NSA encryption algorithms - AbsoluteAstronomy.com

The vast majority of the National Security Agency

National Security Agency

The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...

's work on encryption

Cryptography

Cryptography is the practice and study of techniques for secure communication in the presence of third parties...

is classified

Classified information

Classified information is sensitive information to which access is restricted by law or regulation to particular groups of persons. A formal security clearance is required to handle classified documents or access classified data. The clearance process requires a satisfactory background investigation...

, but from time to time NSA participates in standards

Standardization

Standardization is the process of developing and implementing technical standards.The goals of standardization can be to help with independence of single suppliers , compatibility, interoperability, safety, repeatability, or quality....

processes or otherwise publishes information about its cryptographic algorithms. The NSA has categorized encryption items into four product types, and algorithms into two suites. The following is a brief and incomplete summary of public knowledge about NSA algorithms and protocols.

Type 1 Product

Main article: Type 1 encryption
Type 1 encryption
In cryptography, a Type 1 product is a device or system certified by the National Security Agency for use in cryptographically securing classified U.S...

A Type 1 Product refers to an NSA endorsed classified or controlled cryptographic item for classified or sensitive U.S. government information, including cryptographic equipment, assembly or component classified or certified by NSA for encrypting and decrypting classified and sensitive national security information when appropriately keyed.

Name	Type	Specification	Use	Equipment (incomplete list)
ACCORDIAN (or ACCORDION)		R21-TECH-13-00, "ACCORDIAN 3.0 Specification" (August 2000)		AIM (1999 and 2004 brochures), SafeXcel-3340, PSIAM
AES Advanced Encryption Standard Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES... (256-bit keys only)	Block cipher Block cipher In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...	FIPS 197	Numerous	Numerous
BATON BATON BATON is a Type 1 block cipher in use since at least 1995 by the United States government to secure classified information.While the BATON algorithm itself is secret, the public PKCS#11 standard includes some general information about how it is used. It has a 320-bit key and uses a 128-bit block...	Block cipher Block cipher In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...		Various	PKCS#11 PKCS11 In cryptography, PKCS #11 is one of the family of standards called Public-Key Cryptography Standards , published by RSA Laboratories, that defines a platform-independent API to cryptographic tokens, such as Hardware Security Modules and smart cards... , CDSA/CSSM, AIM (1999 and 2004 brochures), Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules... , APCO Project 25, MYK-85, Fortezza Plus KOV-14 The KOV-14 Fortezza Plus is a US National Security Agency-approved PC card which provides encryption functions and key storage to the Secure Terminal Equipment and other devices... , SecNet-11, Sierra, SafeXcel-3340, PSIAM
BAYLESS Bayless Bayless may refer to:People:* Becky Bayless , American professional wrestler* Betsey Bayless, American politician who was the Secretary of State of Arizona from 1997 to 2003* Charles E...				Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules...
BYTEMAN				Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules...
CARDIGAN Cardigan Cardigan may refer to:In geography:* Cardigan, Prince Edward Island, Canada* Cardigan , an electoral district in Prince Edward Island* Mount Cardigan, a mountain in New Hampshire, U.S.* Cardigan, Ceredigion, Wales...				Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules...
CARDHOLDER			Satellite uplink command encryption	Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules... , KI-17, U-AYJ Flight Decrypt Chip (Cardholder), Flight Encrypt Chip (Cardholder), MYK-16, CXS-810, CXS-2000, MCU-100, MCU-600
CARIBOU			Satellite uplink command encryption	U-TXZ, MYK-15A
CRAYON Crayon A crayon is a stick of colored wax, charcoal, chalk, or other materials used for writing, coloring, drawing, and other methods of illustration. A crayon made of oiled chalk is called an oil pastel; when made of pigment with a dry binder, it is simply a pastel; both are popular media for color...				AIM (2004 brochure), Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules... (4 modes)
FASTHASH	Cryptographic hash function Cryptographic hash function A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...		MISSI Type 1 hash	PKCS PKCS In cryptography, PKCS refers to a group of public-key cryptography standards devised and published by RSA Security.RSA Data Security Inc was assigned the licensing rights for the patent on the RSA asymmetric key algorithm and acquired the licensing rights to several other key patents as well... #11, CDSA/CSSM
FIREFLY / Enhanced FIREFLY			EKMS EKMS The Electronic Key Management System system is a United States National Security Agency led program responsible for Communications Security key management, accounting and distribution... public-key cooperative key generation	AIM (2004), SafeXcel-3340, SecNet54, ViaSat KG-25x, PSIAM
GOODSPEED Goodspeed Goodspeed may refer to:Goodspeed Publishing, a company that specialized in publishing works of local history and biographyGoodspeed , people with the surname Goodspeed...				Sierra II
HAVE QUICK HAVE QUICK HAVE QUICK is a frequency-hopping system used to protect military UHF radio traffic.Since the end of World War II, U.S. and Allied military aircraft have used AM radios in the 225–400 MHz UHF band for short range air-to-air and ground-to-air communications...			Antijam, LPI/LPD airborne voice communication	Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules...
JACKNIFE Jacknife Jacknife is a 1989 American film directed by David Jones and starring Robert De Niro and Ed Harris. The film focuses on a small, serious story, with emphasis on characterization and the complex tension between people in a close relationship...				AIM (2004)for IFF Mode 5
JOSEKI JOSEKI (cipher) The JOSEKI algorithm is actually a pair of related algorithms for the encryption and decryption of secret algorithms stored in firmware. The bootstrap code uses a key stored in non-volatile memory to decrypt the operating system code stored encrypted in ROM...		R21-TECH-0062-92, "JOSEKI-1, A Bootstrap Procedures" (Oct. 1992) (also R21-TECH-13-97, R21-TECH-13-98)	Protection of secret algorithms in firmware Firmware In electronic systems and computing, firmware is a term often used to denote the fixed, usually rather small, programs and/or data structures that internally control various electronic devices...	AIM, PSIAM
JUNIPER Juniper Junipers are coniferous plants in the genus Juniperus of the cypress family Cupressaceae. Depending on taxonomic viewpoint, there are between 50-67 species of juniper, widely distributed throughout the northern hemisphere, from the Arctic, south to tropical Africa in the Old World, and to the...	Block cipher Block cipher In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...			PKCS PKCS In cryptography, PKCS refers to a group of public-key cryptography standards devised and published by RSA Security.RSA Data Security Inc was assigned the licensing rights for the patent on the RSA asymmetric key algorithm and acquired the licensing rights to several other key patents as well... #11, CDSA/CSSM
KEESEE				AIM (1999 and 2004 brochures), Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules... , PSIAM
Mark XII IFF			IFF Identification friend or foe In telecommunications, identification, friend or foe is an identification system designed for command and control. It is a system that enables military and national interrogation systems to identify aircraft, vehicles, or forces as friendly and to determine their bearing and range from the... secondary radar Radar Radar is an object-detection system which uses radio waves to determine the range, altitude, direction, or speed of objects. It can be used to detect aircraft, ships, spacecraft, guided missiles, motor vehicles, weather formations, and terrain. The radar dish or antenna transmits pulses of radio...	AIM (2004 brochure)
MAYFLY Mayfly Mayflies are insects which belong to the Order Ephemeroptera . They have been placed into an ancient group of insects termed the Palaeoptera, which also contains dragonflies and damselflies...	Asymmetric-key algorithm			PKCS PKCS In cryptography, PKCS refers to a group of public-key cryptography standards devised and published by RSA Security.RSA Data Security Inc was assigned the licensing rights for the patent on the RSA asymmetric key algorithm and acquired the licensing rights to several other key patents as well... #11, CDSA/CSSM
MEDLEY Medley -Sports:Medley swimming, races requiring multiple swimming stylesMedley relay races at track meets-Music:Medley , multiple pieces strung together"Medley" -People:...		R21-TECH-30-01, "MEDLEY Implementation Standard" (Nov. 2001)		AIM (2004), SecNet 54, SafeXcel-3340, ViaSat KG25x, PSIAM
PEGASUS PEGASUS PEGASUS is an encryption algorithm used for satellite telemetry, command link and mission data transfers.According to budget item justification document for FY 2004-2005 , this cryptographic algorithm is used for Global Positioning Systems , Space-Based Infrared Systems , MILSATCOM, and other...			Satellite telemetry and mission data downlinks	KG-227, KG-228, KI-17, U-BLW Pegasus Space Microcircuit Chip, U-BLX Pegasus Ground Microcircuit Chip, MYK-17, CXS-810, CXS-2000, MCU-100, MCU-600
PHALANX Phalanx Phalanx, from Ancient Greek , may refer to:-Military:* Phalanx formation, in ancient Greek warfare* Phalanx CIWS, a U.S. Navy defense system to protect against an anti-ship missile-Politics:...				AIM (1999 and 2004 brochures), Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules... (PHALANX I and PHALANX II)
SAVILLE SAVILLE SAVILLE is an NSA Type 1 encryption algorithm. It is used broadly, often for voice encryption, and implemented in a large number of encryption devices....			Low-bandwidth voice (and sometimes data) encryption	AIM (1999 and 2004 brochures), Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules... (2 modes), Windster (SAVILLE I), VINSON VINSON VINSON is a family of voice encryption devices used by U.S. and allied military and law enforcement, based on the SAVILLE encryption algorithm and 16 kbit/s CVSD audio compression. It replaces the Vietnam War-era NESTOR family....
VALLOR			TTY broadcasts to submarines	AIM (2004)
WALBURN			High-bandwidth link encryption	AIM (2004), KG-81/94/194/95
PADSTONE				Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules... (2 modes), Windster, Indictor
WEASEL Weasel Weasels are mammals forming the genus Mustela of the Mustelidae family. They are small, active predators, long and slender with short legs....				SafeXcel-3340

Type 2 Product

Main article: Type 2 encryption
Type 2 encryption
In cryptography, Type 2 products are unclassified cryptographic equipment, assemblies, or components, endorsed by the National Security Agency , for use in telecommunications and automated information systems for the protection of national security information.Note: The term refers only to...

