1 / 8

NIST Cryptography Standards Under Review

NIST Cryptography Standards Under Review. Jackson, William. (2013). NSA's reported tampering could change how crypto standards are made. GCN.com. Retrieved from http://gcn.com/Articles/2013/11/04/NIST-crypto-review.aspx?Page=1. on 6 November 2013. Ethical Issue.

hesper
Download Presentation

NIST Cryptography Standards Under Review

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NIST Cryptography Standards Under Review Jackson, William. (2013). NSA's reported tampering could change how crypto standards are made. GCN.com. Retrieved from http://gcn.com/Articles/2013/11/04/NIST-crypto-review.aspx?Page=1. on 6 November 2013.

  2. Ethical Issue • NIST has begun formal review of its process for developing crypto standards. • Caused by “recent news reports about leaked classified documents.” (i.e. Reports of NSA backdoor into cryptography generation) • Concern about NIST leaving back doors for NSA • Dual EC_DRBG, the Dual Elliptic Curve Deterministic Random Bit Generator

  3. Eight Step Process • Issue: Should the NSA be removed from the collaborative process of developing crypto standards? • Stakeholders and Desired Outcomes: • NIST - Preservation of public image and respect • NSA - Consideration when developing crypto standards • Public - Security standards that are representative of actually security, and transparency of standards development process.

  4. Possible Solutions • Allow NSA collaboration at current level • Best Case: NSA continues collaboration but never again violates public interest. • Worst Case: NSA maintains policy of secret access to private or encrypted data • Remove NSA from process completely • Best Case: NSA bows out and allows process to continue without them. • Worst Case: NSA uses vast connections to create new standards that no longer involve any public involvement

  5. Possible Solutions • Reduce NSA involvement in process • Best Case: NSA understandingly allows their involvement to be reduced, while respecting outcomes of the process. • Worst Case: NSA publicly allows involvement to reduce, while secretly continuing policy of secret access to private and encrypted data • Idealist • Can Everyone Use This Solution? Yes • Are People Ends rather than Means? Yes

  6. Realist • Is the Solution in accord with what is Natural? Yes • Is the Solution a balance? No • Pragmatist • Would the Majority agree? yes • Will it promote the greatest good? yes • Existentialist • Solution most commit to conscience? Yes • Is the Solution free of influence by other? No

  7. Which Philosophy was most Influential? • Pragmatist

  8. ACM Code: 1.3 Be honest and trustworthy. • “A computer professional has a duty to be honest about […] any circumstances that might lead to conflicts of interest.”

More Related