U.S. government standards for software may enable spying by the National Security Agency through widely used coding formulas that should be jettisoned, some of the country’s top independent experts concluded in papers released on Monday.
Such mathematical formulas, or curves, are an arcane but essential part of most technology that prevents interception and hacking, and the National Institute of Standards and Technology (NIST) has been legally required to consult with the NSA’s defensive experts in approving them and other cryptography standards.
But NIST’s relationship with the spy agency came under fire in September after reports based on documents from former NSA contractor Edward Snowden pointed to one formula in particular as a Trojan horse for the NSA.
NIST discontinued that formula, called Dual Elliptic Curve, and asked its external advisory board and a special panel of experts to make recommendations that were published on Monday alongside more stinging conclusions by the individual experts.
Noting the partially obscured hand of the NSA in creating Dual Elliptic Curve — which Reuters reported was most broadly distributed by security firm RSA — the group delved into the details of how it and other NIST standards emerged. It found incomplete documentation and poor explanations in some cases; in others material was withheld pending legal review.
As a whole, the panels recommended that NIST review its obligation to confer with the NSA and seek legal changes “where it hinders its ability to independently develop the best cryptographic standards to serve not only the United States government but the broader community.”
They also urged NIST to weigh the advice of individual task force members who made more dramatic suggestions, such as calling for the replacement of a larger set of curves approved for authenticating users, in part because they were selected through unclear means by the NSA.
“It is possible that the specified curves contain a back door somehow,” said Massachusetts Institute of Technology professor Ron Rivest, a co-founder of RSA and the source of the letter R in its name. Though the curves could be fine, he wrote, “it seems prudent to assume the worst and transition away.”
More broadly, Rivest wrote, “NIST should ask the NSA for full disclosure regarding all existing standards… If NSA refuses to answer such an inquiry, then any standard developed with significant NSA input should be assumed to be `tainted,’” absent proof of security acceptable to outsiders.
In an email exchange, Rivest told Reuters that “NIST needs to have a process whereby evidence is publicly presented” about how the curves were chosen.
The curves faulted on Monday had been questioned by outsiders after media reports in September said the NSA could break much widely used security software, without detailing which ones or how. “These curves are ubiquitous in commercial cryptography,” Johns Hopkins University professor Matthew Green said in an interview. “If you connected to Google or Facebook today, you probably used one.”
Rivest’s long association with RSA, now part of electronic storage maker EMC Corp, made his remarks more poignant. But prominent task force colleagues including Internet co-creator Vint Cerf and Ed Felten, former chief technologist at Federal Trade Commission, also gave strongly worded verdicts on the Department of Commerce unit.
“It cannot be accepted that NIST’s responsibilities should be co-opted by the NSA’s intelligence mission,” wrote Cerf, who now works at Google Inc.
While Rivest called the internal history of Dual Elliptic Curve a “smoking gun” with an “almost certain” NSA back door, Felten wrote that NSA might not remain alone in its ability to use it and other possible NIST-approved holes for spying.
In each of three cases, including Dual Elliptic Curve and the more common curves faulted by Rivest, Felten said the suspected back door access “reduces the security of users against attack by other adversaries, including organized crime groups or foreign intelligence services.”
The NSA might have been able to generate curves that pass cursory security tests but are still breakable through the aid of sheer computing power, because it can try millions of curves and get a few that fit its goals. But a researcher working for another country could discover the flaw, Felten said.
In the case of the curves approved under the FIPS 186 standard for authenticating digital signatures, NIST should start over and pick its own curves publicly rather than relying on the NSA, Felten and others said.
Several experts said NIST had to hire more cryptographers and strengthen its internal processes to avoid relying on NSA.
NIST acting Director Willie May agreed in a statement, saying his agency “must strengthen its in-house cryptography capabilities to ensure we can reach independent conclusions about the merits of specific algorithms or standards.”
NIST did not respond to a Reuters email asking about the fate of the suspect curves.
[Image via Agence France-Presse]
Andrew Cuomo threatens to bail on CNN interview when his brother shows vintage photo of governor in bellbottoms
Gov. Andrew Cuomo (D-NY) appeared to feign anger during a CNN interview Wednesday in which his brother, Christopher Cuomo, showed a vintage photo of their family with the elder brother clad in bellbottoms, a rhinestone belt and an unfortunate attempt at an afro.
The younger Cuomo is still suffering from the effects of coronavirus, appearing redfaced and wiping his brow. However, his brother noted that he seemed more animated than he has in days.
"Now I've seen you referred to a little bit recently as the 'Love Gov' and I'm wondering if that's making you a little soft on the president, that you don't want to really criticize him, because you need him and now's not a time for fighting," said the younger Cuomo. "But don't you have to balance that with calling him out if he's doing things that you don't think are great for the people of your state to be hearing and experiencing? Love Gov?"
Fox News hosts are going back to downplaying threat from coronavirus: report
Major Fox News personalities like Sean Hannity spent weeks assuring viewers that the novel coronavirus wasn't a serious threat. In recent weeks, however, they have shifted to a different narrative, acknowledging that the virus is dangerous but giving President Donald Trump credit for taking action and criticizing Democrats' lack of action — even though many Democrats, in fact, warned the pubic first.
But according to The Daily Beast, even as there is no clear end to the crisis in sight, and even as the U.S. crosses 13,000 deaths, many Fox News hosts are going back to downplaying the virus, either telling viewers it wasn't as bad as advertised and urging the president to end public safety measures against it.
The dangers of Trump TV: MSNBC host hammers Fox News as ‘genuine public health threat’ amid pandemic
Tuesday night, Fox News decided that all anyone needed to do is to pump Americans with a Malaria drug and send them back to work to save President Donald Trump's economy.
Speaking Wednesday night, MSNBC host Chris Hayes bashed the conservative network for downplaying the seriousness of coronavirus, saying that they are "a genuine public health threat."
While Trump has advisers like Dr. Anthony Fauci, he also has the unofficial advisers he sees on Fox News.
They "are coalescing around the idea the whole thing is just overblown and we need to pump everyone full of the malaria drug and get them back to work. This is what you heard if you watch trump tv just last night," Hayes said. He then played clips illustrating exactly that, with hosts ranting and raving about the virus not being as serious as the flu.