Silent Circle: NIST encryption standards untrustworthy

The National Security Agency's recent attempts to discredit encryption technologies developed by NIST, have lead to private-communication startup called Silent Circle to start develop new methods for elliptic curve cryptography.

"At Silent Circle, we've been deciding what to do about the whole grand issue of whether the NSA has been subverting security," Silent Circle co-founder Jon Callas said. He and co-founders Phil Zimmermann and Mike Janke have decided that "in the relatively near future, we will implement a non-NIST cipher suite."

While NIST is a highly-respected standards body, it was recently forced to advise against the use of its own Dual_EC_DRBG random number generator after Edward Snowden's leaks suggested it had been subverted by NSA representatives involved in the standardization process.

The reason for the problem - the NSA seems to have set constants in the generator that makes its output easier to guess, in turn making encryption that uses the generator easy to crack if you know the constants. The security firm RSA, which used Dual_EC_DRBG by default, also had to warn its customers to steer clear.

Read more -here-

• Microsoft releases USB boot tool to fix CrowdStrike disaster
• Microsoft outage: CrowdStrike update affects flights, hospitals and businesses globally
• OpenAI debuts mini version of its most powerful model yet
• Music labels sue Verizon for more than $2.6 billion
• Elon Musk confirms the Tesla Robotaxi event has been delayed to October
• Federal court halts reimposed 'net neutrality' rules