[11-30-2018] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[05-25-2018] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[03-27-2018] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[01-19-2018] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[01/10/18] Annex A for FIPS PUB 140-2 has been updated.
[12-04-2017] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[09-11-2017] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[08-07-2017] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[06/13/17] Annex A for FIPS PUB 140-2 has been updated.
[05-10-2017] Annex A for FIPS PUB 140-2 has been updated.
[04-25-2017] Annex A for FIPS PUB 140-2 has been updated.
[04-17-2017] Annex A for FIPS PUB 140-2 has been updated.
[02-06-2017] Annex A for FIPS PUB 140-2 has been updated.
[02-01-2016] Annex A for FIPS PUB 140-2 has been updated.
[01-25-2016] Annex A for FIPS PUB 140-2 has been updated.
[01-11-2016] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[01-04-2016] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[01-04-2016] Annex A for FIPS PUB 140-2 has been updated.
[01-04-2016] Annex C for FIPS PUB 140-2 has been updated.
[12-28-2015] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[12-22-2015] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[11-20-2015] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[11-18-2015] Annex B for FIPS PUB 140-2 has been updated.
[11-13-2015] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[11-12-2015] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
[09-17-2015] Annex A for FIPS PUB 140-2 has been updated.
[09-15-2015] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[08-11-2015] NIST Billing Unavailable September 14-30, 2015
With the end of the fiscal year approaching, NIST billing will be unavailable September 14-30, 2015. During this time, NIST will not generate invoices or process payments. The invoices for test report submitted on September 14th through September 30th will be generated on October 1st or shortly thereafter. Any payments received on September 14th through September 30th will be processed starting on October 1st.
During this time frame, the CMVP will continue to review reports that have already been paid. The CMVP asks all participating parties to plan accordingly.
[08-07-2015] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[10-08-2014] Annex A for FIPS PUB 140-2 and FIPS 140-2 Annex D: Approved Key Establishment Techniques have been updated.
Annex A: Added references to NIST SP 800-38F and NIST SP 800-52, Rev 1
Annex D: Updated reference to NIST SP 800-56B, Rev 1
[04-25-2014] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[02-26-2014] FIPS 140-2 Annex D: Approved Key Establishment Techniques has been updated.
Annex D: Added reference to NIST SP 800-133
[02-24-2014] FIPS 140-2 Annex D: Approved Key Establishment Techniques has been updated.
Annex D: Replaced reference to FIPS 186-3 with FIPS 186-4 and SP 800-56a Revision 1 to Revision 2.
[01-31-2014] FIPS 140-2 Annex A: Approved Security Functions has been updated.
Annex A: Replaced reference to FIPS 186-3 with FIPS 186-4.
[01-17-2014] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[01-15-2014] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[01-08-2014] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
Updated examples based on SP 800-131A transition effective 01-01-2014.
[07-25-2013] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
New Implementation Guidance:
Updated Implementation Guidance:
[06-07-2013] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[01-02-2013] FIPS 140-2 Annex D: Approved Key Establishment Techniques has been updated.
Annex D: Added reference to NIST SP 800-38F.
[12-21-2012] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[06-29-2012] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[06-20-2012] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[05-30-2012] FIPS 140-2 Annex A: Approved Security Functions has been updated.
Annex A: Replaced reference to FIPS 180-3 with FIPS 180-4.
[05-02-2012] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
New Implementation Guidance:
Updated Implementation Guidance:
[04-23-2012] FIPS 140-2 Annex D: Approved Key Establishment Techniques has been updated.
Annex D: Updated reference to SP 800-135 Revision 1.
[04-23-2012] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
New Implementation Guidance:
Updated Implementation Guidance:
[02-16-2012] FIPS 140-2 Annex C: Approved Random Number Generators has been updated.
Annex C: Updated reference to NIST PUB 800-90A.
[12-20-2011] FIPS 140-2 Annex D: Approved Key Establishment Techniques has been updated.
Annex D: Added reference to NIST SP 800-56C.
[09-26-2011] Non-Invasive Attack Testing Workshop (NIAT)
A workshop was hosted by the CMVP (NIST and CSEC) and AIST Japan to address new non-invasive attack testing methods for cryptographic modules. Presentations and papers presented at the NIAT Workshop.
