Microsoft is to implement a random number generator in Windows Vista Service Pack 1 which has a known flaw, described by security researchers as a 'back door'. The weakness could, at worst, allow an unknown attacker to decrypt EFS-protected data and SSL sessions such as used for internet banking and World of Warcraft logons.
It's not all doom and gloom, however: the flawed RNG will be bundled with a second, more reliable version which will be selected by default. It does make you wonder why Microsoft have bothered implementing the flawed version, known as Dual_EC_DRBG, at all.
The algorithm, approved by the American National Institute of Standards and Technology (which, for you paranoiacs out there, works closely with the No Such Agency), is based on elliptic-curve mathematics and uses a set of constants to 'seed' the generation. It has been determined by security researchers Dan Shumow and Niels Ferguson that these constants have a special relationship to a second, secret set of numbers.
In theory, anyone who has the second set can determine what 'random' number the algorithm will pop out at any given time. Which has cryptologists such as Bruce Schneier suitably worried.
By default Vista SP1 will use the CTR_DBG algorithm (based on the Advanced Encryption Standard) which is thought to be more secure than the possibly-backdoored Dual_EC_DRBG. As a result, a developer would actually have to make a concious effort to use the possibly-insecure algorithm and thus put the security of encrypted data at risk.
Still, it's a disquieting thought that the heart of any system designed to offer users privacy could have such a major flaw and still get shipped to end-users.
Thinking about keeping your encrypted data off-net in a locked vault, or is this a load of paranoiacs flapping over nothing? Let us know via the forums.
It's not all doom and gloom, however: the flawed RNG will be bundled with a second, more reliable version which will be selected by default. It does make you wonder why Microsoft have bothered implementing the flawed version, known as Dual_EC_DRBG, at all.
The algorithm, approved by the American National Institute of Standards and Technology (which, for you paranoiacs out there, works closely with the No Such Agency), is based on elliptic-curve mathematics and uses a set of constants to 'seed' the generation. It has been determined by security researchers Dan Shumow and Niels Ferguson that these constants have a special relationship to a second, secret set of numbers.
In theory, anyone who has the second set can determine what 'random' number the algorithm will pop out at any given time. Which has cryptologists such as Bruce Schneier suitably worried.
By default Vista SP1 will use the CTR_DBG algorithm (based on the Advanced Encryption Standard) which is thought to be more secure than the possibly-backdoored Dual_EC_DRBG. As a result, a developer would actually have to make a concious effort to use the possibly-insecure algorithm and thus put the security of encrypted data at risk.
Still, it's a disquieting thought that the heart of any system designed to offer users privacy could have such a major flaw and still get shipped to end-users.
Thinking about keeping your encrypted data off-net in a locked vault, or is this a load of paranoiacs flapping over nothing? Let us know via the forums.
RELATED ARTICLES
MSI MPG Velox 100R Chassis Review
October 14 2021 | 15:04
Want to comment? Please log in.