A Type 2 Product refers to an NSA endorsed unclassified cryptographic equipment, assemblies or components for sensitive but unclassified U.S. government information.

Name	Type	Specification	Use	Equipment (incomplete list)
CORDOBA				Cypris Cypris (microchip) CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules... , Windster, Indictor
KEA	Asymmetric-key algorithm	R21-Tech-23-94, "Key Exchange Algorithm (KEA)"	Key exchange and digital signature Digital signature A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit... algorithm for Fortezza Fortezza Fortezza is an information security system based on a PC Card security token. Each individual who is authorized to see protected information is issued a Fortezza card that stores private keys and other data needed to gain access... , etc.	Fortezza Fortezza Fortezza is an information security system based on a PC Card security token. Each individual who is authorized to see protected information is issued a Fortezza card that stores private keys and other data needed to gain access... , Fortezza Plus, Palladium Secure Modem
SKIPJACK Skipjack (cipher) In cryptography, Skipjack is a block cipher—an algorithm for encryption—developed by the U.S. National Security Agency . Initially classified, it was originally intended for use in the controversial Clipper chip...	Block cipher Block cipher In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...	R21-Tech-044-91, "SKIPJACK"	Confidentiality algorithm for Fortezza Fortezza Fortezza is an information security system based on a PC Card security token. Each individual who is authorized to see protected information is issued a Fortezza card that stores private keys and other data needed to gain access... , etc.	Fortezza Fortezza Fortezza is an information security system based on a PC Card security token. Each individual who is authorized to see protected information is issued a Fortezza card that stores private keys and other data needed to gain access... , Fortezza Plus, Palladium Secure Modem

Type 3 Product

Main article: Type 3 encryption
Type 3 encryption
In NSA terminology, a Type 3 product is a device for use with Sensitive, But Unclassified information on non-national security systems. Approved algorithms include DES, Triple DES, and AES .-See also:* Type 1 product* Type 2 product* Type 4 product* NSA Suite B Cryptography* NSA Suite A Cryptography...

Unclassified cryptographic equipment, assembly, or component used, when appropriately keyed, for encrypting or decrypting unclassified sensitive U.S. Government or commercial information, and to protect systems requiring protection mechanisms consistent with standard commercial practices. A Type 3 Algorithm refers to NIST endorsed algorithms, registered and FIPS published, for sensitive but unclassified U.S. government and commercial information.

	Name	Type	Specification	Use	Equipment (incomplete list)
DES	Data Encryption Standard Data Encryption Standard The Data Encryption Standard is a block cipher that uses shared secret encryption. It was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is...	Block cipher Block cipher In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...	FIPS 46-3	Ubiquitous	Ubiquitous
AES	Advanced Encryption Standard Advanced Encryption Standard Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...	Block cipher Block cipher In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...	FIPS 197	Numerous	Numerous
DSA	Digital Signature Algorithm Digital Signature Algorithm The Digital Signature Algorithm is a United States Federal Government standard or FIPS for digital signatures. It was proposed by the National Institute of Standards and Technology in August 1991 for use in their Digital Signature Standard , specified in FIPS 186, adopted in 1993. A minor...	Digital signature Digital signature A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit... system	FIPS 186	Numerous	Numerous
SHA	Secure Hash Algorithm Secure Hash Algorithm The Secure Hash Algorithm is one of a number of cryptographic hash functions published by the National Institute of Standards and Technology as a U.S. Federal Information Processing Standard :...	Cryptographic hash function Cryptographic hash function A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...	FIPS 180-2	Ubiquitous	Ubiquitous

Type 4 Product

Main article: Type 4 encryption
Type 4 encryption
In NSA terminology, a Type 4 algorithm is an encryption algorithm that has been registered with NIST but is not a Federal Information Processing Standard...

A Type 4 Algorithm refers to algorithms that are registered by the NIST but are not FIPS published. Unevaluated commercial cryptographic equipment, assemblies, or components that neither NSA nor NIST certify for any Government usage.

Suite A

Main article: NSA Suite A Cryptography

A set of NSA unpublished algorithms that is intended for highly sensitive communication and critical authentication systems.

Suite B

Main article: NSA Suite B Cryptography

A set of NSA endorsed cryptographic algorithms for use as an interoperable cryptographic base for both unclassified information and most classified information. Suite B was announced on 16 February 2005.

Suite C

A set of NSA endorsed cryptographic algorithms for use as an interoperable cryptographic base for both unclassified information and most classified information. Suite C is currently awaiting approval.