Notes to products from Microsoft. Few, if any,
programs are as ubiquitous. Yet RSA's software is so
powerful that, as recently as October, it was classified
as ammunition under U.S. laws that restrict arms exports
-- along with cruise missiles and Stealth bombers.
RSA is spreading everywhere for the same reason that the
federal government doesn't want it to: It can thwart your
enemies, whoever they are. Its power springs from
encryption, which scrambles data sent over phone lines or
stored in computers so that only those holding secret
numerical "keys" can get access. Law enforcers fear it
will be used to block them from eavesdropping on
evildoers. But it also can stop bad guys from hacking
into your company's computers, or stealing your credit
card number if you shop on the Web. The tabloids would
never have known Princess Diana was "my darling Squidge"
to her secret amigo if she had used a cellular phone with
encryption.
As RSA's astronomical installed base attests, its
software has become a de facto standard for safeguarding
computer bits. If you have a Netscape Web browser, note
the key icon in the lower left-hand corner of your screen
-- it means RSA is inside and will leap to protect your
credit card number when you electronically order things.
As the Internet burgeons, so do applications for RSA. It
protects the confidentiality of medical records exchanged
by doctors via the Net and safeguards signals piped from
video cameras at nuclear sites to an international agency
monitoring atomic weapons.
Indeed, RSA has quietly become to software what Dolby is
to audio: the trusted brand most every vendor wants
inside. The expected explosion of electronic commerce
promises to multiply its licensees even faster. By 2000,
International Data Corp. estimates, $78 billion of
purchases will be made annually via the World Wide Web.
RSA aims to keep all those cyberbucks honest by stamping
electronic documents with "digital signatures" enabling
online merchants to check that customers are legitimate
(see box).
Positioning RSA to be the key provider of trust in
cyberspace, CEO Jim Bidzos recently did a strange thing:
He decided not to make an initial public offering. Wall
Street had been eagerly anticipating an IPO; last spring
*ComputerLetter*, a New York City newsletter aimed at
high-tech investors, called RSA the "poster-child of the
networked future." Investment bankers during the recent
Internet IPO craze estimated that an RSA offering would
raise a hefty $300 million, says Bidzos. Not bad for a
firm with 50 employees and 1995 revenues of $11.6
million.
But ignoring the bankers hot advances, in February he
negotiated RSA's purchase for stock by Security Dynamics,
a Bedford, Massachusetts, maker of computer-security
devices. Completed in July, the $259 million merger is
aimed at marrying RSA's software with Security's hardware
to make the picks and shovels of the cybercommerce gold
rush. For example, says Bidzos, who remains head of RSA
in Silicon Valley, fraud-resistant smart cards that carry
everything from digital cash to medical records.
Bidzos maintains that the companies' synergy will give
RSA more value than an IPO would have. Swept up in the
speculation surrounding Internet stocks, Security
Dynamics' share price has gyrated between $109 and $51.25
since the merger was announced. Today Wall Street seems
to agree with Bidzos that dominance in the security niche
makes the company a choice Internet play: The Security
Dynamics shares swapped for RSA were recently worth some
$330 million. Analysts expect earnings to be around $23
million on sales of $113 million next year, up from a
projected $12 million on $74 million in sales in 1996.
For Bidzos, 41, a former programmer with a standup
comic's irreverence and wit, steering RSA against
prevailing winds is almost second nature. For years he
had little choice. After being named CEO of the fledgling
company in 1986, he sought venture funding in vain. He
recalls, "I would sit in meetings with venture
capitalists, and somebody would say, 'Let me get this
straight. There's no market for your technology, but
you're going to try to create one by promotion. And the
world's largest intelligence agency wishes you didn't
exist, but you're just going to beat them at that game.
Okay, it's been nice talking to you.' "
Bidzos could hardly deny that the U.S. National Security
Agency considers his company a loose cannon. The NSA,
which declined comment for this story, was created
secretly in 1952 to conduct electronic eavesdropping on
foreign powers. It has sought to keep a lid on
hard-to-break ciphers, the antiballistic missiles of the
Information Age. The NSA's attacks often work -- a few
years ago, for instance, it quietly persuaded AT&T to
change its product strategy. But now the lid is being
pried open, largely by software firms using RSA's
programs. And when the NSA has tried to wrap its arms
around the defiant little company, Bidzos has tweaked its
nose and danced away.
In his latest coup, Bidzos announced in June that RSA had
agreed to put its imprimatur on encryption chips by
Japan's Nippon Telephone & Telegraph Corp. The pact
sidesteps U.S. export controls, which block RSA from
developing such chips in the U.S. for the global market.
The NSA is understandably irked. State-of-the-art ciphers
are almost bulletproof -- deciphering a message scrambled
with a "strong" version of RSA's software would take even
the fastest computers millions of years. In the wrong
hands, such ciphers could tie the agency in knots. It has
tried hard to prevent that.
Four years ago NSA officials learned that AT&T planned to
launch a "secure" telephone system in the U.S. that
scrambled conversations with a tough cipher called DES.
Uncle Sam's cryptowizards were aghast -- the
user-friendly device seemed ideal for spy-proofing the
leaky communications channels they depend on. By early
1992 the NSA felt obliged "to call in the cavalry," says
Stewart Baker, the agency's former general counsel. "The
FBI and Justice [Department] received increasingly urgent
briefings" from the spy agency's brain trust about the
dangers of spreading encryption. Meanwhile, an NSA team
accelerated work on an alternative scrambler-on-a-chip,
dubbed Clipper. It was designed so federal law enforcers
with court orders would have access to codes for
deciphering scrambled transmissions, preserving their
ability to conduct wiretaps.
AT&T soon heard that dropping DES in favor of Clipper
would please some very important persons. Neither AT&T
nor the federal agencies will comment on what happened
next. But at 4 P.M. on October 13,1992, according to
previously classified federal memoranda, then-FBI
director William Sessions called AT&T CEO Robert Allen to
discuss the government's "problem" with the DES phone.
Sessions, who had been asked to make the call by Attorney
General William Barr, reported back to Barr that "Mr.
Allen indicated that he could support an accommodation."
The memos were obtained through the Freedom of
Information Act by the Electronic Privacy Information
Center, a Washington, D.C., group opposed to federal
restrictions on encryption.
Whether Allen's arm was twisted is unclear -- Sessions
noted to Barr that his conversation with Allen "was
guarded because we were not talking on" a secure phone.
But Allen may have had ample reason to take a hint --
AT&T was starting work on a federal telecommunications
contract that would be worth up to $15 billion if all
went well. Besides, Clipper appealed to AT&T because
products incorporating it would be legal to export.
In April 1993 the White House unveiled the Clipper chip,
touching off a storm of protest from computer companies
invoking Orwell's 1984. Bidzos gleefully led the charge
by calling for a boycott of products with "Big Brother
inside." But AT&T was conspicuously absent from the
critics' camp. In a press release coinciding with the
Clipper launch, Ma Bell gushed that she was "pleased to
be the first company to publicly commit to adoption of
the Clipper chip" in secure phones. To AT&T's chagrin, it
turned out to be the only big company to adopt Clipper.
Besides galvanizing industry opposition to government
restrictions on encryption, the Clipper debacle helped
Bidzos raise RSA's profile -- in effect, the NSA handed
him millions of dollars of free advertising, since
quoting him became almost *de rigueur* for reporters
covering the Clipper debate. Fumes a former government
official: "Fighting the NSA turned out to be a great
business move."
Bidzos professes what seems sincere respect for the spy
agency -- several of its former staffers even work for
him. But he insists that it needs a gadfly: "I've gone
there a few times and listened to their dark-side folks.
I always come out feeling that I'm a traitor. I deserve
to die. I'm causing the early demise of society and
should just scuttle the company. But an hour after I
leave the agency, my head clears, and I think, 'Okay,
back to reality.' I wake up nights sweating after these
meetings -- I have a nightmare that I'm cornered by NSA
agents who are about to serve me with a security
clearance."
Recently the Clinton Administration has tried to distance
itself from Clipper. On October 1 it proposed temporarily
removing encryption technology from the federal munitions
list. That may make exporting security products easier
for U.S. industry. But encryption exports will still be
reviewed by a federal panel that software companies fear
will be dominated behind the scenes by law enforcement
and intelligence agencies. "The new proposal is a
positive move, but we still have a long way to go," says
a spokesman for the Software Publishers Association.
Moreover, the shift is contingent on industry commitments
to market products with "key recovery" -- hardware and
software built so law enforcers can obtain numerical keys
for deciphering scrambled data. Software companies aren't
opposed to storing backup copies of keys. But they argue
that, depending on who is entrusted with the backups,
billions of dollars of sales may be lost to foreign
rivals offering secure products with no peepholes. Says
Bidzos, "We know what it takes for one of the CIA's most
powerful guys, Aldrich Ames, to give up what he knows --
about $250,000 a year. What will a foreign government
have top pay a $20,000-a-year federal bureaucrat to sell
the keys for industrial secrets worth hundred of millions
of dollars?"
While the Clipper debate has raged, an equally important
battle between Bidzos and the NSA has unfolded behind the
scenes. At issue is a crucial question that must be
settled before electronic commerce can take off: Will RSA
or the federal agency provide a basic technology called
digital signatures?
The question looms large, since companies hosting
Internet-based transactions will need standardized
software to handle basic functions such as security --
the alternative is a welter of incompatible programs few
customers would use. Digital signatures will be
especially important because they make it possible for
money to change hands on the Net in a digital form that
is practically impossible to forge.
Such applications of scrambling don't worry the NSA. But
it fears the demand they create will speed the global
spread of RSA's versatile cryptoware. The software might
end up being used for tasks that do spook the agency,
such as encrypting digital phone calls. Thus, the NSA
launched a preemptive strike in 1991 to stem the
groundswell building for RSA as a standard for digital
signatures.
Using the National Institute of Standards and Technology
(NIST) as its marketing arm, the publicity-shy agency
developed and launched an alternative it preemptively
named Digital Signature Standard, or DSS. Unlike RSA's
offerings, DSS is designed exclusively to help users
prove their identities -- it can't be used to protect
other data, says Lynn McNulty, a McLean, Virginia,
computer-security consultant who formerly worked at NIST.
Translation: DSS can t be used to block up the NSA's
far-flung ears.
Thus, unlike RSA software, DSS is deemed safe for export.
The government charges no royalties for its use.
Moreover, federal agencies are required to use DSS for
secure transactions, creating a sizable market. The NSA,
it seems, figured Uncle Sam's purchasing power would trap
the gadfly in its ointment.
But Bidzos, a crack blackjack player who once won $10,000
on a Las Vegas streak, was holding strong cards. One was
his software's distinguished reputation. Over the years,
RSA's patented algorithm has been relentlessly analyzed
by a host of encryption experts -- researchers in the
field love to one-up rivals by breaking their ciphers. So
far, no one has found any significant chinks in RSA's
armor, making it more tried and trusted than DSS.
RSA's versatility was another Bidzos ace. Now that much
of the world is wired -- and going wireless to boot --
opportunities for data theft are cropping up everywhere.
If you believe data piped over your company's intranets
are safe, think of Princess Squidge: Unless your company
has only one office, the information is probably flowing
through the public telephone network, which includes a
multitude of vulnerable nodes.
Still not worried? Consider an unclassified section of a
secret U.S. counterintelligence report to Congress last
year. It quotes two former directors of France's
intelligence service as stating that spying on U.S.
concerns has long been a top priority at their agency.
Recently the CIA released a report alleging that the
French and Israeli governments aggressively spy on U.S.
companies. With friends like these, who needs news of ex-
KGB spies for hire to get freaked?
The advent of RSA's technology to help counter such
threats was "tremendously exciting," recalls Noel
Matchett, a former NSA staffer and now president of
Information Security, a company in Silver Spring,
Maryland. Among other things, he notes, RSA makes it
practical to continually change the keys for scrambling
data sent over networks, robbing spies of the chance to
stay tuned for long if they happen to break a code. DSS
can't do that.
Life at RSA wasn't always this glamorous. Its technology
was invented in 1977 by three scientists at Massachusetts
Institute of Technology: Ronald Rivest, Adi Shamir, and
Leonard Adleman. By 1982 they had secured a patent
through MIT and had started the company in Adleman's
one-bedroom apartment. (RSA is named after their
surnames' first letters.) But in those days most
computers were far too slow for the software --
scrambling data with RSA's algorithm demands a lot of
number crunching. Says Rivest: "We were way ahead of the
market."
The company nearly went bankrupt before Bidzos was hired
to turn it around, and the co-founders went back to their
academic careers (Rivest has remained chairman). Bidzos
recalls his first year on the job: "It was endless grunt
work, flying cross-country and talking up RSA. For a
while I didn't pay myself, to keep costs down."
Eventually the networking revolution let him bring home
some bacon. One of his first deals was with Fischer
International Systems Corp., a Naples, Florida, software
concern. After licensing RSA's patent, says founder
Addison Fischer, "I thought, 'I never want to negotiate
with this man again. He's just too skillful a salesman.'"
Others who have dealt with Bidzos agree, describing him
as a charming but ruthless riverboat gambler with a trump
card in his hand and a six-shooter at his elbow. The card
is RSA's patent. The gun is loaded with infringement
lawsuits, mostly unfired.
In 1987, Lotus signed up to use RSA for Notes, followed
over the next few years by Motorola, Apple, Novell, and
others. Suddenly RSA was on the map -- especially the one
at the NSA in Fort Meade, Maryland. Says Bidzos: "For
years the NSA seemed to ignore us, thinking we'd self-
destruct. But by '91 it became clear to them that,
'Whoops, this guy isn't going away, and he's beginning to
integrate this stuff in user-friendly products. Uh-oh.' "
Bidzos alleges that in early 1991 "the NSA tried to kill
a major deal I was about to close. They called a
well-known executive at a well-known software company and
said, 'Why not wait for our DSS?' When my contact at the
company told me, I was furious. I called the NSA and told
them to call [the software company] back right now and
tell them it was a terrible mistake. 'If you don't, you
can explain why not to my Congressman. And if that
doesn't work, you can explain it to the New York Times.'
The guy said, 'I'll take care of it.' And he did."
Bidzos declines to name the would-be customer. But in
mid-1991, he landed a contract with a well-known software
company: Microsoft.
Despite such behavior, the NSA is usually far from inept.
Interviews with a number of former staffers suggest that
its top ranks are populated with smart people who
understand the industry's beef -- even if it doesn't sway
them. Indeed, the NSA has a big encryption operation of
its own: Its No. 2 mission is to protect sensitive
federal communications. Says Ed Hart, formerly the
agency's deputy director in charge of information-systems
security and now an executive at Science Applications
International Corp.: "The NSA is rich with talent and is
anything but bumbling. But it's insulated and sometimes
doesn't appreciate what's going on in the outside world."
Bidzos and his allies exasperate the agency, for they are
trumping it in the court of public opinion, where it is
hamstrung by its famous secrecy. Consider this: To get
access to many U.S. nuclear secrets, all you need is "Q
clearance," a step below top secret, according to a
report by the Association for Computing Machinery. But to
work at the NSA and get the skinny on SIGINT, or "signals
intelligence," you must rate a top-secret clearance and
then pass muster in a psychological strip search while
lashed to a lie detector.
"SIGINT is more valuable than dope," says a former Army
intelligence officer, "because it goes directly to the
personal power and prestige of the President." During the
Cold War, for instance, the NSA reportedly briefed the
White House regularly on what Soviet leaders were saying
on their car phones.
The NSA's accomplishments aren't confined to the geo-
political. In recent years the economic benefits of
SIGINT to U.S. industry have totaled tens of billions of
dollars, states a landmark encryption report issued in
June by the National Research Council, a congressionally
chartered advisory group. The NSA declassified that
astounding assertion at the council's request. The
estimate is based on top-secret data, but a recent,
widely reported episode suggests it's credible. Two years
ago SIGINT helped U.S. officials blow the whistle on
alleged French bribes to get a $6 billion contract from
Saudi Arabia for weapons and commercial aircraft. After
President Clinton informed Saudi King Fahd, an Airbus-led
consortium that seemingly had the aircraft award in the
bag was rejected in favor of Boeing and McDonnell
Douglas.
All of which helps explain the furrowed brows at a 1991
meeting of federal officials involved in developing DSS.
They had just learned that the technology, which they saw
as a crucial part of the strategy to keep SIGINT flowing,
was seemingly covered in a U.S. patent that had just been
awarded to a German math whiz named Claus Schnorr.
Hurriedly, they rejiggered DSS in hopes of preempting a
Schnorr patent attack. It didn't work.
