- Mississippi abortion law can’t be enforced
- Teacher who survived Sandy Hook has book deal
- Jury awards Jesse Ventura $1.8M in case vs. ‘American Sniper’ author Chris Kyle
- Government OKs Arab-owned company to operate U.S. cargo port
- Defense lawyer: McDonnell’s wife had ‘crush’ on CEO
- Chinese hackers stole ‘huge quantities’ of sensitive data on Israel’s Iron Dome
- House unveils bill to speed deportations of illegal immigrant children
- Californians protest middle school for hiring white man to teach cultural studies
- Killer’s sentencing overturned because mother couldn’t find seat in courtroom
- Hillary: ‘Dead broke’ comment was ‘inartful,’ but insists it was ‘accurate’
NSA wages secret war against encryption
Snowden documents show questionable deals to get ‘keys’ to systems
Question of the Day
According to the Snowden documents, the NSA “makes cryptographic modifications to commercial or indigenous cryptographic information security devices or systems” so they can be subject to eavesdropping.
The documents don’t name any of the systems the agency has tried to weaken, but some cryptographers have long been suspicious of the NSA’s role in developing encryption standards approved and promoted by the National Institute of Standards and Technology — the federal agency that sets benchmarks for security measures.
As a result of the latest revelations, the standards and technology institute has “lost the trust of the computer science community,” said Christopher Soghoian, a privacy researcher and advocate with the American Civil Liberties Union. “They are compromised.”
The standards and technology institute said in a statement that it is “required by statute” to consult with the NSA and that it “would not deliberately weaken a cryptographic standard.”
Nonetheless, the agency has reopened for public comment a 2006 standard long criticized by many cryptographers.
Privacy advocates and cryptographers say the National Institute of Standards and Technology still will have to tell the truth about any collaboration with the NSA in order to rebuild trust.
“They are going to have to work real hard to get themselves out of this hole, if they ever can,” Mr. Soghoian said.
The NIST press office was closed because of the government shutdown, and no one could be reached for comment.
The ‘NOBUS’ principle
One former NSA chief said intelligence officials are ever careful to weigh the costs and benefits of exploiting any cybersecurity flaw they come across, including in encryption.
“There are vulnerabilities, and then there are vulnerabilities,” said Michael V. Hayden, a retired Air Force general who headed the agency from 1999 to 2005.
“When weighing the balance between exploiting or plugging a vulnerability once it has been discovered, the question cannot be handled in the abstract. Particulars matter,” said Gen. Hayden, who is now a principal with the Chertoff Group, a private security and intelligence firm.
One factor taken into account is what Mr. Hayden calls the “NOBUS” principle: “no one but us.”
If a vulnerability can be exploited only by U.S. agencies for technical reasons, Gen. Hayden said, “That is not a vulnerability that we are legally and morally obliged to patch. That is a vulnerability that we are legally and morally obliged to exploit in order to help keep the American people safe.”
“Time is also a factor,” he said. “It may be NOBUS now, but one has to be alert as this changes over time.”
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
Shaun Waterman is an award-winning reporter for The Washington Times, covering foreign affairs, defense and cybersecurity. He was a senior editor and correspondent for United Press International for nearly a decade, and has covered the Department of Homeland Security since 2003. His reporting on the Sept. 11 Commission and the tortuous process by which some of its recommendations finally became ...
- Senator's memo shows Iran links in Homeland Security's troubled immigration program
- Help wanted: Homeland Security plagued by vacancies at the top
- Dems back bill to fix problems in investor visa program
- Democrats proceed with Mayorkas vote despite pending investigation
- NSA monitored 'World of Warcraft' players
Latest Blog Entries
TWT Video Picks
- Boehner rules out impeachment: 'Scam started by Democrats'
- Obama: 'Not a new Cold War,' but new Russia sanctions announced
- Federal judge grants 90-day stay in D.C. gun case
- Obama thanks Muslims for 'building the very fabric of our nation'
- GOP Senate candidate: Obama needs to visit Central America
- Smugglers, rainstorm combine to poke holes in border fence
- Murdered teen texted boyfriend: 'OMG ... I think I'm being kidnapped'
- D.C. seeks to stay judge's order allowing gun owners to carry in public
- Kerry's credibility questioned as fighting in Gaza rages
- Jury awards Jesse Ventura $1.8M in defamation case
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world