"Extended Random" further weakens “Dual Elliptic Curve”
NSA pays for two backdoors weakening RSA
▻http://www.reuters.com/article/2014/03/31/us-usa-security-nsa-rsa-idUSBREA2U0TY20140331
Elliptic Curve was already an NSA-sponsored random generator, but researchers at John Hopkins University now discovered Extended Random is part of the “BSafe” security toolkit which uses Elliptic Curve. RSA has not acknowledged nor declined this.
The academic researchers said it took about an hour to crack a free version of BSafe for Java using about $40,000 worth of computer equipment. It would have been 65,000 times faster in versions using Extended Random, dropping the time needed to seconds, according to Stephen Checkoway of Johns Hopkins.