Jump to content

National Institute of Standards and Technology: Difference between revisions

National Institute of Standards and Technology (view source)

Revision as of 23:12, 14 March 2025

4 bytes removed ,  14 March
m
Text replacement - "The Guardian" to "The Guardian"
VisualWikitext
m (Text replacement - "fiscal year" to "fiscal year")
m (Text replacement - "The Guardian" to "The Guardian")
 
Line 232: Line 232:


==Controversy regarding NIST standard SP 800-90==
==Controversy regarding NIST standard SP 800-90==
In September 2013, both ''[[The Guardian]]'' and ''The New York Times'' reported that NIST allowed the [[National Security Agency]] (NSA) to insert a [[cryptographically secure pseudorandom number generator]] called [[Dual EC DRBG]] into NIST standard [[NIST SP 800-90A|SP 800-90]] that had a [[kleptographic]] [[Backdoor (computing)|backdoor]] that the NSA can use to covertly predict the future outputs of this [[pseudorandom number generator]] thereby allowing the surreptitious decryption of data.<ref name=FCW>{{cite web|last=Konkel|first=Frank|title=What NSA's influence on NIST standards means for feds|url=http://fcw.com/articles/2013/09/06/nsa-nist-standards.aspx|work=FCW|publisher=1105 Government Information Group|access-date=September 10, 2013|date=September 6, 2013|url-status=dead|archive-url=https://web.archive.org/web/20130910030443/http://fcw.com/Articles/2013/09/06/NSA-NIST-standards.aspx|archive-date=September 10, 2013|df=mdy-all}}</ref> Both papers report<ref name=Guardian>{{cite web|title=Revealed: how US and UK spy agencies defeat internet privacy and security|url=https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|work=The Guardian|access-date=September 7, 2013|author=James Borger|author2=Glenn Greenwald|date=September 6, 2013|url-status=live|archive-url=https://web.archive.org/web/20130918135152/http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|archive-date=September 18, 2013|df=mdy-all}}</ref><ref>{{cite news|title=N.S.A. Able to Foil Basic Safeguards of Privacy on Web|url=https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0|newspaper=The New York Times|access-date=September 7, 2013|author=Nicole Perlroth|date=September 5, 2013|archive-url=https://web.archive.org/web/20130908112919/http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0|archive-date=September 8, 2013|url-status=live}}</ref> that the NSA worked covertly to get its own version of SP 800-90 approved for worldwide use in 2006. The whistle-blowing document states that "eventually, NSA became the sole editor". The reports confirm suspicions and technical grounds publicly raised by cryptographers in 2007 that the EC-DRBG could contain a [[kleptographic]] backdoor (perhaps placed in the standard by NSA).<ref>{{cite magazine|last=Schneier|first=Bruce|title=Did NSA Put a Secret Backdoor in New Encryption Standard?|url=https://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|magazine=Wired|publisher=Condé Nast|date=November 15, 2007|access-date=September 10, 2013|url-status=live|archive-url=https://archive.today/20120919094854/http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|archive-date=September 19, 2012|df=mdy-all}}</ref>
In September 2013, both ''The Guardian'' and ''The New York Times'' reported that NIST allowed the [[National Security Agency]] (NSA) to insert a [[cryptographically secure pseudorandom number generator]] called [[Dual EC DRBG]] into NIST standard [[NIST SP 800-90A|SP 800-90]] that had a [[kleptographic]] [[Backdoor (computing)|backdoor]] that the NSA can use to covertly predict the future outputs of this [[pseudorandom number generator]] thereby allowing the surreptitious decryption of data.<ref name=FCW>{{cite web|last=Konkel|first=Frank|title=What NSA's influence on NIST standards means for feds|url=http://fcw.com/articles/2013/09/06/nsa-nist-standards.aspx|work=FCW|publisher=1105 Government Information Group|access-date=September 10, 2013|date=September 6, 2013|url-status=dead|archive-url=https://web.archive.org/web/20130910030443/http://fcw.com/Articles/2013/09/06/NSA-NIST-standards.aspx|archive-date=September 10, 2013|df=mdy-all}}</ref> Both papers report<ref name=Guardian>{{cite web|title=Revealed: how US and UK spy agencies defeat internet privacy and security|url=https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|work=The Guardian|access-date=September 7, 2013|author=James Borger|author2=Glenn Greenwald|date=September 6, 2013|url-status=live|archive-url=https://web.archive.org/web/20130918135152/http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|archive-date=September 18, 2013|df=mdy-all}}</ref><ref>{{cite news|title=N.S.A. Able to Foil Basic Safeguards of Privacy on Web|url=https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0|newspaper=The New York Times|access-date=September 7, 2013|author=Nicole Perlroth|date=September 5, 2013|archive-url=https://web.archive.org/web/20130908112919/http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0|archive-date=September 8, 2013|url-status=live}}</ref> that the NSA worked covertly to get its own version of SP 800-90 approved for worldwide use in 2006. The whistle-blowing document states that "eventually, NSA became the sole editor". The reports confirm suspicions and technical grounds publicly raised by cryptographers in 2007 that the EC-DRBG could contain a [[kleptographic]] backdoor (perhaps placed in the standard by NSA).<ref>{{cite magazine|last=Schneier|first=Bruce|title=Did NSA Put a Secret Backdoor in New Encryption Standard?|url=https://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|magazine=Wired|publisher=Condé Nast|date=November 15, 2007|access-date=September 10, 2013|url-status=live|archive-url=https://archive.today/20120919094854/http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|archive-date=September 19, 2012|df=mdy-all}}</ref>


