A security strength of s bits is said to be supported by a particular choice of algorithm, primitive, auxiliary function, parameters (etc.) for use in the implementation of a cryptographic mechanism if that choice will not prevent the resulting implementation from attaining a security strength of at least s bits. In this Recommendation, it is assume that implementation choices are intended to support a security strenght of 112 bits or more (see [NIST SP 800-57] and [NIST SP 800-131A]) A security strength of s bits is said to be supported by a particular choice of algorithm, primitive, auxiliary function, or parameters for use in the implementation of a cryptographic mechanism if that choice will not prevent the resulting implementation from attaining a security strength of at least s bits. In this Recommendation, it is assumed that implementation choices are intended to support a security strength of 112 bits or more (see [SP 800-57] and [SP 800-131A]).
Sources:
NIST SP 800-56B Rev. 2
under Support (a security strength)
A term applied to a method (e.g., an RBG or a key with its associated cryptographic algorithm) that is capable of providing (at a minimum) the security strength required or desired for protecting data.
A security strength of s bits is said to be supported by a particular choice of keying material, algorithm, primitive, auxiliary function, parameters (etc.) for use in the implementation of a cryptographic mechanism if that choice will not prevent the resulting implementation from attaining a security strength of at least s bits.
Sources:
NIST SP 800-133 Rev. 2
Sources:
NIST SP 800-56C Rev. 2
under Support (a security strength)