[funsec] More stuff to worry about random number generators:

Dude VanWinkle dudevanwinkle at gmail.com
Mon Dec 17 15:23:14 CST 2007


via bruce: http://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_ad.html

Dual_EC_DRBG Added to Windows Vista

Microsoft has added the random-number generator Dual_EC-DRBG to
Windows Vista, as part of SP1. Yes, this is the same RNG that could
have an NSA backdoor.

It's not enabled by default, and my advice is to never enable it. Ever.

ref: http://technet2.microsoft.com/WindowsVista/en/library/417467e7-7845-46d4-85f1-dd471fbc0de91033.mspx?mfr=true

ref: http://technet2.microsoft.com/WindowsVista/en/library/417467e7-7845-46d4-85f1-dd471fbc0de91033.mspx?mfr=true

---------------------------------------

great...

-JP


More information about the funsec mailing list