The German soon sent a letter to NIST raising the
possibility of a patent lawsuit. A few months later,
security consultant McNulty, then still a NIST official,
traveled with a colleague to Frankfurt to feel out
Schnorr's intentions. Says Schnorr: "They explained how
they thought they had circumvented my patent. But I had a
different opinion." Indeed, he wanted $2 million for a
patent license. NIST talked with him periodically about
that, and eventually told him to get lost -- it now
asserts his patent is a nonissue.
But McNulty was worried: "As long as we didn't license
Schnorr's patent, there would always be uncertainty about
how a court might rule on an infringement suit." The
prospect of a patent war could make industry less willing
to adopt DSS. Moreover, says McNulty, "I argued that if
we didn't take the Schnorr wild card off the table, it
was going to be sitting out there for Jim Bidzos to pick
up."
He was right. In March 1993, Bidzos and a business
associate met Schnorr in Marseilles, France, where the
German was visiting a friend. Bidzos made his pitch over
a lunch of monkfish and a bottle of Sancerre at the Trois
Fortes hotel overlooking the city's picturesque harbor.
After listening for four hours, the laconic mathematician
suddenly said Ja: He handed over rights to his patent in
return for a share of the royalties Bidzos hoped to
squeeze from it. Schnorr says he was swayed by the fact
that Bidzos had built up RSA from a single patent:
"That's not trivial to do."
Since then, Bidzos has rattled the Schnorr saber to the
desired effect. "We've written letters to companies
selling DSS," he says, "and have licensed Schnorr to a
number of companies," including IBM. "People are afraid
of getting involved in litigation."
Still, not all has gone smoothly for Bidzos. The presence
of the FBI in the encryption debate may make it harder
for him and his allies to loosen their market's legal
handcuffs. In alarming speeches, FBI director Freeh has
repeatedly linked unrestricted encryption to terrorists,
such as the Oklahoma City bombers. The FBI has more
reason than the NSA to be hostile, experts say. It lacks
the NSA's appreciation of encryption's ability to enhance
national security, for one thing. It is also more likely
to be stymied by encryption than the NSA, which is widely
thought to be able to break some of the weaker codes now
in use. (The FBI once regularly sought the spy agency's
help, according to *The Puzzle Palace*, a 1982 book about
the NSA. It quotes a former NSA staffer as saying that
the FBI would ask the agency to unravel codes used by
bookies: "We used to give them to our cryptanalysts to
take cracks at in their spare time. They would break them
over lunch and send them back to the FBI.")
Bidzos also faces hard-liners closer to home. Two years
ago RSA had a falling out with Cylink, a Sunnyvale,
California, concern that holds encryption patents from
Stanford University. The companies dissolved a
partnership and began a messy patent battle. Both sides
claimed victory after an arbitration-panel ruling last
year; recently a U.S. district court denied Cylink's
motion for a preliminary injunction against sales of RSA
products, suggesting that RSA's patent is still golden.
But when it expires in four years, Bidzos's main ace will
be gone and he'll have to rely on another pair --
marketing and the momentum of a big installed base.
Potentially significant rivals already loom, such as
Certicom, a Canadian company that claims its encryption
algorithm is superior to RSA's for certain uses, such as
in pagers and cell phones.
Bidzos isn't fretting, though. On a recent typical day,
RSA's bluejeans-clad boss drove one of his two BMW
motorcycles to the company's modest digs at a Redwood
City, California, office park, then got to work fielding
media calls, reading E-mail, and monitoring Internet
companies' stock prices. Interrupted by his secretary to
sign a sheaf of contracts, he boasts that "the Internet
probably spawns a dozen companies an hour, and almost all
of them become RSA customers."
Some form even closer ties: In lieu of royalties, RSA has
taken stakes in Netscape (1%) and CyberCash (3%). Says
Stephen Crocker, a senior vice president at CyberCash, a
maker of payment systems for Internet shopping that use
RSA: "It's a magnificent deal from Bidzos's point of
view. If a company [paying with stock] goes out of
business, he wouldn't get any royalties anyway. But if it
succeeds, he wins much bigger than he would with
royalties."
As for DSS, sales for federal use are keeping it alive.
But it appears to be a nonstarter in the crucial
electronic-commerce market. There RSA is roaring ahead.
