[Cryptography] NSA up to their old tricks - stuffing the IETF WGs with their supporters for weakened standards

[Salz, Rich]

  *
There's uptake, *and* there's standards. With an IETF standard in the back pocket, NSA can then trick various less educated players into using it. And then make hay until their sun goes down. This is more or less what happened with Dual_EC, or so the rumour goes.

A key difference is that Dual_EC was made a standard because at the time NIST had​ to follow the NSA recommendations in cryptography.  I have not heard anyone say that the NIST PQ specifications were done in anything other than an open global competition. Have you?

NSA really shot themselves in the foot for the info-sec said. Even ISO, the definition of a pay-to-publish standards organization, refused to look at SIMON and SPECK.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20251014/d56c87a3/attachment.htm>