This article needs additional citations for verification .(February 2008) |
The vast majority of the National Security Agency's work on encryption is classified, but from time to time NSA participates in standards processes or otherwise publishes information about its cryptographic algorithms. The NSA has categorized encryption items into four product types, and algorithms into two suites. The following is a brief and incomplete summary of public knowledge about NSA algorithms and protocols.
A Type 1 Product refers to an NSA endorsed classified or controlled cryptographic item for classified or sensitive U.S. government information, including cryptographic equipment, assembly or component classified or certified by NSA for encrypting and decrypting classified and sensitive national security information when appropriately keyed. [1]
Name | Type | Specification | Use | Equipment (incomplete list) |
---|---|---|---|---|
ACCORDIAN[ sic ] | R21-TECH-13-00, "ACCORDIAN 3.0 Specification" (August 2000) | AIM (1999 and 2004 brochures), SafeXcel-3340, PSIAM [2] | ||
AES (256-bit keys only) | Block cipher | FIPS 197 | Numerous | Numerous |
BATON | Block cipher | Various | PKCS#11, CDSA/CSSM, AIM (1999 and 2004 brochures), CYPRIS, APCO Project 25, MYK-85, Fortezza Plus, SecNet-11, Sierra, SafeXcel-3340, PSIAM [2] | |
BAYLESS | CYPRIS | |||
BYTEMAN | CYPRIS | |||
CARDIGAN | CYPRIS | |||
CARDHOLDER | Satellite uplink command encryption | CYPRIS, KI-17, U-AYJ Flight Decrypt Chip (Cardholder), Flight Encrypt Chip (Cardholder), MYK-16, CXS-810, CXS-2000, MCU-100, MCU-600 | ||
CARIBOU | Satellite uplink command encryption | U-TXZ, MYK-15A | ||
CRAYON | AIM (2004 brochure), CYPRIS (4 modes) | |||
FASTHASH | Cryptographic hash function | MISSI Type 1 hash | PKCS #11, CDSA/CSSM | |
FIREFLY / Enhanced FIREFLY | EKMS public-key cooperative key generation | AIM (2004), SafeXcel-3340, SecNet54, ViaSat KG-25x, PSIAM [2] | ||
GOODSPEED | Sierra II | |||
HAVE QUICK | Antijam, LPI/LPD airborne voice communication | CYPRIS | ||
JACKNIFE | AIM (2004) for IFF Mode 5 | |||
JOSEKI | R21-TECH-0062-92, "JOSEKI-1, A Bootstrap Procedures" (Oct. 1992) (also R21-TECH-13-97, R21-TECH-13-98) | Protection of secret algorithms in firmware | AIM, PSIAM [2] | |
JUNIPER | Block cipher | PKCS #11, CDSA/CSSM | ||
KEESEE | AIM (1999 and 2004 brochures), CYPRIS, PSIAM [2] | |||
Mark XII IFF | IFF secondary radar | AIM (2004 brochure) | ||
MAYFLY | Asymmetric-key algorithm | PKCS #11, CDSA/CSSM | ||
MEDLEY | R21-TECH-30-01, "MEDLEY Implementation Standard" (Nov. 2001) | AIM (2004), SecNet 54, SafeXcel-3340, ViaSat KG25x, PSIAM [2] | ||
PEGASUS | Satellite telemetry and mission data downlinks | KG-227, KG-228, KI-17, U-BLW Pegasus Space Microcircuit Chip, U-BLX Pegasus Ground Microcircuit Chip, MYK-17, CXS-810, CXS-2000, MCU-100, MCU-600 | ||
PHALANX | AIM (1999 and 2004 brochures), CYPRIS (PHALANX I and PHALANX II) | |||
SAVILLE | Low-bandwidth voice (and sometimes data) encryption | AIM (1999 and 2004 brochures), CYPRIS (2 modes), Windster (SAVILLE I), VINSON | ||
VALLOR | TTY broadcasts to submarines | AIM (2004) | ||
WALBURN | High-bandwidth link encryption | AIM (2004), KG-81/94/194/95 | ||
PADSTONE | CYPRIS (2 modes), Windster, Indictor | |||
WEASEL | SafeXcel-3340 |
A Type 2 Product refers to an NSA endorsed unclassified cryptographic equipment, assemblies or components for sensitive but unclassified U.S. government information.
Name | Type | Specification | Use | Equipment (incomplete list) |
---|---|---|---|---|
CORDOBA | CYPRIS, Windster, Indictor | |||
KEA | Asymmetric-key algorithm | R21-Tech-23-94, "Key Exchange Algorithm (KEA)" | Key exchange and digital signature algorithm for Fortezza, etc. | Fortezza, Fortezza Plus, Palladium Secure Modem |
SKIPJACK | Block cipher | R21-Tech-044-91, "SKIPJACK" | Confidentiality algorithm for Fortezza, etc. | Fortezza, Fortezza Plus, Palladium Secure Modem |
Unclassified cryptographic equipment, assembly, or component used, when appropriately keyed, for encrypting or decrypting unclassified sensitive U.S. Government or commercial information, and to protect systems requiring protection mechanisms consistent with standard commercial practices. A Type 3 Algorithm refers to NIST endorsed algorithms, registered and FIPS published, for sensitive but unclassified U.S. government and commercial information.
Name | Type | Specification | Use | Equipment (incomplete list) | |
---|---|---|---|---|---|
DES | Data Encryption Standard | Block cipher | FIPS 46-3 | Ubiquitous | Ubiquitous |
AES | Advanced Encryption Standard | Block cipher | FIPS 197 | Numerous | Numerous |
DSA | Digital Signature Algorithm | Digital signature system | FIPS 186 | Numerous | Numerous |
SHA | Secure Hash Algorithm | Cryptographic hash function | FIPS 180-2 | Ubiquitous | Ubiquitous |
A Type 4 Algorithm refers to algorithms that are registered by the NIST but are not FIPS published. Unevaluated commercial cryptographic equipment, assemblies, or components that are neither NSA nor NIST certified for any Government usage.
A set of NSA unpublished algorithms that is intended for highly sensitive communication and critical authentication systems.
A set of NSA endorsed cryptographic algorithms for use as an interoperable cryptographic base for both unclassified information and most classified information. Suite B was announced on 16 February 2005, and phased out in 2016. [3]
A set of cryptographic algorithms promulgated by the National Security Agency as a replacement for NSA Suite B Cryptography until post-quantum cryptography standards are promulgated.
In August 2015, NSA announced that it is planning to transition "in the not distant future" to a new cipher suite that is resistant to quantum attacks. "Unfortunately, the growth of elliptic curve use has bumped up against the fact of continued progress in the research on quantum computing, necessitating a re-evaluation of our cryptographic strategy." NSA advised: "For those partners and vendors that have not yet made the transition to Suite B algorithms, we recommend not making a significant expenditure to do so at this point but instead to prepare for the upcoming quantum resistant algorithm transition." [4]
The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.
In cryptography, key size, key length, or key space refer to the number of bits in a key used by a cryptographic algorithm.
The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cryptography.
Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography to provide equivalent security.
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.
The U.S. National Security Agency (NSA) used to rank cryptographic products or algorithms by a certification called product types. Product types were defined in the National Information Assurance Glossary which used to define Type 1, 2, 3, and 4 products. The definitions of numeric type products have been removed from the government lexicon and are no longer used in government procurement efforts.
In cryptography, Triple DES, officially the Triple Data Encryption Algorithm, is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. The Data Encryption Standard's (DES) 56-bit key is no longer considered adequate in the face of modern cryptanalytic techniques and supercomputing power. A CVE released in 2016, CVE-2016-2183 disclosed a major security vulnerability in DES and 3DES encryption algorithms. This CVE, combined with the inadequate key size of DES and 3DES, led to NIST deprecating DES and 3DES for new applications in 2017, and for all applications by the end of 2023. It has been replaced with the more secure, more robust AES.
Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link. The requirement that both parties have access to the secret key is one of the main drawbacks of symmetric-key encryption, in comparison to public-key encryption. However, symmetric-key encryption algorithms are usually better for bulk encryption. With exception of the one-time pad they have a smaller key size, which means less storage space and faster transmission. Due to this, asymmetric-key encryption is often used to exchange the secret key for symmetric-key encryption.
In cryptography, Skipjack is a block cipher—an algorithm for encryption—developed by the U.S. National Security Agency (NSA). Initially classified, it was originally intended for use in the controversial Clipper chip. Subsequently, the algorithm was declassified.
Cryptography, the use of codes and ciphers to protect secrets, began thousands of years ago. Until recent decades, it has been the story of what might be called classical cryptography — that is, of methods of encryption that use pen and paper, or perhaps simple mechanical aids. In the early 20th century, the invention of complex mechanical and electromechanical machines, such as the Enigma rotor machine, provided more sophisticated and efficient means of encryption; and the subsequent introduction of electronics and computing has allowed elaborate schemes of still greater complexity, most of which are entirely unsuited to pen and paper.
Key exchange is a method in cryptography by which cryptographic keys are exchanged between two parties, allowing use of a cryptographic algorithm.
STU-III is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user. When a call is placed to another STU-III unit that is properly set up, one caller can ask the other to initiate secure transmission. They then press a button on their telephones and, after a 15-second delay, their call is encrypted to prevent eavesdropping. There are portable and militarized versions and most STU-IIIs contained an internal modem and RS-232 port for data and fax transmission. Vendors were AT&T, RCA and Motorola.
The Federal Information Processing Standard Publication 140-2,, is a U.S. government computer security standard used to approve cryptographic modules. The title is Security Requirements for Cryptographic Modules. Initial publication was on May 25, 2001, and was last updated December 3, 2002.
The National Security Agency took over responsibility for all U.S. Government encryption systems when it was formed in 1952. The technical details of most NSA-approved systems are still classified, but much more about its early systems have become known and its most modern systems share at least some features with commercial products.
Multiple encryption is the process of encrypting an already encrypted message one or more times, either using the same or a different algorithm. It is also known as cascade encryption, cascade ciphering, multiple encryption, and superencipherment. Superencryption refers to the outer-level encryption of a multiple encryption.
This glossary lists types of keys as the term is used in cryptography, as opposed to door locks. Terms that are primarily used by the U.S. National Security Agency are marked (NSA). For classification of keys according to their usage see cryptographic key types.
NSA Suite B Cryptography was a set of cryptographic algorithms promulgated by the National Security Agency as part of its Cryptographic Modernization Program. It was to serve as an interoperable cryptographic base for both unclassified information and most classified information.
The Microsoft Windows platform specific Cryptographic Application Programming Interface is an application programming interface included with Microsoft Windows operating systems that provides services to enable developers to secure Windows-based applications using cryptography. It is a set of dynamically linked libraries that provides an abstraction layer which isolates programmers from the code used to encrypt the data. The Crypto API was first introduced in Windows NT 4.0 and enhanced in subsequent versions.
The following outline is provided as an overview of and topical guide to cryptography:
The Commercial National Security Algorithm Suite (CNSA) is a set of cryptographic algorithms promulgated by the National Security Agency as a replacement for NSA Suite B Cryptography algorithms. It serves as the cryptographic base to protect US National Security Systems information up to the top secret level, while the NSA plans for a transition to quantum-resistant cryptography.