Matches in DBpedia 2016-04 for { <http://wikidata.dbpedia.org/resource/Q309607> ?p ?o }
Showing triples 1 to 80 of
80
with 100 triples per page.
- Q309607 subject Q15266702.
- Q309607 subject Q6419136.
- Q309607 subject Q7035342.
- Q309607 subject Q7216264.
- Q309607 subject Q7485340.
- Q309607 subject Q8269640.
- Q309607 subject Q8316367.
- Q309607 subject Q8431369.
- Q309607 abstract "Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) is an algorithm from the branch of cryptography known as elliptic curve cryptography that was supposed to implement a cryptographically secure pseudorandom number generator (CSPRNG) capable of generating a random bit stream. The algorithm is based on the mathematics of the elliptic curve discrete logarithm problem. Despite public criticism, it was for some time one of the four (now three) CSPRNGs standardized in NIST SP 800-90A as originally published circa March 2007.Weaknesses in the cryptographic security of the algorithm were known and publicly criticised well before the algorithm became part of a formal standard endorsed by the ANSI, ISO, and formerly by the National Institute of Standards and Technology (NIST). One of the weaknesses publicly identified was the potential of the algorithm to harbour a backdoor advantageous to the algorithm's designers—the United States government's National Security Agency (NSA)—and no-one else. In 2013, The New York Times reported that documents in their possession but never released to the public "appear to confirm" that the backdoor was real, and had been deliberately inserted by the NSA as part of the NSA's Bullrun decryption program. In December 2013, a Reuters news article alleged that in 2004, before NIST standardized Dual_EC_DRBG, NSA paid RSA Security $10 million in a secret deal to use Dual_EC_DRBG as the default in the RSA BSAFE cryptography library, which resulted in RSA Security becoming the most important distributor of the insecure algorithm. RSA responded that they "categorically deny" that they had ever knowingly colluded with the NSA to adopt an algorithm that was known to be flawed, saying "we have never kept [our] relationship [with the NSA] a secret".Sometime before its first known publication in 2004, a possible backdoor was discovered with the Dual_EC_DRBG's design, with the design of Dual_EC_DRBG having the unusual property that it was theoretically impossible for anyone but Dual_EC_DRBG's designers (NSA) to confirm the backdoor's existence. Bruce Schneier concluded shortly after standardization that the "rather obvious" backdoor (along with other deficiencies) would mean that nobody would use Dual_EC_DRBG. The backdoor would allow NSA to decrypt for example SSL/TLS encryption which used Dual_EC_DRBG as a CSPRNG.Members of the ANSI standard group, to which Dual_EC_DRBG was first submitted, were aware of the exact mechanism of the potential backdoor and how to disable it, but did not take sufficient steps to unconditionally disable the backdoor or to widely publicize it. The general cryptographic community was initially not aware of the potential backdoor, until Dan Shumow and Niels Ferguson's publication, or of Certicom's Daniel R. L. Brown and Scott Vanstone's 2005 patent application describing the backdoor mechanism.In September 2013, The New York Times reported that internal NSA memos leaked by Edward Snowden indicated that the NSA had worked during the standardization process to eventually become the sole editor of the Dual_EC_DRBG standard, and concluded that the Dual_EC_DRBG standard did indeed contain a backdoor for the NSA. As response, NIST stated that "NIST would not deliberately weaken a cryptographic standard."According to the New York Times story, the NSA spends $250 million per year to insert backdoors in software and hardware as part of the Bullrun program. A Presidential advisory committee subsequently set up to examine NSA's conduct recommended among other things that the US government "fully support and not undermine efforts to create encryption standards".In April 21, 2014, NIST withdrew Dual_EC_DRBG from its draft guidance on random number generators recommending "current users of Dual_EC_DRBG transition to one of the three remaining approved algorithms as quickly as possible."".
- Q309607 wikiPageExternalLink the-many-flaws-of-dualecdrbg.html.
- Q309607 wikiPageExternalLink a-few-more-notes-on-nsa-random-number.html.
- Q309607 wikiPageExternalLink SP800-90A.pdf.
- Q309607 wikiPageExternalLink 117.
- Q309607 wikiPageExternalLink 15-shumow.pdf.
