Day 23: CNSA 2.0, NSM-10, and Federal Migration Timelines

Phase 3 · July 30, 2026

Agenda (2–3 hours)

• Read (75 min): NSA CNSA 2.0 algorithm table (full document, ~6 pages); White House NSM-10 summary; NIST IR 8547 §3 (timelines)
• Study (45 min): What the mandates actually require and by when
• Challenge (30 min): Compliance calendar for your service

CNSA 2.0: The Algorithm Requirements

NSA Commercial National Security Algorithm Suite 2.0 (2022):

"New products" = new software deployments or major version releases.
"Legacy" = existing deployed systems that are harder to update.

NSM-10: National Security Memorandum

White House National Security Memorandum 10 (May 2022):

Key requirements:

• Federal agencies must inventory systems using quantum-vulnerable cryptography
• Submit PQC migration plans to CISA and NSA
• Hard deadline: migrate to PQC by 2035
• Focus on HNDL-vulnerable communications first

Implications for Amazon Leo:

• Leo provides satellite internet services including to U.S. government customers
• Government contracts likely reference CNSA 2.0 compliance requirements
• Your provisioning service may be in scope for NSM-10 as a critical infrastructure supplier

NIST Algorithm Deprecation Timeline

NIST SP 800-131A Rev 3 (expected 2026-2027):

2030 is the hard line for federal systems. Commercial systems may have more
flexibility, but aligning to 2030 is the defensible posture.

Interpreting the Deadlines for Your Service

The "2025 deadline for new products" may feel missed — but CNSA 2.0 recognizes
that full PQC readiness requires infrastructure (HSMs, libraries, standards) to mature.

Practical interpretation:

• TLS hybrid (key exchange): you should be doing this now. Libraries support it.
  2025 deadline = "make your plan and start your TLS migration"
• Certificate signing migration: blocked on HSMs. Target: when CloudHSM is ready (est. 2027)
• Full CNSA 2.0 compliance: target 2030, well before the 2033 legacy deadline

What "Compliance" Actually Requires

A CNSA 2.0-compliant provisioning service needs:

1. TLS key exchange: ML-KEM-768 (hybrid X25519+ML-KEM-768 is acceptable during transition)
2. TLS cipher: AES-256-GCM (already in TLS_AES_256_GCM_SHA384)
3. Certificate signatures: ML-DSA-65 (on CA and leaf certs)
4. Hashing: SHA-384 (already used with AES-256 cipher suite)
5. No ECDH/ECDSA for key exchange or cert signing after 2033

Challenge Assignment

Build a compliance calendar for your service:

Fill in realistic dates based on your understanding of the team's velocity.
Save to your migration roadmap as "Compliance Calendar."

Resources

• NSA CNSA 2.0: media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF
• White House NSM-10: whitehouse.gov/briefing-room/statements-releases/2022/05/04
• NIST SP 800-131A Rev 2: pubs.nist.gov — current; watch for Rev 3