The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and its associated validation testing program, the Cryptographic Module Validation Program (CMVP). The series specifies modifications to ISO/IEC 19790 Annexes and ISO/IEC 24759 as permitted by the validation authority.
These two subseries publications have been revised:
- NIST SP 800-140C Revision 2, Cryptographic Module Validation Program (CMVP)-Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759
- NIST SP 800-140D Revision 2, Cryptographic Module Validation Program (CMVP)-Approved Sensitive Security Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759
These revisions move lists of approved security functions that were in previous editions to new CMVP webpages for SP 800-140C and SP 800-140D. This will enable the CMVP to update those lists more quickly as publications that specify security functions are published or withdrawn.
The lists have also added the following five publications of approved security functions:
- NIST SP 800-89 (November 2006)
- NIST SP 800-208 (October 2020)
- NIST SP 800-108 Revision 1 (August 2022)
- FIPS 186-5 (February 2023)
- NIST SP 800-186 (February 2023)
