News & Updates

The final version of NIST Special Publication (SP) 800-140Br1 (Revision 1), CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B, is now available.

The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and its associated validation testing program,...

The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary practice guide, Automation of the NIST Cryptographic Module Validation Program, for public comment through July 25, 2023.  

NIST is introducing a plan to transition away from the current limited use of the Secure Hash Algorithm 1 (SHA-1) hash function. Other approved hash functions are already available. The transition will be completed by...

The second public draft of NIST Special Publication (SP) 800-140Br1 (Revision 1), CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B, is now available for public...

NIST releases NIST Cybersecurity White Paper 26, Ordered t-way Combinations for Testing State-based Systems.

NIST has published revisions of two Special Publications (SP) that identify security functions and sensitive security parameter generation and establishment methods allowed within the context of the Cryptographic Module...

The initial public draft of NIST Special Publication (SP) 800-140Br1 (Revision 1), CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B, is now available for public...

After considering several rounds of public comments, NIST has decided to revise Special Publication 800-22 Rev. 1a, "A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications."

Second Drafts of NIST SP 800-140C/D Rev. 1 Available for Comment until March 25, 2022.

NIST has posted three draft revisions of SP 800-140C/D/F, specifying CMVP Validation Authority updates to ISO/IEC 24759, for public comment. The comment period closes September 20, 2021.

NIST's National Cybersecurity Center of Excellence has released a final Project Description for "Automation of the Cryptographic Module Validation Program (CMVP)."

A draft NIST Cybersecurity White Paper, "Combinatorial Coverage Difference Measurement," is now available. The public comment period is open through August 20, 2021.

NIST's NCCoE has published "Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms."

The NCCoE is requesting comments on a new Draft Project Description, "Automation of the Cryptographic Module Validation Program (CMVP)." Public comments may be submitted through May 12, 2021.

Version 2 of test Personal Identity Verification (PIV) Cards now available.

NIST has published NISTIR 8214A, "NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives."

NIST has published seven documents in the SP 800-140x subseries--supporting documents for FIPS 140-3 and the Cryptographic Module Validation Program.

NIST has released the Draft Special Publication (SP) 800-140x subseries for public comment. They directly support FIPS 140-3 and the Cryptographic Module Validation Program (CMVP). Comments are due by December 9, 2019.

NIST has release a draft white paper for public comment: "An Application of Combinatorial Methods for Explainability in Artificial Intelligence and Machine Learning." Comments are due by July 3, 2019.

A new release of the Access Control Policy Tool (ACPT) is now available for download.

FIPS 140-3, "Security Requirements for Cryptographic Modules," was approved on March 22, 2019 and announced in the Federal Register on May 1, 2019. FIPS 140-3 supersedes FIPS 140-2.

NIST publishes Special Publication (SP) 800-163 Revision 1, "Vetting the Security of Mobile Applications."

NIST announces the publication of NIST Internal Report (NISTIR) 8214, Threshold Schemes for Cryptographic Primitives.

[9/18/18--TEMPORARILY WITHDRAWN. TO BE RE-POSTED AT A LATER DATE] Draft NISTIR 8222 identifies 17 technical trust-related issues that may negatively impact the adoption of IoT products and services.