[nycbug-talk] Elliptic Curve Backdoor? [was] RSA/DSA for encryption: has it's time come?

Isaac (.ike) Levy ike at blackskyresearch.net
Thu Sep 12 07:40:12 EDT 2013

Morning All,

It appears more likely that ECC standards were backdoored by the NSA, 
with NIST involvement (or lack thereof?).

I hate to re-post slashdot, but the summary is concise:

The trick, it seems, is in some random seed numbers which aren't random 
at all:
"The random numbers in these curve parameters were supposed to be 
selected via a "verifiably random" process...
Unfortunately it turns out the actual inputs used were opaque 256 bit 
numbers, chosen ad-hoc with no justifications provided."

Good times.

If anyone sees relevant updates to this ongoing issue, please feel free 
to post to this thread!


More information about the talk mailing list