NSA has been involved in debates about public policy, both as a behind-the-scenes adviser to other departments, and directly during and after Vice Admiral Bobby Ray Inman's directorship.
The NSA was embroiled in controversy concerning its involvement in the creation of the Data Encryption Standard (DES), a standard and public block cipher used by the US government. During development by IBM in the 1970s, the NSA recommended changes to the algorithm. There was suspicion the agency had deliberately weakened the algorithm sufficiently to enable it to eavesdrop if required. The suspicions were that a critical component — the so-called S-boxes — had been altered to insert a "backdoor"; and that the key length had been reduced, making it easier for the NSA to discover the key using massive computing power.
However, the public reinvention of the technique known as differential cryptanalysis suggested that one of the changes (to the S-boxes) had actually been suggested to harden the algorithm against this — then publicly unknown — method of attack; differential cryptanalysis remained publicly unknown until it was independently reinvented and published some decades later. On the other hand the shortening of the cryptographic key from 128 bits, as recommended in IBM submission, to an effective key of only 56 bits in length, has been interpreted as an intentional weakening of the algorithm by the NSA, making possible an exhaustive search for the key by those with sufficient computer power and funding.
Because of concerns that widespread use of strong cryptography would hamper government use of wiretaps, the NSA proposed the concept of key escrow in 1993 and introduced the Clipper chip that would offer stronger protection than DES but would allow access to encrypted data by authorized law enforcement officials. The proposal was strongly opposed and went nowhere.
Possibly because of previous controversy, the involvement of NSA in the selection of a successor to DES, the Advanced Encryption Standard (AES), was limited to hardware performance testing.
NSA was a major player in the debates of the 1990s regarding the export of cryptography. Cryptographic software and hardware had long been classed with fighter planes, tanks, cannons, and atomic bombs as controllable munitions. Restrictions on export were reduced but not eliminated in 1996.
The NSA/CSS has, at times, attempted to restrict the publication of academic research into cryptography; for example, the Khufu and Khafre block ciphers were voluntarily withheld in response to an NSA request to do so.