Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Math

Submission + - Possible backdoor found in RNG standardizedby NSA (schneier.com) 1

kfz versicherung writes: "Defining algorithm for random numbers is one of the hardest fields in mathematics. We all know Microsoft failed miserably, even Linux (pdf) and SSL had their fair share of troubles. But now Bruce Schneier tells us the Strange Story of Dual_EC_DRBG, one of four random number generation algorithms standardized by the NSA (pdf). While on first look just slower than the other three, Dan Shumow and Niels Ferguson showed at Crypto 2007 that the algorithm contains a weakness that can only be described a backdoor. Their presentation showed that the constants used have a relationship with a second, secret set of numbers that can act as a kind of skeleton key. If you know the secret numbers, you can predict the output of the random-number generator after collecting just 32 bytes of its output."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Possible backdoor found in RNG standardizedby NSA

Comments Filter:
  • Obviously due to its complicated mathematics everbody missed the basic weakness of this algorithm. Thats why I like kiss - keep it small and simple! It works and everybody knows why.

UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. -- Doug Gwyn

Working...