Saturday, November 17, 2007
Random backdors !
Wired's Bruce Schneier is reporting that one of the four recent government approved standard methods for creating random numbers has a flaw which is so blatant, that the two cryptographers who found it claim "it can only be described as a backdoor."
Background
There are four proposed methods for generating random numbers in the new SP 800-90 standard, called DRBGs or Deterministic Random Bit Generators. The first is a hash function, the second uses HMAC (a key-form of hashing), the third is based on block ciphers and the forth is based on elliptic curves, called Dual_EC_DRBG.
There are four proposed methods for generating random numbers in the new SP 800-90 standard, called DRBGs or Deterministic Random Bit Generators. The first is a hash function, the second uses HMAC (a key-form of hashing), the third is based on block ciphers and the forth is based on elliptic curves, called Dual_EC_DRBG.
THIS LINK posted by Joseph Bell : 10:47 AM