- Q309607 wikiPageExternalLink download;jsessionid=D96134C539F238DD741A65F49189E076?doi=10.1.1.6.1272&rep=rep1&type=pdf.
- Q309607 wikiPageExternalLink dualec.org.
- Q309607 wikiPageExternalLink 10.1007%2F978-3-540-74143-5_26.
- Q309607 wikiPageExternalLink 10.1007%2FBFb0052241.
- Q309607 wikiPageExternalLink dual-ec.
- Q309607 wikiPageExternalLink msg03651.html.
- Q309607 wikiPageExternalLink dual-ec-drbg-comments.pdf.
- Q309607 wikiPageExternalLink 8101758.
- Q309607 wikiPageWikiLink Q1048911.
- Q309607 wikiPageWikiLink Q1049080.
- Q309607 wikiPageWikiLink Q11230.
- Q309607 wikiPageWikiLink Q1153809.
- Q309607 wikiPageWikiLink Q121194.
- Q309607 wikiPageWikiLink Q131478.
- Q309607 wikiPageWikiLink Q13424289.
- Q309607 wikiPageWikiLink Q13770084.
- Q309607 wikiPageWikiLink Q14831675.
- Q309607 wikiPageWikiLink Q15028.
- Q309607 wikiPageWikiLink Q1526275.
- Q309607 wikiPageWikiLink Q15266702.
- Q309607 wikiPageWikiLink Q16729426.
- Q309607 wikiPageWikiLink Q16885663.
- Q309607 wikiPageWikiLink Q17083105.
- Q309607 wikiPageWikiLink Q17083990.
- Q309607 wikiPageWikiLink Q171819.
- Q309607 wikiPageWikiLink Q1749235.
- Q309607 wikiPageWikiLink Q176691.
- Q309607 wikiPageWikiLink Q1790389.
- Q309607 wikiPageWikiLink Q180003.
- Q309607 wikiPageWikiLink Q2061730.
- Q309607 wikiPageWikiLink Q206494.
- Q309607 wikiPageWikiLink Q2283.
- Q309607 wikiPageWikiLink Q22907327.
- Q309607 wikiPageWikiLink Q254569.
- Q309607 wikiPageWikiLink Q268493.
- Q309607 wikiPageWikiLink Q3415711.
- Q309607 wikiPageWikiLink Q3506050.
- Q309607 wikiPageWikiLink Q368328.
- Q309607 wikiPageWikiLink Q4071926.
- Q309607 wikiPageWikiLink Q463244.
- Q309607 wikiPageWikiLink Q466478.
- Q309607 wikiPageWikiLink Q4686406.
- Q309607 wikiPageWikiLink Q502121.
- Q309607 wikiPageWikiLink Q5157320.
- Q309607 wikiPageWikiLink Q516994.
- Q309607 wikiPageWikiLink Q520154.
- Q309607 wikiPageWikiLink Q5425845.
- Q309607 wikiPageWikiLink Q584152.
- Q309607 wikiPageWikiLink Q5954621.
- Q309607 wikiPageWikiLink Q6175895.
- Q309607 wikiPageWikiLink Q6419136.
- Q309607 wikiPageWikiLink Q665539.
- Q309607 wikiPageWikiLink Q6917668.
- Q309607 wikiPageWikiLink Q7035342.
- Q309607 wikiPageWikiLink Q719930.
- Q309607 wikiPageWikiLink Q7216264.
- Q309607 wikiPageWikiLink Q7485340.
- Q309607 wikiPageWikiLink Q8269640.
- Q309607 wikiPageWikiLink Q8316367.
- Q309607 wikiPageWikiLink Q8431369.
- Q309607 wikiPageWikiLink Q852594.
- Q309607 wikiPageWikiLink Q864003.
- Q309607 wikiPageWikiLink Q92865.
- Q309607 wikiPageWikiLink Q9684.
- Q309607 comment "Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) is an algorithm from the branch of cryptography known as elliptic curve cryptography that was supposed to implement a cryptographically secure pseudorandom number generator (CSPRNG) capable of generating a random bit stream. The algorithm is based on the mathematics of the elliptic curve discrete logarithm problem.".
- Q309607 label "Dual EC DRBG".