[08-12-2011] FIPS 140-2 Annex B: Approved Protection Profiles has been updated.
Annex B: Added new protection profile reference.
[07-26-2011] FIPS 140-2 Annex A: Approved Security Functions, FIPS 140-2 Annex C: Approved Random Number Generators and FIPS 140-2 Annex D: Approved Key Establishment Techniques have been updated.
Annexes A, C and D: Added references to NIST SP 800-131A Transitions.
[07-15-2011] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
New Implementation Guidance:
Updated Implementation Guidance:
[06-14-2011] FIPS 140-2 Annex C: Approved Random Number Generators has been updated.
Annex C: Replaced reference to ANSI X9.62-2005 – Annex D with ANSI X9.62-1998 – Annex A.4)
[03-03-2011] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
Updated Implementation Guidance:
[01-04-2011] FIPS 140-2 Annex A: Approved Security Functions and FIPS 140-2 Annex D: Approved Key Establishment Techniques have been updated.
Annex A: Moved Key Management/Establishment references to FIPS 140-2 Annex D.
Annex D: References reorganized; Added references: FIPS 186-3 – asymmetric key generation; Special Publication 800-108; Special Publication 800-132; Special Publication 800-135
[01-04-2011] Derived Test Requirements for FIPS PUB 140-2, Security Requirements for Cryptographic Modules has been updated.
Please review DTR Change Notices 6, 7 and 8
[12-23-2010] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.
New Implementation Guidance:
Updated Implementation Guidance:
[11-24-2010] FIPS 140-2 Annex A: Approved Security Functions [ PDF ], FIPS 140-2 Annex C: Approved Random Number Generators [ PDF ] and FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] have been updated.
Annex A: Added Addendum to Special Publication 800-38A, October 2010: Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode and updated the revision date for FIPS 198-1, July 2008: The Keyed-Hash Message Authentication Code (HMAC)
Annex C: Updated the revision date for ANSI X9.62-2005 – Annex D: Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)
Annex D: Changed references from FIPS 140-2 Implementation Guidance 7.1 to D.2 and split the Asymmetric Key Establishment Techniques section into three parts.
[08-03-2010] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated.
Updated Implementation Guidance:
[06-15-2010] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated.
Updated Implementation Guidance:
[06-10-2010] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated.
Updated Implementation Guidance:
[04-13-2010] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated.
Updated Implementation Guidance:
[01-27-2010] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
Symmetric Key, Number 1:Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices - Added
[10-22-2009] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated.
Annex A: Key Management, Number 1:Recommendation for Key Derivation Using Pseudorandom Functions - Added
[10-22-2009] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated.
New Implementation Guidance:
Updated Implementation Guidance:
[10-08-2009] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] and FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] have been updated.
Annex A: Editorial Changes to align the references with the CAVP validation listings.
Annex D: Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography, NIST SP 800-38B - Added.
[08-04-2009] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated.
Updated Implementation Guidance:
[07-21-2009] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] and FIPS 140-2 Annex C: Approved Random Number Generators [ PDF ] have been updated
Reference to archived FIPS 186-2 added.
[07-07-2009] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated.
New Implementation Guidance:
[06-18-2009] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated.
Asymmetric Key - Signature, Number 1:Digital Signature Standard (DSS) - FIPS 186-3 replaces FIPS 186-2
[04-01-2009] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
[03-24-2009] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
[03-10-2009] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
Updated Implementation Guidance:
[10-21-2008] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
Hashing, Number 1:Secure Hash Standard - FIPS 180-3 replaces FIPS 180-2
[05-22-2008] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[01-24-2008] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
Updated Implementation Guidance:
[01-16-2008] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[01-16-2008] FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] has been updated.
[12-18-2007] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
Symmetric Key - Encryption, Number 1:Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC - Added
[12-18-2007] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
[11-16-2007] -- Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF] has been updated.
New Implementation Guidance
[11-15-2007] -- CAVP release of CAVS - CAVS6.0
On November 14, 2007, the CAVP released a new version of CAVS - CAVS6.0 which adds testing for NIST SP 800-90 Deterministic Random Bit Generators.
