Isn't the Dual EC implementation in OpenSSL broken anyways?
http://nakedsecurity.sophos.com/2013/12/22/the-openssl-software-bug-that-saves-you-from-surveillance/From TFA:
With this in mind, experts have been wondering how much software out there in the real world is using the Dual EC DRBG, and potentially vulnerable to cryptographic manipulation as a result.
OpenSSL, for example, one of the most widely-used encryption libraries, implements all four of the SP800-90A algorithms, ironically as part of achieving what is known as FIPS 140-2 certification.
And here is the happy ending.
Despite passing FIPS 140-2 tests many times over the years, the OpenSSL implementation of Dual EC DRBG is buggy.
Not just buggy, but totally broken and busted.
Simply put, it cannot be made to work in real-world software, and the fact that it has taken years for anyone to notice makes it reasonable to assume that no real-world software has ever even bothered to use it.
In the words of the OpenSSL Foundation itself, "We have no plans to fix this bug."
