soft backdoors: ECDSA vs RSA vs EdDSA (aka EC Schnorr) (Re: BlueHat v13 crypto talks - request for leaks ; ))
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Dec 21 12:58:49 PST 2013
Adam Back <adam at cypherspace.org> writes:
>Maybe this DSA flaw spotted by Bleichenbacker was another NSA soft-sabotage
>attempt (making standards security brittle in the knowledge that it some
>people will fail to harden it,
It wasn't "some people", it was almost every implementation at the time. When
the standard very clearly says "do, X, Y, Z" then everyone sits down and
implements X, Y, and Z exactly as written (well, except for professional
paranoids who build in extra safety margins :-). So if it was deliberately
weakened then it was a very successful weakening.
Peter.
More information about the cypherpunks
mailing list