NSA’s policy decision to sabotage public cryptographic standards. In 1968, the National Bureau of Standards (NBS) “went to NSA for help”, in the words of an internal NSA history book. Work by journalists over several years forced NSA to release the relevant portions of the book in 2013, and before that smaller portions in 2008 and 2009.
NBS was an agency inside the U.S. Department of Commerce, another part of the U.S. government. Later NBS was renamed the National Institute of Standards and Technology (NIST). The reason NBS went to NSA is that NBS had decided to develop a U.S. government encryption standard.
According to the same history book, this triggered an internal debate within NSA, culminating in NSA deciding to manipulate public standards to make sure they were “weak enough” for NSA to break them:
Narrowing the encryption problem to a single, influential algorithm might drive out competitors, and that would reduce the field that NSA had to be concerned about. Could a public encryption standard be made secure enough to protect against everything but a massive brute force attack, but weak enough to still permit an attack of some nature using very sophisticated (and expensive) techniques?
NSA then worked with NBS and IBM’s Walter Tuchman on the design of what later became the Data Encryption Standard (DES):
NSA gave Tuchman a clearance and brought him in to work jointly with the Agency on his Lucifer modification … The relationship between NSA and NBS was very close. NSA scientists working the problem crossed back and forth between the two agencies, and NSA unquestionably exercised an influential role in the algorithm.
Back in the 1970s, Tuchman and NSA told a completely different story to the public. For example, regarding accusations that IBM and NSA had “conspired”, Tuchman told an interviewer “We developed the DES algorithm entirely within IBM using IBMers. The NSA did not dictate a single wire!”