The US’ National Institute of Standards and Technology is more than a little worried that its encryption guideilnes have been creating back doors for spies, and it’s changing its tune in order to plug those security holes. The agency is no longer recommending an NSA-backed number randomization technique that made it relatively easy to crack and monitor encrypted data. In theory, software developers who heed the new advice won’t have to worry that they’re laying down a welcome mat for government surveillance agents. NIST’s revision won’t do much to help privacy-conscious companies (they’ve already moved on to tougher safeguards), and it certainly isn’t an iron-clad defense against hacks. However, it could still make a big difference if it prevents less-informed organizations from repeating some big mistakes. [Image credit: Sam Dal Monte, Flickr ] Filed under: Internet Comments Via: Martijn Grooten (Twitter) Source: NIST
View the original here:
Tougher encryption guidelines close a back door for NSA spies
