NIST pledges 'global acceptability' in crypto standards
- By Mark Rockwell
- Apr 01, 2016
The National Institute of Standards and Technology has issued the final version of a document that outlines its process for developing cryptographic standards and guidelines in an effort to demonstrate its commitment to transparency.
NIST's reputation as an independent body for cryptographic issues took a hit when former National Security Agency contractor Edward Snowden leaked evidence that NSA had subverted a NIST-approved algorithm known as Dual_EC_DRBG. Such algorithms make it more difficult for attackers to decrypt messages.
On March 31, NIST released "NIST Cryptographic Standards and Guidelines Development Process" as an integral part of its effort to rebuild some of the trust that might have been lost.
"Our goal is to develop strong and effective cryptographic standards and guidelines that are broadly accepted and trusted by our stakeholders," said Donna Dodson, NIST's chief cybersecurity adviser, in a statement. "While our primary stakeholder is the federal government, our work has global reach across the public and private sectors. We want a process that results in standards and guidelines that can be used to secure information systems worldwide."
The document contains nine guiding principles that NIST uses to create strong cryptography, which include transparency, openness, balance, technical merit and global acceptability. Officials said global acceptability was added in response to public comments and reflected the worldwide nature of commerce today.
They acknowledged the "possibility for tension between NIST's mission to promulgate the use of strong cryptography, and the law enforcement and national security missions of other agencies," but said they were committed to open, transparent processes.
Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.
Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.
Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.
Click here for previous articles by Rockwell.
Contact him at [email protected] or follow him on Twitter at @MRockwell4.