1.
Only true random number generation can keep
your key safe
How the NSA circumvented what was thought
to be an unbeatable cryptographic algorithm
Blog: https://hsm.utimaco.com/news/

2.
The value of true random numbers in a cryptographic
system
RNG
Key
Generation
Algorithm
True random number
seeds are an essential.

3.
The Dual-EC-DRBG
Pseudo random number generator scheme
described in NIST SP 800-90; 2006
The weakness:
Dual_EC_DRBG appears to contain a backdoor
Certified DUAL-EC-DRBG:
http://csrc.nist.gov/groups/STM/cavp/document
s/drbg/drbgval.html

4.
How does it work?
Start on P, walk on the curve and after
e steps you find Q
Considering this large curve
parameter, it will take a huge number
of steps to compute e
If P and Q are known + considering the curve
parameter, which is given, and e is the well known
secret then its easy to figure basic of a RNG:
R= prime number
P,Q = Integer value <R
s= state of the random number generator
s’= the next star of the random number
gen.
t= random number
e=the well known secret
r=Ps (mod R)
s’=Pr (mod R)
t=Qr (mod R)
e= the secret
P= Qe (mod R)
te=(Qr)e=Qr*e=(Qe)r=Pr=s’

5.
A random number with very few surprises
In 2007, Dan Shumow
and Niels Ferguson,
two researchers
showed that, if you
know e, cracking the
pseudorandom
number generation
becomes
considerably easier.
Consequently there was an update
of the standard by NIST 2007
If you want to be FIPS 140 certified:
You have to use the given P/Q

6.
Key findings
The Answer:
CryptoServer
Hardware Security
Modules
made in Germany
•True Random Number Generator
•Switch-Over to strong German certified
RNG
•No crypto-chip with the possibility of
backdoors

7.
Learn more about
- Remote Administration
- Software Development
- Performance
- The new CSe Series
Blog: community.utimaco-service.com