By Joseph Menn

SAN FRANCISCO (Reuters) - The U.S. National Security Agency blurred its spying and cybersecurity missions, and that led to a broad collapse in trust between the private security industry, its customers and the government, the head of security pioneer RSA said on Tuesday.

RSA has come under criticism after a Reuters report in December revealed the company had secretly accepted a $10 million contract from the NSA to make a now-discredited cryptography system the default in software used by all manner of Internet and computer security programs.

The system was based on a formula for generating random numbers that was created by the NSA to embed "back doors" in encryption products that the spy agency could then crack, according to documents leaked by former NSA contractor Edward Snowden.

RSA Executive Chairman Art Coviello said on Tuesday that his company, a unit of EMC Corp, had adopted the formula because it thought it was dealing with NSA officials trying to improve protection for the government and critical security industry.

"When or if the NSA blurs the line between its defensive and intelligence-gathering roles and exploits a position of trust, that's a problem," Coviello said in the opening speech of the RSA Conference, the world's largest gathering of cyber security professionals, in San Francisco.

Coviello said the spy agency should spin off its cyber defensive work to another body to avoid pollution of the mission and distrust. A White House advisory panel had recently made a similar recommendation, though it was not endorsed by President Barack Obama or NSA leaders.

A senior White House official told Reuters on Tuesday that the administration opposed a spinoff, in part because cyber defensive efforts are strengthened by word of threats gleaned through the NSA's vast signal intelligence operation.

Two other recommendations by the advisory panel are still under consideration, the official said. One would sharply reduce the U.S. use of unreported flaws in software to break into networks. The other would bar the NSA from deliberately weakening encryption standards.

Story continues

Both of those proposals featured in a debate later at the RSA conference featuring former NSA Director Michael Hayden and former White House counter terrorism and cybersecurity advisor Richard Clarke, who was one of the authors of the recommendations to President Barack Obama.

Hayden said the White House advisory panel's report had maintained that the government did not subvert cryptography. Clarke retorted: "The report did not say that, because that would not be true."

RSA CONFERENCE

The speech by Coviello was by far RSA's most expansive remarks on the subject since the Reuters report prompted more than 10 speakers to withdraw from the conference. Still, the event is drawing a record 25,000 attendees.

Coviello said RSA's core cryptographic patents had expired by the time of the NSA deal and that it had turned to standards put forward by industry and government groups, including the National Institute of Standards and Technology.

NIST supported the NSA formula for generating random numbers, called Dual Elliptic Curve, until the Snowden documents suggested it allowed the agency a back door.

Snowden, who is living in temporary asylum in Russia, set off a global furor last year when he exposed some of the U.S. government's most secretive electronic espionage programs. The leaks led to Obama announcing in January a ban on U.S. eavesdropping on the leaders of close allies, and other reforms to rein in the NSA's surveillance practices.

While Obama's proposals were designed to fend off concerns that U.S. surveillance has gone too far, the measures fell short of dismantling electronic spying programs.

Coviello said the United States and all other countries should renounce the use of cyber weapons, likening the severity and the stakes of the burgeoning digital arms race to the Cuban missile crisis.

Washington and other powers have embraced military computer programs such as Stuxnet, which stealthily destroyed Iranian nuclear centrifuges, because they are cost-effective, avoid bloodshed and deniable.

Coviello said the industry should push to reverse that trend because criminals ultimately benefit from such tools and the vulnerabilities in software that are left in place so that the weapons can be deployed.

"Those who seek military advantage riding on the back of this tiger will end up inside," Coviello said.

(Reporting by Joseph Menn; Editing by Tiffany Wu)