ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Did NSA Put a Secret Backdoor in New Encryption Standard?

(1/4) > >>

mouser:
But one of those generators -- the one based on elliptic curves -- is not like the others. Called Dual_EC_DRBG, not only is it a mouthful to say, it's also three orders of magnitude slower than its peers. It's in the standard only because it's been championed by the NSA, which first proposed it years ago in a related standardization project at the American National Standards Institute.
...
But today there's an even bigger stink brewing around Dual_EC_DRBG. In an informal presentation (.pdf) at the CRYPTO 2007 conference in August, Dan Shumow and Niels Ferguson showed that the algorithm contains a weakness that can only be described a backdoor.
...

--- End quote ---


http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115





from http://it.slashdot.org/it/07/11/15/184204.shtml?tid=172

Ralf Maximus:
If I were running the NSA, of course I'd do crap like this.

On the other hand, NSA has enough terraflops on tap to bypass any encryption almost instantly.  You might as well encode your stuff using Dr.Seussisms and pray the vat-grown NSA geeks never read any children's books while growing up in the secret underground bases.

Which reminds me...

ATTENTION SNEETCH ONE: THE BABY HAS GRASPED THE HAMSTER, BUT HAS NOT SWIGGLED THE BARLEY WINE.  OH, THE PLACES YOU'LL GO WHEN I RUN THE ZOO, IF HORTON HEARS A WHO OR TWO.

Lashiec:
Oh, I was thinking in posting this two days ago, but I passed onto it, because I thought that people would catch the news anyway.

It's not exactly clear, like Mr. Schneier says at the end of the article, if the NSA did this deliberately, or was a simple oversight. Of course, we'll never know, once they give some explanations, they would choose the latter option

jgpaiva:
ATTENTION SNEETCH ONE: THE BABY HAS GRASPED THE HAMSTER, BUT HAS NOT SWIGGLED THE BARLEY WINE.  OH, THE PLACES YOU'LL GO WHEN I RUN THE ZOO, IF HORTON HEARS A WHO OR TWO.
-Ralf Maximus (November 19, 2007, 12:46 PM)
--- End quote ---
I SEE YOUR 200 AnD RAISE YOU 37. LET THE NUTsY BUTMIST RUN INTO THE CaRTILAGE.

mwb1100:
This reminds me of the rumors that back in the 70's the NSA made the DES encryption standard weaker to enable them to be able to decrypt at will. According to this Wikipedia article (yeah, I know, but it seem to jive with my memory of the situation) http://en.wikipedia.org/wiki/Data_Encryption_Standard:


* the NSA may or may not have had a hand in determining the values for the DES S-Boxes.  However, whoever did come up with the S-Box values (the NSA, IBM, or both) did it in such a way as to make them more resistant to attacks that at the time were not generally known - ie, stronger rather than weaker
* the NSA may or may not have had a hand in making the DES key a rather short 56-bits, throwing away 8 available key bits for use as 'parity'
It seems like the Dual_EC_DRBG random number protocol is dead in the water - slow and suspect will kill any algorithm.

Navigation

[0] Message Index

[#] Next page

Go to full version