Another story — once again not really news — describes a practice that Congress should make flat-out and unambiguously illegal: The NSA submitted to NIST (National Institute of Standards and Technology) a random number generation algorithm with a backdoor in it.

There's actually a technical term for this sort of vulnerability: Kleptography is the use of attacks built into a cryptographic system, i.e. a crypto backdoor.

The threat of kleptography has been discussed since the mid-1990s, but it was not until recently that it’s received significant attention. This may be in part due to increasingly common discussions about the potential threats from this kind of highly sophisticated attack, but it is more likely due to several recent documented implementations of kleptographic attacks.

The notion of a Secretly Embedded Trapdoor with Universal Protection (SETUP) has been recently introduced. In this paper we extend the study of stealing information securely and subliminally from black-box cryptosystems. The SETUP mechanisms presented here, in contrast with previous ones, leak secret key information without using an explicit subliminal channel. This extends this area of threats, which we call "kleptography".