[146588] in cryptography@c2.net mail archive
Re: [Cryptography] Opening Discussion: Speculation on "BULLRUN"
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Thu Sep 5 16:58:12 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 5 Sep 2013 16:57:51 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: cryptography@metzdowd.com
In-Reply-To: <20130905165315.498b44f7@jabberwock.cb.piermont.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Thu, 5 Sep 2013 16:53:15 -0400 "Perry E. Metzger"
<perry@piermont.com> wrote:
> > Classified N.S.A. memos appear to confirm that the fatal
> > weakness, discovered by two Microsoft cryptographers in 2007, was
> > engineered by the agency. The N.S.A. wrote the standard and
> > aggressively pushed it on the international group, privately
> > calling the effort =93a challenge in finesse.=94
> > =
> > =93Eventually, N.S.A. became the sole editor,=94 the memo says."
> > =
> > Anyone recognize the standard?
> =
> Please say it aloud. (I personally don't recognize the standard
> offhand, but my memory is poor that way.)
There is now some speculation in places like twitter that this refers
to Dual_EC_DRBG though I was not aware that was widely enough deployed
to make a huge difference here, and am not sure which international
group is being mentioned. I would be interested in confirmation.
Perry
-- =
Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
