Dan Shumow
{{Multiple issues|
{{BLP sources|date=January 2017}}
{{Notability|1=Biographies|date=June 2023}}
}}
Dan Shumow is a cryptographer working at Microsoft Research.
At the CRYPTO 2007 conference rump session, Dan Shumow and Niels Ferguson presented an informal paper describing a kleptographic backdoor in the NIST specified Dual_EC_DRBG cryptographically secure pseudorandom number generator.{{cite web|url=http://rump2007.cr.yp.to/15-shumow.pdf |title=On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng |first1=Dan |last1=Shumow |first2=Niels |last2=Ferguson }} The backdoor was confirmed to be real in 2013 as part of the Edward Snowden leaks.
Dan Shumow co-authored an algorithm for detecting SHA-1 collisions with Marc Stevens, prior to the demonstration of a SHA-1 collision.{{Cite web|url=http://shattered.io/|title=SHAttered|website=shattered.io}}
In 2024, Dan Shumow co-authored a paper{{cite web |title=blastradius attack |url=https://www.blastradius.fail/}} described an attack against the RADIUS protocol, allowing a man-in-the-middle able between client and server to forge a valid protocol accept message in response to a failed authentication request.
References
{{Reflist}}
External links
- [http://research.microsoft.com/en-us/people/danshu/ Dan Shumow] - Microsoft Research
{{Microsoft Research}}
{{DEFAULTSORT:Shumow, Dan}}
Category:Modern cryptographers
Category:Year of birth missing (living people)
Category:Place of birth missing (living people)
Category:Microsoft Research people
{{crypto-bio-stub}}