ISO Rejects NSA’s Latest IoT Encryption Ciphers Over Surveillance Fears

ISO (International Organization for Standardization) has rejected NSA’s latest algorithms “Simon and Speck” as global cryptographic norms. The reason behind this is ISO thinks that they contain a backdoor that would allow US spies to break into them.

The NSA (National Security Agency of US) had initially been advancing a more extensive scope of encryption algorithms, however,delegates from different countries expressed worry over the NSA’s intentions. Few cited information released by Edward Snowden, which demonstrated the NSA had plans to manipulate and promote its technology. Industry specialists from countries including Germany, Japan and Israel stressed that NSA was pushing the new systems not on the grounds that they were great encryption devices, but rather on the grounds that it knew how to break them, as reported by Reuters.

Simon and Speck are groups of lightweight block ciphers, come in different widths and key sizes. The aim of Simon and Speck is to fill the requirement for secure, adaptable, and analyzable lightweight block ciphers that perform well on an extensive variety of present and future stages. Created as part of NSA’s Information Assurance research mission, both algorithms are used in hardware and software respectively. Each offers excellent performance on hardware and software platforms, flexible enough to admit a variety of implementations on a given platform, and amenable to analysis using existing techniques. Both perform exceptionally well across the full spectrum of lightweight applications, but Simon is tuned for optimal performance in hardware, and Speck for optimal performance in software. More detailed information can be found on NSA’s official GitHub repository.

The ISO’s meetings are classified, however various encryption specialists have broken their silence now as the NSA’s effort has effectively been ended. They were rejected because US officials refused to provide the standard level of technical details. Dr. Tomer Ashur from KU Leuven University, representing the Belgian delegation, led the opposition, and Israeli delegate Orr Dunkleman said that they don’t trust NSA.

Ashur tweeted

Breaking: ISO/IEC just decided to cancel 29192-2/AMD1 (Simon & Speck). Ciphers will not be included in the standard despite strong push from the NSA.

— Cryp·tomer (@TomerAshur) April 24, 2018

He further alleged that the NSA responded with “misleading statements and full lies” to representatives’ worries. Ashur proposed that if the US delegates had been “more reliable, or possibly more helpful, diverse unions would have most likely been shaped”.

He concluded: 

“On a personal note: spying agencies have no place in civilian standardization. If you can’t motivate your decisions, we can’t trust you. The Russians and Chinese seem to understand that and are much more cooperative in addressing concerns.”

The NSA had a four-year delay in publishing the figures with a security investigation and a depiction of the plan choices, which are viewed as mandatory prescribed procedures.