NIST Advised to Rely Less on NSAPanel: Institute Should Beef Up Its Own Cryptographic Expertise
The National Institute of Standards and Technology should use the cryptographic community to help vet the advice it gets from the National Security Agency when creating cryptography guidance, a panel of prominent experts recommends.
NIST's primary advisory committee, the Visiting Committee on Advanced Technology, or VCAT, issued on July 14 a report titled NIST Cryptographic Standards and Guidelines Development Process, which says NIST should be in a position to assess and reject, when warranted, advice it receives from the NSA. To do that, the report says, NIST must expand its own cryptographic expertise or engage the cryptographic community when developing particular standards.
Princeton University Computer Science Professor Edward Felten, a member of a seven-member panel that advised VCAT, counsels NIST to be very careful when working with the NSA to help create standards. "NIST should draw on NSA's expertise, but NIST must not defer to NSA on security-relevant decisions," he says in an addendum to the report. "NIST itself, and the cryptographic community that looks to NIST's standards, must be able to conclude confidently that NSA did not have any opportunity to undermine any NIST standard."
NIST last year withdrew guidance, Special Publication 800-90A: Recommendation for Random Number Generation Using Deterministic Random Bit Generators, after reports surfaced that the NSA exploited the standard to circumvent encryption.(see NIST to Drop Crypto Algorithm from Guidance)."NIST cannot be seen as, nor be subject to, any kind of coercion or veto by the National Security Agency," says Google Chief Evangelist Vint Cerf, another panel member. "Transparency of process will help here but this also means that NIST must have credible independent depth in cryptographic and mathematical staff."
To help NIST gain more independence from the NSA, VCAT recommends that NIST consult more frequently with the cryptographic community, including academia and industry, in the standards-development process, as well as beef up its own cryptographic expertise.
NIST's chief cybersecurity adviser, Donna Dodson, says NIST's top management is studying whether it can re-allocate resources to fund either new cryptographic positions and/or retain outside experts, such as academics who could consult part-time or temporarily with the institute.
Hear Donna Dodson discuss NIST growing its cryptographic staff.
VCAT also recommends that NIST improve its discipline in documenting standards developments, saying it's of paramount importance that NIST's processes are transparent and that the agency has the trust and support of the cryptographic community.
Rebuilding that trust could take time. "NIST's credibility with the cryptographic community cannot be rebuilt overnight," Felton says. "But rebuilding that credibility is critical to advancing NIST's mission and benefiting technology users in the U.S. and overseas."
NIST has always considered itself open and transparent, but it's taking steps to become even more so, says Dodson, who also serves as associate director of NIST's Information Technology Laboratory. She cites, as an example, the way NIST seeks outside comments when developing guidance. Instead of posting comments from stakeholders after the comment period ends, those comments are now being made public during the comment period.
"It's very important to us that the community trusts the work that we do," she says. "And, we care very much about that as scientists and about our integrity. So, we'll continue to work with the community to build that confidence."
Still, Dodson says, NIST will continue to work with the NSA on crytography, as is required under the Federal Information Security Management Act. She says the key issue isn't whether NIST collaborates with the NSA or any other outside group but that its experts have clear knowledge of the technologies and processes that go into developing cryptography standards.
Hear Dodson discuss NIST-NSA collaboration.
"It's really about all of our work regardless of who we work with in the community, but making sure that we really understand the details ourselves and not just rely on the expertise of others, period," she says.
Last fall, NIST Director Patrick Gallagher, who has since left the agency, requested that VCAT review NIST's cryptographic standards and guidelines development process (see NIST to Review Crypto Guidance Methods). In May, VCAT convened a so-called Committee of Visitors and asked each expert to review NIST's cryptographic process and provide individual reports of their conclusions and recommendations (see Experts to Assess NIST Cryptography Program)/p>
NIST says the VCAT review is part of a larger NIST initiative that includes an internal review of its development process. In February, NIST released a document outlining the principles behind that process. NIST Interagency Report 7977: Draft NIST Cryptographic Standards and Guidelines Development Process, which will be finalized by the end of this year. The guidance will include more detailed processes and procedures that incorporate feedback from the VCAT and the public.
"We recognize and agree with the VCAT that NIST must strengthen its in-house cryptography capabilities to ensure we can reach independent conclusions about the merits of specific algorithms or standards," Acting NIST Director Willie May says.
NIST has created a Committee of Visitors' website, which includes the report as well as other materials related to the review the panel conducted.
Correction: An earlier version of this story misspelled Donna Dodson's name.