Silent Circle: NIST encryption standards untrustworthy2013-09-30 13:49 by DanielaTags: NIST, encryption
The National Security Agency's recent attempts to discredit encryption technologies developed by NIST, have lead to private-communication startup called Silent Circle to start develop new methods for elliptic curve cryptography.
While NIST is a highly-respected standards body, it was recently forced to advise against the use of its own Dual_EC_DRBG random number generator after Edward Snowden's leaks suggested it had been subverted by NSA representatives involved in the standardization process. The reason for the problem - the NSA seems to have set constants in the generator that makes its output easier to guess, in turn making encryption that uses the generator easy to crack if you know the constants. The security firm RSA, which used Dual_EC_DRBG by default, also had to warn its customers to steer clear. Read more -here-
Post your review/comments
rate:
avg:
![]() ![]() ![]() ![]() ![]() |