RSA has warned its consumers against using one of its own encryption algorithms which is based on National Security Agency's (NSA) mathematical formula, over fears that it could be unlocked by the intelligence agency.
EMC's security arm has advised its consumers to use the other formula in the product instead of default random number generator.
The firm issued the advisory following allegations from the New York Times that the NSA may have deliberately added an error into the algorithm - dubbed Dual Elliptic Curve Deterministic Random Bit Generation - in efforts to get the algorithm added to a security standard by the US National Institute of Standards and Technology.
RSA CTO Sam Curry was quoted by the Wired magazine as saying that the algorithm has been part of RSA libraries since 2004, two years before it was approved by NIST.
"Every product that we at RSA make, if it has a crypto function, we may or may not ourselves have decided to use this algorithm," Curry said.
"So we're also going to go through and make sure that we ourselves follow our own advice and aren't using this algorithm."
The warning also comes amid huge intelligence revelations by Snowden concerning the extent of snooping and breaking of encryption by the US spying agency.
According to RSA, the effected versions include BSAFE Toolkits, including all versions of Crypto-C ME, Micro Edition Suite, Crypto-J, Cert-J, SSL-J, Crypto-C, Cert-C, SSL-C, while all versions of RSA Data Protection Manager (DPM) server and clients remained unaffected.