re: http://www.garlic.com/~lynn/2013m.html#0 UK NHS £10bn project failure
a little x-over from financial cryptography blog The Anatomy of an NSA intervention -- NIST & RSA fingered as breached http://financialcryptography.com/mt/archives/001446.html from above: It is now almost good enough to take to a jury -- the NSA perverted the public standards process, and convinced at least one major supplier of crypto tools to weaken customer's infrastructure by using that flawed standard. ... Then, within the week, NIST declared itself extremely uncomfortable with the flawed standard, and recommended against it. A couple of days later, RSA announced it was pulling that product. ... snip ... references this A Few Thoughts on Cryptographic Engineering: The Many Flaws of Dual_EC_DRBG http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html and RSA Tells Its Developer Customers: Stop Using NSA-Linked Algorithm http://www.wired.com/threatlevel/2013/09/rsa-advisory-nsa-algorithm/ disclaimer: I was involved in the creation of early electronic commerce and have been heavily inolved in cryptography for financial operations. -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
