Monday, March 07, 2005

NSA Recommends Suite B Encryption Algorithms

The National Security Agency employs some of the US's (and probably the world's) best cryptographers, so when they talk codes & ciphers, people listen. I didn't notice this bit of news when it first happened, but last month the NSA recommended a suite of cryptographic algorithms known as Suite B for use in encrypting sensitive but unclassified data.

The biggest news here is that the NSA is finally recommending a set of algorithms that includes public key cryptography, Elliptic Curve Cryptography (ECC) in this case. Suite B also includes several other algorithms, such as an ECC variant of the Diffie-Hellman key exchange protocol and non-public key schemes, like AES and SHA. Some of the components of Suite B are public standards, but apparently the core ECC technology itself is licensed from Ontario, CA based Certicom. Good news for them, certainly, but I'm not entirely sure what this means for those of us in the Open Source world. You can read their official press release here.

On a final note, these articles raised a question in my mind that I haven't seen anyone else ask yet... What was in Suite A, and why wasn't it approved instead?

No comments: