乱数発生モジュールDual EC_DRBGがOpenSSLの致命的なバグとなる?
下記の記事が出ている。
NSA's broken Dual_EC random number generator has a “fatal bug” in OpenSSL
ars technica: December 20, 2013
http://arstechnica.com/security/2013/12/nsas-broken-dual_ec-random-number-generator-has-a-fatal-bug-in-openssl/
Report: NSA paid RSA to make flawed crypto algorithm the default
ars technica: December 21, 2013
http://arstechnica.com/security/2013/12/report-nsa-paid-rsa-to-make-flawed-crypto-algorithm-the-default/
Critics: NSA agent co-chairing key crypto standards body should be removed
ars technica: December 21, 2013
http://arstechnica.com/security/2013/12/critics-nsa-agent-co-chairing-key-crypto-standards-body-should-be-removed/
[追記:2013年12月24日]
関連記事を追加する。
RSA issues non-denying denial of NSA deal to favor flawed crypto code
ars trechnica: December 24, 2013
http://arstechnica.com/security/2013/12/rsa-issues-non-denying-denial-of-nsa-deal-to-favor-flawed-crypto-code/
[追記:2014年1月7日]
関連記事を追加する。
How the NSA (may have) put a backdoor in RSA’s cryptography: A technical primer
ars technica: January 6, 2014
http://arstechnica.com/security/2014/01/how-the-nsa-may-have-put-a-backdoor-in-rsas-cryptography-a-technical-primer/
| 固定リンク
コメント