Feeds

NIST denies it weakened its encryption standard to please the NSA

Bruce Schneier tells agency its credibility is shot

Internet Security Threat Report 2014

The US National Institute of Standards and Technology (NIST) has vehemently denied accusations that it deliberately weakened encryption standards to help the NSA's monitoring activities.

"We want to assure the IT cybersecurity community that the transparent, public process used to rigorously vet our standards is still in place," said NIST in a statement.

"NIST would not deliberately weaken a cryptographic standard. We will continue in our mission to work with the cryptographic community to create the strongest possible encryption standards for the U.S. government and industry at large."

According to a memo released by NSA whistleblower Edward Snowden, the intelligence agency's budget included efforts to "influence policies, standards and specifications for commercial public key technologies". In particular, NIST Special Publication 800-90 was referenced, a 2006 encryption standard adopted by NIST which uses four deterministic random bit generators.

One of these generators, Dual_EC_DRBG, is based on finding the discrete logarithms of elliptic curves and attracted attention almost immediately, not least because it was considerably slower than the other three methods and was specifically championed by the NSA.

A year after its publication, two Microsoft researchers – Dan Shumow and Niels Ferguson – gave a presentation at the CRYPTO 2007 conference which suggested that Dual_EC_DRBG was crackable. They were careful not to accuse the NSA of deliberately inserting a backdoor into the system, but noted that it was potentially unsafe.

In Tuesday's statement, NIST said that working with the NSA was standard operating procedure; indeed it was required by law to consult with the NSA on security matters. To reassure users, NIST has reopened the standard to public comment so that it can be checked, but cryptography expert Bruce Schneier, who has examined some of Snowden's material on the matter, warned that this won’t be good enough.

"NIST took a big credibility hit unfortunately," he said in a podcast. "There are good people there doing good work but we don't know which of their standards are tainted, we don't know how much collaboration there is with the NSA.

"And unfortunately because trust is lost when they get up and say the NSA doesn't affect our standards we don't believe them. We need a way to get back trust."

Schneier likened the situation to betraying a spouse, saying that in that kind of situation the only way to get trust back is by full disclosure. "You can't say 'here's most of the things I did and you may find out some more in a few months' – those sort of strategies never work." ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.