Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Submission + - Possible backdoor found in RNG standardizedby NSA ( 1

kfz versicherung writes: "Defining algorithm for random numbers is one of the hardest fields in mathematics. We all know Microsoft failed miserably, even Linux (pdf) and SSL had their fair share of troubles. But now Bruce Schneier tells us the Strange Story of Dual_EC_DRBG, one of four random number generation algorithms standardized by the NSA (pdf). While on first look just slower than the other three, Dan Shumow and Niels Ferguson showed at Crypto 2007 that the algorithm contains a weakness that can only be described a backdoor. Their presentation showed that the constants used have a relationship with a second, secret set of numbers that can act as a kind of skeleton key. If you know the secret numbers, you can predict the output of the random-number generator after collecting just 32 bytes of its output."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Possible backdoor found in RNG standardizedby NSA

Comments Filter:
  • Obviously due to its complicated mathematics everbody missed the basic weakness of this algorithm. Thats why I like kiss - keep it small and simple! It works and everybody knows why.

Some people claim that the UNIX learning curve is steep, but at least you only have to climb it once.