Zero to Dual_EC_DRBG in 30 minutes: The Suspect Dual EC DRBG Cryptographic Mechanism
The National Institute of Standards and Technology (NIST) is one of the oldest physical science laboratories in the United States. NIST helps promote domestic innovation by advancing, monitoring and evaluating technical standards and measurement sciences.
Core to its mission, NIST produces special publications to disseminate policies, standards and findings to related security and technology communities. However, special publication 800-90, first published in 2006, came under heavy criticism from the media, who claimed that security vendor RSA and the NSA created a deal to make the dual EC (elliptic curve cryptography) variant the default deterministic random-bit generator algorithm, or DRBG, in its commercial toolkit product. RSA denied the allegation.
Because of the critical role they play in every security protocol, Entrust pays close attention to the design of random-bit generators, and it does not use NIST’s Dual EC DRBG in any of its products or services. This white paper provides an introduction to the elliptic-curve DRBG cryptographic mechanism and why the design approach is suspect.Download File