Encryption Standards To Be Reconsidered After NSA Revelations
Maybe spies won't be allowed to write them this time
SAN FRANCISCO — The federal agency charged with recommending cybersecurity standards said Tuesday that it would reopen the public vetting process for an encryption standard, after reports that the National Security Agency had written the standard and could break it.
"We want to assure the I.T. cybersecurity community that the transparent, public process used to rigorously vet our standards is still in place," The National Institute of Standards and Technology said in a public statement. "N.I.S.T. would not deliberately weaken a cryptographic standard."
The announcement followed reports published by The New York Times, The Guardian and ProPublica last Thursday about the N.S.A.'s success in foiling much of the encryption that protects vast amounts of information on the Web. The Times reported that as part of its efforts, the N.S.A. had inserted a back door into a 2006 standard adopted by N.I.S.T. and later by the International Organization for Standardization, which counts 163 countries as members.
Hide Comments (0)
Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.
Please
to post commentsMute this user?
Ban this user?
Un-ban this user?
Nuke this user?
Un-nuke this user?
Flag this comment?
Un-flag this comment?