Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Can We Still Trust FIPS?

Posted by timothy on from the just-slide-it-under-my-door dept.

First time accepted submitter someSnarkyBastard writes "It has already been widely reported that the NSA has subverted several major encryption standards but I have not seen any mention of how this affects the FIPS 140-2 standard. Can we still trust these cyphers? They have been cleared for use by the US Government for Top-Secret clearance documents; surely the government wouldn't backdoor itself right?...Right?"

4 of 138 comments (clear)

  1. suite b by Anonymous Coward · · Score: 5, Informative

    http://www.nsa.gov/ia/programs/suiteb_cryptography/

      AES with 128-bit keys provides adequate protection for classified information up to the SECRET level. Similarly, ECDH and ECDSA using the 256-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and SHA-256 provide adequate protection for classified information up to the SECRET level. Until the conclusion of the transition period defined in CNSSP-15, DH, DSA and RSA can be used with a 2048-bit modulus to protect classified information up to the SECRET level.

    AES with 256-bit keys, Elliptic Curve Public Key Cryptography using the 384-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and SHA-384 are required to protect classified information at the TOP SECRET level. Since some products approved to protect classified information up to the TOP SECRET level will only contain algorithms with these parameters, algorithm interoperability between various products can only be guaranteed by having these parameters as options.

    NSA also defined another algorithm suite, Suite A, which contains both classified and unclassified algorithms. Suite A will be used in applications where Suite B may not be appropriate. Both Suite A and Suite B can be used to protect foreign releasable information, US-Only information, and Sensitive Compartmented Information (SCI).

  2. Re:How can anyone trust by Entropius · · Score: 5, Funny

    That's not their only purpose. The NSA is supposed to:

    1) Make sure the bad guys don't snoop on Americans;
    2) Snoop on the bad guys.

    I use "bad guys" here with intentional irony, since nobody quite knows how to resolve the dichotomy that happens when the NSA's suspected of being bad guys.

  3. TS is not SCI by Anonymous Coward · · Score: 5, Interesting

    "Up to Top Secret" does not include Sensitive Compartmented Information (SCI). The ciphers under discussion, backdoored or not, are not suitable for use on SCI.

  4. ASCII probably contains a NSA backdoor as well. by Anonymous Coward · · Score: 5, Funny

    ASCII stands for "American Standard Code for Information Interchange". Since this is an American standard, then the whole encoding scheme probably contains a backdoor that allows the NSA to read all information encoded in it. We can't trust EBDIC either as IBM is a contractor for the NSA, they would insert a backdoor as well. I think for maximum online privacy we should be using Unicode which shouldn't contain an NSA backdoor because it is an international standard. The American government has no interest in following or creating international standards.

    Unfortunately Slashdot does not support Unicode, so one should now safely assume that Slashdot is an NSA honeypot .