NIST trying to win back crypto-cred after NSA sabotage

NIST has two masters. The NSA and the US Public. Currently the NSA is not advancing the interests of the US Public. NIST needs to chose which master it is going to serve.

If NIST chooses to serve the interests of the US Public again, it can easily demonstrate that decision. Just advance a standard that protects privacy.

A month ago, when we were discussing NSA’s Operation Bullrun, User bardfin had a great suggestion:

We need open-hardware ASICs that do nothing but dump true physical-noise-derived random numbers, in a SIM card package or SDCARD or USB or something that can be pulled out, swapped out, upgraded, thrown away when or if it is determined to have an implementation weakness — at a price point that is pennies. We need them on a single-layer process, mounted in a clear epoxy, so they can be put under a microscope and audited physically so we can say “this isn’t counterfeit”.

Trust-able sources of random numbers would be one way NIST could demonstrate they are not the NSA’s puppet.

With a good source of random numbers, I could pre-share a few gigs of random every place I needed point to point privacy. Then it would be fairly straight forward to build a brutally simple variant of SSH that always used symmetric crypto and derived the keys from the pre-shared random file.