NIST formally chops NSA-tainted random number generator

The United States National Institute of Standards and Technology (NIST) has revised its recommendations for methods used to generate random numbers, and formally removed an algorithm suspected to contain a National Security Agency (NSA) backdoor.

Former NSA contractor Edward Snowden leaked documents in 2013 that suggested the NSA wrote the dual elliptic curve deterministic random bit generator (Dual_EC_DRBG) algorithm which became part of a NIST standard in 2006.

Cryptographers feared that the involvement of the US spy agency in developing the algorithm meant encryption technology using Dual_EC_DRBG could be compromised.

Random number generation forms a cornerstone of building strong encryption; if attackers can predict which numbers are generated, they are able to unravel scrambled data.

Security and cryptography vendor RSA reacted quickly to the reports that the NSA may have deliberately weakened Dual_EC_DRBG and removed the algorithm from its products two years ago.

NIST later started an investigation into the algorithm, seeking public input on its use. In 2014, the standards agency removed Dual_EC_DRBG from its draft recommendations and made the decision permanent last week.

"The algorithm has spawned controversy because of concerns that it might contain a weakness that attackers could exploit to predict the outcome of random number generation," NIST wrote in its announcement.