Dual_EC_DRBG uses a seemingly arbitrary series of specific fixed numbers which are published in the standard to define the elliptic curve used for the algorithm. The origin of those numbers has not been revealed or explained but it is possible to use other numbers instead. The researchers realized that the fixed set of numbers used in Dual_EC_DRBG could have a mathematical relationship to a secret second set of numbers, which could then be used as a master key to decrypt content.
arstechnica.com
What I've gotten from this article is that there possibly exists a set of numbers that are linked to the set defined in this random number generator that would permit the person knowing the complimenting set to decrypt any message that was protected using this method. And the NSA is involved in this?!? Seeing as how they still are caught up in a horrid debacle with their wholesale eavesdropping on the people of the United States with the collusion of major ISPs, I don't think for a split second we should let this issue rest until they come up with a real answer as to why these particular numbers were chosen and what the risk is of someone else finding out these numbers, hell they shouldn't even know these numbers if its going to ever make it into a consumer product someday.
This is after all the same agency that offered us the Clipper Chip, which thankfully for privacy's sake failed to take off at all. The fact that Bruce Schneier (of Applied Cryptography fame) is concerned about this makes me all the more worried, if its enough to keep a seasoned professional such as him from touching this particular piece then it should serve as a warning to us all to shy away from it until the NSA comes clean with their motives in pushing so hard for this vulnerable system to become part of a NIST standard.
Labels: bruce schneier, cryptography, NIST, NSA