A transition period of three months ending on February 15, 2008 addresses the impact to newly received FIPS 140-2 module test reports and the relationship to FIPS 140-2 IG 1.12.
During the transition period, new FIPS 140-2 module test reports received which implement SP 800-90 RNGs may operate the RNG in an Approved FIPS mode for key generation with reference to an issued CAVP SP 800-90 algorithm validation certificate, or vendor affirmation as indicated in FIPS 140-2 IG 1.12. The certificate annotation is provided in FIPS 140-2 IG G.13 and below:
New FIPS 140-2 IG G.8 Scenario 3 and 5 module test reports received from CMT Laboratories after the transition period which implement SP 800-90 RNGs operating in an Approved FIPS mode for key generation shall reference a CAVP RNG algorithm certificate. At the end of the transition period, FIPS 140-2 IG 1.12 will be for reference only.
The CMVP will also review special conditions on a case-by-case basis.
[11-08-2007] -- Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF] has been updated.
Updated Implementation Guidance
[10-18-2007] -- URL links were updated in the following documents:
[07-26-2007] -- Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF] has been updated.
[07-03-2007] -- Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF] has been updated.
New Implementation Guidance
[06-28-2007] -- Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF] has been updated.
New Implementation Guidance
[06-26-2007] -- Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF] has been updated.
Updated Implementation Guidance
[06-26-2007] -- FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF] has been updated.
Symmetric Key Establishment Techniques:Removed reference to FIPS 171. FIPS 171 was withdrawn February 08, 2005.
Asymmetric Key Establishment Techniques, Number 2:Added references for additional schemes in FIPS 140-2 IG Section 7.1.
[06-22-2007] -- Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [PDF] has been updated.
Updated Implementation Guidance
[06-21-2007] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
[06-14-2007] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[06-14-2007] FIPS 140-2 Annex B: Approved Protection Profiles [ PDF ] has been updated
Updated document links. Added Protection Profile for Single-level Operating Systems in Environments Requiring Medium Robustness, Version 1.91.
[03-19-2007] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[03-19-2007] FIPS 140-2 Annex C: Approved Random Number Generators [ PDF ] has been updated
Deterministic Random Number Generators, Number 6:Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised) - Updated to revised document.
[03-19-2007] FIPS 140-2 Annex D: Approved Key Establishment Techniques[ PDF ] has been updated
Asymmetric Key Establishment Techniques, Number 1:Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised) - Updated to revised document.
[02-26-2007] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[01-26-2007] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
[01-25-2007] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
Updated Implementation Guidance:
[01-24-2007] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
Random Number Generators, Number 1:Annex C: Approved Random Number Generators for FIPS 140-2, Security Requirements for Cryptographic Modules - Updated reference document date
[01-24-2007] FIPS 140-2 Annex C: Approved Random Number Generators [ PDF ] has been updated
Deterministic Random Number Generators, Number 6:Recommendation for Random Number Generation Using Deterministic Random Bit Generators - Added
[01-24-2007] FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] has been updated
Asymmetric Key Establishment Techniques, Number 1:Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography - Added
[10-05-2006] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
[09-27-2006] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[05-05-2006] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[04-07-2006] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[04-03-2006] Annex A: Approved Security Functions [ PDF ] has been updated
CMAC
National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, Special Publication 800-38B, May 2005.
[03-23-2006] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[12-01-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
[11-17-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[09-26-2005] CMVP and IPA/Instac Physical Security Testing Workshop
A workshop was hosted by the CMVP (NIST and CSEC) and IPA/Instac Japan to address new physical testing methods as new mitigation methods are deployed in cryptographic modules. Presentations and papers presented at the Physical Security Testing Workshop.
[09-12-2005] Annex D: Approved Key Establishment Techniques [ PDF ] has been updated
Information regarding allowed asymmetric key establishment methods moved to FIPS 140-2 IG 7.1.
[09-12-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
Updated Implementation Guidance:
[07-25-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[06-30-2005] FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] has been updated
Clarification regarding the use of asymmetric keys for key wrapping as a key transport method for key establishment.
