NIST 800-53 REV 5 • SYSTEM AND COMMUNICATIONS PROTECTION

SC-13(2)NSA-approved Cryptography

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Practitioner Notes

For national security systems, use NSA-approved (Suite B or CNSA) cryptographic algorithms and implementations.

Example 1: Configure classified network VPN concentrators to use CNSA Suite algorithms — AES-256 for encryption, SHA-384 for hashing, ECDH P-384 for key exchange. Only use NSA-certified encryption devices (Type 1) for classified data protection.

Example 2: For Secret-level communications, deploy NSA-approved encryptors like the KG-175D (TACLANE) for network encryption. These devices are certified by NSA and provide government-approved protection for classified data in transit.

More System and Communications Protection Controls

SC-1 Policy and Procedures SC-2 Separation of System and User Functionality SC-2(1) Interfaces for Non-privileged Users SC-2(2) Disassociability