NIST Paid $16,500 for Space at Now-Boycotted RSA Conference

[InfoSec News <alerts () infosecnews org>]

http://www.nextgov.com/cybersecurity/2014/01/nist-paid-16500-space-now-boycotted-rsa-conference/76421/

By Aliya Sternstein
Nextgov.com
Jan. 8, 2014

The National Institute of Standards and Technology purchased a $16,500 
booth at an RSA event that technologists are pulling out of in protest of 
the encryption company’s alleged deal with the National Security Agency to 
weaken products using a NIST-approved trapdoor.

NIST’s entire leadership and management team attended last year's 
conference, according to 2013 contracting documents. They "cultivated key 
relationships with peer-to-peer executives at companies and government 
agencies," the documents state.  "Our attendance at RSA offered our 
leadership team to speak on panels that reinforced NIST's position as a 
technical thought leader and policy advisor."

As of Tuesday night, at least eight speakers and attendees had cancelled 
appearances at next month’s event after Reuters first reported that RSA 
accepted $10 million to make the "Dual Elliptic Curve" the default setting 
for generating random numbers in a popular encryption product. The report, 
based on documents leaked by former NSA contractor Edward Snowden, said 
NSA promoted and promulgated a flawed formula for creating the numbers, 
giving the agency a back door to spy on users. RSA denied designing or 
enabling back doors into any of its products.

NIST bought the exhibitor space last spring from event planning company 
Nth Degree to use for four days at the annual conference in San Francisco, 
the documents state.

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/