NIST "required" to do bad work

Just a little tidbit I didn't know. Most of us heard that there is a serious hole in at least one NIST (National Institute of Standards and Technology) encryption standard. The story surfaced that the NSA was probably to blame for some advice to NIST.

Moving forward, an article in ProPublica talks about an amendment to a bill which would no longer require NIST to consult with NSA. The surprise, at least for me, was that I didn't know until now that there was such a requirement.

NIST and NSA are really in different parts of the government. The required consultation would be like consulting with a fox on what type of lock should be used on the hen house.

Documents provided by Edward Snowden suggest that the NSA inserted a backdoor into one popular encryption standard, prompting NIST to launch an ongoing review of all its existing standards.

The amendment adopted this week by the House Committee on Science, Space, and Technology would remove an existing requirement in the law that NIST consult with the NSA on encryption standards.