The U.S. National Institute of Standards and Technology (NIST) has released the second draft of its “Cryptographic Standards and Development Process,” a document intended to provide principles and guidance on the creation of cryptographic standards. Crypto standards developed by NIST serve as the basis for secure communications and interactions across the internet.
Access applauds NIST for the new draft — which expands upon and strengthens the language behind important principles first set out in the previous draft — and for actively and transparently engaging with the public on these important issues. We also encourage NIST to include specific language directed at the National Security Agency (NSA) before the text is finalized.…29 January 2015
In response to stories in the New York Times, ProPublica, and the Guardian that the National Security Agency (“NSA”) was undermining encryption standards, The Visiting Committee on Advanced Technology (VCAT) released a report that called for increased transparency and internal expertise at the National Institute for Standards and Technologies (“NIST”). The VCAT reviews and makes recommendations regarding general policy for the National Institute of Standards and Technology. The VCAT formed a Committee of Visitors (“COV”) in mid-April to review the relationship between NIST and the NSA.…7 August 2014
Following revelations that the National Security Agency (NSA) deliberately weakened cryptographic standards put out by the U.S. National Institute of Standards and Technology (NIST), NIST recently proposed a series of principles to guide cryptography standards-setting going forward. Access, together with a coalition of eleven other digital rights, technology, privacy, and open government groups, submitted a letter today calling on NIST to strengthen cryptography principles, noting in particular that the principles must be “modified and amended to provide greater transparency and access.”…21 April 2014
Among the many revelations to come out of this summer, The New York Times recently announced that the NSA has been conducting a systematic and well-funded effort to install “backdoors” in consumer electronic devices, known as “Project Bullrun.” To better understand their history, how they can work, and the risks associated, here are three things you ought to know about backdoors.…20 September 2013