The researcher continued: "It is not a failure of RSA -- indeed, everyone knows that RSA key set-up should only be done when adequate entropy is present -- but it is a consideration that one may want to take into account. This is in full agreement with RSA's recommendation to ensure good implementation and to follow best practices."
The research group is not planning any further activities specifically along the lines of what it has just done, and has moved all its data offline and "stored everything in a secure location," Lenstra said. He said "it is not at all our main activity or interest but it was just a toy project based on our curiosity" and "our initial findings (which we cannot share) were such that we looked at it at a somewhat wider scale than we had originally intended."
Some sources intimate that NSA may have conducted a similar research project to that described in the "Ron is wrong, Whit is right" paper, though this wasn't for public consumption. Lenstra said he's not surprised the NSA would have done a similar project on its own, but he doesn't know anything about it.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.
Read more about wide area network in Network World's Wide Area Network section.
