RSA: That NSA crypto-algorithm we put in our products? Stop using that
Source: The Register UK - Posted by Dave Wreski   
Cryptography Security biz RSA has reportedly warned its customers to stop using the default random-number generator in its encryption products - amid fears spooks can easily crack data secured by the algorithm. All encryption systems worth their salt require a source of virtually unpredictable random values to create strong cryptographic keys and similar things; one such source is the NSA-co-designed pseudo-random-number generator Dual_EC_DRBG, or the Dual Elliptic Curve Deterministic Random Bit Generator, which is well known for being cryptographically weak: six years ago it was claimed that someone had crippled the design, effectively creating a backdoor [PDF] so that encryption systems that relied on it could be easily cracked.

Read this full article at The Register UK

Only registered users can write comments.
Please login or register.

Powered by AkoComment!