Hacker News new | past | comments | ask | show | jobs | submit login

Yes, why pay $10M for something that could be accomplished with "Hey this is better, you guys should switch. Here's why"



Because it's really hard to argue in favor of that particular RNG. It's kludgy, it's slow, the quality of the numbers out of it— by basic RNG tests— are not very good.

They could have tried to suggest all other options were weak for secret reasons but that seems like a pretty big risk.


I thought the whole point here was that Dual EC DRBG was clearly better at the time.

We made the decision to use Dual EC DRBG as the default in BSAFE toolkits in 2004, in the context of an industry-wide effort to develop newer, stronger methods of encryption. At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption.


Clarification: The argument was not that it was clearly better, but that RSA believed the NSA could be trusted to have good intentions. This makes changing a bit more suspicious, but i guess the argument is that it wasn't suspicious enough to... reject $10M?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: