Encryption standard tiggered by spooks

A NEW encryption standard has been rendered largely useless because security bods at the US National Security Agency might have placed a backdoor to read an documents that use it.

According to Wired , the spooks' backdoor involves a new random-number machine which is slow and badly designed.

Security expert Bruce Schneier, said the US government released a new official standard for random-number generators this year, and it will likely be followed by software and hardware developers around the world.

The standard, which was published in NIST Special Publication 800-90 contains four different approved techniques, called DRBGs, or 'Deterministic Random Bit Generators.'

One of those generators used in the standard is called Dual_EC_DRBG. NSA has been wanting security experts to use it for years.

However since 2006, the use of Dual_EC_DRBG has been questioned by those security experts who know how to use a slide rule. The random numbers it produces have a small bias which makes them a little easier to predict.

Also the algorithm has a bunch of constants which could be used to predict the output of the random-number generator after collecting just 32 bytes of its output.

No one knows what the secret numbers are, but the person who produced them probably does. According to Schneier that bloke would be working for the NSA and would know how to break any use of Dual_EC_DRBG.