OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [kmip] Fwd: KMIP Suite B Profile - Deprecated

Suite B is not deprecated - it continues. There is a new initiative to provide a mechanism for quantum resistant algorithm and its handling.
That initiative has not yet provided any results as such in terms of recommendations (that I'm aware of) for new algorithms. 

This is made clear at https://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm

What the advisory guidance from that group at https://www.iad.gov/iad/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/cnsa-suite-and-quantum-computing-faq.cfm is that for anyone currently using Suite B to work only with the TOP SECRET specification level rather than the SECRET specification level on the basis of current perceptions as to possible future quantum computing vulnerability of algorithms at smaller key sizes. 

Basically recommendations have moved from minLOS 128 to minLOS 192.

At least that is my understanding.

Tim.



On Thu, Jun 23, 2016 at 2:56 AM, Saikat Saha <saikat.saha@oracle.com> wrote:

Team,


Let us discuss in tomorrow's meeting in this regard.


Thanks,

Saikat



-------- Forwarded Message --------
Subject: KMIP Suite B Profile - Deprecated
Date: Wed, 22 Jun 2016 13:05:51 +0000
From: Robert Wagner <rwagner@dowless.com>
To: saikat.saha@oracle.com <saikat.saha@oracle.com>, tjc@cryptsoft.com <tjc@cryptsoft.com>
CC: kwburgi@tycho.ncsc.mil <kwburgi@tycho.ncsc.mil>


Dear Technical Committee,

As you may be aware, Suite B is deprecated and replace with the Commercial National Security Algorithm (CNSA) Suite. 

See:  https://www.iad.gov/iad/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/cnsa-suite-and-quantum-computing-faq.cfm

The basic information for this was released in July, 2015 (see CNSS Advisory Memorandum, Information Assurance 02-15, July 2015 at https://www.cnss.gov/CNSS/issuances/Memoranda.cfm)


As such, several of the Key Lengths mentioned in your Suite B profile are prohibited for National Security Systems(see page 3 of the FAQ PDF). 

I am writing you to determine when a CNSA profile for KMIP 1.2 will be publicly available.


I look forward to your response,

Robert Wagner

Dowless and Associates


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]