NIST to Review Crypto Guidance MethodsAgency Seeks to Rebuild Trust with IT Security Community
Noting that its integrity has been questioned, the National Institute of Standards and Technology has launched a formal review on how it develops cryptographic standards because of concerns that the National Security Agency might have corrupted its cryptography guidance.
"More than anything else, this is about ensuring the trust and confidence in people so that they use crypto," says Matt Scholl, deputy chief of NIST's Computer Security Division. "NIST's work in the end is NIST's work. We stand by and believe in the technical merits of what we put out." (See NIST Review Won't Disrupt Work with NSA.)
In a statement issued Nov. 1, NIST says its mission is to protect the nation's IT infrastructure and information through strong cryptography. "We cannot carry out that mission without the trust and assistance of the world's cryptographic experts," the statement says. "We're committed to continually earning that trust."
As part of what it characterizes as a "rigorous" review of its cryptographic guidance development, NIST says it will investigate its goals and objectives; principles of operation; processes for identifying cryptographic algorithms for standardization; methods for reviewing and resolving public comments; and other important procedures.
"Once complete, we will invite public comment on this process," the statement says. "We also will bring in an independent organization to conduct a formal review of our standards development approach and to suggest improvements. Based on the public comments and independent review, we will update our process as necessary to make sure it meets our goals for openness and transparency, and leads to the most secure, trustworthy guidance practicable."
Promise of Quick Action
NIST also says it will review its existing body of cryptographic work, looking at its documented processes and the specific procedures used to develop each of these standards and guidelines. "If any current guidance does not meet the high standards set out in this process," NIST says, "we will address these issues as quickly as possible."
Concerns about NSA's meddling in NIST's cryptography standards first surfaced in a 2007 Wired article written by the highly regarded cryptographer and author Bruce Schneier, but his report didn't gain much traction.
NIST works with a range of stakeholders, including the NSA, in developing its guidance. "The NSA has always been intimately involved in U.S. cryptography standards - it is, after all, expert in making and breaking secret codes," Schneier says. "So the agency's participation in the NIST standard is not sinister in itself. It's only when you look under the hood at the NSA's contribution that questions arise."
In early September, an article published by the New York Times and ProPublica, based on leaks by former NSA contractor Edward Snowden, said the NSA had cracked or circumvented much of the encryption that shields global commerce and banking systems, trade secrets, medical records and Internet communications (see Report: NSA Circumvented Encryption).
The guidance under review specifies mechanisms for the generation of random bits using deterministic methods (an algorithm which, given a particular input, will always produce the same output), which are based on either hash functions, block cipher algorithms or number theoretic problems, which in turn are based on elliptic curves. The NIST bulletin says the method based on number theoretic problems should no longer be used.