Now, we all for improving users’ privacy, and expanding encrypted PGP email options must a good thing. However, the good name of both elliptic curve cryptography and NIST have been badly tarnished by a number of damaging revelations over the last few years.
In 2013 the New York Times accused the NSA of circumventing NIST approved encryption standards by either introducing undetectable backdoors, or subverting the public development process to weaken the algorithms.
This is not the first time that that concerns have been voiced over Dual Elliptic Curve cryptography. In 2006, the Eindhoven University of Technology in the Netherlands noted that an attack against Dual_EC_PRG was easy enough to launch on ‘an ordinary PC’, and in 2007 Microsoft engineers also flagged up a suspected backdoor in the algorithm.
The situation came to a head in 2014, when it was revealed that respected security firm RSA had made a secret deal in 2006 in which it was bribed $10 million by the NSA to include the flawed Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) algorithm their flagship line of BSAFE products, and have since weakened it further.
Although not all EEC cryptography is Dual_EC_DRBG, and as far as anyone knows NIST curves P-256, P-384, and P-521 remain secure, it is unsurprising that people are now increasingly wary both ECC, and anything approved by NIST. It is probably for this reason that Facebook has added,
“We’re also evaluating support for non-NIST elliptic curves in future updates.”
A spokesperson for Facebook, Melanie Ensign, explained to Motherboard that,
“We’ve previously focused on securing people’s direct connection to Facebook with things such as HTTPS and a TOR onion site. Now, we’re giving people more control and options for protecting the email communications they receive from Facebook.”
Facebook also announced that secure Switzerland-based webmail service, ProtonMail, has added Facebook PGP integration, allowing automatic decryption of any PGP encrypted Facebook message sent to a ProtonMail account.
We have reviewed ProtonMail before, and while it can in no way be considered ‘NSA-proof’, it does offer vastly improved privacy, security, and resistance to government spying than most webmail solutions.