On Mon, 9 Sep 2013 14:07:58 +0300 Alexander Klimov <alser...@inbox.ru> wrote: > On Mon, 9 Sep 2013, Daniel wrote: > > Is there anyone on the lists qualified in ECC mathematics that can > > confirm that? > > NIST SP 800-90A, Rev 1 says: > > The Dual_EC_DRBG requires the specifications of an elliptic curve > and two points on the elliptic curve. One of the following NIST > approved curves with associated points shall be used in > applications requiring certification under [FIPS 140]. More details > about these curves may be found in [FIPS 186], the Digital > Signature Standard. > > > And what ramifications it has, if any.. > > No. They are widely used curves and thus a good way to reduce > conspiracy theories that they were chosen in some malicious way to > subvert DRBG. >
Er, don't we currently have documents from the New York Times and the Guardian that say that in fact they *did* subvert them? Yes, a week ago this was paranoia, but now we have confirmation, so it is no longer paranoia. -- Perry E. Metzger pe...@piermont.com _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography