Skip to content

Government Standards Agency “Strongly” Suggests Dropping its Own Encryption Standard – Encryption


Following revelations about the NSA’s covert influence on computer security standards, the National Institute of Standards and Technology, or NIST, announced earlier this week it is revisiting some of its encryption standards.

But in a little-noticed footnote, NIST went a step further, saying it is “strongly” recommending against even using one of the standards. The institute sets standards for everything from the time to weights to computer security that are used by the government and widely adopted by industry.

In its statement Tuesday, NIST acknowledged that the NSA participates in creating cryptography standards “because of its recognized expertise” and because NIST is required by law to consult with the spy agency.

“We are not deliberately, knowingly, working to undermine or weaken encryption,” NIST chief Patrick Gallagher said at a public conference Tuesday.

Various versions of Microsoft Windows, including those used in tablets and smartphones, contain implementations of the standard, though the NSA-influenced portion isn’t enabled by default. Developers creating applications for the platform must choose to enable it.

The New York Times noted earlier this week that documents provided by Snowden show the spy agency played a crucial role in writing the standard that NIST is now cautioning against using, which was first published in 2006.

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: