Using Commercial National Security Algorithm Suite Algorithms in Secure/Multipurpose Internet Mail Extensions

The United States Government has published the NSA Commercial National Security Algorithm (CNSA) Suite, which defines cryptographic algorithm policy for national security applications. This document specifies the conventions for using the United States National Security Agency's CNSA Suite algorithms in Secure/Multipurpose Internet Mail Extensions (S/MIME) as specified in RFC 8551. It applies to the capabilities, configuration, and operation of all components of US National Security Systems that employ S/MIME messaging. US National Security Systems are described in NIST Special Publication 800-59. It is also appropriate for all other US Government systems that process high-value information. It is made publicly available for use by developers and operators of these and any other system deployments.

[1]  Sean Turner,et al.  Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS) , 2010, RFC.

[2]  Barry Leiba,et al.  Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words , 2017, RFC.

[3]  Russ Housley,et al.  Advanced Encryption Standard (AES) Key Wrap with Padding Algorithm , 2009, RFC.

[4]  Russ Housley,et al.  Cryptographic Message Syntax (CMS) , 2002, RFC.

[5]  Russ Housley,et al.  Elliptic Curve Cryptography Subject Public Key Information , 2009, RFC.

[6]  Russ Housley,et al.  Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) , 2007, RFC.

[7]  William C. Barker Guideline for Identifying an Information System as a National Security System , 2003 .

[8]  Sean Turner,et al.  Using SHA2 Algorithms with Cryptographic Message Syntax , 2010, RFC.

[9]  Jerome A. Solinas,et al.  Suite B Certificate and Certificate Revocation List (CRL) Profile , 2010, RFC.

[10]  Jakob Jonsson,et al.  PKCS #1: RSA Cryptography Specifications Version 2.2 , 2016, RFC.

[11]  Russ Housley,et al.  Use of the RSAES-OAEP Key Transport Algorithm in Cryptographic Message Syntax (CMS) , 2003, RFC.

[12]  Jim Schaad,et al.  Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS) , 2005, RFC.

[13]  Jim Schaad,et al.  Use of the Advanced Encryption Standard (AES) Encryption Algorithm in Cryptographic Message Syntax (CMS) , 2003, RFC.

[14]  Jim Schaad,et al.  Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification , 2019, RFC.

[15]  Russ Housley,et al.  Cryptographic Message Syntax (CMS) Algorithms , 2002, RFC.

[16]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping , 2012 .

[17]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[18]  Eric Rescorla,et al.  Diffie-Hellman Key Agreement Method , 1999, RFC.

[19]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[20]  Russ Housley,et al.  Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type , 2007, RFC.

[21]  Russ Housley,et al.  Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2005, RFC.

[22]  P. T. Barry,et al.  Abstract syntax notation-one (ASN.1) , 1992 .

[23]  Donald E. Eastlake,et al.  Randomness Requirements for Security , 2005, RFC.