SP1 for Vista contains something fishy!

06 Feb

Microsoft has†added a random number generator to the deployed†service-pack for Windows Vista. This generator is called Dual_EC-DRBG, which is one of three types of random number generators standardised by NIST last year (click here). The generator is not enabled by default, and it’s not clear whether or not the user can enable it!

Adding this specific generator to Vista is somewhat fishy!
Not only because that this elliptic curve based generator is much slower than the other two types, but because it may has a backdoor for the NSA which designed it at the first place!
And I think it’s needless to say what the NSA is and what authority it has..

Bruce Schneier, the Information Security expert, talked about†his concerns†regarding this†issue months ago!

Some of you may ask, how important these generators are anyway?
Well, to answer that, let me borrow Bruce’s words on this:
Random numbers are critical for cryptography:
for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. Break the random-number generator, and most of the time you break the entire security system. Which is why you should worry about a new random-number standard that includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency.

To read Bruce’s article,†click here.
For more about the SP1,†click


Leave a Reply

To use reCAPTCHA you must get an API key from