Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Elliptic-curve cryptography
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Security concerns === In 2013, ''[[The New York Times]]'' stated that [[Dual EC DRBG|Dual Elliptic Curve Deterministic Random Bit Generation]] (or Dual_EC_DRBG) had been included as a NIST national standard due to the influence of [[NSA]], which had included a deliberate weakness in the algorithm and the recommended elliptic curve.<ref>{{cite news |last1=Perlroth|first1=Nicole|last2=Larson|first2=Jeff|last3=Shane|first3=Scott |title=N.S.A. Able to Foil Basic Safeguards of Privacy on Web |url=https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html |archive-url=https://ghostarchive.org/archive/20220101/https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html |archive-date=2022-01-01 |url-access=limited |access-date=28 October 2018 |newspaper=New York Times |date=2013-09-05}}{{cbignore}}</ref> [[RSA Security]] in September 2013 issued an advisory recommending that its customers discontinue using any software based on Dual_EC_DRBG.<ref>Kim Zetter, [https://www.wired.com/threatlevel/2013/09/rsa-advisory-nsa-algorithm/ RSA Tells Its Developer Customers: Stop Using NSA-Linked Algorithm] ''[[Wired (magazine)|Wired]]'', 19 September 2013. "Recommending against the use of SP 800-90A Dual Elliptic Curve Deterministic Random Bit Generation: NIST strongly recommends that, pending the resolution of the security concerns and the re-issuance of SP 800-90A, the Dual_EC_DRBG, as specified in the January 2012 version of SP 800-90A, no longer be used."</ref><ref>{{cite web|url=http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-90-A+Rev+1+B+and+C|title=Search β CSRC|website=csrc.nist.gov}}</ref> In the wake of the exposure of Dual_EC_DRBG as "an NSA undercover operation", cryptography experts have also expressed concern over the security of the NIST recommended elliptic curves,<ref>[[Bruce Schneier]] (5 September) "I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry." See [http://it.slashdot.org/firehose.pl?op=view&type=story&sid=13/09/11/1224252 Are the NIST Standard Elliptic Curves Back-doored?], ''[[Slashdot]]'', 11 September 2013.</ref> suggesting a return to encryption based on non-elliptic-curve groups. {{further|#Quantum computing attack}} Additionally, in August 2015, the NSA announced that it plans to replace Suite B with a new cipher suite due to concerns about [[quantum computing]] attacks on ECC.<ref name="nsaquantum" /><ref name=nsaQCfaq>[https://cryptome.org/2016/01/CNSA-Suite-and-Quantum-Computing-FAQ.pdf Commercial National Security Algorithm Suite and Quantum Computing FAQ] U.S. National Security Agency, January 2016.</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)