On February 16, 2005 the National Security Agency (NSA) presented its strategy and recommendations for securing U.S. Government sensitive and unclassified communications. The strategy included a recommended set of advanced cryptography algorithms known as Suite B.
The protocols included in Suite B are Elliptic Curve Diffie-Hellman (ECDH) for key transport and agreement; the Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signatures; the Advanced Encryption Standard (AES) for symmetric encryption; and the Secure Hashing Algorithm (SHA).
In order to properly meet the Suite B standards, vendors must have a firm grasp on ECC-based algorithms or work with a security partner who does. They must also decide on the best way to implement these algorithms into their existing solutions, as well as plan for those in the future.
Solution Ultimately, selling successfully to the government comes down to compliance: compliance with standards for security; compliance with expectations of performance. Understanding the development choices available within the requirements is essential; applying them efficiently is the key to a competitive advantage.
Working with Certicom as a security partner, vendors can quickly and easily build mission-critical national security applications into their products by using Security Builder Crypto and Security Builder GSE toolkits.
By using the toolkit, vendors can look forward to proven implementations, faster NSA approvals and faster FIPS 140-2 validations. This means vendors not only meet Suite B and FIPS government requirements, but they do so quickly, ensuring themselves a competitive advantage.
Suite B is not just for government use, however. As with other technologies in the past, the U.S. Government has led the way in what it considers adequate for secure communications. Many corporations have sensitive intellectual property online and/or electronically process sensitive information. Suite B algorithms are also appropriate in these types of situations. For applications outside the government and government applications outside the NSA “Field of Use”, Certicom offers the Security Builder Crypto (commercial) and Security Builder GSE (FIPS 140-2 certified) toolkits to enable rapid incorporation of Suite B compliant cryptography.
Generally speaking, Certicom believes, what appealed to the NSA about ECC was its strong security, efficiency and scalability over conventional public-key cryptography algorithms. These benefits of ECC were very important to the NSA as it chooses its security for use over several decades in its crypto hardware. Likewise we feel that Suite B requirements will be significant for some time to come.