Suite B

From MgmtWiki
Revision as of 13:00, 15 October 2022 by Tom (talk | contribs) (Replacements)

Jump to: navigation, search

Full Title or Meme

A list of the cryptographic algorithms that are approved for use in the US Federal Government.

Replacements

CNSA version 2.0

CNSA version 1.0

In 2015 the NSA abruptly replaced "Suite B" with a "CNSA Suite", saying that "the growth of elliptic curve use has bumped up against the fact of continued progress in the research on Quantum Computing Threat, which has made it clear that elliptic curve cryptography is not the long term solution many once hoped it would be." This gave rise to much speculation on possible motives for the switch. In January, NSA published a long list of FAQs that discussed those motives in detail, and called for an effort to standardize quantum-resistant cryptographic algorithms. Earlier this month, NIST published a Report on Post-Quantum Cryptography that announces such a standardization effort.

I have written a blog post summarizing last summer's announcement and the FAQs, with links to all the documents.

The FAQs make sense, but do not explain one detail: why DSA has been omitted from the CNSA Suite. In the blog post I argue that DSA is being dropped at the wrong time. Another omission in the CNSA Suite is the requirement to provide forward secrecy in key establishment that was present in Suite B. Surprisingly, this comes at a time when forward secrecy is becoming the norm on the web.


Francisco Corella, PhD
Founder & CTO, Pomcor
Phone: +1.619.770.6765
Email: fcorella@pomcor.com
Twitter: @fcorella
Blog: https://pomcor.com/blog/
Web site: https://pomcor.com

References