RSA BSAFE Dual_EC_DRBG vulnerability in CA Single Sign-on (formally SiteMinder)
The default random number generator, Dual_EC_DRBG, in RSA BSAFE libraries was compromised. What are the best practices and how to avoid use of these compromised libraries?
RSA BSAFE is a FIPS 140-2 validated cryptography library offered by RSA Security. From 2004 to 2013, the default cryptographically secure pseudorandom number generator (CSPRNG) in BSAFE was Dual_EC_DRBG, which contained a backdoor from NSA. CA Single Sign-On uses RSA libraries through ETPKAI or CAPKI as well as directly. These library files are shipped with the product but only used in case of FIPS only installation types.
CA Technologies has developed a fix to address this issue by removing ECDRBG algorithm and using HMAC DRBG 128 as an alternate algorithm for random number generator.