NIST vs ISO Encryption standardisation process

sd flag

skinny cipher has been lately considered as ISO/IEC standard while is still competing as building block of Romulus AEAD in NIST LWC finalists.

what is the difference between the two ISO and NIST processes? which is higher hand in the industry adoption ?

cr flag

ISO/IEC are paid standards, it's a business.

The NIST produce free standards that can be made mandatory for US institutions (like the DoD) and its industrial partners.

Opinion: The NIST standards are favored by the cryptography industry. The academic research community does not care much however, because any standard will end up lagging behind the state-of-the-art with time.

vu flag

what's the difference ...

ISO standards are literally international, where as NIST is US-specific.

ISO standards are available FOR PURCHASE and are copyrighted. NIST as a government organ of US, cannot publish anything other than public domain.

ISO process is influenced by any and all parties of interest, and have to compromise under them. NIST is influenced by US eco-political players and policy makers, and in the infamous Dual-EC-DRBG case, NSA.

I'm a lurker on the POSIX and IEEE754 mailing list, and occasionally see non-technical business discussions. Both POSIX and IEEE754 are republished as ISO/IEC standards outside IEEE.


If you're looking at the stats in US and on the Internet, then NIST standards have higher adoption. If you look at global-regional stats, it varies from country to country.

For trade/econony treaties such as RCEP and Eurozone, some digital signature standard have to be established for authentication of electronic records. This is a major usecase for non-NIST algorithms

cn flag

From an international security perspective (and simply laying out the publicly known facts), some people/governments are wary of NIST cryptographic standards. Sorry about the quoted boilerplate legalese, but it's fundamental to my answer and the NIST vs ISO debate. Strong cryptography lives within a political dialectic, not just inside a mathematical debate.

From NIST's SP800-90b, Recommendation for the Entropy Sources Used for Random Bit Generation:-

This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems.

Which says:-

§ 3553. Authority and functions of the Director and the Secretary:-

(d) NATIONAL SECURITY SYSTEMS.—Except for the authorities and functions described in subsection (a)(5) and subsection (c), the authorities and functions of the Director and the Secretary under this section shall not apply to national security systems.

(e) DEPARTMENT OF DEFENSE AND INTELLIGENCE COMMUNITY SYSTEMS.—(1) The authorities of the Director described in paragraphs (1) and (2) of subsection (a) shall be delegated to the Secretary of Defense in the case of systems described in paragraph (2) and to the Director of National Intelligence in the case of systems described in paragraph (3).

So whilst ISO standards are drawn up publicly by various groups in various countries, NIST standards for cryptography have final approval by the US Secretary of Defence and Director of National Intelligence. Their interests are divergent from those of the ISO committees, especially in light of the US' acknowledged NOBUS policy {Ref. 1}{Ref 2}.

E.g. ISO/IEC 18033-4:2011 Information technology — Security techniques — Encryption algorithms — Part 4: Stream ciphers if people haven't seen one before.

sh flag
"This standard is good for commercial use, but please don't use it when the national security is involved" – this sounds like they know there is a backdoor.
Paul Uszak avatar
cn flag
@PaŭloEbermann We have no firm evidence of backdoors in contemporary crypto. Yet that is the guiding principle behind the NOBUS policy, which has been confirmed by Obama and the CIA/NSA director in public interviews. Disinformation? You decide. That’s why for strategic comms I champion one time pads generated by self built TRNGs.
Paul Uszak avatar
cn flag
@PaŭloEbermann Berlin is really cool.

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.