- NSA cryptography
-
The vast majority of the National Security Agency's work on encryption is classified, but from time to time NSA participates in standards processes or otherwise publishes information about its cryptographic algorithms. The NSA has categorized encryption items into four product types, and algorithms into two suites. The following is a brief and incomplete summary of public knowledge about NSA algorithms and protocols.
Contents
Type 1 Product
- Main article: Type 1 encryption
A Type 1 Product refers to an NSA endorsed classified or controlled cryptographic item for classified or sensitive U.S. government information, including cryptographic equipment, assembly or component classified or certified by NSA for encrypting and decrypting classified and sensitive national security information when appropriately keyed.[1]
Name Type Specification Use Equipment (incomplete list) ACCORDIAN (or ACCORDION) R21-TECH-13-00, "ACCORDIAN 3.0 Specification" (August 2000) AIM (1999 and 2004 brochures), SafeXcel-3340, PSIAM [2] AES (256-bit keys only) Block cipher FIPS 197 Numerous Numerous BATON Block cipher Various PKCS#11, CDSA/CSSM, AIM (1999 and 2004 brochures), Cypris, APCO Project 25, MYK-85, Fortezza Plus, SecNet-11, Sierra, SafeXcel-3340, PSIAM [2] BAYLESS Cypris BYTEMAN Cypris CARDIGAN Cypris CARDHOLDER Satellite uplink command encryption Cypris, KI-17, U-AYJ Flight Decrypt Chip (Cardholder), Flight Encrypt Chip (Cardholder), MYK-16, CXS-810, CXS-2000, MCU-100, MCU-600 CARIBOU Satellite uplink command encryption U-TXZ, MYK-15A CRAYON AIM (2004 brochure), Cypris (4 modes) FASTHASH Cryptographic hash function MISSI Type 1 hash PKCS #11, CDSA/CSSM FIREFLY / Enhanced FIREFLY EKMS public-key cooperative key generation AIM (2004), SafeXcel-3340, SecNet54, ViaSat KG-25x, PSIAM [2] GOODSPEED Sierra II HAVE QUICK Antijam, LPI/LPD airborne voice communication Cypris JACKNIFE AIM (2004)for IFF Mode 5 JOSEKI R21-TECH-0062-92, "JOSEKI-1, A Bootstrap Procedures" (Oct. 1992) (also R21-TECH-13-97, R21-TECH-13-98) Protection of secret algorithms in firmware AIM, PSIAM [2] JUNIPER Block cipher PKCS #11, CDSA/CSSM KEESEE AIM (1999 and 2004 brochures), Cypris, PSIAM [2] Mark XII IFF IFF secondary radar AIM (2004 brochure) MAYFLY Asymmetric-key algorithm PKCS #11, CDSA/CSSM MEDLEY R21-TECH-30-01, "MEDLEY Implementation Standard" (Nov. 2001) AIM (2004), SecNet 54, SafeXcel-3340, ViaSat KG25x, PSIAM [2] PEGASUS Satellite telemetry and mission data downlinks KG-227, KG-228, KI-17, U-BLW Pegasus Space Microcircuit Chip, U-BLX Pegasus Ground Microcircuit Chip, MYK-17, CXS-810, CXS-2000, MCU-100, MCU-600 PHALANX AIM (1999 and 2004 brochures), Cypris (PHALANX I and PHALANX II) SAVILLE Low-bandwidth voice (and sometimes data) encryption AIM (1999 and 2004 brochures), Cypris (2 modes), Windster (SAVILLE I), VINSON VALLOR TTY broadcasts to submarines AIM (2004) WALBURN High-bandwidth link encryption AIM (2004), KG-81/94/194/95 PADSTONE Cypris (2 modes), Windster, Indictor WEASEL SafeXcel-3340 Type 2 Product
- Main article: Type 2 encryption
A Type 2 Product refers to an NSA endorsed unclassified cryptographic equipment, assemblies or components for sensitive but unclassified U.S. government information.
Name Type Specification Use Equipment (incomplete list) CORDOBA Cypris, Windster, Indictor KEA Asymmetric-key algorithm R21-Tech-23-94, "Key Exchange Algorithm (KEA)" Key exchange and digital signature algorithm for Fortezza, etc. Fortezza, Fortezza Plus, Palladium Secure Modem SKIPJACK Block cipher R21-Tech-044-91, "SKIPJACK" Confidentiality algorithm for Fortezza, etc. Fortezza, Fortezza Plus, Palladium Secure Modem Type 3 Product
- Main article: Type 3 encryption
Unclassified cryptographic equipment, assembly, or component used, when appropriately keyed, for encrypting or decrypting unclassified sensitive U.S. Government or commercial information, and to protect systems requiring protection mechanisms consistent with standard commercial practices. A Type 3 Algorithm refers to NIST endorsed algorithms, registered and FIPS published, for sensitive but unclassified U.S. government and commercial information.
Name Type Specification Use Equipment (incomplete list) DES Data Encryption Standard Block cipher FIPS 46-3 Ubiquitous Ubiquitous AES Advanced Encryption Standard Block cipher FIPS 197 Numerous Numerous DSA Digital Signature Algorithm Digital signature system FIPS 186 Numerous Numerous SHA Secure Hash Algorithm Cryptographic hash function FIPS 180-2 Ubiquitous Ubiquitous Type 4 Product
- Main article: Type 4 encryption
A Type 4 Algorithm refers to algorithms that are registered by the NIST but are not FIPS published. Unevaluated commercial cryptographic equipment, assemblies, or components that neither NSA nor NIST certify for any Government usage.
Algorithm Suites
Suite A
- Main article: NSA Suite A Cryptography
A set of NSA unpublished algorithms that is intended for highly sensitive communication and critical authentication systems.
Suite B
- Main article: NSA Suite B Cryptography
A set of NSA endorsed cryptographic algorithms for use as an interoperable cryptographic base for both unclassified information and most classified information. Suite B was announced on 16 February 2005.
Suite C
A set of NSA endorsed cryptographic algorithms for use as an interoperable cryptographic base for both unclassified information and most classified information. Suite C is currently awaiting approval.
See also
- Type 1 encryption
- Type 2 encryption
- Type 3 algorithm
- Type 4 algorithm
- Suite A
- Suite B
- NSA encryption algorithms
- NSA encryption systems
References
Cryptography Categories:- National Security Agency
- Type 1 encryption algorithms
- Type 2 encryption algorithms
- Type 3 encryption algorithms
- Type 4 encryption algorithms
- National Security Agency encryption devices
Wikimedia Foundation. 2010.