NSA Tried to Push Global Encryption Standards “Because It Knew How to Break Them”
The cybersecurity world continues to mistrust the National Security Agency of the United States. According to a latest Reuters report, an international group of cryptography experts from the country’s closest allies has forced the NSA to back down over two encryption techniques that the agency wanted to turn into global industry standards.
US allies accuse NSA of manipulating global cryptography standards
The agency is back in the bad books again after it was discovered by the US allies that the intelligence agency was trying to manipulate international encryption standards. Citing interviews and emails, Reuters reported:
“Academic and industry experts from countries including Germany, Japan and Israel worried that the U.S. electronic spy agency was pushing the new techniques not because they were good encryption tools, but because it knew how to break them.”
The NSA has been trying to push for two encryption techniques, known as Simon and Speck, which it wanted to be included in the International Organization of Standards (ISO). Following the accusations that the agency pushed these standards to make sure it had a backdoor access, it has been forced to back down from this cryptography fight.
The publication said that the fight has been going on for over the last three years behind “closed-door meetings around the world,” focused specifically on whether the ISO should approve NSA’s Simon and Speck. While the US delegation to the ISO also includes NSA officials, it is largely controlled by the American National Standards Institute (ANSI), which said it only forwarded the NSA proposals and doesn’t endorse them.
Israeli ISO delegate, Orr Dunkelman, told Reuters that he doesn’t trust NSA designers.
“There are quite a lot of people in NSA who think their job is to subvert standards. My job is to secure standards.”
The decision reflects deep mistrust among close allies, stemming mainly from the Edward Snowden’s leaks. Apparently, the agency was successful in pushing a component for encryption, Dual Elliptic Curve, which was adopted as a global standard. Snowden leaks had revealed that the acceptance as a global standard was celebrated inside the agency. Private researchers had also revealed how Dual EC hid a backdoor, potentially enabling the NSA to eavesdrop on millions around the world.
While the lightweight versions have been dropped, the most robust versions of Simon and Speck – for hardware and software, respectively – remain in the run, with the final vote expected in February.
Snowden leaks continue to be a problem for the surveillance-addicted agency
While the Snowden leaks continue to be a problem for the intelligence agency, it is still not ready to move away from its mass surveillance tactics where it also targeted the country’s most close allies. Despite public outcry, the NSA continues to push for “vulnerabilities into commercial encryption systems.”
Reuters’ latest report had cited over a “dozen of the experts” who were suspicious of NSA’s Simon and Speck and “feared that if the NSA was able to crack the encryption techniques, it would gain a ‘back door’ into coded transmissions.”
The NSA, of course, doesn’t confirm the authenticity of Snowden leaks and “firmly believes” that its encryption techniques are secure.