Distrustful US Allies Force Spy Agency To Back Down In Encryption Fight

schwit1 shares a report from Reuters: An international group of cryptography experts has forced the U.S. National Security Agency to back down over two data encryption techniques it wanted set as global industry standards, reflecting deep mistrust among close U.S. allies. In interviews and emails seen by Reuters, academic and industry experts from countries including Germany, Japan and Israel worried that the U.S. electronic spy agency was pushing the new techniques not because they were good encryption tools, but because it knew how to break them. The NSA has now agreed to drop all but the most powerful versions of the techniques -- those least likely to be vulnerable to hacks -- to address the concerns.

Re:You reap what you sow

[HiThere]

The thing is, I don't know that anyone every actually *proved* that the NSA elliptic cure constants were weak. But everyone suspects that they are because of other things they've done.

This is a point worth remembering. Once you get a bad reputation, people stop trusting you even if they can't prove that you're doing something wrong this time. And when they remember it later they'll remember it as a time they didn't fall into your trap.

And remember, perhaps those constants were good. Have you heard of anyone proving that they weren't? But would you want to trust them?