According to security experts, an algorithm for generating random numbers that is included in an official standard documented by the National Institute of Standards and Technology (NIST) could potentially include a backdoor planted by the NSA.
In a recent blog entry, cryptographer Bruce Schneier describes research that was presented by his colleagues Niels Ferguson and Dan Shumow at the CRYPTO 2007 conference this past August. The security researchers have raised concerns about a potential backdoor in the Dual_EC_DRBG algorithm, which is documented in NIST's 800-90 publication about deterministic random bit generators. Dual_EC_DRBG, which is based on elliptic curves, is said to be significantly slower to compute than the other algorithms in the standard and was supposedly only included at all because it has the strong support of the NSA.
0 comments:
Post a Comment