Formal NIST recommendation for Dual_EC_DRBG to be withdrawn

The National Institute of Standards and Technology (NIST) has announced that it is set to remove the Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG) algorithm from its guidance on random number generators.

NIST will conduct a final round of public comments on a new draft of its Recommendation for Random Number Generation Using Deterministic Random Bit Generators (PDF), before codifying its standing recommendation to avoid the use of Dual_EC_DRBG where possible.

"NIST recommends that current users of Dual_EC_DRBG transition to one of the three remaining approved algorithms as quickly as possible," NIST said in its announcement.

NIST said that it took the decision to remove Dual_EC_DRBG after a period of public comment and review.

The reissuing of its random number generation recommendation will complete a process that NIST began in September of last year following reports from The New York Times that the NSA had worked to backdoor Dual_EC_DRBG.

In December, accusations that RSA had received US$10m to default the flawed Dual_EC_DRBG algorithm in its products were made.

"RSA, as a security company, never divulges details of customer engagements, but we also categorically state that we have never entered into any contract or engaged in any project with the intention of weakening RSA's products, or introducing potential 'backdoors' into our products for anyone's use," RSA said at the time.

In September 2013, RSA had advised its customers to move away from using Dual_EC_DRBG.

Public comment on the NIST draft will close on May 23