[Cryptography] Curated Cryptology Compendium
Jason Cooper
cryptography at lakedaemon.net
Fri Jan 30 09:55:33 EST 2026
Hi Tony!
On Wed, Jan 28, 2026 at 04:45:27PM -0500, Tony Patti wrote:
> I have created a "Curated Cryptology Compendium" at
> https://cryptosystemsjournal.com/curated-cryptology-compendium.html
...
> I intend this to be a living project, and I'd appreciate feedback -- if you
> have additions or corrections, let's make this the best resource possible
> for the community!
Just spotted something missing, Dual-EC DRBG compromise. I'm not sure what
should be considered a canonical writeup of the incident, but here's a few to
get started:
Harvard Law Journal, "Dueling over Dual-EC DRBG: The Consequences of Corrupting
a Cryptographic Standardization Process"
https://journals.law.harvard.edu/nsj/wp-content/uploads/sites/82/2022/06/Vol13Iss2_Kostyuk-Landau_Dual-EC-DRGB.pdf
IACR, "Dual EC: A Standardized Backdoor"
https://eprint.iacr.org/2015/767.pdf
There's a slew of them, and imo, would be a great addition to the Compendium.
And more specifically, The Juniper compromise really shined a light on the
Dual-EC DRBG weakness:
https://finance.yahoo.com/news/juniper-breach-mystery-starts-clear-130016591.html
In short, Juniper used Dual-EC DRBG in their VPN gateway. Someone broke in and
changed the Q value so the attackers could leverage the backdoor.
>From the article:
> In its 2012 probe, Juniper learned that the hackers had stolen a file
> containing NetScreen’s ScreenOS source code from an engineer’s computer. The
> company didn’t realize that the hackers returned a short time later, accessed
> a server where new versions of ScreenOS were prepared before being made
> available to customers and altered the code, according to the two people
> involved in the 2015 investigation and the document. The hackers' tweak
> involved changing the Q value that the NSA algorithm used — the very same
> vulnerability that Microsoft researchers had identified years earlier. The
> hack allowed them to potentially bypass customers' encryption and eavesdrop
> on their communications.
thx,
Jason.
More information about the cryptography
mailing list