NIST responded to the allegations, stating that "NIST works to publish the strongest cryptographic standards possible" and that it uses "a transparent, public process to rigorously vet our recommended standards".<ref>{{cite web|last=Byers|first=Alex|title=NSA encryption info could pose new security risk – NIST weighs in<!-- - Rosenworcel: Refunds for long retrans blackouts -->|url=http://www.politico.com/morningtech/0913/morningtech11574.html|work=Politico|date=September 6, 2013 |access-date=September 10, 2013|url-status=live|archive-url=https://web.archive.org/web/20130927151824/http://www.politico.com/morningtech/0913/morningtech11574.html|archive-date=September 27, 2013|df=mdy-all}}</ref> The agency stated that "there has been some confusion about the standards development process and the role of different organizations in it...The National Security Agency (NSA) participates in the NIST cryptography process because of its recognized expertise. NIST is also required by statute to consult with the NSA."<ref>{{cite web|last=Perlroth|first=Nicole|title=Government Announces Steps to Restore Confidence on Encryption Standards|url=http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology|work=The New York Times|date=September 10, 2013|access-date=September 11, 2013|url-status=live|archive-url=https://web.archive.org/web/20131029225705/http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology|archive-date=October 29, 2013|df=mdy-all}}</ref> Recognizing the concerns expressed, the agency reopened the public comment period for the SP800-90 publications, promising that "if vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible".<ref>{{cite journal|title=Cryptographic Standards Statement|url=https://www.nist.gov/director/cybersecuritystatement-091013.cfm|publisher=National Institute of Standsards in Technology|access-date=September 11, 2013|author=Office of the Director, NIST|journal=NIST |date=September 10, 2013|url-status=live|archive-url=https://web.archive.org/web/20130912234248/http://www.nist.gov/director/cybersecuritystatement-091013.cfm|archive-date=September 12, 2013|df=mdy-all}}</ref> Due to public concern of this [[cryptovirology]] attack, NIST rescinded the EC-DRBG algorithm from the NIST SP 800-90 standard.<ref name="nist_abandonment">{{cite news|url=https://www.nist.gov/itl/csd/sp800-90-042114.cfm|work=National Institute of Standards and Technology|title=NIST Removes Cryptography Algorithm from Random Number Generator Recommendations|date=April 21, 2014|url-status=live|archive-url=https://web.archive.org/web/20160829031025/http://www.nist.gov/itl/csd/sp800-90-042114.cfm|archive-date=August 29, 2016|df=mdy-all}}</ref>
NIST responded to the allegations, stating that "NIST works to publish the strongest cryptographic standards possible" and that it uses "a transparent, public process to rigorously vet our recommended standards".<ref>{{cite web|last=Byers|first=Alex|title=NSA encryption info could pose new security risk – NIST weighs in<!-- - Rosenworcel: Refunds for long retrans blackouts -->|url=http://www.politico.com/morningtech/0913/morningtech11574.html|work=Politico|date=September 6, 2013 |access-date=September 10, 2013|url-status=live|archive-url=https://web.archive.org/web/20130927151824/http://www.politico.com/morningtech/0913/morningtech11574.html|archive-date=September 27, 2013|df=mdy-all}}</ref> The agency stated that "there has been some confusion about the standards development process and the role of different organizations in it...The National Security Agency (NSA) participates in the NIST cryptography process because of its recognized expertise. NIST is also required by statute to consult with the NSA."<ref>{{cite web|last=Perlroth|first=Nicole|title=Government Announces Steps to Restore Confidence on Encryption Standards|url=http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology|work=The New York Times|date=September 10, 2013|access-date=September 11, 2013|url-status=live|archive-url=https://web.archive.org/web/20131029225705/http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology|archive-date=October 29, 2013|df=mdy-all}}</ref> Recognizing the concerns expressed, the agency reopened the public comment period for the SP800-90 publications, promising that "if vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible".<ref>{{cite journal|title=Cryptographic Standards Statement|url=https://www.nist.gov/director/cybersecuritystatement-091013.cfm|publisher=National Institute of Standsards in Technology|access-date=September 11, 2013|author=Office of the Director, NIST|journal=NIST |date=September 10, 2013|url-status=live|archive-url=https://web.archive.org/web/20130912234248/http://www.nist.gov/director/cybersecuritystatement-091013.cfm|archive-date=September 12, 2013|df=mdy-all}}</ref> Due to public concern of this [[cryptovirology]] attack, NIST rescinded the EC-DRBG algorithm from the NIST SP 800-90 standard.<ref name="nist_abandonment">{{cite news|url=https://www.nist.gov/itl/csd/sp800-90-042114.cfm|work=National Institute of Standards and Technology|title=NIST Removes Cryptography Algorithm from Random Number Generator Recommendations|date=April 21, 2014|url-status=live|archive-url=https://web.archive.org/web/20160829031025/http://www.nist.gov/itl/csd/sp800-90-042114.cfm|archive-date=August 29, 2016|df=mdy-all}}</ref>
Retrieved from ‘https://openusaproject.com/wiki/Special:MobileDiff/31761