Bruce Schneierin his blog about a possible backdoor in Dual_EC_DRBG. As I'm no security expert its difficult/impossible to follow all security discussions. I don't have the time and the knowledge.
One commenter maid a good point:
most of the programmers don't have crypto background and will just get the algorithm, test cases and go on implementing it
Probably the only thing I'm able to do about this is to use only a hand full of security programs and select very carefully one of the possible algorithm they provide.
But what is with the programs I have to use e.g. bank access. Are I'm now getting paranoid?
Abonnieren
Kommentare zum Post (Atom)
Keine Kommentare:
Kommentar veröffentlichen