IACR Finally Gets Around To Repudiating Mass Surveillance

First time accepted submitter TechyImmigrant (175943) writes "Following the focus on government mass surveillance resulting from the information revealed by Edward Snowden, many organizations involved in security and communications put out statements essentially repudiating that surveillance. As of yesterday (May 15th 2014) the IACR (International Association for Cryptologic Research) who one might expect to have a position on this, has finally one year after the anniversary of the leaks, got around to making a position statement. 'The membership of the IACR repudiates mass surveillance and the undermining of cryptographic solutions and standards. Population-wide surveillance threatens democracy and human dignity. We call for expediting research and deployment of effective techniques to protect personal privacy against governmental and corporate overreach.' So the crypto guys don't like it either. Now we know." They're not the only ones: reader Juha Saarinen (2822817) writes "Stung by concerns that the NSA may have introduced deliberately weakened crypto algorithms, NIST is embarking on a review of its existing standards and developments."

Re:"Stung" ???

[Jane Q. Public]

Skipjack was a good cipher. Key escrow was the problem.

Skipjack was not known to be compromised. That is true. But key escrow was a REAL problem. The whole thing was just plain a bad idea that would have enabled government spying and intrusion, and NIST knew that. (It's not enough to say there were "inadequate controls" on the keys. When government is involved there are never enough controls.)

None of this has much to do with my original point. Government was trying to get a foothold on your communications, and NIST was determined to allow it.