[Cryptography] Opening Discussion: Speculation on "BULLRUN"

Perry E. Metzger perry at piermont.com
Thu Sep 5 16:57:51 EDT 2013


On Thu, 5 Sep 2013 16:53:15 -0400 "Perry E. Metzger"
<perry at piermont.com> wrote:
> > Classified N.S.A. memos appear to confirm that the fatal
> > weakness, discovered by two Microsoft cryptographers in 2007, was
> > engineered by the agency. The N.S.A. wrote the standard and
> > aggressively pushed it on the international group, privately
> > calling the effort “a challenge in finesse.”
> > 
> > “Eventually, N.S.A. became the sole editor,” the memo says."
> > 
> > Anyone recognize the standard?
> 
> Please say it aloud. (I personally don't recognize the standard
> offhand, but my memory is poor that way.)

There is now some speculation in places like twitter that this refers
to Dual_EC_DRBG though I was not aware that was widely enough deployed
to make a huge difference here, and am not sure which international
group is being mentioned. I would be interested in confirmation.

Perry
-- 
Perry E. Metzger		perry at piermont.com


More information about the cryptography mailing list