Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Dual_EC_DRBG backdoor: a proof of concept (0xbadc0de.be)

Reliable Windmill writes: From the article:
Dual_EC_DRBG is an pseudo-random number generator promoted by NIST in NIST SP 800-90A and created by NSA. This algorithm is problematic because it has been made mandatory by the FIPS norm (and should be implemented in every FIPS approved software) and some vendors even promoted this algorithm as first source of randomness in their applications.

If you still believe Dual_EC_DRBG was not backdoored in purpose, please keep reading.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Dual_EC_DRBG backdoor: a proof of concept

Comments Filter:

A sine curve goes off to infinity, or at least the end of the blackboard. -- Prof. Steiner

Working...