“The fix may not be all that difficult—the tainted part of the standard is a highly inefficient algorithm that security experts identified as a problem long ago. In fact, the biggest mystery, those experts say, is why the NSA thought any company or government agency would willingly use that particular algorithm to protect their data. Despite Dual_EC_DRBG’s known flaws, prominent tech companies including Microsoft, Cisco, Symantec and RSA include the algorithm in their product’s cryptographic libraries primarily because they need it to be eligible for government contracts, cryptographer Bruce Schneier says.”
https://www.scientificamerican.com/article.cfm?id=nsa-nist-encryption-scandal
Related posts:
U.S. attorney defends handling of Aaron Swartz case as ‘appropriate’
Trump announces trade war with Canada, retroactive 20% tax on lumber
Woman, clinically dead for 42-minutes, brought back to life by Australian doctors
White House Granted Itself ‘High Security Risk’ Healthcare.gov Waiver
Europeans slammed by austerity measures now enraged by political corruption
Iran's Rouhani urges end to meddling in private lives
Scientists insist global warming ‘hiatus’ will be brief
HealthCare.gov: How political fear was pitted against technical needs
Financial Times: Other Countries Should Follow Germany's Gold Repatriation Lead
'There is no hiding place... our bombs will kill people': Jeremy Corbyn
China’s Stocks Enter Bear Market as Rate Cut Fails to Stop Rout
Zimbabwe power cuts to persist for 10 years
Delcambre officer accused of altering pain med prescriptions
Mellow mood at first Seattle Hempfest since pot legalization
Fed taper to cause 'severe recession': Economist