The National Institute for Standards and Technology has taken an important step toward repairing what the National Security Agency has allegedly fractured by initiating a review of its cryptographic standards development processes.
NIST-sponsored algorithms are at the heart of numerous crypto standards used to secure communications and commerce, as well as serving as the foundation for a number of commercial software products.
Revelations from whistleblower Edward Snowden have shone a light on possible NSA subversion of some widely used encryption algorithms, not only casting doubt on the integrity of the technology, but damaging NIST’s stature as a standards body of reckoning. Some Snowden documents, in particular a set published in September by the New York Times, said that the NSA had subverted encryption standards by either deliberately weakening algorithms the agency helped build, or by inserting backdoor code that could give the NSA access to any online communication it chooses.
Matthew Scholl, Deputy Chief of the NIST computer security division, told Threatpost he hopes the outcome of the review is a validation and verification of the processes NIST uses to create crypto standards, likening it to quality assurance and quality control. He added that this type of review doesn’t stray too far from established NIST reviews of its processes, though this one will likely be a bit more public. NIST said it will solicit feedback during the review from the academic crypto community, other standards bodies, the government and international partners, as well as industry partners.
“The damage is broad and deep, not just to NIST but to industry and government at large,” Scholl said. “We are trying to ensure we maintain the confidence of and keep the active participation of external crypto communities in our work. We want to ensure we maintain confidence and trust in what we do and continue to get that participation–which we get when we have confidence and trust.”
The leaks enumerate the depths of NSA surveillance and exposing the subversion of crypto standards has increased skepticism over NSA-sponsored cryptography. The most high-profile infiltration may have been the insertion of backdoor code in the Dual EC-DRBG algorithm; in September, NIST recommended that developers no longer use the algorithm until a review was complete. RSA Security followed suit with a similar recommendation. Dual EC-DRBG is the default random number generator in a number of RSA products, including RSA BSAFE libraries and RSA key management software.
NIST said it is concerned by the NSA leaks because it threatens the integrity of its efforts.
“We strive for a consistently open and transparent process that enlists the worldwide cryptography community to help us develop and vet algorithms included in our cryptographic guidance,” said Donna Dodson, chief of the NIST computer security division. “NIST endeavors to promote confidence in our cryptographic guidance through these inclusive and transparent development processes, which we believe are the best in use.”
Prominent crypto experts such as Matthew Green of Johns Hopkins University told Threatpost in September upon publication of an explosive New York Times article on the NSA’s crypto activities: “The U.S. has had an enormous influence on crypto around the world because we have NIST,” Green said. “You could see people break away from NIST, which would hurt everyone, and move to regional standards. That stuff is a problem.
“We trust NIST because there are a lot smart people there. If you split up into regions, it’s possible things could get less secure,” Green added. “You could end up with more vulnerabilities; standards get weaker the less effort you put into it.”
NIST said the review is in its early stages and that experts involved are still compiling goals, determining which algorithms will be reviewed and how they will be reviewed.
Once complete, we will invite public comment on this process,” Dodson said. “We also will bring in an independent organization to conduct a formal review of our standards development approach and to suggest improvements. Based on the public comments and independent review, we will update our process as necessary to make sure it meets our goals for openness and transparency, and leads to the most secure, trustworthy guidance practicable.”