Slashdot Mirror

← Back to Stories (view on slashdot.org)

Silent Circle Moving Away From NIST Cipher Suites After NSA Revelations

Posted by timothy on from the service-is-a-transitive-noun dept.

Trailrunner7 writes "The first major domino to fall in the crypto world after the NSA leaks by Edward Snowden began was the decision by Lavabit, a secure email provider, to shut down in August rather than comply with a government order. Shortly thereafter, Silent Circle, another provider of secure email and other services, said it was discontinuing its Silent Mail offering, as well. Now, Silent Circle is going a step further, saying that it plans to replace the NIST-related cipher suites in its products with independently designed ones, not because the company distrusts NIST, but because its executives are worried about the NSA's influence on NIST's development of ciphers in the last couple of decades. Jon Callas, one of the founders of Silent Circle and a respected cryptographer, said Monday that the company has been watching all of the developments and revelations coming out of the NSA leaks and has come to the decision that it's in the best interest of the company and its customers to replace the AES cipher and the SHA-2 hash function and give customers other options. Those options, Callas said, will include non-NIST ciphers such as Twofish and Skein."

3 of 168 comments (clear)

  1. Re:Marketing! by cryptizard · · Score: 4, Interesting

    Yes, this is the part that I can't believe. To think that the NSA, probably some of the most paranoid people in the world, would be arrogant enough to standardize government security on broken cryptographic primitives is just not believable. There are important classified documents encrypted with suite B algorithms.

  2. Re:What does this use? by ron_ivi · · Score: 4, Interesting
    And instead of move "away" - why not move to *both* AES and another cypher.

    If they cascade the one the US recommends wiht the one China recommends with the one Russia recommends, it seems you're safe unless all thre of those governments are conspiring against you. And if that's the case you problably have bigger problems.

  3. Re:I thought that AES *was* independetly designed? by Anonymous Coward · · Score: 4, Interesting

    I know for a fact that NIST/NSA had no influence on the number of rounds for AES, having implemented Rijndael myself on an 8-bit microcontroller before it became AES. I used a copy of Rijmen and Daemen's original specification to write my implementation, and later compared it against the published NIST specification that later came out in 2001 after it was approved as AES, and it was exactly the same, including the number of rounds to be used. My implementation from mid-1999 produced the correct results with the NIST test vectors that were published after its approval. The key sizes were part of the specification for the AES contest.