Dual_EC_DRBG Added to Windows Vista

Microsoft has added the random-number generator Dual_EC-DRBG to Windows Vista, as part of SP1. Yes, this is the same RNG that could have an NSA backdoor.

It’s not enabled by default, and my advice is to never enable it. Ever.

EDITED TO ADD (12/18): I should make this clear that the algorithm is available as a program call. It is not something that the user can enable or disable.

Posted on December 17, 2007 at 10:22 AM • 82 Comments