NIST pledges 'global acceptability' in crypto standards

Shutterstock image. Copyright: McIek.

The National Institute of Standards and Technology has issued the final version of a document that outlines its process for developing cryptographic standards and guidelines in an effort to demonstrate its commitment to transparency.

NIST's reputation as an independent body for cryptographic issues took a hit when former National Security Agency contractor Edward Snowden leaked evidence that NSA had subverted a NIST-approved algorithm known as Dual_EC_DRBG. Such algorithms make it more difficult for attackers to decrypt messages.

On March 31, NIST released "NIST Cryptographic Standards and Guidelines Development Process" as an integral part of its effort to rebuild some of the trust that might have been lost.

"Our goal is to develop strong and effective cryptographic standards and guidelines that are broadly accepted and trusted by our stakeholders," said Donna Dodson, NIST's chief cybersecurity adviser, in a statement. "While our primary stakeholder is the federal government, our work has global reach across the public and private sectors. We want a process that results in standards and guidelines that can be used to secure information systems worldwide."

The document contains nine guiding principles that NIST uses to create strong cryptography, which include transparency, openness, balance, technical merit and global acceptability. Officials said global acceptability was added in response to public comments and reflected the worldwide nature of commerce today.

They acknowledged the "possibility for tension between NIST's mission to promulgate the use of strong cryptography, and the law enforcement and national security missions of other agencies," but said they were committed to open, transparent processes.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at or follow him on Twitter at @MRockwell4.


  • People
    Dr. Ronny Jackson briefs the press on President Trump

    Uncertainty at VA after nominee withdraws

    With White House physician Adm. Ronny Jackson's withdrawal, VA watchers are wondering what's next for the agency and its planned $16 billion health IT modernization project.

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.