{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,21]],"date-time":"2025-12-21T01:36:49Z","timestamp":1766281009850,"version":"3.41.0"},"publisher-location":"Berlin, Heidelberg","reference-count":35,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783662530177"},{"type":"electronic","value":"9783662530184"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-662-53018-4_15","type":"book-chapter","created":{"date-parts":[[2016,7,20]],"date-time":"2016-07-20T10:02:12Z","timestamp":1469008932000},"page":"403-432","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["Backdoors in Pseudorandom Number Generators: Possibility and Impossibility Results"],"prefix":"10.1007","author":[{"given":"Jean Paul","family":"Degabriele","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kenneth G.","family":"Paterson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jacob C. N.","family":"Schuldt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Joanne","family":"Woodage","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,7,21]]},"reference":[{"key":"15_CR1","unstructured":"Abeni, P., Bello, L., Bertacchini, M.: Exploiting DSA-1571: How to break PFS in SSL with EDH, July 2008"},{"key":"15_CR2","unstructured":"Ateniese, G., Magri, B., Venturi, D.: Subversion-resilient signature schemes. Cryptology ePrint Archive, Report 2015\/517 (2015). http:\/\/eprint.iacr.org\/2015\/517"},{"key":"15_CR3","unstructured":"Baign\u00e8res, T., Delerabl\u00e9e, C., Finiasz, M., Goubin, L., Lepoint, T., Rivain, M.: Trap me if you can - million dollar curve. IACR Cryptology ePrint Archive 2015:1249 (2015)"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Barak, B., Halevi, S.: A model and architecture for pseudo-random generation with applications to\/dev\/random. In: Atluri, V., Meadows, C., Juels, A. (eds.) ACM CCS 05, Alexandria, Virginia, USA, 7\u201311 November 2005, pp. 203\u2013212. ACM Press (2005)","DOI":"10.1145\/1102120.1102148"},{"key":"15_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"535","DOI":"10.1007\/978-3-540-74143-5_30","volume-title":"Advances in Cryptology - CRYPTO 2007","author":"M Bellare","year":"2007","unstructured":"Bellare, M., Boldyreva, A., O\u2019Neill, A.: Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535\u2013552. Springer, Heidelberg (2007)"},{"key":"15_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-662-44371-2_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"M Bellare","year":"2014","unstructured":"Bellare, M., Paterson, K.G., Rogaway, P.: Security of symmetric encryption against mass surveillance. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 1\u201319. Springer, Heidelberg (2014)"},{"key":"15_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/978-3-642-42045-0_18","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"DJ Bernstein","year":"2013","unstructured":"Bernstein, D.J., Chang, Y.-A., Cheng, C.-M., Chou, L.-P., Heninger, N., Lange, T., van Someren, N.: Factoring RSA keys from certified smart cards: coppersmith in the wild. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 341\u2013360. Springer, Heidelberg (2013)"},{"key":"15_CR8","unstructured":"Bernstein, D.J., Chou, T., Chuengsatiansup, C., H\u00fclsing, A., Lange, T., Niederhagen, R., van Vredendaal, C.: How to manipulate curve standards: a white paper for the black hat. Cryptology ePrint Archive, Report 2014\/571 (2014). http:\/\/eprint.iacr.org\/2014\/571"},{"key":"15_CR9","doi-asserted-by":"crossref","unstructured":"Bernstein, D.J., Hamburg, M., Krasnova, A., Lange, T.: Elligator: elliptic-curve points indistinguishable from uniformrandom strings. In: Sadeghi, A.-R. et al. [29], pp. 967\u2013980","DOI":"10.1145\/2508859.2516734"},{"key":"15_CR10","unstructured":"Brown, D.R.L.: A weak-randomizer attack on RSA-OAEP with e = 3. Cryptology ePrint Archive, Report 2005\/189 (2005). http:\/\/eprint.iacr.org\/2005\/189"},{"key":"15_CR11","unstructured":"Checkoway, S., Niederhagen, R., Everspaugh, A., Green, M., Lange, T., Ristenpart, T., Bernstein, D.J., Maskiewicz, J., Shacham, H., Fredrikson, M.: On the practical exploitability of dual EC in TLS implementations. In: Fu, K., Jung, J. (eds.) Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, 20\u201322 August 2014, pp. 319\u2013335. USENIX Association (2014)"},{"key":"15_CR12","doi-asserted-by":"crossref","unstructured":"Cornejo, M., Ruhault, S.: Characterization of real-life PRNGs under partial state corruption. In: Ahn, G.-J., Yung, M., Li, N. (eds.) ACM CCS 14, Scottsdale, AZ, USA, 3\u20137 November 2014, pp. 1004\u20131015. ACM Press (2014)","DOI":"10.1145\/2660267.2660377"},{"key":"15_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"579","DOI":"10.1007\/978-3-662-48116-5_28","volume-title":"Fast Software Encryption","author":"JP Degabriele","year":"2015","unstructured":"Degabriele, J.P., Farshim, P., Poettering, B.: A more cautious approach to security against mass surveillance. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 579\u2013598. Springer, Heidelberg (2015)"},{"key":"15_CR14","unstructured":"Degabriele, J.P., Paterson, K.G., Schuldt, J.C.N., Woodage, J.: Backdoors in pseudorandom number generators: possibility andimpossibility results. Cryptology ePrint Archive, Report 2016\/577 (2016). http:\/\/eprint.iacr.org\/2016\/577"},{"key":"15_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1007\/978-3-662-46800-5_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"Y Dodis","year":"2015","unstructured":"Dodis, Y., Ganesh, C., Golovnev, A., Juels, A., Ristenpart, T.: A formal treatment of backdoored pseudorandom generators. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 101\u2013126. Springer, Heidelberg (2015)"},{"key":"15_CR16","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Ong, S.J., Prabhakaran, M., Sahai, A.: On the (im)possibility of cryptography with imperfect randomness. In: 45th FOCS, Rome, Italy, 17\u201319 October 2004, pp. 196\u2013205. IEEE Computer Society Press (2004)","DOI":"10.1109\/FOCS.2004.44"},{"key":"15_CR17","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Pointcheval, D., Ruhault, S., Vergnaud, D., Wichs, D.: Security analysis of pseudo-random number generators with input: \/dev\/random is not robust. In: Sadeghi, A.-R., et al. [29], pp. 647\u2013658","DOI":"10.1145\/2508859.2516653"},{"key":"15_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1007\/978-3-662-44381-1_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"Y Dodis","year":"2014","unstructured":"Dodis, Y., Shamir, A., Stephens-Davidowitz, N., Wichs, D.: How to eat your entropy and have it too \u2013 optimal recovery strategies for compromised RNGs. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part II. LNCS, vol. 8617, pp. 37\u201354. Springer, Heidelberg (2014)"},{"issue":"1","key":"15_CR19","first-page":"66","volume":"21","author":"I Goldberg","year":"1996","unstructured":"Goldberg, I., Wagner, D.: Randomness and the Netscape browser. Dr Dobb\u2019s J.-Softw. Tools Prof. Programmer 21(1), 66\u201371 (1996)","journal-title":"Dr Dobb\u2019s J.-Softw. Tools Prof. Programmer"},{"key":"15_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1007\/978-3-642-25385-0_4","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2011","author":"B Hemenway","year":"2011","unstructured":"Hemenway, B., Libert, B., Ostrovsky, R., Vergnaud, D.: Lossy encryption: constructions from general assumptions and efficient selective opening chosen ciphertext security. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 70\u201388. Springer, Heidelberg (2011)"},{"key":"15_CR21","unstructured":"Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A.: Mining your Ps, Qs: detection of widespread weak keys in network devices. In: Kohno, T. (ed.) Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, 8\u201310 August 2012, pp. 205\u2013220. USENIX Association (2012)"},{"key":"15_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"626","DOI":"10.1007\/978-3-642-32009-5_37","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"AK Lenstra","year":"2012","unstructured":"Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Public keys. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 626\u2013642. Springer, Heidelberg (2012)"},{"key":"15_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"657","DOI":"10.1007\/978-3-662-46803-6_22","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"I Mironov","year":"2015","unstructured":"Mironov, I., Stephens-Davidowitz, N.: Cryptographic reverse firewalls. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 657\u2013686. Springer, Heidelberg (2015)"},{"key":"15_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1007\/978-3-540-30108-0_21","volume-title":"Computer Security \u2013 ESORICS 2004","author":"B M\u00f6ller","year":"2004","unstructured":"M\u00f6ller, B.: A public-key encryption scheme with pseudo-random ciphertexts. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 335\u2013351. Springer, Heidelberg (2004)"},{"key":"15_CR25","unstructured":"Mueller, M.: Debian OpenSSL predictable PRNG bruteforce SSH exploit, May 2008"},{"key":"15_CR26","unstructured":"Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. In: Ladner, R.E., Dwork, C. (eds.) 40th ACM STOC, Victoria, British Columbia, Canada, 17\u201320 May 2008, pp. 187\u2013196. ACM Press (2008)"},{"key":"15_CR27","unstructured":"Ristenpart, T., Yilek, S.: When good randomness goes bad: virtual machine reset vulnerabilities and hedging deployed cryptography. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2010, San Diego, California, USA, 28 February\u20133 March 2010. The Internet Society (2010)"},{"key":"15_CR28","unstructured":"Russell, A., Tang, Q., Yung, M., Zhou, H.-S.: Cliptography: clipping the power of kleptographic attacks. Cryptology ePrint Archive, Report 2015\/695 (2015). http:\/\/eprint.iacr.org\/2015\/695"},{"key":"15_CR29","unstructured":"Sadeghi, A.-R., Gligor, V.D., Yung, M. (eds.) ACM CCS 13, Berlin, Germany, 4\u20138 November 2013. ACM Press (2013)"},{"key":"15_CR30","unstructured":"Shumow, D., Ferguson, N.: On the possibility of a back door in the NIST SP800-90 Dual EC PRNG. Presentation at rump session of CRYPTO 2007 (2007)"},{"key":"15_CR31","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1007\/978-1-4684-4730-9_5","volume-title":"Advances in Cryptology","author":"Gustavus J. Simmons","year":"1984","unstructured":"Simmons, G.J.: The prisoners\u2019 problem and the subliminal channel. In: Chaum, D. (ed.) CRYPTO 1983, Santa Barbara, CA, USA, pp. 51\u201367. Plenum Press, New York (1983)"},{"key":"15_CR32","doi-asserted-by":"crossref","unstructured":"Vazirani, U.V., Vazirani, V.V.: Trapdoor pseudo-random number generators, with applications to protocol design. In: 24th Annual Symposium on Foundations of Computer Science, Tucson, Arizona, USA, 7\u20139 November 1983, pp. 23\u201330. IEEE Computer Society (1983)","DOI":"10.1109\/SFCS.1983.78"},{"key":"15_CR33","doi-asserted-by":"crossref","unstructured":"Yilek, S., Rescorla, E., Shacham, H., Enright, B., Savage, S., When private keys are public: results from the 2008 Debian OpenSSL vulnerability. In: Feldmann, A., Mathy, L. (eds.) Proceedings of the 9th ACM SIGCOMM Internet Measurement Conference, IMC 2009, Chicago, Illinois, USA, 4\u20136 November 2009, pp. 15\u201327. ACM (2009)","DOI":"10.1145\/1644893.1644896"},{"key":"15_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/3-540-69053-0_6","volume-title":"Advances in Cryptology - EUROCRYPT \u201997","author":"A Young","year":"1997","unstructured":"Young, A., Yung, M.: Kleptography: using cryptography against cryptography. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 62\u201374. Springer, Heidelberg (1997)"},{"key":"15_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-30598-9_2","volume-title":"Security in Communication Networks","author":"A Young","year":"2005","unstructured":"Young, A., Yung, M.: Relationships between Diffie-Hellman and \u201cindex oracles\u201d. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 16\u201332. Springer, Heidelberg (2005)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2016"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-53018-4_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,4]],"date-time":"2025-06-04T03:00:37Z","timestamp":1749006037000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-53018-4_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783662530177","9783662530184"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-53018-4_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"21 July 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 August 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 August 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"36","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}