NIST drops NSA-backed random number generator
In response to public concerns about cryptographic security, the National Institute of Standards and Technology has dropped Dual_EC_DRBG from its list of recommended algorithms for generating the random numbers needed to create secure cryptographic keys for encrypting data.
In its updated guidelines on mechanisms for reliably generating random numbers, NIST said it removed support for Dual_EC_DRBG because of concerns that it might contain a weakness that attackers could exploit to predict the outcome of random number generation.
Because Dual_EC_DRBG was proposed as a standard by the National Security Agency, some thought the NSA may have intentionally weakened it “to allow the agency to access communications protected by products that use Dual_EC,” according to ThreatPost.
NIST continues to recommend the other three algorithms that were included in the previous version of the Recommendation document, which was released in early 2012.
The revised version also contains several other notable changes, according to NIST. One allows additional options for the use of the CTR_DRBG random number algorithm. Another change recommends reintroducing randomness into deterministic algorithms as often as it is practical, because refreshing them provides additional protection against attack. The document also includes a link to examples that can help developers implement the SP 800-90A random number generators correctly.
The updated document, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, is available here.
Connect with the GCN staff on Twitter @GCNtech.