Exploit a backdoor in an elliptic curve based PRNG
It is interesting to note that in this case (and the FIPS standard),
P is a generator point for P-256, so if
Q lies on the curve P-256 then there must exist some
d such that
dQ = P. In other words, for all Dual_EC implementations where
P is a generator, the backdoor exists.
Hello there, Can you suggest a good python library for EC arithmetics ?
ecdsa library should work just fine for doing EC arithmetic.
$ pip install ecdsa.