NSA Suite B Cryptography and CNSA

National Security Agency

https://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography

Suite B's components were:

• Advanced Encryption Standard (AES) with key sizes of 128 and 256 bits. For traffic flow, AES should be used with either the Counter Mode (CTR) for low bandwidth traffic or the Galois/Counter Mode (GCM) mode of operation for high bandwidth traffic (see Block cipher modes of operation) – symmetric encryption
• Elliptic Curve Digital Signature Algorithm (ECDSA) – digital signatures
• Elliptic Curve Diffie–Hellman (ECDH) – key agreement
• Secure Hash Algorithm 2 (SHA-256 and SHA-384) – message digest

Commercial National Security Algorithm Suite

https://en.wikipedia.org/wiki/Commercial_National_Security_Algorithm_Suite

Commercial National Security Algorithm Suite  Link
The Suite B algorithms have been replaced by Commercial National Security Algorithm (CNSA) Suite algorithms:[6]

• Advanced Encryption Standard (AES), per FIPS 197, using 256 bit keys to protect up to TOP SECRET
• Elliptic Curve Diffie-Hellman (ECDH) Key Exchange, per FIPS SP 800-56A, using Curve P-384 to protect up to TOP SECRET.
• Elliptic Curve Digital Signature Algorithm (ECDSA), per FIPS 186-4
• Secure Hash Algorithm (SHA), per FIPS 180-4, using SHA-384 to protect up to TOP SECRET.
• Diffie-Hellman (DH) Key Exchange, per RFC 3526, minimum 3072-bit modulus to protect up to TOP SECRET
• RSA for key establishment (NIST SP 800-56B rev 1) and digital signatures (FIPS 186-4), minimum 3072-bit modulus to protect up to TOP SECRET