Question
Well all unfortunately agree there is no perfect system, but based on the information in the public domain regarding suite B and the NSA supported
Well all unfortunately agree there is no perfect system, but based on the information in the public domain regarding suite B and the NSA supported curves approved by NIST, would you think that avoiding these completely would be a better way to at least improve the non-perfect system?
You correctly mention about using curves that are safe, but you then mention NIST P-256 as an ECC option. This curve uses the Dual_EC_DRBG pseudorandom number generator. (Bernstein et al., 2015) said the numbers that it produces as output are biased, bunking the most basic requirement(s) and also said that the NSA weakening crypto-graphic standards.
Also, a 2005 paper by (Schoenmakers at al., 2005) prepared while Dual_EC_DRBG was out for review, and which was submitted to NIST stated Our experimental results and also empirical argument show that the DEC PRG (Dual_EC_DRBG) is insecure. This paper was ignored and the standard was accepted.
Do you think imply a weakness in all ECC or just NIST curves and to others, how could this have been allowed to happen?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started