User: Password:
Subscribe / Log in / New account

A new Dual EC DRBG flaw

A new Dual EC DRBG flaw

Posted Jan 6, 2014 23:10 UTC (Mon) by marcH (subscriber, #57642)
Parent article: A new Dual EC DRBG flaw

> One other thing to possibly consider: did someone on the OpenSSL project "backdoor" the Dual EC DRBG implementation such that it could never work, but would pass the certification tests? [...] Either way, we will probably never really know for sure.

No version control?

(Log in to post comments)

A new Dual EC DRBG flaw

Posted Jan 7, 2014 8:07 UTC (Tue) by khim (subscriber, #9252) [Link]

Version control shows addition of the whole algorithm as one commit and mistake is already there. What now? Was it, indeed, a mistake or was it done intentionally? We'll never know, really: any answer will be suspicious.

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds