On the Subversion of NIST by the NSA
Nadiya Kostyuk and Susan Landau wrote an interesting paper: “Dueling Over DUAL_EC_DRBG: The Consequences of Corrupting a Cryptographic Standardization Process”:
Abstract: In recent decades, the U.S. National Institute of Standards and Technology (NIST), which develops cryptographic standards for non-national security agencies of the U.S. government, has emerged as the de facto international source for cryptographic standards. But in 2013, Edward Snowden disclosed that the National Security Agency had subverted the integrity of a NIST cryptographic standardthe Dual_EC_DRBGenabling easy decryption of supposedly secured communications. This discovery reinforced the desire of some public and private entities to develop their own cryptographic standards instead of relying on a U.S. government process. Yet, a decade later, no credible alternative to NIST has emerged. NIST remains the only viable candidate for effectively developing internationally trusted cryptography standards.
Cryptographic algorithms are essential to security yet are hard to understand and evaluate. These technologies provide crucial security for communications protocols. Yet the protocols transit international borders; they are used by countries that do not necessarily trust each other. In particular, these nations do not necessarily trust the developer of the cryptographic standard.
Seeking to understand how NIST, a U.S. government agency, was able to remain a purveyor of cryptographic algorithms despite the Dual_EC_DRBG problem, we examine the Dual_EC_DRBG situation, NIST’s response, and why a non-regulatory, non-national security U.S. agency remains a successful international supplier of strong cryptographic solutions.
Clive Robinson • June 23, 2022 7:21 AM
@ ALL,
Remember that I’m of the firm oppinion that the NSA quite deliberately manipulated NIST and the AES contest.
Resulting in weak implementations of the AES algorithm that had time based side channels that could be exoloited at some considerable distance across a network and beyond the ability of end point users to see.
The result was most AES implementations an most original AES libraries were “Not secure for On-Line use”.
I can also see pre NSA “finessing” in the development of mechanical cipher machines. It also became clear later that the Swiss based Crypto AG was very much under the influence and help of the NSA and preceading agencies to harm and weaken many nations Cryptographic systems.
So the question is not are these “points” true, but can the NSA disprove them?
My money is not on the NSA as I happen to think the “points” are more probable than not, based on my own study of the NSA et al behaviours.