Using Commercial National Security Algorithm Suite Algorithms in Secure/Multipurpose Internet Mail Extensions
RFC 8755

Document Type RFC - Informational (March 2020; No errata)
Last updated 2020-03-19
Stream ISE
Formats plain text html xml pdf htmlized bibtex
IETF conflict review conflict-review-jenkins-cnsa-smime-profile
Stream ISE state Published RFC
Consensus Boilerplate Unknown
Document shepherd Adrian Farrel
Shepherd write-up Show (last changed 2019-10-25)
IESG IESG state RFC 8755 (Informational)
Telechat date
Responsible AD (None)
Send notices to Adrian Farrel <rfc-ise@rfc-editor.org>
IANA IANA review state Version Changed - Review Needed
IANA action state No IANA Actions


Independent Submission                                        M. Jenkins
Request for Comments: 8755                                           NSA
Category: Informational                                       March 2020
ISSN: 2070-1721

    Using Commercial National Security Algorithm Suite Algorithms in
              Secure/Multipurpose Internet Mail Extensions

Abstract

   The United States Government has published the National Security
   Agency (NSA) Commercial National Security Algorithm (CNSA) Suite,
   which defines cryptographic algorithm policy for national security
   applications.  This document specifies the conventions for using the
   United States National Security Agency's CNSA Suite algorithms in
   Secure/Multipurpose Internet Mail Extensions (S/MIME) as specified in
   RFC 8551.  It applies to the capabilities, configuration, and
   operation of all components of US National Security Systems that
   employ S/MIME messaging.  US National Security Systems are described
   in NIST Special Publication 800-59.  It is also appropriate for all
   other US Government systems that process high-value information.  It
   is made publicly available for use by developers and operators of
   these and any other system deployments.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not candidates for any level of Internet Standard;
   see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8755.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Table of Contents

   1.  Introduction
     1.1.  Terminology
   2.  The Commercial National Security Algorithm Suite
   3.  Requirements and Assumptions
   4.  SHA-384 Message Digest Algorithm
   5.  Digital Signature
     5.1.  ECDSA Signature
     5.2.  RSA Signature
   6.  Key Establishment
     6.1.  Elliptic Curve Key Agreement
     6.2.  RSA Key Transport
   7.  Content Encryption
     7.1.  AES-GCM Content Encryption
     7.2.  AES-CBC Content Encryption
   8.  Security Considerations
   9.  IANA Considerations
   10. References
     10.1.  Normative References
     10.2.  Informative References
   Author's Address

1.  Introduction

   This document specifies the conventions for using the United States
   National Security Agency's Commercial National Security Algorithm
   (CNSA) Suite algorithms [CNSA] in Secure/Multipurpose Internet Mail
   Extensions (S/MIME) [RFC8551].  It applies to the capabilities,
   configuration, and operation of all components of US National
   Security Systems that employ S/MIME messaging.  US National Security
   Systems are described in NIST Special Publication 800-59 [SP80059].
   It is also appropriate for all other US Government systems that
   process high-value information.  It is made publicly available for
   use by developers and operators of these and any other system
   deployments.

   S/MIME makes use of the Cryptographic Message Syntax (CMS) [RFC5652]
   [RFC5083].  In particular, the signed-data, enveloped-data, and
   authenticated-enveloped-data content types are used.  This document
   only addresses CNSA Suite compliance for S/MIME.  Other applications
   of CMS are outside the scope of this document.

   This document does not define any new cryptographic algorithm suites;
   instead, it defines a CNSA-compliant profile of S/MIME.  Since many
   of the CNSA Suite algorithms enjoy uses in other environments as
   well, the majority of the conventions needed for these algorithms are
   already specified in other documents.  This document references the
   source of these conventions, with some relevant details repeated to
   aid developers that choose to support the CNSA Suite.  Where details
   have been repeated, the cited documents are authoritative.

1.1.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2.  The Commercial National Security Algorithm Suite
Show full document text