Dan Shumow is a cryptographer working at Microsoft Research.

At the CRYPTO 2007 conference rump session, Dan Shumow and Niels Ferguson presented an informal paper describing a kleptographic backdoor in the NIST specified Dual_EC_DRBG cryptographically secure pseudorandom number generator.[1] The backdoor was confirmed to be real in 2013 as part of the Edward Snowden leaks.

Dan Shumow co-authored an algorithm for detecting SHA-1 collisions with Marc Stevens, prior to the demonstration of a SHA-1 collision.[2]


  1. ^ Shumow, Dan; Ferguson, Niels. "On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng" (PDF).
  2. ^ "SHAttered". shattered.io.