Abstracts

Ruben Niederhagen, Technische Universiteit Eindhoven

Dual EC — a standardized back door
What happens if a governmental agency takes influence on a technical standardization process in order to inject a back door into cryptographic primitives? Due to the revelations by Edward Snowden, we do know that this is not a theoretical question: most likely the NSA has infected the NIST Special Publication 800-90 with a backdoored specification of the Dual EC pseudo random number generator. This talk attempts to shed some light into the standardization process of Dual EC, explains the basic back door in Dual EC, and gives specific performance numbers for several attacks on TLS implementations using Dual EC.
Back to main event page.