[05-19-2005] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
DES and Triple-DES
National Institute of Standards and Technology, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, Special Publication 800-67, May 2004.
[01-31-2005] FIPS 140-2 Annex C: Approved Random Number Generators [ PDF ] has been updated
NIST-Recommended Random Number Generator Based on ANSI X9.31 Appendix A.2.4 Using the 3-Key Triple DES and AES Algorithms added.
[01-21-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Implementation Guidance:
Updated Implementation Guidance:
[11-04-2004] FIPS 140-2 Annex B: Approved Protection Profiles [ PDF ] has been updated
URL links for Approved protection profiles updated.
[09-23-2004] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
Message Authentication
National Institute of Standards and Technology, Recommendation for BlockCipher Modes of Operation: The CCM Mode for Authentication and Confidentiality, Special Publication 800-38C, May 2004. [ PDF ]
[09-22-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
Updated Implementation Guidance:
[08-19-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New and Updated Implementation Guidance:
[08-18-2004] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
Asymmetric Key
DSA, RSA and ECDSANational Institute of Standards and Technology, Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186-2 with Change Notice 1, October 05, 2001.Updated reference to include Change Notice 1.
RSA Laboratories, PKCS#1 v2.1: RSA Cryptography Standard, June 14, 2002.Updated to reflect CMVP FAQ Section 6 entry "What is the status of PKCS#1?".
[07-26-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New and Updated Implementation Guidance:
[05-13-2004] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
Hashing
Secure Hash Standard (SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512)National Institute of Standards and Technology, Secure Hash Standard, Federal Information Processing Standards Publication 180-2 with Change Notice 1, February 25, 2004. SHA-224 added as a reference.
[04-28-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Guidance
[03-29-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Guidance
[03-24-2004] The Derived Test Requirements [DTR] for FIPS PUB 140-2, Security Requirements for Cryptographic Modules [ PDF ] has been updated
Details can be found in the Change Notices section of the DTR. DTR Change Notice 5.
[03-24-2004] The Derived Test Requirements [DTR] for FIPS PUB 140-2, Security Requirements for Cryptographic Modules [ PDF ] has been updated
Details can be found in the Change Notices section of the DTR. DTR Change Notice 4.
[03-15-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Guidance
[03-11-2004] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
Hashing
Secure Hash Standard (SHA-1, SHA-256, SHA-384 and SHA-512)National Institute of Standards and Technology, Secure Hash Standard, Federal Information Processing Standards Publication 180-2, August 01, 2002.
Random Number Generators
Annex C: Approved Random Number GeneratorsNational Institute of Standards and Technology, Annex C: Approved Random Number Generators for FIPS 140-2, Security Requirements for Cryptographic Modules, March 17, 2003.
[03-11-2004] [12-03-2002] FIPS PUB 140-2, Security Requirements for Cryptographic Modules [ PDF ] has been updated
Change Notices 2, 3 and 4 have been added. Change Notices 2, 3 and 4 will be mandatory for all modules submitted to NIST and CSEC for FIPS 140-2 validation after June 04, 2004. For Change Notice 2, the CMT Laboratories will begin performing validation testing of the FIPS-approved Random Number Generators.
During the transition period prior to June 04, 2004, the following requirements are applicable:
Details can be found in the Change Notices section of the standard.
[03-02-2004] The Derived Test Requirements [DTR] for FIPS PUB 140-2, Security Requirements for Cryptographic Modules [ PDF ] has been updated
Details can be found in the Change Notices section of the DTR.
[02-27-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Guidance
[02-23-2004] FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] has been updated
MQV and EC MQV added as Asymmetric Key Establishment Techniques for use in a FIPS Approved mode.
[02-10-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
New Guidance
[01-09-2004] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
G.1 Implementation guidance requests to NIST and CSEC
Personnel change.
G.2 Completion of a test report
Requirements for submission of documents and termination of initial review.
[12-16-2003] FIPS 140-2 Annex A: Approved Security Functions [PDF ] has been updated
Removed Asymmetric Key references to ANSI X9.31-1998 and ANSI X 9.62-1998.These are referenced FIPS 186-2.
