NIST finally dumps NSA-tainted random number algorithm
NIST (the National Institute of Standards and Technology, an agency of the U.S. Department of Commerce, has formally removed Dual_EC_DRBG from its draft guidance on random number generators.
This is an odd episode, and the oddness seems to have eluded many observers. The outrage switched on late last year when one of the Snowden leaks indicated that the NSA had intentionally inserted weaknesses into a NIST standard for random number generation, a key component of secure cryptography. Sources told Reuters that RSA Security had entered into $10 million of secret contracts with the NSA, a provision of which was to make the weakened algorithm the default choice in their products. RSA denied the charge.
Why this should have surprised anyone is hard to understand. Problems with Dual_EC_DRBG were first reported almost eight years ago and in 2007 Dan Shumow and Niels Ferguson of Microsoft showed, as Bruce Schneier put it at the time, "...the algorithm contains a weakness that can only be described a backdoor." (Schneier's article in Wired is offline for some reason; click here for the Google cache version.)
NIST (the National Institute of Standards and Technology, an agency of the U.S. Department of Commerce, has formally removed Dual_EC_DRBG from its draft guidance on random number generators.
This is an odd episode, and the oddness seems to have eluded many observers. The outrage switched on late last year when one of the Snowden leaks indicated that the NSA had intentionally inserted weaknesses into a NIST standard for random number generation, a key component of secure cryptography. Sources told Reuters that RSA Security had entered into $10 million of secret contracts with the NSA, a provision of which was to make the weakened algorithm the default choice in their products. RSA denied the charge.
Why this should have surprised anyone is hard to understand. Problems with Dual_EC_DRBG were first reported almost eight years ago and in 2007 Dan Shumow and Niels Ferguson of Microsoft showed, as Bruce Schneier put it at the time, "...the algorithm contains a weakness that can only be described a backdoor." (Schneier's article in Wired is offline for some reason; click here for the Google cache version.)
