More complex cryptographic functions use other cryptographic primitives as building blocks to securely perform the desired operations. The Automated Cryptographic Validation Test System (ACVTS) testing of higher level cryptographic functions focuses on the algorithm itself and not the other algorithms that may also be used. This means it is required that prerequisite algorithms are tested separately in order to receive a cryptographic algorithm validation. The following tables outline the prerequisite requirements for ACVTS.
Algorithm |
Mode |
Revision |
Prerequisites |
ACVP-AES-CBC |
1.0 |
|
|
ACVP-AES-CBC-CS1 |
1.0 |
|
|
ACVP-AES-CBC-CS2 |
1.0 |
|
|
ACVP-AES-CBC-CS3 |
1.0 |
|
|
ACVP-AES-CCM |
1.0 |
Any AES mode using the forward cipher function |
|
ACVP-AES-CFB1 |
1.0 |
|
|
ACVP-AES-CFB128 |
1.0 |
|
|
ACVP-AES-CFB8 |
1.0 |
|
|
ACVP-AES-CTR |
1.0 |
|
|
ACVP-AES-ECB |
1.0 |
|
|
ACVP-AES-FF1 |
1.0 |
Any AES mode using the forward cipher function |
|
ACVP-AES-GCM |
1.0 |
Any AES mode using the forward cipher function |
|
ACVP-AES-GMAC |
1.0 |
Any AES mode using the forward cipher function |
|
ACVP-AES-KW |
1.0 |
Any AES mode using the forward cipher function and/or any AES mode using the inverse cipher function |
|
ACVP-AES-KWP |
1.0 |
Any AES mode using the forward cipher function and/or any AES mode using the inverse cipher function |
|
ACVP-AES-OFB |
1.0 |
|
|
ACVP-AES-XPN |
1.0 |
Any AES mode using the forward cipher function |
|
ACVP-AES-XTS |
2.0 |
Any AES mode using the forward cipher function and/or any AES mode using the inverse cipher function |
|
ACVP-TDES-CBC |
1.0 |
||
ACVP-TDES-CBCI |
1.0 |
||
ACVP-TDES-CFB1 |
1.0 |
||
ACVP-TDES-CFB64 |
1.0 |
||
ACVP-TDES-CFB8 |
1.0 |
||
ACVP-TDES-CFBP1 |
1.0 |
||
ACVP-TDES-CFBP64 |
1.0 |
||
ACVP-TDES-CFBP8 |
1.0 |
||
ACVP-TDES-CTR |
1.0 |
||
ACVP-TDES-ECB |
1.0 |
||
ACVP-TDES-KW |
1.0 |
Any TDES mode using the forward cipher function and/or and TDES mode using the inverse cipher function |
|
ACVP-TDES-OFB |
1.0 |
||
ACVP-TDES-OFBI |
1.0 |
Algorithm |
Mode |
Revision |
Prerequisites |
SHA-1 |
1.0 |
||
SHA2-224 |
1.0 |
||
SHA2-256 |
1.0 |
||
SHA2-384 |
1.0 |
||
SHA2-512 |
1.0 |
||
SHA2-512/224 |
1.0 |
||
SHA2-512/256 |
1.0 |
||
SHA3-224 |
2.0 |
||
SHA3-256 |
2.0 |
||
SHA3-384 |
2.0 |
||
SHA3-512 |
2.0 |
Message Authentication Codes (MACs)
Algorithm |
Mode |
Revision |
Prerequisites |
CMAC-AES |
1.0 |
AES-CBC preferred, otherwise any AES mode that utilizes the forward cipher function |
|
CMAC-TDES |
1.0 |
TDES-CBC preferred, otherwise any TDES mode that utilizes the forward cipher function |
|
HMAC-SHA-1 |
1.0 |
SHA-1 |
|
HMAC-SHA2-224 |
1.0 |
SHA2-224 |
|
HMAC-SHA2-256 |
1.0 |
SHA2-256 |
|
HMAC-SHA2-384 |
1.0 |
SHA2-384 |
|
HMAC-SHA2-512 |
1.0 |
SHA2-512 |
|
HMAC-SHA2-512/224 |
1.0 |
SHA2-512/224 |
|
HMAC-SHA2-512/256 |
1.0 |
SHA2-512/256 |
|
HMAC-SHA3-224 |
1.0 |
SHA3-224 |
|
HMAC-SHA3-256 |
1.0 |
SHA3-256 |
|
HMAC-SHA3-384 |
1.0 |
SHA3-384 |
|
HMAC-SHA3-512 |
1.0 |
SHA3-512 |
Algorithm |
Mode |
Revision |
Prerequisites |
DetECDSA |
sigGen |
FIPS186-5 |
All hash functions and XOFs used for the signature; all hmacDRBGs and all HMACs used in the per-message secret number generation. |
