Thomas Massie said "Madam Chair, In December of 2013, news broke--and this was in a Reuters article--that, as a key part of a ``campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with'' a private company--in fact, ``one of the most influential firms in the computer security industry.'' It was further disclosed that ``an algorithm called Dual Elliptic Curve . . . was on the road to approval by the National Institute of Standards and Technology as one of four acceptable methods for generating random numbers.'' The company adopted this algorithm, knowing that it would be used as a standard, and it was, as expected, approved by the National Institute of Standards and Technology. But ``within a year, major questions were raised about Dual Elliptic Curve. Cryptography authority Bruce Schneier wrote that the weakness in the formula `can only be described as a back door.''' This is just one example of the NSA exploiting its relationship with NIST to weaken encryption standards. Look, NIST, we would like for them to set the highest standards for our country, particularly when it comes to encryption. Weakened encryption standards allow the NSA to snoop on Americans without a warrant. So these back doors in encryption products are bad for privacy. It makes it just way too easy to violate our Fourth Amendment. But back doors in encryption software are also bad for security.…" @ PoliticalQuotes.com

On the recordJune 3, 2015

Madam Chair, In December of 2013, news broke--and this was in a Reuters article--that, as a key part of a ``campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with'' a private company--in fact, ``one of the most influential firms in the computer security industry.'' It was further disclosed that ``an algorithm called Dual Elliptic Curve . . . was on the road to approval by the National Institute of Standards and Technology as one of four acceptable methods for generating random numbers.'' The company adopted this algorithm, knowing that it would be used as a standard, and it was, as expected, approved by the National Institute of Standards and Technology. But ``within a year, major questions were raised about Dual Elliptic Curve. Cryptography authority Bruce Schneier wrote that the weakness in the formula `can only be described as a back door.''' This is just one example of the NSA exploiting its relationship with NIST to weaken encryption standards. Look, NIST, we would like for them to set the highest standards for our country, particularly when it comes to encryption. Weakened encryption standards allow the NSA to snoop on Americans without a warrant. So these back doors in encryption products are bad for privacy. It makes it just way too easy to violate our Fourth Amendment. But back doors in encryption software are also bad for security.…

Said by

Thomas Massie

Republican · Kentucky

Source

Congressional Record · 2015-06-03