Cryptography

NIST pledges 'global acceptability' in crypto standards

Shutterstock image. Copyright: McIek.

The National Institute of Standards and Technology has issued the final version of a document that outlines its process for developing cryptographic standards and guidelines in an effort to demonstrate its commitment to transparency.

NIST's reputation as an independent body for cryptographic issues took a hit when former National Security Agency contractor Edward Snowden leaked evidence that NSA had subverted a NIST-approved algorithm known as Dual_EC_DRBG. Such algorithms make it more difficult for attackers to decrypt messages.

On March 31, NIST released "NIST Cryptographic Standards and Guidelines Development Process" as an integral part of its effort to rebuild some of the trust that might have been lost.

"Our goal is to develop strong and effective cryptographic standards and guidelines that are broadly accepted and trusted by our stakeholders," said Donna Dodson, NIST's chief cybersecurity adviser, in a statement. "While our primary stakeholder is the federal government, our work has global reach across the public and private sectors. We want a process that results in standards and guidelines that can be used to secure information systems worldwide."

The document contains nine guiding principles that NIST uses to create strong cryptography, which include transparency, openness, balance, technical merit and global acceptability. Officials said global acceptability was added in response to public comments and reflected the worldwide nature of commerce today.

They acknowledged the "possibility for tension between NIST's mission to promulgate the use of strong cryptography, and the law enforcement and national security missions of other agencies," but said they were committed to open, transparent processes.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


Featured

  • IT Modernization
    Eisenhower Executive Office Building (Image: Wikimedia Commons)

    OMB's user guide to the MGT Act

    The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek and use funds under the MGT Act.

  • global network (Pushish Images/Shutterstock.com)

    As others see us -- a few surprises

    A recent dinner with civil servants from Asia delivered some interesting insights, Steve Kelman writes.

  • FCW Perspectives
    cloud (Singkham/Shutterstock.com)

    A smarter approach to cloud

    Advances in cloud technology are shifting the focus toward choosing the right tool for the job and crafting solutions that truly modernize systems.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.