Home News NSA’s CNSA 2.0 for Post-Quantum Cryptography

NSA’s CNSA 2.0 for Post-Quantum Cryptography

Author: Riscure Team

Recently the United States National Security Agency has rolled out a significant update of post-quantum cryptography algorithms with the Commercial National Security Algorithm Suite 2.0 (CNSA 2.0). This update aims to bolster the security of National Security Systems (NSS) against the future advancements in quantum computing that are expected to obsolete many existing cryptographic protocols. In this blog post, we’ll break down what CNSA 2.0 means, why it is important, and why thorough security testing is essential when adopting these new post-quantum algorithms. 

Why Do We Need Quantum-Resistant Algorithms? 

Quantum computing is expected to revolutionize many fields, but it also poses a serious threat to existing cryptographic standards. Breakthroughs like Shor’s and Grover’s algorithms could potentially crack widely used encryption methods such as RSA and ECC and weaken AES encryption. While today’s quantum computers aren’t yet powerful enough to do this, they’re rapidly evolving. 

Imagine if someone intercepted and stored your encrypted communications today, waiting for the quantum computing capabilities to decrypt them in the future. This phenomenon is referred to as “harvest now, decrypt later” type of attacks. This is why transitioning to quantum-resistant (QR) algorithms now is crucial, especially for government entities storing sensitive data. 

Who Needs to Pay Attention to CNSA 2.0? 

CNSA 2.0 affects a wide range of stakeholders in the United States: 

  • National Security Systems (NSS): These include systems used in military, intelligence, and cryptology, managed by government agencies and their contractors. 
  • Vendors: Companies providing products for NSS must ensure their offerings meet the new encryption and firmware signing standards. 
  • Interoperability Seekers: Organizations wanting their products to work seamlessly with NSS will need to comply with these new standards. 

Even if you’re not directly part of the government, these changes will ripple out, affecting vendors and eventually leading to broader industry adoption. 

What’s New in CNSA 2.0? 

CNSA 2.0 introduces several important changes mainly switching to quantum safe algorithms: 

  • Digital Signatures: Moving from RSA and ECDSA to newer algorithms like CRYSTALS-Dilithium, LMS, and XMSS. 
  • Hashing: Adding SHA2-512 alongside SHA2-384 for enhanced security. 
  • Symmetric Encryption: Continuing with AES-256, which remains robust even in a post-quantum world. 

Key Dates for the Transition 

The NSA has set a phased timeline for this transition, aiming for full implementation by 2035. Here are some key milestones: 

  • Software and Firmware Signing: All new and non-compliant software/firmware must meet CNSA 2.0 standards by 2025. Existing deployments that need to comply by 2030. 
  • Web Browsers/Servers and Cloud Services: Support by 2025, exclusive use by 2033. 
  • Networking Equipment: Transition by 2026, exclusive use by 2030. 
  • Operating Systems: Transition by 2027, exclusive use by 2033. 
  • Niche Equipment: Transition by 2030, exclusive use by 2033. 
  • Custom/Legacy Solutions: Transition by 2033.

The Importance of Security Testing 

Implementing new algorithms in CNSS 2.0 suite isn’t just about following guidelines; it’s about ensuring real-world security. Theoretical security needs to be verified in practice. Many of the exploits that exist today are due to design flaws or implementation bugs. This is why thorough security testing is essential to identify any potential vulnerabilities that may exist and patch them. CNSS 2.0 security suite specifies the recommended algorithms and does not include implementation guidelines or testing requirements.   

Based on Riscure’s expertise in testing cryptographical implementations, here’s what we think should be part of the security testing stage: 

  • Cryptographic Validation: Ensuring algorithms meet NSA and NIST standards. 
  • Protection Profiles: NIAP’s profiles detail product requirements for CNSA 2.0 compliance, requiring rigorous testing and validation. 
  • Iterative Prototyping: Continuous testing during development to uncover and fix common issues. 

The move to CNSA 2.0 is a crucial step towards protecting national security systems against future quantum threats. At Riscure, we offer a comprehensive suite of end-to-end security solutions to help you evaluate and strengthen your PQC implementations. Our expertise ensures your systems stay secure against evolving cyber threats. If you would like to discuss how Riscure can help you transition to robust post-quantum cryptography, get in touch with us via inforequest@riscure.com 

Share This