Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.
- http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/
- https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html
- https://github.com/ARPSyndicate/cvemon
- https://github.com/GrigGM/05-virt-04-docker-hw
- https://github.com/Live-Hack-CVE/CVE-2007-6755
- https://github.com/PajakAlexandre/wik-dps-tp02
- https://github.com/cdupuis/image-api
- https://github.com/fokypoky/places-list
- https://github.com/garethr/findcve
- https://github.com/garethr/snykout
- https://github.com/gatecheckdev/gatecheck
- https://github.com/jasona7/ChatCVE
- https://github.com/joelckwong/anchore
- https://github.com/valancej/anchore-five-minutes