If you're unfamiliar with this, here's a news article from The Guardian
I love cryptography, I find it fascinating, but Im not a professional mathematician or cryptographer, so when it emerged that the NSA had BACKDOORED the algorithm WITHOUT WEAKENING it I was interested why...
Today a very good post emerged, which explains the backdoor in a fairly easy way to understand, how it's implemented, why it's not able to properly be detected, and all without getting heavy on the maths:
http://www.lapsedordinary.net/2013/09/2 ... ptography/
It's very similar to the RSA problem of calculating primes, but using elliptic curves for this PRNG...
Summary snippet:
If the elliptic curve is large (which the one used in this NIST standard is), it will take you a long time to compute e. Think in terms of millions of years. So no one knows e and no one can know e.
No one? Well, if you simply choose a point P on the curve and choose a (very large) number e, you can use that to compute a point Q. If you then give out these P and Q to someone, they will still need a million years to compute e. But you know it.
And that’s exactly what the NSA did. They provided the P and the Q in the standard. They, as has become clear from Snowden’s documents, know e. We don’t. And we can’t even compute it.
Keep in mind though, not everyone is convinced the algorithm has been backdoored!...
http://www.wired.com/threatlevel/2013/0 ... kdoor/all/
</x-files.mp3>