The Inner Circle

 View Only

NSA Announces the Commercial National Security Algorithm Suite 2.0 and Accompanying FAQ

  • 1.  NSA Announces the Commercial National Security Algorithm Suite 2.0 and Accompanying FAQ

    Posted Sep 08, 2022 09:47:00 AM
    Hi Al,

    NSA just published the Commercial National Security Algorithm Suite 2.0 and accompanying FAQ.

    This advisory notifies NSS owners, operators, and vendors of future requirements for QR algorithms for NSS. These algorithms (also referred to as post-quantum algorithms) are analyzed as being secure against both classical and quantum computers. They are an update to those in the Commercial National Security Algorithm Suite (referred to as CNSA 1.0, the algorithms currently listed in CNSSP 15, Annex B). NSA will reference this update as CNSA Suite 2.0, and any future updates will modify the version number.

    NSA is providing this advisory in accordance with authorities detailed in NSD-42, NSM-8, NSM-10, CNSSP 11, and CNSSP 15. Its direction applies to all NSS use of public cryptographic algorithms (as opposed to algorithms NSA developed), including those on all unclassified and classified NSS. Using any cryptographic algorithms the National Manager did not approve is generally not allowed, and requires a waiver specific to the algorithm, implementation, and use case. In accordance with CNSSP 11, software and hardware providing cryptographic services require National Information Assurance Partnership (NIAP) or NSA validation in addition to meeting the requirements of the appropriate version of CNSA.

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------