Conclusion
It is quite obvious in light of the recent revelations from Snowden that this weakness was introduced by purpose by the NSA. It is very elegant and leaks its complete internal state in only 32 bytes of output, which is very impressive knowing it takes 32 bytes of input as a seed.
Here is the Github repo for the PoC code.
This PRNG is not the NSA making a crypto system stronger ala DES, it's a backdoor.
PR: 2658
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
Have a look for yourself. The reviewer "steve" is Stephen Henson.
Living on Earth may be expensive, but it includes an annual free trip around the Sun.