[148881] in cryptography@c2.net mail archive
[Cryptography] Dual_EC_DRBG backdoor: a proof of concept
daemon@ATHENA.MIT.EDU (ianG)
Thu Jan 2 12:07:32 2014
X-Original-To: cryptography@metzdowd.com
Date: Thu, 02 Jan 2014 20:04:35 +0300
From: ianG <iang@iang.org>
To: Cryptography Mailing List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Tantalising! I've no time to look (and wouldn't know an eliptic curve =
if it slapped me in the face). Comments?
http://blog.0xbadc0de.be/archives/155
If you still believe Dual_EC_DRBG was not backdoored on purpose, please =
keep reading.
In 2007 already, Dan Shumow and Niels Ferguson from Microsoft showed =
that Dual_EC_DRBG algorithm could be backdoored. Twitter also uncovered =
recently that this algorithm was even patented in 2004 by Dan Brown (Not =
the Da Vinci guy, the Certicom one) as a =93key escrow mechanism=94 =
(government jargon/lingo for trapdoor/backdoor).
I will go a little bit further in explaining how it works and give a =
proof-of-concept code, based on OpenSSL FIPS. This is in the best of my =
knowledge the only public proof of concept published today. (correct me =
if I=92m wrong).
...
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
