RSA Security announces NSA backdoor in its products
Moreover, on September 19th .
But Microsoft, for example, did not say. But more about that below.
So, in their RSA Data Protection and RSA Bsafe products, they used the Dual EC_DRBG algorithm (Dual Elliptic Curve Deterministic Random Bit Generation), certified by NIST ( description ). And certified, as it turned out, with a surprise from the US National Security Agency. That is, this is not random, if you know what bookmarks are about.
Well, that this algorithm may contain a backdoor, researchers said back in 2007. Which did not stop NIST from certifying it. And kipish began after the documents published by Snowden, which explicitly spoke of a certain standard of 2006.
Dual_EC_DRBG, by the way, is a pretty popular gizmo.
Implemented on Windows, starting with Vista SP1, which makes it the most popular in the world. Also, there is an implementation in OpenSSL and in general it seems to be lobbied in a heap of products (McAfee, for example, but those used it only for public sector programs). So, it will take a long time to clear the code from it.
From the comments, the details of the backdoor device are practically on the fingers. ( translation )
List of certified products that somehow use this algorithm.