For three years, International Standards Organization has been wrangling over which cryptographic algorithms will be incorporated into a standard for interoperability in "Internet of Things" gadgets; at issue has been the NSA's insistence that "Simon" and "Speck" would be the standard block cipher algorithms in these devices.
The NSA has a history of sabotaging cryptographic standards; most famously, documents provided by Edward Snowden showed that the NSA had sabotaged NIST security standards, but the story goes farther back than that: I have been told by numerous wireless networking exercises that the weaknesses in the now-obsolete Wireless Encryption Protocol (WEP) were deliberately introduced by NSA meddling. And of course, the NSA once classified working cryptography as a munition and denied civilians access to it, until EFF got a court to declare code to be a form of protected speech under the First Amendment.
Now, the NSA has been defeated at ISO, with its chosen ciphers firmly rejected by the committee members, who were pretty frank about their reason for rejecting Simon and Speck: they don't trust the NSA.
Two delegates told WikiTribune that the opposition to adding these algorithms was led by Dr. Tomer Ashur from KU Leuven University, representing the Belgian delegation and it was supported by a large group of countries.
Israeli delegate Orr Dunkelman told Reuters he did not trust the U.S. designers following the September meetings.
“There are quite a lot of people in NSA who think their job is to subvert standards,” said Dunkelman. “My job is to secure standards.”
The NSA said Simon and Speck were developed to protect U.S. government equipment without requiring a lot of processing power, and firmly believes they are secure.
Exclusive: NSA encryption plan for ‘internet of things’ rejected by international body [Jack Barton/Wikitribune]
The White House Communications Agency, staffed with military information security experts, is in charge of making sure that the President's cellular phone isn't getting hacked by adversaries who might otherwise be able to listen in on his calls, capture his messages, intercept his search history, and remotely operate his camera and microphone. Donald Trump routinely […]
The revelation that encrypted email is vulnerable to a variety of devastating attacks (collectively known as "Efail") has set off a round of soul-searching by internet security researchers and other technical people -- can we save email?
If you're the kind of parent who wants to spy on everything your kids do, you can force them to install an app like Teensafe, which only works if your kid doesn't use two-factor authentication; you have to give it your kid's device ID and password, so if that data leaks, it would allow anyone […]
Handheld radios might seem a bit archaic, but in an emergency situation, few things will keep you as reliably connected to the outside world. This Emergency Multi-Function Radio & Flashlight takes the utility of the tried-and-true radio and combines it with a powerful flashlight and self-sufficient energy system. It’s available in the Boing Boing Store for […]
Few programming languages boast the versatility and user-friendliness of Python, which is why it’s the first language of choice for many aspiring programmers. Regardless of your experience level, you can take the first step to becoming Python-savvy with the Python 3 Bootcamp Bundle, available in the Boing Boing Store for $35 this week. Featuring more than […]
We live during a time where cyberattacks regularly make news headlines, so it should come as no surprise that cybersecurity professionals are experiencing a surge in demand at even the entry level, making now the ideal time to learn the tools of the trade if you’re considering a career switch. The 2018 Supercharged Cybersecurity Bundle offers […]