Ich lach mich tot:<\/p>\n
http:\/\/www.heise.de\/newsticker\/meldung\/OpenSSL-mit-kaputter-Hintertuer-2072370.html<\/p>\n
Die Open-Source-Bibliothek f\u00fcr Krypto-Funktionen OpenSSL enth\u00e4lt auch eine Implementierung des Pseudo-Zufallszahlen-Generators \"Dual EC DRBG\" \u2013 das ist der mit der NSA-Backdoor. Dummerweise enthielt diese Implementierung einen Fehler, der dazu f\u00fchrt, dass die Funktion keine Zufallszahlen ausspuckt, sondern nur einen Fehler. Der Generator hat also \u00fcber Jahre hinweg nie funktioniert \u2013 und niemand hat es gemerkt, weil niemand ihn verwendet hat. <\/p><\/blockquote>\n
http:\/\/www.wired.com\/politics\/security\/commentary\/securitymatters\/2007\/11\/securitymatters_1115<\/p>\n
This is how it works: There are a bunch of constants -- fixed numbers -- in the standard used to define the algorithm's elliptic curve. These constants are listed in Appendix A of the NIST publication, but nowhere is it explained where they came from.<\/p>\n
What Shumow and Ferguson showed is that these numbers have a relationship with a second, secret set of numbers that can act as a kind of skeleton key. If you know the secret numbers, you can predict the output of the random-number generator after collecting just 32 bytes of its output. To put that in real terms, you only need to monitor one TLS internet encryption connection in order to crack the security of that protocol. If you know the secret numbers, you can completely break any instantiation of Dual_EC_DRBG. <\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"
Ich lach mich tot: http:\/\/www.heise.de\/newsticker\/meldung\/OpenSSL-mit-kaputter-Hintertuer-2072370.html Die Open-Source-Bibliothek f\u00fcr Krypto-Funktionen OpenSSL enth\u00e4lt auch eine Implementierung des Pseudo-Zufallszahlen-Generators \"Dual EC DRBG\" \u2013 das ist der mit der NSA-Backdoor. Dummerweise enthielt diese Implementierung einen Fehler, der dazu f\u00fchrt, dass die Funktion keine Zufallszahlen ausspuckt, sondern nur einen Fehler. Der Generator hat also \u00fcber Jahre hinweg nie funktioniert \u2013 […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1897","post","type-post","status-publish","format-standard","hentry","category-allgemein"],"_links":{"self":[{"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=\/wp\/v2\/posts\/1897","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1897"}],"version-history":[{"count":4,"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=\/wp\/v2\/posts\/1897\/revisions"}],"predecessor-version":[{"id":1900,"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=\/wp\/v2\/posts\/1897\/revisions\/1900"}],"wp:attachment":[{"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1897"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1897"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/roboblog.fatal-fury.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1897"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}