[cryptography] Dual EC backdoor was patented by Certicom?
kevinsisco61784 at gmail.com
Sun Jun 15 12:20:22 EDT 2014
On 6/15/2014 9:13 AM, ianG wrote:
> In what is now a long running saga, we have more news on the DUAL_EC
> backdoor injected into the standards processes. In a rather unusual
> twist, it appears that Certicom's Dan Brown and Scott Vanstone attempted
> to patent the backdoor in Dual EC in or around January of 2005. From
> Tanja Lange & DJB:
> ... It has therefore been identified by the applicant that this
> method potentially possesses a trapdoor, whereby standardizers or
> implementers of the algorithm may possess a piece of information with
> which they can use a single output and an instantiation of the RNG to
> determine all future states and output of the RNG, thereby completely
> compromising its security.
> The provisional patent application also describes ideas of how to make
> random numbers available to "trusted law enforcement agents" or other
> "escrow administrators".
> This appears to be before ANSI/NIST finished standardising DUAL_EC as a
> RNG, that is, during the process. What is also curious is that Dan
> Brown is highly active in the IETF working groups for crypto, adding
> weight to the claim that the IETF security area is corrupted.
> Obviously one question arises -- is this a conspiracy between Certicom,
> NSA and NIST to push out a backdoor? Or is this just the normal
> incompetent-in-hindsight operations of the military-industrial-standards
> It's an important if conspiratorial question because we want to document
> the modus operandi of a spook intervention into a standards process.
> We'll have to wait for more facts; the participants will simply deny.
> One curious fact, the NSA recommended *against* a secrecy order for the
> What I'm more curious about today is Certicom's actions. What is the
> benefit to society and their customers in patenting a backdoor? How can
> they benefit in a way that aligns the interests of the Internet with the
> interests of their customers?
> Or is this impossible to reconcile? If Certicom is patenting backdoors,
> the only plausible way I can think of this is that it intends to wield
> backdoors. Which means spying and hacking. Certicom is now engaged in
> the business of spying on ... customers? Foreign governments?
> In contrast, I would have said that Certicom's responsibility as a
> participant in Internet security is to declare and damn an exploit, not
> bury it in a submarine patent.
> If so, what idiot in Certicom's board put it on the path of becoming the
> Crypto AG of the 21st century?
> If so, Certicom is now on the international blacklist of shame. Until
> questions are answered, do no business with them. Certicom have
> breached the sacred trust of trade -- to operate in the interests of
> their customers.
> cryptography mailing list
> cryptography at randombit.net
Uh, I'm sorry but this is not the first time we've seen something like
this and I seriously doubt it will be the last. Is it wise to point
fingers and start using conspiratorial statements?
More information about the cryptography