Ask Slashdot: Can We Still Trust FIPS? 138
First time accepted submitter someSnarkyBastard writes "It has already been widely reported that the NSA has subverted several major encryption standards but I have not seen any mention of how this affects the FIPS 140-2 standard. Can we still trust these cyphers? They have been cleared for use by the US Government for Top-Secret clearance documents; surely the government wouldn't backdoor itself right?...Right?"
Re:How can anyone trust (Score:3, Insightful)
That's sort of like asking why anybody would ask the Army for tips on self-defense, given that their role is blowing stuff up and killing people.
Well, the Army's role is also defense. The NSA has dual-roles, just like the Army.
The problem is, they've been turned on us. It's effectively like the Army going house-to-house searching for terrorists. All of a sudden that don't want to teach you self-defense practices, because it makes breaking down your door harder.
But you can imagine that, for a long time, people assumed the best of intentions about NSA, more-or-less.
Re:How can anyone trust (Score:4, Insightful)
you forgot 3) make sure that they can snoop on the "bad guys". ...where do you think export restrictions on cryptos came from?
do you know what's super silly? some companies selling crypto products internationally proudly tout around their NSA certification.. certification from the same organisation that has a role in making sure that they don't export too good products.
Re:How can anyone trust (Score:4, Insightful)
If by good you mean "for the common good" then yes, I'd agree. I would say they do great work with a terrible purpose.