Amid NSA uproar, encryption-standards body defends process

NIST, the group that oversees encryption standards in the US, said Tuesday that it "would not deliberately weaken a cryptographic standard." The statement comes amid concern that the National Security Agency may have meddled with a method adopted by the group, in order to gain a back door for surveillance.

"Recent news reports have questioned the cryptographic standards development process at NIST," reads a statement issued today by the National Institute of Standards and Technology. "We want to assure the IT cybersecurity community that the transparent, public process used to rigorously vet our standards is still in place."

In a report last week based on documents provided by Prism leaker Edward Snowden, The New York Times said the NSA can now circumvent much of the encryption intended to protect digital communications, and that one of the ways it has managed this is by covertly introducing weaknesses into encryption standards.

The Times report, put together in cooperation the UK's Guardian newspaper and nonprofit news organization ProPublica, speaks of a vulnerability discovered by Microsoft cryptographers in 2007:

Simultaneously, the NSA has been deliberately weakening the international encryption standards adopted by developers. One goal in the agency's 2013 budget request was to "influence policies, standards, and specifications for commercial public key technologies," the most common encryption method.

Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by [NIST] and later by the International Organization for Standardization, which has 163 countries as members.

Classified NSA memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The NSA wrote the standard and aggressively pushed it on the international group, privately calling the effort "a challenge in finesse."

"Eventually, NSA became the sole editor," the memo says.

But NIST said that there "has been some confusion about the standards development process and the role of different organizations in it" and that it's reopening (PDF) the public comment period for the publications that involve the standard in question.

Here's the NIST statement in full:

Recent news reports have questioned the cryptographic standards development process at NIST. We want to assure the IT cybersecurity community that the transparent, public process used to rigorously vet our standards is still in place.

NIST would not deliberately weaken a cryptographic standard. We will continue in our mission to work with the cryptographic community to create the strongest possible encryption standards for the U.S. government and industry at large.

There has been some confusion about the standards development process and the role of different organizations in it. NIST's mandate is to develop standards and guidelines to protect federal information and information systems. Because of the high degree of confidence in NIST standards, many private industry groups also voluntarily adopt these standards.

NIST has a long history of extensive collaboration with the world's cryptography experts to support robust encryption. The National Security Agency (NSA) participates in the NIST cryptography development process because of its recognized expertise. NIST is also required by statute to consult with the NSA.

Recognizing community concern regarding some specific standards, we reopened the public comment period for Special Publication 800-90A and draft Special Publications 800-90B and 800-90C to give the public a second opportunity to view and comment on the standards.

If vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible.