NIST's Ridiculous Non-Response Response To Revelation That NSA Controlled Crypto Standards Process

from the that's-not-going-to-calm-anyone-down dept

One of the key revelations from last week, of course, was the fact that the NSA surreptitiously took over the standards making process on certain encryption standards. Here was the key revelation:

Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.

“Eventually, NSA became the sole editor,” the document states.

It took NIST a few days to figure out a response to this, but it’s now been posted, and it says… basically nothing at all. Let’s go through it piece by piece.

Recent news reports have questioned the cryptographic standards development process at NIST. We want to assure the IT cybersecurity community that the transparent, public process used to rigorously vet our standards is still in place.

Um, except that as the leaks revealed, that’s not actually true. The NSA was the “sole editor” of the standard. So claiming that the standards are rigorously vetted is simply false. Furthermore, as John Gilmore recently revealed, concerning IPSec, the NSA made sure that the standards were so complicated that no one could actually vet the security.

NIST would not deliberately weaken a cryptographic standard. We will continue in our mission to work with the cryptographic community to create the strongest possible encryption standards for the U.S. government and industry at large.

That’s not a response to the charges at all.

NIST has a long history of extensive collaboration with the world’s cryptography experts to support robust encryption. The National Security Agency (NSA) participates in the NIST cryptography development process because of its recognized expertise. NIST is also required by statute to consult with the NSA.

In other words, yes, the NSA is involved — which was not a secret. But what was a secret, and what NIST does not even begin to address, is the idea that the NSA took control of the standard and became its “sole editor.”

Recognizing community concern regarding some specific standards, we reopened the public comment period for Special Publication 800-90A and draft Special Publications 800-90B and 800-90C to give the public a second opportunity to view and comment on the standards.

Again, that does little to address the specific questions raised. If the standards are designed by the NSA in a manner that makes the security aspect inscrutable to even the most experienced cryptographers without simplifying the standard, then that’s not doing any good.

If vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible.

Yes, but the “cryptographic community” seems to include the NSA… sometimes in key positions.

Basically this is a total non-response to the revelations from last week. It’s just NIST saying “yes, we work with the NSA, but you have nothing to fear” without giving any basis to support the end of that claim.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “NIST's Ridiculous Non-Response Response To Revelation That NSA Controlled Crypto Standards Process”

Subscribe: RSS Leave a comment
28 Comments
Jose_X (profile) says:

Re: Re: Re:

That’s in the eye of the beholder. Many nations consider the UN necessary to keep other nations (and their own) in check.

The “US” under the Articles of Confederation was rather weak by their own admission, but that weakness at the UN is apparently an asset given how diverse is each member.

Everyone loves government when it comes to protecting their own personal set of “these are the best” laws, but hates it when it compromises in order to serve a larger constituency.

Jose_X (profile) says:

Re: Statutes like this bug me...

Does it say to follow the NSA’s wishes or show preference?

The question I have is not who is the editor of any given standard (which btw can be ignored by the private sector in many cases) but would the NIST allow the spec to be changed when the community shows weaknesses. Does anyone know of a case where they have not done that?

If people find flaws, point them out and the spec can change. If the spec is complex, don’t use it. There is already the parallel stds from places like Internet RFCs (IETF).

If the government wants their own minimal level of stds they feel comfortable with, eg, for government contracts, what is the beef? Again, is there actual evidence of NIST or NSA pushing a purposely weak std onto everyone by law and not backing from it? Because if people want to have laws that allow everyone to have super encryption and that would not be available without a law change, then that can be addressed in the US form of government.

I feel like I’m hearing that the sky is falling just because the NSA is involved somehow.

Jose_X (profile) says:

Re: Re: Statutes like this bug me...

> I feel like I’m hearing that the sky is falling just because the NSA is involved somehow.

To be fair, the article’s motivation is anger at the NSA for trying to add back doors and then removing any benefit of the doubt that the NIST is working with a different agenda (than the NSA) more in line with what a traditional standards body might desire.

Anonymous Coward says:

So claiming that the standards are rigorously vetted is simply false

They never claimed that the process was properly utilized, merely that it was in place. They also claimed the process was transparent and public, but never once claimed that it was simple enough to be understood even by most experts.

I also note carefully crafted language in the rest of the response about participation, the ability to view and comment, and that issues will be addressed (but addressed doesn’t mean actually rectified) but nowhere do I see a claim that the NSA isn’t the sole arbitrator or that anyone else has actual authority in the final decision making process.

ECA (profile) says:

cRYPTOLOGY

Ok,
something to think about..

WHICH is faster?
Straight unencrypt site to site..Plane to plane, place to place?
BASIC encrypt, that compresses data and allows for Faster connections?
HEAVY DUTY, SOLID CORE encryt? Where the TIME needed to encrypt/SEND/decrypt takes TIME..AND the SIZE will probably be larger then the original material.

Basic encrypt, which is MOSTLY packages/letters/email type stuff…Is fairly easy..and is fairly quick and easy.. but BOTH locations must have the keys.

Heavy duty? does some interesting things, and adds FILLER that isnt part of the data just to mess things up.

The difference is like a 4 digit number (0-9) compared to a code that is 16-256 digit/characters/symbols (a-z/A-Z/0-9/!@#$#^%&*^(){}”:/?., and about 100 more characters..
16 characters to the ^246 power…

Slicerwizard says:

Re: cRYPTOLOGY

“Where the TIME needed to encrypt/SEND/decrypt takes TIME..”

Time takes time? ECA, you’re losing it.

“AND the SIZE will probably be larger then the original material.”

ECA, you’re clueless.

“Basic encrypt, which is MOSTLY packages/letters/email type stuff…Is fairly easy..and is fairly quick and easy.. but BOTH locations must have the keys.

Heavy duty? does some interesting things, and adds FILLER that isnt part of the data just to mess things up.”

More bullshit.

“The difference is like a 4 digit number (0-9) compared to a code that is 16-256 digit/characters/symbols (a-z/A-Z/0-9/!@#$#^%&*^(){}”:/?., and about 100 more characters..
16 characters to the ^246 power…”

UTTER bullshit. Serious encryption, like AES256, AES1024, etc. adds NOTHING extra. Encrypted message size = plaintext message size.

Why can’t idiots who KNOW NOTHING just shut the hell up? Faaack…

PopeRatzo (profile) says:

Keep it up, Techdirt

I’m really grateful that Techdirt has taken it upon itself to be a major conduit about news regarding the overreach and misdeeds of our national security/corporate apparatus.

I’m sure there are a lot of tech stories that the editors of Techdirt would rather be talking about, but this is by far the most important issue facing us.

I’m surprised, and pleased at some of the places I’m finding links to Techdirt stories about this issue. People ARE taking notice, and this is not just a story of the day that’s going to go away tomorrow.

Thank you for spending time on this instead of just passing along another meaningless Apple product roll-out press release, as some tech sources seem to be doing today.

Anonymous Coward says:

I don't read it that way.

Recognizing community concern regarding some specific standards, we reopened the public comment period for…

I see that as an opportunity to raise certain concerns. Such as the ones Mike pointed out:

If the standards are designed by the NSA in a manner that makes the security aspect inscrutable to even the most experienced cryptographers without simplifying the standard, then that’s not doing any good.

Yes, but the “cryptographic community” seems to include the NSA… sometimes in key positions.

They claim to be listening to “concerns”. What remains to be seen is whether
they will actually act on these concerns.

More interesting is whether they’ll try to immediately address the “NSA
personel in key positions” of their standards process. They may wish to
consider that in order to avoid any *appearance* of impropriety.

Doing that may help in the acceptence of their standard. I do not think
they wish to be known as the standards body saddled with the negative
aspects of a “Approved by the NSA” reputation.

Think ISO and OOXML.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...