NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Announcements

11/29/2010

As of 11/29/2010, NPIVP hereby authorizes all NPIVP Test Facilities to commence certification of PIV cards for conformance to NIST SP 800-73-3 specifications. However certifications of PIV cards for conformance to NIST SP 800-73-2 that are currently under testing will be accepted till December 31, 2010.Effective January 1, 2011, NPIVP will not be accepting test reports from laboratories for NIST SP 800-73-2 cards. From that date, PIV Card Application products claiming conformance to SP 800-73-3 specifications alone will be accepted for validation and issuance of certificates. NIST will be shortly making an announcement regarding the acceptance of test reports for NIST SP 800-73-3 PIV Middleware. If you need any clarifications please do not hesitate to contact us at npivp@nist.gov. Thanks for your cooperation.

 

06/23/2009

Effective July 11, 2009, NPIVP will not be accepting test reports from laboratories submitting test evidence for PIV Card Application and PIV Middlware based on SP 800-73-1 specifications. Test Results for PIV Middleware or PIV Card Application products claiming conformance to SP 800-73-2 specifications alone will be accepted for validation and issuance of certificates. If you need any clarifications please do not hesitate to contact us at npivp@nist.gov. Thanks for your cooperation.

12/15/2008

Effective January 1, 2009, NPIVP will not accept test reports from laboratories submitting test evidence for RSA-1024-based DSK and/or  KMK, since these keys do not comply with the cryptographic timelines established in SP 800-78-1, Table 3-1.

 

11/26/2008

Beginning January 1, 2009, PIV Card Applications implementing the PIV Digital Signature Key (DSK) and/or the PIV Key Management Key (KMK) are required to support cryptographic keys that provide a minimum of 112 bits of security strength.  RSA 1024-based DSK and KMK provide only 80 bit security strength. These keys, as per SP 800-78-1, Table 3-1, are to be discontinued by the end of 2008. As a result, the validation listing on NPIVPs validation web page will be revised to mark RSA 1024-based DSK and KMK that are no longer valid with respect to the scope of the validation, since they do not comply with the cryptographic timelines established in SP 800-78-1, Table 3-1. 
 
Effective January 1, 2009, affected PIV card application validation entry will appears as follows: 
 
Optional PIV Data Object Implemented:
1) Card Holder Facial Image
2) Card Holder Printed Information
3)  X.509 Certificate for Digital Signature
4)  X.509 Certificate for PIV Key Management
5) X.509 Certificate for Card Authentication

As of January 1, 2009, PIV card applications implementing the PIV Digital Signature Key (DSK) and/or the PIV Key Management Key (KMK) are required to support cryptographic keys that provide a minimum of 112 bits of security strength.   The private key (corresponding to the X.509 certificate in gray font) provides only 80 bit security strength. This key is no longer valid, since it does not comply with the cryptographic timelines established in SP 800-78-1, Table 3-1 and is therefore out of the scope of the validation.

09/27/2006

All current NPIVP test facilities are now fully accredited by the National Voluntary Laboratory Accreditation Program (NVLAP) to conduct PIV card application and PIV middleware testing.

06/12/2006

As a reminder, NVLAP has announced the addition of the PIV Test Methods to the NVLAP Cryptographic Module Testing LAP (CMT LAP) on 4/26/06.

04/25/2006

Due to numerous inquiries about the READ BINARY command, the NIST would like to clarify its use on the contact and contacless cards chip of the PIV card. View Full Report

04/21/2006

The NIST has initiated the PIV Biometric Product Testing Resource Center to inform the biometric vendor community of existing product testing procedures.