In a recently published FAQ, the NSA outlines the switch for NSS (National Security Systems) from Suite B cryptography to the CNSA (Commercial National Security Algorithm Suite).
The NSA describes the CNSA as a “suite of algorithms identified in CNSS Advisory Memorandum 02-15 for protecting NSS up to and including TOP SECRET classification. This suite of algorithms will be incorporated in a new version of the National Information Assurance Policy on the Use of Public Standards for the Secure Sharing of Information Among National Security Systems (CNSSP-15 dated October 2012). The Advisory Memorandum and Policy define the set of public cryptographic standards that may be used to protect NSS until acceptable public standards for quantum resistant cryptography exist and are approved for use in NSS by the Committee for National Security Systems (CNSS).”
Detailing the CNSA’s algorithms and its usage:
The NSA remarked that “The AES-256 and SHA-384 algorithms are symmetric, and believed to be safe from attack by a large quantum computer.”
According the NSA, the following isn’t safe to use:
- ECDH and ECDSA with NIST P-256
- RSA with 2048-bit keys
- Diffie-Hellman with 2048-bit keys
What provoked this switch was the ever-growing threat of quantum computers breaking encryption.
“… quantum computers will use “qubits” that behave