Difference between revisions of "NIST"
m (t) |
(dodgy crypto) |
||
| Line 10: | Line 10: | ||
In 2002 the [[National Construction Safety Team Act]] mandated NIST to conduct an investigation into the [[collapse of the World Trade Center]] buildings 1 and 2 and the 47-storey [[9-11/WTC7|7 World Trade Center]]. The point man for the "World Trade Center Collapse Investigation" has been named as [[Stephen Cauffman]] and the lead investigator WAS [[Shyam Sunder]],<ref name="Lipton">{{cite news|author=Eric Lipton|journal=New York Times|date=August 22, 2008|title=Fire, Not Explosives, Felled 3rd Tower on 9/11, Report Says|url=http://www.nytimes.com/2008/08/22/nyregion/22wtccnd.html}}</ref> covered three aspects, including a technical building and [[fire safety]] investigation to study the factors contributing to the probable cause of the collapses of the WTC Towers (WTC 1 and 2) and WTC 7. | In 2002 the [[National Construction Safety Team Act]] mandated NIST to conduct an investigation into the [[collapse of the World Trade Center]] buildings 1 and 2 and the 47-storey [[9-11/WTC7|7 World Trade Center]]. The point man for the "World Trade Center Collapse Investigation" has been named as [[Stephen Cauffman]] and the lead investigator WAS [[Shyam Sunder]],<ref name="Lipton">{{cite news|author=Eric Lipton|journal=New York Times|date=August 22, 2008|title=Fire, Not Explosives, Felled 3rd Tower on 9/11, Report Says|url=http://www.nytimes.com/2008/08/22/nyregion/22wtccnd.html}}</ref> covered three aspects, including a technical building and [[fire safety]] investigation to study the factors contributing to the probable cause of the collapses of the WTC Towers (WTC 1 and 2) and WTC 7. | ||
| + | NIST released video{{why}} in 2010 showing [[Michael Hess]] calling from the 8th floor of [[WTC7]]. | ||
| + | |||
| + | ==Compromised cryptography== | ||
| + | NIST is responsible for standardising cryptographic algorithms and standardised [[Dual_EC_DRBG]], which already by 2004 was understood by some researchers to have a possible kleptographic [[backdoor (computing)|backdoor]] in its design, with the unusual property that it was theoretically impossible for anyone but Dual_EC_DRBG's designers (NSA) to confirm the backdoor's existence. [[Bruce Schneier]] concluded shortly after standardization that the "rather obvious" backdoor (along with other deficiencies) would mean that nobody would use Dual_EC_DRBG.<ref name="wired-schneier">{{cite news | url=http://archive.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115 | title=Did NSA Put a Secret Backdoor in New Encryption Standard? | work=[[Wired News]] | date=2007-11-15 | author=[[Bruce Schneier]] | archiveurl=https://web.archive.org/web/20140621062515/http://archive.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115 | archivedate=2014-06-21 | deadurl=no}}</ref> The backdoor would allow NSA to decrypt for example [[Transport Layer Security|SSL/TLS]] encryption which used Dual_EC_DRBG as a CSPRNG.<ref name="green_flaws">{{cite web|url=http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html|title=The Many Flaws of Dual_EC_DRBG|author=Matthew Green}}</ref> | ||
| + | |||
| + | ===Snowden's revelations=== | ||
| + | In December 2013, a [[Reuters]] news article alleged that in 2004, before NIST had standardized Dual_EC_DRBG, NSA paid [[RSA Security]] $10 million in a secret deal to use Dual_EC_DRBG as the default in the [[RSA BSAFE]] cryptography library, which resulted in RSA Security becoming the most important distributor of the insecure algorithm.<ref name="NSApaid">{{cite news | url=http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220 | title=Exclusive: Secret contract tied NSA and security industry pioneer | date=December 20, 2013 | agency=Reuters | accessdate=December 20, 2013 | author=Menn, Joseph | location=San Francisco}}</ref> RSA denied ever knowingly colluded with the NSA to adopt an algorithm that was known to be flawed, saying "we have never kept [our] relationship [with the NSA] a secret".<ref name="RSA Company Statements">{{cite web|last=The Security Division of EMC|first=RSA,|title=RSA Response to Media Claims Regarding NSA Relationship|url=https://blogs.rsa.com/news-media-2/rsa-response/|publisher=RSA|accessdate=22 December 2013}}</ref> | ||
