Difference between revisions of "Suite B"

From MgmtWiki
Jump to: navigation, search
(References)
(Solutions)
Line 43: Line 43:
 
==Solutions==
 
==Solutions==
 
===MSFT Suite B Support===
 
===MSFT Suite B Support===
An important feature of CNG is its support for the Suite B algorithms. In February of 2005, the National Security Agency (NSA) of the United States announced a coordinated set of symmetric encryption, asymmetric secret agreement (also known as key exchange), digital signature and hash functions for future U.S. government use called Suite B. The NSA has announced that certified Suite B implementations can and will be used for the protection of information designated as Top Secret, Secret, and private information that, in the past was described as Sensitive-But-Unclassified. Because of this, Suite B support is very important to application software vendors and system integrators as well as to Microsoft.
+
An important feature of [https://learn.microsoft.com/en-us/windows/win32/seccng/about-cng CNG] is its support for the Suite B algorithms. In February of 2005, the National Security Agency (NSA) of the United States announced a coordinated set of symmetric encryption, asymmetric secret agreement (also known as key exchange), digital signature and hash functions for future U.S. government use called Suite B. The NSA has announced that certified Suite B implementations can and will be used for the protection of information designated as Top Secret, Secret, and private information that, in the past was described as Sensitive-But-Unclassified. Because of this, Suite B support is very important to application software vendors and system integrators as well as to Microsoft.
  
 
All Suite B algorithms are publicly known. They have been developed outside the scope of the government secrecy historically associated with cryptographic algorithm development. In this same time frame, some European countries and regions have also proposed the same Suite B requirements for protecting their information.
 
All Suite B algorithms are publicly known. They have been developed outside the scope of the government secrecy historically associated with cryptographic algorithm development. In this same time frame, some European countries and regions have also proposed the same Suite B requirements for protecting their information.

Revision as of 15:45, 9 November 2022

Full Title or Meme

A list of the cryptographic algorithms that are approved for use in the US Federal Government.

Replacements

CNSA version 2.0

CNSA version 1.0

In 2015 the NSA abruptly replaced "Suite B" with a "CNSA Suite", saying that "the growth of elliptic curve use has bumped up against the fact of continued progress in the research on Quantum Computing Threat, which has made it clear that elliptic curve cryptography is not the long term solution many once hoped it would be." This gave rise to much speculation on possible motives for the switch. In January, NSA published a long list of FAQs that discussed those motives in detail, and called for an effort to standardize quantum-resistant cryptographic algorithms. Earlier this month, NIST published a Report on Post-Quantum Cryptography that announces such a standardization effort.

I have written a blog post summarizing last summer's announcement and the FAQs, with links to all the documents.

The FAQs make sense, but do not explain one detail: why DSA has been omitted from the CNSA Suite. In the blog post I argue that DSA is being dropped at the wrong time. Another omission in the CNSA Suite is the requirement to provide forward secrecy in key establishment that was present in Suite B. Surprisingly, this comes at a time when forward secrecy is becoming the norm on the web.

Francisco Corella, PhD
Phone: +1.619.770.6765
Email: fcorella@pomcor.com
Twitter: @fcorella
Blog: https://pomcor.com/blog/
Web site: https://pomcor.com

Solutions

MSFT Suite B Support

An important feature of CNG is its support for the Suite B algorithms. In February of 2005, the National Security Agency (NSA) of the United States announced a coordinated set of symmetric encryption, asymmetric secret agreement (also known as key exchange), digital signature and hash functions for future U.S. government use called Suite B. The NSA has announced that certified Suite B implementations can and will be used for the protection of information designated as Top Secret, Secret, and private information that, in the past was described as Sensitive-But-Unclassified. Because of this, Suite B support is very important to application software vendors and system integrators as well as to Microsoft.

All Suite B algorithms are publicly known. They have been developed outside the scope of the government secrecy historically associated with cryptographic algorithm development. In this same time frame, some European countries and regions have also proposed the same Suite B requirements for protecting their information.

Suite B cryptography recommends use of elliptic curve Diffie-Hellman (ECDH) in many existing protocols such as the Internet Key Exchange (IKE, mainly used in IPsec), transport layer security (TLS), and Secure MIME (S/MIME).

CNG includes support for Suite B that extends to all required algorithms: AES (all key sizes), the SHA-2 family (SHA-256, SHA-384 and SHA-512) of hashing algorithms, ECDH, and elliptic curve DSA (ECDSA) over the NIST-standard prime curves P-256, P-384, and P-521. Binary curves, Koblitz curves, custom prime curves, and elliptic curve Menezes-Qu-Vanstone (ECMQV) are not supported by the Microsoft algorithm providers included with Windows Vista.

References