Remix.run Logo
leonidasrup 21 hours ago

In the past NSA has weakened encryption standards, for example NSA madified DES standard. The NSA pushed backdoored design of Dual_EC_DRBG was standardized in NIST SP 800-90A.

"Weaknesses in the cryptographic security of the algorithm were known and publicly criticised well before the algorithm became part of a formal standard endorsed by the ANSI, ISO, and formerly by the National Institute of Standards and Technology (NIST). One of the weaknesses publicly identified was the potential of the algorithm to harbour a cryptographic backdoor advantageous to those who know about it—the United States government's National Security Agency (NSA)—and no one else. In 2013, The New York Times reported that documents in their possession but never released to the public "appear to confirm" that the backdoor was real, and had been deliberately inserted by the NSA as part of its Bullrun decryption program."

https://en.wikipedia.org/wiki/Dual_EC_DRBG

"NSA worked closely with IBM to strengthen the algorithm against all except brute-force attacks and to strengthen substitution tables, called S-boxes. Conversely, NSA tried to convince IBM to reduce the length of the key from 64 to 48 bits. Ultimately they compromised on a 56-bit key"

https://en.wikipedia.org/wiki/Data_Encryption_Standard

The NSA published algorithms are not used for the important US secrets. For these system the classified algorithms of NSA Suite A are used.

https://en.wikipedia.org/wiki/NSA_Suite_A_Cryptography

NSA Suite A was probably used for Space Shuttle comunication. NASA scrambled to recover classified communications gear after the Challenger shuttle disaster in 1986.

https://www.globalsecurity.org/org/news/2003/030206-comsec-s...

some_furry 20 hours ago | parent [-]

> In the past NSA has weakened encryption standards, for example NSA madified DES standard.

They made DES more secure against differential cryptanalysis (a method that was classified at the time DES was being designed). Sure, the whole "make the keys 56-bit instead of 64-bit" is a weakening, but differential cryptanalysis would have broken the entire fucking cipher if they didn't prevent it by selecting a secure S-box.

> The NSA pushed backdoored design of Dual_EC_DRBG was standardized in NIST SP 800-90A.

Correct, which another threat actor used in a backdoor by replacing the public key.

I'm not arguing that NIST isn't vulnerable to NSA influence. I'm arguing that they are not the same entity and do not have the same goals or incentives.

I'm not an NSA defender. https://furry.engineer/@soatok/116854899284071513