| − | |||
{{SMWDocs}} | {{SMWDocs}} | ||
{{Stub}} | {{Stub}} | ||
Revision as of 12:26, 10 August 2016
 NIST     | |
|---|---|
 | |
| Headquarters | Gaithersburg, Maryland, U.S. |
| Leader | Under Secretary of Commerce for Standards and Technology and Director of NIST |
| Subpage | •NIST/Director |
| Now infamous for their attempt to cover-up the truth of the 9-11 controlled demolitions. | |
Contents
September 11th, 2001
In 2002 the National Construction Safety Team Act mandated NIST to conduct an investigation into the collapse of the World Trade Center buildings 1 and 2 and the 47-storey 7 World Trade Center. The point man for the "World Trade Center Collapse Investigation" has been named as Stephen Cauffman and the lead investigator WAS Shyam Sunder,[1] covered three aspects, including a technical building and fire safety investigation to study the factors contributing to the probable cause of the collapses of the WTC Towers (WTC 1 and 2) and WTC 7.
NIST released video[Why?] in 2010 showing Michael Hess calling from the 8th floor of WTC7.
Compromised cryptography
NIST is responsible for standardising cryptographic algorithms and standardised Dual_EC_DRBG, which already by 2004 was understood by some researchers to have a possible kleptographic backdoor in its design, with the unusual property that it was theoretically impossible for anyone but Dual_EC_DRBG's designers (NSA) to confirm the backdoor's existence. Bruce Schneier concluded shortly after standardization that the "rather obvious" backdoor (along with other deficiencies) would mean that nobody would use Dual_EC_DRBG.[2] The backdoor would allow NSA to decrypt for example SSL/TLS encryption which used Dual_EC_DRBG as a CSPRNG.[3]
Snowden's revelations
In December 2013, a Reuters news article alleged that in 2004, before NIST had standardized Dual_EC_DRBG, NSA paid RSA Security $10 million in a secret deal to use Dual_EC_DRBG as the default in the RSA BSAFE cryptography library, which resulted in RSA Security becoming the most important distributor of the insecure algorithm.[4] RSA denied ever knowingly colluded with the NSA to adopt an algorithm that was known to be flawed, saying "we have never kept [our] relationship [with the NSA] a secret".[5]
Employee on Wikispooks
| Employee | Job | Appointed |
|---|---|---|
| John Gross | Research Structural Engineer | July 1983 |
Related Documents
| Title | Type | Publication date | Author(s) | Description |
|---|---|---|---|---|
| File:NIST Analyses Brookman.pdf | paper | 26 March 2010 | Ronald Brookman | |
| File:Nanothermite Smoking Gun.pdf | article | 18 August 2009 | Michael Schmidt | An introduction to the nano-thermite issue and how the "investigators" chose to ignore this aspect. |
| File:The Top Ten Connections Between NIST and Nano-Thermites.pdf | paper | 2 July 2008 | Kevin Ryan | An examination of NIST's connections to the nano-thermite. |
- ↑
{{URL|example.com|optional display text}} - ↑
{{URL|example.com|optional display text}} - ↑ Matthew Green. "The Many Flaws of Dual_EC_DRBG".Page Module:Citation/CS1/styles.css must have content model "Sanitized CSS" for TemplateStyles (current model is "Scribunto").
- ↑
{{URL|example.com|optional display text}} - ↑ The Security Division of EMC, RSA,. "RSA Response to Media Claims Regarding NSA Relationship". RSA. Retrieved 22 December 2013.CS1 maint: extra punctuation (link)Page Module:Citation/CS1/styles.css must have content model "Sanitized CSS" for TemplateStyles (current model is "Scribunto").
