beware Windows Vista SP1

| No Comments | No TrackBacks

Bruce Schneier is worried about the Microsoft Vista Service Pack 1 implementation of the flawed Dual_EC_DRBG random number generator.

He explained the flaw last month, noting that Dual_EC_DRBG "includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency" Schneier continued:

"The math is complicated, but the general point is that the random numbers it produces have a small bias. The problem isn't large enough to make the algorithm unusable [...] but it's cause for concern."

(For math geeks, the obligatory Wikipedia article on elliptic curve cryptography is here.)

No TrackBacks

TrackBack URL:

Leave a comment

About this Entry

This page contains a single entry by cognitivedissident published on December 17, 2007 9:58 PM.

Wil Wheaton is a writer was the previous entry in this blog.

raisins and nails is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Monthly Archives


  • About
  • Contact
OpenID accepted here Learn more about OpenID
Powered by Movable Type 5.031