Become a fan of Slashdot on Facebook


Forgot your password?

+ - The 'Page 63' Backdoor to Elliptic Curve Cryptography 3

Submitted by CRYPTIS
CRYPTIS writes: The security of Elliptic curve cryptography is facilitated by the perceived 'hard' problem of cracking the Discrete Logarithm Problem (DLP) for any given curve. Historically, for FIPS (Federal Information Processing Standards) compliance it was required that your curves conformed to the FIPS186-2 document located at . Page 63 of this specifies that the 'a' and 'b' elliptic curve domain parameters should conform to the mathematical requirement of c*b^2 = a^3 (mod p).

Interestingly, back in 1982, A. M. Odlyzko, of AT & T Bell Laboratories, published a document entitled “Discrete logarithms in finite fields and their cryptographic significance” ( ). Page 63 of this document presents a weak form of the DLP, namely a^3 = b^2*c (mod p).

It seems then, that the National Institute of Standards and Technology (NIST), driven in turn by the NSA, have required that compliant curves have this potentially weak form of the DLP built in; merely transposing the layout of the formula in order to obtain what little obfuscation is available with such a short piece of text.

Comment: Re:Tabs vs Spaces (Score 1) 428

by Ulric (#49431061) Attached to: Stack Overflow 2015 Developer Survey Reveals Coder Stats

I can virtually guarantee if you were inventing the first character set today, with no backward-compatibility constraints and no knowledge of the real world's history of keyboarding, you would not include a tab key.

An indentation level key. I think I would like that. Put it on the list. Scroll Lock on the other hand...

Comment: I was never taught low-level bit-fiddling (Score 1) 637

by Ulric (#47623459) Attached to: Ask Slashdot: "Real" Computer Scientists vs. Modern Curriculum?
I studied CS in the 80s. The first language was LISP. I don't think we were taught any language that required explicit memory management. We did learn, of course, how a computer works from the silicon level and up. On the other hand, it was impossible to do anything without learning C, so we learned C.

Comment: Environmentally worthless (Score 1) 466

by Ulric (#46861901) Attached to: Bill Gates & Twitter Founders Put "Meatless" Meat To the Test
What people fail to realize is that the extinction of grazing animals will lead to extinction of the wildlife that depends on said grazing animals. That is the environmental effect that artificial "meat" would have. From an environmental point of view, such products are worthless.

Comment: Mandatory helmets in cars (Score 1) 1651

by Ulric (#41546873) Attached to: To Encourage Biking, Lose the Helmets
I believe that mandatory helmets for anyone riding in a car (driver and passengers) would reduce injuries much more than mandatory helmets for bicyclists. There are many more of them and they are going much faster. It would also be more convenient, since the helmets can simply be stored inside the car when the car is parked.

Comment: Better off in what way? (Score 1) 524

by Ulric (#41546833) Attached to: Are you better off than you were four years ago?
Interesting question! In the last four years I have divorced, quit my job, had a doughter with my new partner, quit the new job back to the first one and is currently on parental leave. That translates to "dramatically better" to me. Many of the comments seem to focus either on money (I make less now) or the upcoming US presidential election (which doesn't really bother me at all).

Don't panic.