NIST Says It Never Worked With The NSA To Weaken Encryption Standards

Get the WebProNews Newsletter:

NIST Says It Never Worked With The NSA To Weaken Encryption Standards
[ Technology]

Last week, it was revealed that the NSA works tirelessly to break through all forms of encryption. One of the more worrisome revelations from the leak was that the agency worked with the National Institute of Standards and Technology to introduce intentionally weak encryption standards. Now NIST is saying that never happened.

In a statement today, NIST denies ever helping the NSA to weaken encryption standards. The organization adds that it would never “deliberately weaken a cryptographic standard.” Here’s the relevant part of the statement:

NIST would not deliberately weaken a cryptographic standard. We will continue in our mission to work with the cryptographic community to create the strongest possible encryption standards for the U.S. government and industry at large.

There has been some confusion about the standards development process and the role of different organizations in it. NIST’s mandate is to develop standards and guidelines to protect federal information and information systems. Because of the high degree of confidence in NIST standards, many private industry groups also voluntarily adopt these standards.

While NIST denies ever helping the NSA to weaken standards, it does admit that it works with the agency on encryption standards. In fact, the group is “required by statute to consult” with the agency during its “cryptography development process because of [the NSA’s] recognized expertise.”

In other words, NIST has to work with the NSA on encryption standards, but it doesn’t actively weaken said standards at the agency’s bequest. Conspiracy theorists might say that the NSA inserted the vulnerabilities in NIST’s standards without the group noticing. It’s not exactly that far out of a theory considering everything else we’ve learned about the agency thus far.

To help remove some of the skepticism it’s facing, NIST has also announced that it’s reopened the public comment period for its latest standards publication. This will give the public another chance to look through the latest encryption standards to see if they find anything out of the ordinary.

[Image: Wikimedia Commons]
[h/t: The Hill]

NIST Says It Never Worked With The NSA To Weaken Encryption Standards
Top Rated White Papers and Resources
  • Reality

    NIST was the organization that basically pretended to investigate the events of 9/11. In fact, many people were fired or “dismissed” when they spoke out against the blatant oversights by the agency. NIST would not even acknowledge the possibility of a controlled demolition. They could have easily disproved it by testing, but chose to ignore it, which makes me wonder if a controlled demolition happened. NIST would not touch the topic with a 10 foot pool — but of course they get most of their funding from the Federal government.

    So, how many lies are we up to now about the NSA program? Have we been told the truth about anything?

    I don’t think so. I wouldn’t trust anything we are being told now. In fact, just keep watching the Clapper video and if you can find yourself trusting anyone from the government, well may God bless you because you will need it.

    • Hmm

      Yeah, basically if you spoke out against the “official” explanation for 9/11, you were fired by NIST and UL (Underwriters Laboratories).

      Nothing was investigated regarding by 9/11 — they just went along with the government party line. All the testing was set up to prove the governments findings and not to find the truth of what happened.

      The number of people reprimanded or let go is actually quite alarming.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom