NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Cryptographic Algorithm Validation Program (CAVP)

The Computer Security Division at NIST maintains a number of cryptographic standards, and coordinates algorithm validation test suites for many of those standards. The Cryptographic Algorithm Validation Program (CAVP) currently has algorithm validation testing for the following cryptographic algorithms:

Symmetric Algorithm

  • FIPS 197:Advanced Encryption Standard (AES). FIPS 197 specifies the AES algorithm.
  • FIPS 46-3 and FIPS 81: Data Encryption Standard (DES) and DES Modes of Operation. FIPS 46-3 specifies the DES and Triple DES algorithms.
  • FIPS 185: Escrowed Encryption Standard (EES), which specifies the Skipjack algorithm.

Asymmetric Algorithms

Hash Algorithms

Random Number Generator Algorithms

Deterministic Random Bit Generator (DRBG) Algorithms

Message Authentication Algorithms

  • Special Publication 800-38B (May 2005): Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. CMAC can be considered a mode of operation of the block cipher because it is based on an approved symmetric key block cipher, such as the Advanced Encryption Standard (AES) algorithm currently specified in Federal Information Processing Standard (FIPS) Pub. 197. CMAC is also an approved mode of the Triple Data Encryption Algorithm (TDEA).
  • Special Publication 800-38C (May 2004): Counter with Cipher Block Chaining - Message Authentication Code (CCM). CCM is based on an approved symmetric key block cipher algorithm whose block size is 128 bits, such as the Advanced Encryption Standard (AES) algorithm currently specified in Federal Information Processing Standard (FIPS) Pub. 197 [2]; thus, CCM cannot be used with the Triple Data Encryption Algorithm [3], whose block size is 64 bits. Currently the only NIST-Approved 128 bit symmetric key algorithm is AES.
  • Special Publication 800-38D (November 2007): Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC . GCM is based on an approved symmetric key block cipher algorithm whose block size is 128 bits, such as the Advanced Encryption Standard (AES) algorithm currently specified in Federal Information Processing Standard (FIPS) Pub. 197 [2]; thus, GCM cannot be used with the Triple Data Encryption Algorithm [3], whose block size is 64 bits. Currently the only NIST-Approved 128 bit symmetric key algorithm is AES.
  • FIPS 198 (March 6, 2002): Keyed-Hash Message Authentication Code (HMAC). FIPS 198 specifies the HMAC algorithm.

Key Management

Key Schemes

  • Special Publication 800-56A (Revised March 2007): Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography . This special publication specifies key establishment schemes based on standards developed by the Accredited Standards Committee (ASC) X9, Inc.: ANS X9.42 (Agreement of Symmetric Keys Using Discrete Logarithm Cryptography) and ANS X9.63 (Key Agreement and Key Transport Using Elliptic Curve Cryptography).

Retired Validation Testing

  • Two other cryptographic standards (MAC; ANSI X9.17 Key Management) no longer have active validation testing, but the standards remain in effect. Cryptographic module (FIPS 140-1 and FIPS 140-2) validation testing by the CMT laboratories may include testing for conformance to FIPS 113 and 171, as appropriate:
    • FIPS 113 : Computer Data Authentication, which specifies the generation of a Message Authentication Code (MAC), from ANSI X9.9, and
    • FIPS 171: Key Management Using ANSI X9.17(withdrawn February 08, 2005).