RSA Security

RSA Security

RSA Security is a technology company founded by Ronald Rivest, Adi Shamir, and Leonard Adleman in 1982. The firm became notable for commercializing public-key cryptography and for products used by enterprises, governments, and financial institutions. RSA's work intersected with developments at institutions such as the Massachusetts Institute of Technology, Bell Labs, and companies including IBM, Microsoft, and Hewlett-Packard.

History

RSA was formed shortly after the publication of the RSA algorithm by Rivest, Shamir, and Adleman at Massachusetts Institute of Technology. Early commercial activity involved licensing to research labs and firms such as Bell Labs, Sun Microsystems, IBM, and Intel. In the 1990s RSA expanded alongside the growth of the Internet and worked with organizations like Netscape Communications Corporation, Microsoft, VeriSign, and The World Wide Web Consortium on secure protocols. Strategic investments and partnerships involved venture entities such as Sequoia Capital and transactions with corporations including EMC Corporation and Dell Technologies. Leadership changes over the decades included executives from Oracle Corporation, Cisco Systems, Symantec Corporation, and Hewlett-Packard influences. RSA’s timeline intersected with events like the passage of the Communications Assistance for Law Enforcement Act debates, discussions at DEF CON, and standards work with groups such as Internet Engineering Task Force and National Institute of Standards and Technology.

Technology and Products

RSA commercialized the RSA public-key algorithm and offered products spanning encryption, authentication, and identity management. Prominent offerings included the SecurID authentication tokens, which were used by organizations such as Bank of America, Citigroup, JPMorgan Chase, and Goldman Sachs. RSA also produced key management systems deployed by Federal Reserve System participants and global payment processors like Visa and Mastercard. The company contributed to standards and implementations that interacted with Secure Sockets Layer, Transport Layer Security, X.509, and protocols tied to Netscape Navigator and Internet Explorer. RSA's research engaged with academic groups at Stanford University, Carnegie Mellon University, University of California, Berkeley, and collaborations with labs at MITRE Corporation and SRI International. Products integrated with enterprise platforms from SAP SE, Oracle Corporation, Microsoft, and Amazon Web Services and were adopted by cloud providers such as Dropbox and Salesforce. RSA’s cryptographic work referenced mathematicians and computer scientists including Claude Shannon, Alan Turing, Whitfield Diffie, and Martin Hellman.

Security Incidents and Controversies

RSA faced major controversies, notably a breach that led to concerns over the SecurID system and affected customers including Lockheed Martin and Northrop Grumman. That incident intersected with investigations involving agencies such as the Federal Bureau of Investigation and reporting by outlets like The New York Times, The Washington Post, and Wired (magazine). Cryptanalysis debates involved figures and institutions such as Bruce Schneier, Phil Zimmermann, Electronic Frontier Foundation, and standards bodies including National Institute of Standards and Technology and scrutiny from members of United States Congress committees. Legal disputes over patents and licensing involved companies such as EMC Corporation, EMC’s EMC2, Microsoft, and VeriSign. Cryptographic controversies referenced the historical Clipper chip debates and policy arguments involving Central Intelligence Agency and National Security Agency positions on export controls and surveillance. Academic critiques appeared in journals and venues associated with Proceedings of the National Academy of Sciences and conferences like CRYPTO and USENIX Security Symposium.

Business Operations and Corporate Structure

RSA’s corporate evolution included acquisitions and ownership shifts involving EMC Corporation, which acquired the company in 2006, and later transitions linked to Dell Technologies and private equity firms such as Symphony Technology Group. Organizational structure featured collaborations with enterprise customers like General Electric, Siemens, AT&T, and Verizon Communications. RSA maintained research labs and partnerships with universities including Harvard University, Yale University, Princeton University, and international institutions like University of Cambridge and École Polytechnique Fédérale de Lausanne. Commercial strategy encompassed alliances with consulting firms such as Accenture, Deloitte, PricewaterhouseCoopers, and Ernst & Young, alongside channel relationships with resellers like CDW and system integrators including SAIC. Board members and executives had prior affiliations with Goldman Sachs, Morgan Stanley, McKinsey & Company, and Bain & Company.

Legal and Regulatory Issues

RSA’s operations were shaped by intellectual property cases and regulatory frameworks including statutes such as the Digital Millennium Copyright Act and export regulations influenced by the Wassenaar Arrangement. Litigation involved entities such as EMC Corporation, VeriSign, and various plaintiffs in patent disputes heard in courts like the United States Court of Appeals for the Federal Circuit and district courts in Massachusetts. Compliance obligations involved regulators and agencies including Securities and Exchange Commission, Federal Trade Commission, and oversight tied to standards from National Institute of Standards and Technology and international bodies such as the International Organization for Standardization. Policy discussions around encryption affected interactions with legislative bodies like the United States Congress and international forums such as European Parliament committees on privacy and surveillance. High-profile legal matters also engaged law firms and litigators with histories in cases before the Supreme Court of the United States.

Category:Computer security companies