DSA |
keyGen |
1.0 |
|
DSA |
pqgGen |
1.0 |
All hash functions used. |
DSA |
pqgVer |
1.0 |
All hash functions used. |
DSA |
sigVer |
1.0 |
All hash functions used. |
DSA |
sigGen |
1.0 |
All hash functions used. |
ECDSA |
keyGen |
1.0 |
|
ECDSA |
keyGen |
FIPS186-5 |
|
ECDSA |
keyVer |
1.0 |
|
ECDSA |
keyVer |
FIPS186-5 |
|
ECDSA |
sigGen |
1.0 |
All hash functions and XOFs used. |
ECDSA |
sigGen |
FIPS186-5 |
All hash functions and XOFs used. |
ECDSA |
sigVer |
1.0 |
All hash functions used. |
ECDSA |
sigVer |
FIPS186-5 |
All hash functions and XOFs used. |
EDDSA |
keyGen |
1.0 |
SHA2-512 for the Ed25519 curve and SHAKE256 for the Ed448 curve |
EDDSA |
keyVer |
1.0 |
|
EDDSA |
sigGen |
1.0 |
SHA2-512 for the Ed25519 curve and SHAKE256 for the Ed448 curve |
EDDSA |
sigVer |
1.0 |
SHA2-512 for the Ed25519 curve and SHAKE256 for the Ed448 curve |
RSA |
decryptionPrimitive |
1.0 |
|
RSA |
decryptionPrimitive |
Sp800-56Br2 |
|
RSA |
keyGen |
FIPS186-4 |
All hash functions used. |
RSA |
keyGen |
FIPS186-5 |
All hash functions used. |
RSA |
sigGen |
FIPS186-4 |
All hash functions used. |
RSA |
sigGen |
FIPS186-5 |
All hash functions used for the signature; all XOFs used for PSS if used as a mask generation function |
RSA |
signaturePrimitive |
1.0 |
|
RSA |
signaturePrimitive |
2.0 |
|
RSA |
sigVer |
FIPS186-2 |
All hash functions used. |
RSA |
sigVer |
FIPS186-4 |
All hash functions used. |
RSA |
sigVer |
FIPS186-5 |
All hash functions used for the signature; all XOFs used for PSS if used as a mask generation function |
LMS |
keyGen |
1.0 |
All hash functions and XOFs used. |
LMS |
sigGen |
1.0 |
All hash functions and XOFs used. |
LMS |
sigVer |
1.0 |
All hash functions and XOFs used. |
ML-DSA |
keyGen |
FIPS204 |
SHAKE128 and SHAKE256 |
ML-DSA |
sigGen |
FIPS204 |
SHAKE128 and SHAKE256 |
ML-DSA |
sigVer |
FIPS204 |
SHAKE128 and SHAKE256 |
SLH-DSA | keyGen | FIPS205 | SHAKE256 for the SHAKE parameter sets, e.g., SLH-DSA-SHAKE-128s. SHA2-256 for SLH-DSA-SHA2-128s and SLH-DSA-SHA2-128f. SHA2-256 and SHA2-512 for SLH-DSA-SHA2-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHA2-256s, and SLH-DSA-SHA2-256f. |
SLH-DSA | sigGen | FIPS205 | SHAKE256 for the SHAKE parameter sets, e.g., SLH-DSA-SHAKE-128s. SHA2-256 and HMAC-SHA-256 for SLH-DSA-SHA2-128s and SLH-DSA-SHA2-128f. SHA2-256, SHA2-512 and HMAC-SHA-512 for SLH-DSA-SHA2-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHA2-256s, and SLH-DSA-SHA2-256f. |
SLH-DSA | sigVer | FIPS205 | SHAKE256 for the SHAKE parameter sets, e.g., SLH-DSA-SHAKE-128s. SHA2-256 for SLH-DSA-SHA2-128s and SLH-DSA-SHA2-128f. SHA2-256 and SHA2-512 for SLH-DSA-SHA2-192s, SLH-DSA-SHA2-192f, SLH-DSA-SHA2-256s, and SLH-DSA-SHA2-256f. |
Deterministic Random Bit Generators (DRBGs)
Algorithm |
Mode |
Revision |
Prerequisites |
ConditioningComponent |
AES-CBC-MAC |
SP800-90B |
Any AES mode using the forward cipher function |
ConditioningComponent |
BlockCipher_DF |
SP800-90B |
Any AES mode using the forward cipher function |
ConditioningComponent |
Hash_DF |
SP800-90B |
All hash functions used. |
ctrDRBG |
1.0 |
