JDK-8310572 : Support CNSA 2.0
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Priority: P3
  • Status: Open
  • Resolution: Unresolved
  • Submitted: 2023-06-21
  • Updated: 2023-12-04
Related Reports
Blocks :  
JDK-8298127 - HSS/LMS Signature Verification
Blocks :  
JDK-8298390 - Kyber key encapsulation mechanism
Relates :  
JDK-8291566 - Post-Quantum Cryptographic Algorithms
Description
CNSA 2.0 is announced in Sept 2022: https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF

We should check and try to support the new PQC algorithms as well as making necessary adjustments accordingly. See Table IV: CNSA 2.0 algorithms under Appendix for the list of algorithms.
Comments
CNSA 2.0 alogirthms: AES (256-bit), CRYSTALS-Kyber (level V parameters), CRYSTALS-Dilithium (level V parameters), SHA (384 or 512), LMS (all parameters, SHA-256/192 preferred), XMSS (all parameters)
29-11-2023
Here is the timing info documented in CNSA 2.0: NSA anticipates the following timetable for implementing other CNSA 2.0 requirements for NSS:  Software and firmware signing: begin transitioning immediately, support and prefer CNSA 2.0 by 2025, and exclusively use CNSA 2.0 by 2030.  Web browsers/servers and cloud services: support and prefer CNSA 2.0 by 2025, and exclusively1 use CNSA 2.0 by 2033.  Traditional networking equipment (e.g., virtual private networks, routers): support and prefer CNSA 2.0 by 2026, and exclusively use CNSA 2.0 by 2030.  Operating systems: support and prefer CNSA 2.0 by 2027, and exclusively use CNSA 2.0 by 2033.  Niche equipment (e.g., constrained devices, large public-key infrastructure systems): support and prefer CNSA 2.0 by 2030, and exclusively use CNSA 2.0 by 2033.  Custom applications and legacy equipment: update or replace by 2033.
29-11-2023
RFE for CNSA 1.0: JDK-8267319 just FYI
21-06-2023