[09-11-2003] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
6.2 Applicability of Operational Environment Requirements to JAVA Smart Cards updated for clarity.
[08-28-2003] FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] has been updated
Clarification of Asymmetric Key Establishment Techniques for use in a FIPS Approved mode.
[08-21-2003] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
G.1 and G.2 NIST CMVP contacts changed.
[08-06-2003] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated
G.5 Maintaining validation compliance of software cryptographic modules
Software modules that require any source code modifications to be recompiled and ported to another General Purpose Computer (GPC) or operational environment must be reviewed by a CMT laboratory and revalidated per IG G.8 (1) [non-security relevant changes].
The effective date for the modified guidance is September 15, 2003.
[07-02-2003] FIPS 140-2 Annex B: Approved Protection Profiles [ PDF ] has been updated
URL link for CAPP updated.
[05-29-2003] A modification has been made to the NIST CMVP FIPS 140-1 and FIPS 140-2 Validation listings.
Bookmarking has been added within each list for each individual certificate. Either while browsing the list, or by link from another web page, one can easily navigate directly to a single certificate entry. If browsing the list, simply append #nnn (where nnn is the 1-3 digit certificate number) to the link, hit enter, and you will go directly to the certificate number.If referencing from another web page, an example syntax would be: http://csrc.nist.gov/cryptval/140-1/140val-all.htm#nnn
[05-20-2003] Vendor Product Link
A cryptographic module may either be a component of a product, or a standalone product. NIST directs user inquiries to cryptographic module vendors to determine specific products that use a validated cryptographic module. Typically there are a large number of security products available that use every validated cryptographic module.
While the CMVP cannot maintain a list of vendor products that utilize an embedded validated cryptographic module, we would like to provide potential users and customers a way to find information on these products. Therefore we have added an optional 2nd URL below the Certificate link on each validation list entry. The 1st URL is the traditional link to the cryptographic module vendor's home page. It is intended that the 2nd URL would link to a vendor provided product page that contains a concise listing of those vendor products that use the validated cryptographic module or, if the module is a standalone product, additional pertinent information.
Providing a direct link for a user or customer to locate products that use validated cryptographic modules should make it easier for users and customers to deploy solutions with validated modules.
The directed link is vendor maintained and optional. NIST and the CMVP do not endorse the views expressed or the facts presented at the directed link. Further, NIST and the CMVP do not endorse any commercial products that may be advertised or available at the directed link.
[05-20-2003] FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] has been updated
Reference to FIPS 171 added for symmetric keys.
[03-17-2003] FIPS 140-2 Annex C: Approved Random Number Generators [ PDF ] has been updated
Reference to ANSI X9.31-1998 - Appendix A changed to ANSI X9.31-1998 - Appendix A.2.4.
[02-19-2003] FIPS 140-2 Annex A: Approved Security Functions [ Error! Hyperlink reference not valid. ] has been updated
NIST Special Publication 800-38A reference added.
[02-12-2003] The Derived Test Requirements [DTR] for FIPS PUB 140-2, Security Requirements for Cryptographic Modules [ PDF ] has been updated
Details can be found in the Change Notices section of the DTR.
[12-02-2002] FIPS 140-2 Annex B: Approved Protection Profiles [ PDF ] has been updated
URL links updated.
[05-26-2002] As of May 26, 2002, NIST and CSEC will only accept validation test reports for cryptographic modules against FIPS 140-2 and the FIPS 140-2 DTR.
[05-13-2002] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated
FIPS 197 (AES) and FIPS 198 (HMAC) have been added.
[04-17-2002] The Cryptographic Module Validation Program FIPS 140-1 and FIPS 140-2 Modules In Process List is now available.
[01-10-2002] FIPS 140-2 Annex C: Approved Random Number Generators [ PDF ] and Implementation Guidance for FIPS PUB 140-1 and the Cryptographic Module Validation Program [ PDF ] have been updated
ANSI X9.62-1998 Annex A.4 PRNG has been added as FIPS Approved.
Presentations and Photos Available(go to Agenda page and select PDF and [photo] links)
Presentations and Photos Available(go to Agenda page and select PDF and [photo] links)
Security and Privacy: cryptography, testing & validation
Technologies: hardware, software & firmware