The Latest in IT Security

By Joseph Menn SAN FRANCISCO (Reuters) – U.S. government standards for software may enable spying by the National Security Agency through widely used coding formulas that should be jettisoned, some of the country’s top independent experts concluded in papers released on Monday. Such mathematical formulas, or curves, are an arcane but essential part of most technology that prevents interception and hacking, and the National Institute of Standards and Technology (NIST) has been legally required to consult with the NSA’s defensive experts in approving them and other cryptography standards. NIST discontinued that formula, called Dual Elliptic Curve, and asked its external advisory board and a special panel of experts to make recommendations that were published on Monday alongside more stinging conclusions by the individual experts.