A new Dual EC DRBG flaw
A new Dual EC DRBG flaw
Posted Jan 1, 2014 16:54 UTC (Wed) by tseaver (guest, #1544)Parent article: A new Dual EC DRBG flaw
> One other thing to possibly consider: did someone on the OpenSSL project
> "backdoor" the Dual EC DRBG implementation such that it could never work,
> but would pass the certification tests?
> "backdoor" the Dual EC DRBG implementation such that it could never work,
> but would pass the certification tests?
Perhaps we should call this "slapsticking" the NSA's backdoor?
I'm visualizing a bucket of whitewash / wallpaper paste, propped atop the
slightly open door, ready for the hapless spook.