On 24 September 2013 17:01, Jerry Leichter <leich...@lrw.com> wrote:
> On Sep 23, 2013, at 4:20 AM, ianG <i...@iang.org> wrote:

>>> ...  But they made Dual EC DRBG the default ...
>> At the time this default was chosen (2005 or thereabouts), it was *not* a 
>> "mistake".

  "Problems with Dual_EC_DRBG were first described in early 2006"

With hindsight, it was definitely a mistake. The questions are whether
they could or should
have known it was a mistake at the time and whether the NSA played any
part in the mistake,
and whether they should have warned users and changed the default well
before now.

The cryptography mailing list

Reply via email to