Back

ⓘ Backdoor (computing)




                                     

ⓘ Backdoor (computing)

In computing, a backdoor is a way of bypassing security mechanisms to gain access to a resource that is otherwise secured. Backdoors give illegal access to an otherwise secured resource. A common example for a backdoor is the existence of default passwords which can be used to access the BIOS of a computer. Very often, special programs that run on a computer provide the functionality of a backdoor.

                                     

1. List of known backdoors in standards

  • Ron Rivests MD4 hash was found in the 2011 announcement of RFC6150 to have a backdoor
  • SHA-1 aka FIPS-180-1 was shown to be attackable in 2005 by Eli Biham and co-authors, as well as Vincent Rijmen and Elisabeth Oswald
  • SHA-0 aka FIPS-180 was withdrawn after CRYPTO 98
  • Rivests MD5 hash was shown to have several weaknesses in 1996 by Hans Dobbertin
  • the MD2 algorithm was found in the 1996 announcement of RFC6149 to have a backdoor
  • The Dual_EC_DRBG cryptographically secure pseudorandom number generator was revealed in 2013 to have a kleptographic backdoor deliberately inserted by NSA, who also had the private key to the backdoor.