They don't. They use Suite A, which is an eclectic mix of proprietary algorithms. Firefly/Enhanced Firefly for key exchange (PKI), Joeski (allegedly a pair of algorithms for encrypting and decrypting other ciphers or firmware with the interesting property that encryption algorithm cannot be deduced from the decryption algorithm and vice versa), and a bunch of others. They have different algorithms depending on the specific information channel. Permanent data storage uses one (or perhaps a few), communications traffic uses others, and communications are further split depending on channel bandwidth and presumably long-term classification needs of the data.

They have to recommend Suite B to the government and military in cases where NSA validated hardware can't be used. Examples would be military communications with allies, garden variety agencies that can't afford or can't be trusted with Suite A modules.