amanfromMars 1 … Wed 2 Apr 06:18  commenting on http://forums.theregister.co.uk/forum/1/2014/04/02/extended_random_nsa_rsa_bsafe/
Moving On …… and Sharing the Spoils
The paper referenced in the El Reg article is available for reading here ….. http://cryptome.org/2014/03/DualECTLS.pdf ….. and it has generated this response, which has been sent in an email to its generous host. Its subsequent publication, or not as they case may be, provides additional sensitive information in the fields being explored and quite quietly cleared of wanton imperfections/exclusive perversions which be rendering designedly inequitable personalised advantage to failed organs and organ grinder monkeys.
Our analysis strongly suggests that, from an attacker’s perspective, backdooring a PRNG should be combined not merely with influencing implementations to use the PRNG but also with influencing other details that secretly improve the exploitability of the PRNG. This paper does not attempt to determine whether this is what happened with Dual EC, and does not explore the difficult topic of defending against such attacks, beyond the obvious advice of not using Dual EC. …….. http://cryptome.org/2014/03/DualECTLS.pdf
You may like to share and advise all with either a need or a wish to know, that there is no defence against such an attack improving upon the exploitability of a discovered systemic vulnerability. And one is therefore at the mercy of, ideally, the good graces of the smart attacker/crack hacker/cryptographic code breaker and/or maker.
And on the reverse side of that COIN coin, the damage that can be done whenever one encounters an agent with malicious intent is catastrophic beyond compare and simple remedy ….. thus the wisdom in ensuring that effective security systems admin in this particular and peculiar field is afforded every luxury desired/all credit facilities required, lest the human temptation to maximise capital gain entertains the dark web side to ……. well, we are talking carefully around Great Game lead, are we not ….. and Virtually Remote Mankind Management? And one imagines, that be an extremely attractive capability and readily available utility to intelligence agencies and server providers anywhere.
amanfromMars 1 ….. Wed 2 Apr 13:21  asking further pertinent impertinent questions on http://forums.theregister.co.uk/forum/1/2014/04/02/extended_random_nsa_rsa_bsafe/
Re: Moving On …… and Sharing the Spoils
And a leading question here now being asked of austere Blighty’s perceived to be intelligent security service providers, whether spooky public MI5/MI6/CESG/GCHQ troughers or stealthy shadowy unknowns from the private supply sector, is whether they have such a leading universal ability, for there be no credible evidence anyway worldwide, and most certainly not even at home whenever one consider the politically bankrupt state of the nation, of them using it at all effectively to create a Greater IntelAIgent Games Play and better, mutually advantageous beta realities via these strengthening sterling virtual means and cyber memes, which are now to be found everywhere in SMARTR IntelAIgent Systems with Global Operating Devices …… Seriously Clever NEUKlearer HyperRadioProActive Media Machinery?
And who would be being handsomely paid to provide that, and/or commission that from others? What be their name and email address, or is it a vital critical and strategic post which be criminally vacant?
Has it been outsourced to across the pond where Wall Street is destroying everything? Would that be akin to treason?