Try the new and let us know what you think!
(Note: Beta site content may not be complete.)

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

CAVP Management Manual and Frequently Asked Questions (FAQ)

CAVP Management Manual

CAVP Management Manual: PDF (06-24-2009)

The purpose of the CAVP Management Manual is to provide effective guidance for the management of the CAVP and other parties in the validation process. The CAVP Management Manual applies to the CAVP Validation Authorities, the CST laboratories, and the vendors who participate in the program. Consumers who purchase validated cryptographic modules and validated cryptographic algorithm implementations may also be interested in the contents of this manual. This manual outlines the management activities and specific responsibilities of the various participating groups. This manual does not include any cryptographic standards.


Complete FAQ Document: PDF (updated 01-04-2016)

Below is a compilation of questions received from the Cryptographic and Security Testing (CST) laboratories relating to the validation of cryptographic algorithm implementations. There is a section for each FIPS-Approved algorithm and a section for general questions.
This compilation of topics addresses issues such as interpretation of specifications in the algorithm standards and special publications, questions relating to the Cryptographic Algorithm Validation Program (CAVP), questions relating to the Cryptographic Algorithm Validation System (CAVS) tool, information required when validating an implementation, etc.
This is intended for use by the CST laboratories when validating cryptographic algorithms submitted by vendors. Vendors may find the information useful when submitting their information to the CST laboratories for cryptographic algorithm implementation validation.

Information includes items of interest, programmatic issues and other topics related to the Cryptographic Algorithm Validation Program.