Any AES mode using the forward cipher function | |
hashDRBG |
1.0 |
All hash functions used. |
|
hmacDRBG |
1.0 |
All HMAC used. |
Key Derivation Functions (KDFs)
Algorithm |
Mode |
Revision |
Prerequisites |
KDF (SP 800-108) |
All MACs used for the PRF. |
||
KDF |
KMAC |
Sp800-108r1 |
All KMAC functions used. |
kdf-components |
ansix9.42 |
1.0 |
All hash functions used. |
kdf-components |
ansix9.63 |
1.0 |
All hash functions used. |
kdf-components |
ikev1 |
1.0 |
All HMACs used. |
kdf-components |
ikev2 |
1.0 |
All HMACs used. |
kdf-components |
snmp |
1.0 |
SHA-1 |
kdf-components |
srtp |
1.0 |
Any forward AES cipher. |
kdf-components |
ssh |
1.0 |
All hash functions used. |
kdf-components |
tls |
1.0 |
HMAC-SHA-1 for TLS 1.0/1.1; one or more of HMAC-SHA-256, HMAC-SHA-384 and HMAC-SHA-512 for TLS 1.2 |
kdf-components |
tpm |
1.0 |
HMAC SHA-1 |
PBKDF |
1.0 |
All HMACs used. |
|
TLS-v1.2 |
KDF |
RFC7627 |
All HMACs used. |
TLS-v1.3 |
KDF |
RFC8446 |
All HMACs used. |
Extendable Output Functions (XOFs)
Algorithm |
Mode |
Revision |
Prerequisites |
SHAKE-128 |
1.0 |
||
SHAKE-256 |
1.0 |
||
cSHAKE-128 |
1.0 |
SHAKE-128 |
|
cSHAKE-256 |
1.0 |
SHAKE-256 |
|
KMAC-128 |
1.0 |
cSHAKE-128 |
|
KMAC-256 |
1.0 |
cSHAKE-256 |
|
ParallelHash-128 |
1.0 |
cSHAKE-128 |
|
ParallelHash-256 |
1.0 |
cSHAKE-256 |
|
TupleHash-128 |
1.0 |
cSHAKE-128 |
|
TupleHash-256 |
1.0 |
cSHAKE-256 |
Algorithm |
Mode |
Revision |
Prerequisites |
KAS-ECC |
CDH-Component |
1.0 |
|
KAS-ECC |
CDH-Component |
Sp800-56Ar3 |
|
KAS-ECC |
1.0 |
All MACs used in Key Confirmation; all hash functions used in the KDFs. |
|
KAS-ECC |
Sp800-56Ar3 |
All MACs used in Key Confirmation; all hash functions and MACs used in the KDFs. |
|
KAS-ECC-SSC |
Sp800-56Ar3 |
||
KAS-FFC |
Component |
1.0 |
|
KAS-FFC |
1.0 |
All MACs used in Key Confirmation; all hash functions used in the KDFs. |
|
KAS-FFC |
Sp800-56Ar3 |
All MACs used in Key Confirmation; all hash functions and MACs used in the KDFs. |
|
KAS-FFC-SSC |
Sp800-56Ar3 |
||
KAS-IFC |
Sp800-56Br2 |
All MACs used in Key Confirmation; all hash functions and MACs used in the KDFs. |
|
KAS-IFC-SSC |
Sp800-56Br2 |
||
KAS-KC |
Sp800-56 |
All MACs used. |
|
KDA |
HKDF |
Sp800-56Cr1 |
All HMACs used. |
KDA |
HKDF |
Sp800-56Cr2 |
All HMACs used. |
KDA |
OneStep |
Sp800-56Cr1 |
All hash functions and MACs used. |
KDA |
OneStep |
Sp800-56Cr2 |
All hash functions and MACs used. |
KDA |
OneStepNoCounter |
Sp800-56Cr2 |
All hash functions and MACs used |
KDA |
TwoStep |
Sp800-56Cr1 |
All MACs used. |
KDA |
TwoStep |
Sp800-56Cr2 |
All MACs used. |
KTS-IFC |
Sp800-56Br2 |
Hash functions used by the RSA-OAEP mask-generation function; any MACs used in Key Confirmation. |
|
safePrimes |
keyGen |
1.0 |
|
safePrimes |
keyVer |
1.0 |
Key Encapsulation Mechanisms (KEMs)
Algorithm |
Mode |
Revision |
Prerequisites |
ML-KEM |
keyGen |
FIPS203 |
SHA3-256, SHA3-512, SHAKE128, and SHAKE256 |
ML-KEM |
encapDecap |
FIPS203 |
SHA3-256, SHA3-512, SHAKE128, and SHAKE256 if using encapsulation, SHA3-512, SHAKE128, and SHAKE256 if using decapsulation. |
Security and Privacy: assurance, cryptography, testing & validation