This year, for example, MasterCard, Visa, and other big
players announced specifications for Internet
transactions based on RSA encryption. Indeed, RSA's
success has made it something of a magnet for former
federal encryption experts seeking private-sector jobs,
including authorities on DSS. Says Bidzos: "I've gotten
so many resumes from Washington, you wouldn't believe it.
I've outlasted them all, and now they want to work for
me. I love it."
_________________________________________________________
[Box]
When g*%#B/L#h Isn't a Curse
Military experts estimate that by cracking the Nazis'
Enigma cipher, Allied codebreakers saved the world at
least a year of war and millions of lives. Thanks to the
feat, the Allies knew German U-boat positions, strategic
plans, and, before D-day, where Hitler thought the attack
would come.
Enigma's fatal flaw was a problem that had always
bedeviled efforts to keep government secrets by
scrambling messages: The "keys" for unraveling them had
to be widely distributed among intended recipients,
usually making it only a matter of time before they fell
into enemy hands. Enigma's keys were embodied in
electrical devices, one of which was secretly obtained by
a British team that analyzed it and broke the cipher in
1940.
But in 1976, Stanford University scientists proposed a
way around this problem. Called public-key encryption,
their idea was translated into a versatile datascrambling
method a year later by a team at the Massachusetts
Institute of Technology that founded RSA Data Security.
Here's the gist: A key for coding messages is a number
that, when fed into a computerized scrambler, sets the
way it translates characters of the original text into
the apparent gibberish of its encrypted form. (FORTUNE,
for example, might become g*%#B/L.)
RSA's method involves two keys that reverse each other's
effects when fed into software that both scrambles and
unscrambles messages. One, the "private key," is known
only to an individual. Its mate is called a public key
and is listed next to the owner's name in a kind of phone
book for anyone to see. The keys are a lot longer than
phone numbers, though -- the most potent can include more
than 300 digits. Each person has a unique pair of such
keys.
If Alice wants to send an E-mail message to Bob for his
eyes only, she looks him up in the directory and uses the
dual-purpose software to scramble the message with his
public key. Bob unscrambles it at his end using his
private key -- no other key will work. Unless Bob does
something dumb, like storing his private key where his
foes can get at it, they won't be able to decipher
intercepted messages. There's only one way to try: Derive
Bob's private key. But due to RSA's clever math
underpinnings, that could take millions of years using
even the fastest computers.
RSA software is also used increasingly for signing
electronic documents, a process that's just the reverse
of scrambling a message. Roughly, here's how it goes: Bob
scrambles a computerized document with his private key
and sends it to Alice along with an unscrambled version
of the same document. Using his public key, she decodes
the scrambled version. If the result matches the
unscrambled version, she can be sure of two things: The
message came from Bob, and it wasn't altered en route.
Why? Only data scrambled with Bob's private key can be
unscrambled with his public key. It's as though Bob has
stamped his fingerprints on every character in a way that
can't be forged.
Encryption isn't all there is to computer security. If
Bob loses his private key after scrambling all his data
to keep it from prying eyes, he's sunk. He'll never
decode his data again. To guard against that, several
companies offer systems that store copies of private keys
in the digital equivalent of bank vaults -- a leader is
Trusted Information Systems in Glenwood, Maryland.
But scrambling software is useless if implemented in ways
that let outsiders steal keys. Such problems, not chinks
in encryption's basic armor, account for almost all cases
of hackers breaking secure systems -- such as a flap last
year over holes in Netscape browsers. To help encode
messages, the browsers used a so-called random-number
generator routine; but grad students at Berkeley showed
that the numbers it generated were actually predictable,
and broke the code. RSA employs crack crypto-hackers to
ferret out such holes. Says Netscape security chief Jeff
Treuhaft: "After the problem was found, we definitely
used RSA to review our fixes and make sure they were
safe."
_________________________________________________________
[Photo] Turning Gibberish to Gold. Bidzos and RSA plan to
cash in on the electronic-commerce bonanza with
scrambling software that protects secrets.
[Photo] Scholarly Merchant of Code Chairman Ron Rivest,
an MIT professor, saw RSA almost fail before its software
took off as a replacement for scrambler circuitry like
this.
[End]
Current thread:
- IP: Techno-Hero or Public Enemy? Dave Farber (Nov 06)