Massie, a strong advocate for privacy and civil liberties, explained on the phone Thursday that his eight-line amendment will prevent the NSA, which remains an encryption expert, from working with the National Institute of Standards and Technology (NIST) to weaken or compromise encryption.
Reps. Zoe Lofgren (D-CA, 19th) and Ted Poe (R-TX, 2nd) also threw their weight behind the amendment.
The amendment follows a report which showed the NSA had a secret $10 million contract with security firm RSA Security, which led to the circulation of a deliberately flawed encryption product. RSA became the most prominent firm to offer the encryption in a mainstream product, called Bsafe. (While $10 million may seem paltry by today’s standards, Reuters notedthat this sum was more than a third of the company’s revenue at the time.)
The NSA was able to point to the use of Bsafe – a widely successful encryption product at the time – within the government. The National Institute of Standards and Technology (NIST), which approves cryptographic products for the government’s use and also gives its blessing for private industry use, accepted the flawed encryption without knowledge of the backdoor.
NIST later renounced the technology after documents leaked by whistleblower Edward Snowden detailed the collaboration.
The people at the NSA responsible for purposely weakening encryption standards should be ashamed of themselves. It is about time the tide has started to turned against this jackassery.