[nycbug-talk] Elliptic Curve Backdoor? [was] RSA/DSA for encryption: has it's time come?
Isaac (.ike) Levy
ike at blackskyresearch.net
Thu Sep 12 07:40:12 EDT 2013
It appears more likely that ECC standards were backdoored by the NSA,
with NIST involvement (or lack thereof?).
I hate to re-post slashdot, but the summary is concise:
The trick, it seems, is in some random seed numbers which aren't random
"The random numbers in these curve parameters were supposed to be
selected via a "verifiably random" process...
Unfortunately it turns out the actual inputs used were opaque 256 bit
numbers, chosen ad-hoc with no justifications provided."
If anyone sees relevant updates to this ongoing issue, please feel free
to post to this thread!
More information about the talk