Monday, September 30, 2013

Silent Circle: NIST encryption standards untrustworthy | Security & Privacy - CNET News

Silent Circle: NIST encryption standards untrustworthy | Security & Privacy - CNET News: "A 2007 presentation by two Microsoft researchers called into question the standard's algorithm -- Dual Elliptic Curve Deterministic Random Bit Generation, aka Dual_EC_DRBG -- and raised the possibility that it offered a back door into encrypted communications to someone who knew specific secret numbers.
"If you know the secret numbers, you can completely break any instantiation of Dual_EC_DRBG," said security researcher Bruce Schneier in a blog post about Dual_EC_DRBG at the time."

No comments: