NSA Built Backdoor into Encryption Standard, Despite NIST Denials

New details have surfaced on the standards being tampered with by the NSA

By on September 12th, 2013 08:35 GMT

It was revealed last week that the NSA had done everything in its power to weaken or bypass encryption on the web and elsewhere.

The agency put pressure on companies to build backdoor access into their supposedly secure tools and even pushed for deliberately insecure encryption standards which it could break.

It did this by controlling the standardization process at the National Institute of Standards and Technology (NIST).

NIST technically oversees the standards to be used by US agencies and administration, but many private companies and organizations adopt the standards thanks to their rigorous creation process.

NIST works closely with the NSA, which has plenty of cryptography experts, and is legally required to consult with the agency on cryptography standards.

However, the NSA is not supposed to dictate or control the standards ratified by NIST. In 2006 though, it did just that, by becoming the sole editor of a random number generator. These generators are an important component, since any bias can be exploited to break any encryption that relies on the numbers.

The NSA deliberately introduced a small bias in one of the four random number generators proposed by the 2006 NIST standard, namely the Dual_EC_DRBG. This has been revealed by the New York Times based on internal NSA documents uncovered by Edward Snowden.

The newspaper initially revealed last week efforts by the NSA to subvert Internet encryption, but did not specify the exact standards being tampered with. The speculation at the time was that this was about the Dual_EC_DRBG random number generator.

Back in 2007, several cryptography experts warned that it appeared that the Dual_EC_DRBG was flawed.

They believed this to be the work of the NSA, which was very keen on having the generator included in the standard, but believed it was a really bad idea since the vulnerability was visible to anyone. What's more, Dual_EC_DRBG was much slower than the other options, so no one would have used it anyway.

Only a couple of days ago, NIST denied the allegations in a statement, a few days after the initial revelations, claiming that no standard had ever been tampered with.

Clearly, that is a lie, if internal NSA documents are to believed. That said, the institute may have actually been in the dark about all of this.