[Cryptography] NIST should publish Suite A

Peter Bowen pzbowen at gmail.com
Tue Nov 12 13:12:59 EST 2013 

On Tue, Nov 12, 2013 at 8:44 AM, ianG <iang at iang.org> wrote:
> On 12/11/13 07:31 AM, Peter Bowen wrote:
>
>> There appear to be two primary Type 1 asymmetric/public key
>> algorithms: FIREFLY and MAYFLY.  FIREFLY is the older of the two and
>> appears to be based on Finite Field DLP or RSA.  MAYFLY is based on
>> Elliptic Curves.  The NSA has developed a hybrid or transition
>> approach called "Enhanced FIREFLY" that allows systems to use EC when
>> both ends support it and fall back to basic FIREFLY when they do not.
>>  From the TACLANE Operator's Manual (helpfully published by the
>> Government of Canada[1] among others):
>>
>> "Enhanced FIREFLY (EFF) is a key management technique that makes use
>> of existing FIREFLY technology to implement Elliptic Curve
>> cryptography (specifically, a form of the MAYFLY Elliptic Curve
>> technology). TACLANE is able to use MAYFLY with other enhanced-capable
>> TACLANEs. TACLANE can also negotiate down, if necessary, to Basic FF
>> for TACLANEs that have not been upgraded to support EFF. Enhanced
>> FIREFLY therefore serves as a bridge between the existing FIREFLY
>> infrastructure and the move to a solely Elliptic Curve solution"
>
> So pretty clearly (from that single data point) EC is the future, RSA is the
> legacy.
>
>> I'm sure there is more information that can be easily gleaned from
>> public sources, but it is clear the EC is a core part of Suite A.
>
> Super!  This is very encouraging.  If we agree with this albeit limited data
> point, then it means that we don't have to steer clear of EC nor do we have
> to go back to RSA.

I found a second data point: Secure Communication Interoperability
Protocol (SCIP)  (https://www.iad.gov/SecurePhone/)

The SCIP specification appears to be the follow-on to the STU and STE
specifications and SCIP 233 Rev. 1.1 lists the crypto modes.  Many of
the details are in reference modules of the specification that are not
public, but the Key Material and Key Processing reference module
titles make it clear that EC is a core part of the specification.

More information about the cryptography mailing list