Compliance Management, Threat Management, Data Security, Encryption

ISO decides not to approve two NSA encryption algorithms, citing trust issues


The International Organization for Standardization (ISO) decided not to approve the NSA encryption algorithms Speck and Simon after expressing concerns that the NSA was able to crack the encryption techniques and would thus gain a back door into coded transmissions.

The decision follows a three year dispute behind closed doors around the world between academic and industry experts from countries including Germany, Japan and Israel about whether or not the two data encryption techniques would be set as global encryption standards, according to Reuters.

Much of the distrust stemmed from internal NSA documents disclosed by Snowden that showed the agency had previously plotted to manipulate standards and promote technology it could penetrate and budget documents showing the NSA sought funding to “insert vulnerabilities into commercial encryption systems.”

“I don't trust the designers,” Israeli delegate Orr Dunkelman, a computer science professor at the University of Haifa, told Reuters, citing Snowden's papers. “There are quite a lot of people in NSA who think their job is to subvert standards. My job is to secure standards.”

To address these concerns, the NSA has agreed to drop all but the most powerful encryption version which are least likely to be vulnerable to attack.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.