Saturday, November 17, 2007

Random backdors !

Wired's Bruce Schneier is reporting that one of the four recent government approved standard methods for creating random numbers has a flaw which is so blatant, that the two cryptographers who found it claim "it can only be described as a backdoor."


Background
There are four proposed methods for generating random numbers in the new SP 800-90 standard, called DRBGs or Deterministic Random Bit Generators. The first is a hash function, the second uses HMAC (a key-form of hashing), the third is based on block ciphers and the forth is based on elliptic curves, called Dual_EC_DRBG.

Comments: Post a Comment



<< Home

This page is powered by Blogger. Isn't yours?