Could have fooled me. I thought that it was mainly white males who complain about the NSA. And I am surprised a white feminist professor would admit that she did not know how to take care of her baby, and had to rely on a black nanny.
Mathematician Peter Woit writes:
Among the many disturbing aspects of the behavior of the NSA revealed by the Snowden documents, the most controversial one directly relevant to mathematicians was the story of the NSA’s involvement in a flawed NIST cryptography standard (for more see here and here). The New York Times reported:We don't need the Snowden documents. The public also has the 2007 Microsoft paper explaining the possible backdoor. If you are an al qaeda terrorist, then you might not want to use the NSA function to generate your private keys. If you are not an international terrorist, then there is no proven or fatal weakness.Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the international group, privately calling the effort “a challenge in finesse.”The standard was based on the mathematics of elliptic curves, so this is a clearly identifiable case where mathematicians seem to have been involved in using their expertise to subvert the group tasked with producing high quality cryptography. ...
Read carefully (and I think it was written very carefully…), note that George never directly denies that the NSA back-doored Dual-EC-DRBG, just claims there is no “proven weakness”. In other words, since how they chose the elliptic curves is a classified secret, no one can prove anything about how this was done. All the public has is the Snowden documents which aren’t “proof”.
I would comment on Woit's blog, but he is deleting comments that disagree with him.
The Clinton administration did propose a Clipper Chip with an NSA backdoor in 1993. Or more precisely, a system for key escrow, not a backdoor. It is plausible that the NSA designed in a backdoor to Dual-EC-DRBG that it could use and no one else. But so what? It is just a stupid pseudo-random number generator. If you don't like it, then don't use it.
Update: Woit deleted this comment from me:
It is true that you can choose your own (P,Q) if you do not trust what NSA did. It is just a pseudo-random number generator. You can also toss coins if you wish, or use dozens of other pseudo-random number generators. Your main complaint is that the NSA did not fully explain itself. Guess what -- the NSA never fully explains itself.He does quote hysterical anti-NSA comments, such as from Ron Rivest. But there is no mention of how Rivest's company sold out to create data insecurities for millions.