In a recently published FAQ, the NSA outlines the switch for NSS (National Security Systems) from Suite B cryptography to the CNSA (Commercial National Security Algorithm Suite).
According to the NSA, the following schemes are out:
- ECDH and ECDSA with NIST P-256
- RSA with 2048-bit keys
- Diffie-Hellman with 2048-bit keys
…and these are in: