may be in order:
https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption
says in part:
" Simultaneously, the N.S.A. has been deliberately weakening the
international encryption standards adopted by developers. One goal in the
agency’s 2013 budget request was to “influence policies, standards and
specifications for commercial public key technologies,” the most common
encryption method.
Cryptographers have long suspected that the agency planted vulnerabilities
in a standard adopted in 2006 by the National Institute of Standards and
Technology, the United States’ encryption standards body, and later by the
International Organization for Standardization, which has 163 countries as
members.
Classified N.S.A. memos appear to confirm that the fatal weakness,
discovered by two Microsoft cryptographers in 2007, was engineered by the
agency. The N.S.A. wrote the standard and aggressively pushed it on the
international group, privately calling the effort “a challenge in
finesse.”
“Eventually, N.S.A. became the sole editor,” the memo says. "
- Lucy
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
