2013/12/30

How did the NSA hack our emails? by Numberphile

I like to see the numberphile videos as often as they appear. I find them very interesting, but I didn't share before in this blog. This time is different.

They have talk about a field that likes me very much: elliptic curves (and a pseudorandom number generator made with them, the Dual_EC_DRBG), and the greatest point is that they have summarized in 11 minutes in a wonderful elegance:


But they have not only provide an explanation for not initiated, they have pointed the key of the weakness that could have been introduced.

Update: To often I forget to write the title of a post...

Update 20140116: For further reading, I stumbled a post with a proof of concept about how this affects all the users of this algorithm. It is still a suspicion that 'P' and 'Q' has been chosen from a known 'd' and no one has calculate it, but it is that: suspicious. If you are impatient (suppose not because you are at the end of this post) or you don't wanna see into the maths, go direct to the conclusions of the post.

No comments: