Topics

On Random Bit Generation Algorithm Dual_EC_DRBG

Nov 6, 2013
The Ministry of Internal Affairs and Communications
The Ministry of Economy, Trade and Industry
National Institute of Information and Communications Technology
Information-technology Promotion Agency, Japan

National Institute of Standards and Technology (NIST) of USA published the following statement on September 2013, in response to the security concern on the random bit generation algorithm Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generation) included in NIST Special Publication (SP) 800-90/90A and ANS X9.82.
http://csrc.nist.gov/publications/nistbul/itlbul2013_09_supplemental.pdf

  • Recommending against the use of SP 800-90A Dual Elliptic Curve Deterministic Random Bit Generation: NIST strongly recommends that, pending the resolution of the security concerns and the re-issuance of SP 800-90A, the Dual_EC_DRBG, as specified in the January 2012 version of SP 800-90A, no longer be used.
  • Re-issuing SP 800-90A as a draft for public comment: Effective immediately, NIST Special Publication 800-90A is being re-issued as a draft for public comment for a period ending November 6, 2013. Any concerns or recommendations for improvement regarding the Recommendation for Random Number Generation Using Deterministic Random Bit Generators are solicited
    (http://csrc.nist.gov/publications/PubsDrafts.html). NIST will review, analyze, and adjudicate all comments received during this 60 day period.
  • Reopening the Public Comment Period for SP 800-90B and 800-90C: NIST is reopening the drafts of SP 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation, and SP 800-90C, Recommendation for Random Bit Generator (RBG) Constructions, for additional review, even though the documents have not been changed since their public review last year. The public comment period for these drafts will also close on November 6, 2013.

Dual_EC_DRBG is not included in neither the e-Government Ciphers List published in 2003 nor the CRYPTREC Ciphers List published in 2013. However, we will continue monitoring and provision of information on this matter.

If you have any opinions, comments, or inquiries about these reports, please contact us at the following address.
CRYPTREC Secretariat
E-mail: mail address