We know how hard it is for agencies to do their work these days. The Snowden revelations and all the related mistrust… Then researchers finally killed Dual EC. So how should they break encrypted Internet traffic to protect the people from all the various dangers out there?
We present a solution to make life easier for overworked agents. In our paper “How to manipulate curve standards: a white paper for the black hat.” we explain how to manipulate elliptic curve standardization to propose a curve that admits an exclusively known vulnerability. We show that this even works for the most restrictive curve generation procedures (i.e. Brainpool) found in standards today.
For more details see the paper or our project page.