Remix.run Logo
charcircuit 3 days ago

>Dual_EC_DRBG

There is no hard evidence that it was backdoored.

ranger_danger 3 days ago | parent [-]

> As part of its efforts to foil Web encryption, the National Security Agency inserted a backdoor into a 2006 security standard adopted by the National Institute of Standards and Technology, the federal agency charged with recommending cybersecurity standards. Credit Patrick Semansky/Associated Press

https://archive.nytimes.com/bits.blogs.nytimes.com/2013/09/1...

Even if you believe they're lying, or think that it's impossible to know because it may be a kleptographic backdoor... the latter at least is understood to be a unique property that most other algorithms do not share, so I think for that reason alone it's enough to assume it is backdoored, insofar as that we should tell people to stay away from it regardless.

charcircuit 3 days ago | parent [-]

There is no source in the article to support that claim, it links to another article where it merely says that people suspected it of being backdoored, but those people had no proof either. There are objective reasons why it's not a good idea to use compared to better algorithms, but I wish the reasoning was not solely based off of a conspiracy theory or hate for the NSA.