The New York Times has published further details of last week's leaked documents detailing the NSA's program of sabotage to crypto products and standards. The new report confirms that the standard that the NSA sabotaged was the widely-suspected NIST Dual EC DRBG standard. The Times reports that the NSA then pushed its backdoored standard through the International Organization for Standardization and the Canadian Communications Security Establishment.
NIST has re-opened the comments on its standard with the hope of rooting out the NSA sabotage to the random number generator and restoring trust in its work products.
The agency said that because of cryptographers’ concerns, it would reopen the public comment period for three publications — Special Publication 800-90A and drafts of Special Publications 800-90B and 800-90C — which all use the random number generator in question.
“If vulnerabilities are found in these or any other N.I.S.T. standard, we will work with the cryptographic community to address them as quickly as possible,” the agency’s statement said.
“I know from firsthand communications that a number of people at N.I.S.T. feel betrayed by their colleagues at the N.S.A.,” Mr. Green said in an interview Tuesday. “Reopening the standard is the first step in fixing that betrayal and restoring confidence in N.I.S.T.”
Government Announces Steps to Restore Confidence on Encryption Standards [Nicole Perlroth/NYT]
(via Interesting People)
Rodrigo Duterte is the new president of the Philippines: he ran on a promise to be a “dictator” and endorsed execution by vigilante death-squad as a way of combating crime; now he’s announced that he will give a hero’s burial to the embalmed corpse of former dictator Ferdinand Marcos, who committed mass-scale human rights abuses […]
Courts around America and the world increasingly rely on software based risk-assessment software in determining bail and sentencing; the systems require the accused to answer more than a hundred questions which are fed into a secret model that spits out a single-digit “risk score” that courts use to decide who to lock up, and for […]
According the the filings in a lawsuit brought by Equal Justice Under Law against Harris County, Texas, 77% of the inmates in Harris County Jail — largest in Texas, third largest in America — are there because they couldn’t make a bail payment of $5,000 or less.
Jared Sinclair developed the RSS reader app Unread, which made $10,000 in its first 24 hours on the iOS market. And we’ve all heard the story of Flappy Bird developer Dong Nguyen, whose creation was reportedly earning $50,000 a day at the height of its 2013 explosion. While those are rare examples, they’re also testament to the […]
If you or your company’s IT system are besieged by black hat cyber attacks, an ethical hacker might be all that stands between crippling damage and a company’s long-term prosperity. It’s no wonder that the market for IT security specialists is exploding. Certification is the key – so learn the tenets of ethical hacking and get […]
Your laptop and mobile devices are top of the line…so why are you trotting out that raggedy decades-old suitcase when you go somewhere? Time to up your travel game with a complete 5-piece Herschel Travel Luggage bundle…and we’ll even give it to you for free!Of course, you’ve got to win the Ultimate Herschel Travel Bundle […]