America's National Institute for Science and Technology (NIST) is looking for public input into its long-running project to improve cryptography.
The recommendation NIST's put up for discussion covers the design principles and requirements for random bit generators, and tests to validate entropy sources.
It's the entropy validation that NIST regards as most important in Special Publication 800-90B: rather than trying to tell crypto designers what crypto sources to use, it wants reliable ways to check the outputs.
The National Institute of Standards and Technology is looking to make the backbone of cryptography -- random bit generators -- less predictable.
NIST has released the second draft of a publication that specifies design principles for sources of entropy, which measure the randomness of generated numbers. Without a reliably random RBG, hackers can slice through a user's communications.
Cryptography has become popular in the post-Edward Snowden era. Everyone seems to be worried about being spied upon and is looking for ways to avoid it. While the majority of users likely have nothing to hide, it's still a creepy feeling to know that someone can, and possibly is, checking what you say and do.
There has been a lot of talk about adding backdoors, mostly from those who want to spy and those who simply don't understand the technology. The latest of this is currently taking place in New York.
As discussed in a recent Monday Note titled “Let’s Outlaw Math,” electronic messages that are encoded with modern encryption techniques are truly indecipherable by interlopers—it doesn’t matter whether they’re criminals or governments. The latter have attempted to legislate backdoors that only they can use (to protect us, of course), but there’s a danger: These “golden keys” could fall into the wrong hands. In any case, a backdoor only works where it’s been installed; unbreakable public domain encryption is available to everyone, terrorists and traffickers included.
The investigation into last Friday's coordinated terrorist attacks has quickly turned up evidence that members of the Islamic State (ISIS) communicated with the attackers from Syria using encrypted communications, according to French officials.