Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Algorithm Validation Program CAVP

Overview

The NIST Cryptographic Algorithm Validation Program (CAVP) provides validation testing of Approved (i.e., FIPS-approved and NIST-recommended) cryptographic algorithms and their individual components. Cryptographic algorithm validation is a prerequisite of cryptographic module validation. The list of FIPS-approved algorithms can be found in SP 800-140C and SP 800-140D

Vendors may use any of the NVLAP-accredited Cryptographic and Security Testing (CST) Laboratories to test algorithm implementations.

An algorithm implementation successfully tested by a lab and validated by NIST is added to an appropriate validation list, which identifies the vendor, implementation, operational environment, validation date and algorithm details.

 

Validation Testing Through ACVTS

 

The CAVP offers two Automated Cryptographic Validation Test Systems (ACVTS) for interested users to test cryptographic algorithm implementations. A Demo ACVTS server is available at no cost to interested parties. See Accessing the ACVTS for details. The Production ACVTS server is only available to NVLAP-accredited testing laboratories, and is the only way to create algorithm validation certificates listed on the Algorithm Validation Page. The CAVP, through ACVTS, will generate test vectors to match the capabilities of a given implementation under test. The CAVP is not responsible for running those test vectors through the implementation. 

 

Test Methods

 

Through ACVTS, the CAVP can focus on generating interesting test cases to ensure correctness and robustness of cryptographic algorithm implementations. Testing is performed by first providing ACVTS with a set of capabilities for a particular cryptographic algorithm that the implementation supports. For example, the message lengths supported for a hash function. ACVTS will generate test cases that match these capabilities and provide the inputs to the implementation under test. The implementation runs the inputs through the corresponding cryptographic function and provides the outputs back to ACVTS. ACVTS then validates the outputs are correct before returning a verdict. Once this is completed for all algorithms in the test session, the implementation can submit to appear on the Algorithm Validation Page if the testing was performed through a lab on Production ACVTS. 

Due to this structure, ACVTS testing is entirely black-box. The implementation is never provided to NIST or the CAVP in order to receive a validation certificate. 

For more information on ACVTS, which algorithms are supported, and how testing is performed, see the Automated Cryptographic Validation Protocol Documentation

 

Algorithms

Currently, CAVP tests the following cryptographic algorithms*. Follow the links to algorithm specificationsvalidation testing requirementsvalidation lists and test vectors.

Block Ciphers 

AESTriple DESSkipjack (decryption only)
Tests for ECB, CBC, CFB and OFB modes.

Block Cipher Modes 

CCMCMACGCM / GMAC / XPNKey WrapXTS

Digital Signatures

FIPS 186-4: DSAECDSARSA
FIPS 186-2: DSAECDSARSA

Key Derivation Functions

KBKDF

Key Management

KAS

Message Authentication

HMAC (FIPS 198-1)

Random Number Generation

DRBG

Secure Hashing

SHA-2SHA-1
SHA-3

Component Testing

ECC-CDH (SP 800-56A),
ECDSA Signature (FIPS 186-4),
KDF (SP 800-135),
RSA PKCS1-v1.5 RSASP1 (FIPS 186-4),
RSA PKCS1-vPSS RSASP1 (FIPS 186-4),
RSADP Decryption (SP 800-56B; PKCS#1 v2.1)

Other algorithm testing has been retired: DESMACSkipjack (encryption only), and ANSI X9.17,RNG.

* Note: this table lists Approved algorithms that have tests available in both CAVS (deprecated by ACVTS) and ACVTS.  Please refer to the CST Lab transition page for a list of testing available in ACVTS that is not in CAVS as well as other testing requirements during the transition period.

 

Relationship of Algorithm Validation to FIPS 140 Module Validation

A cryptographic module validated to FIPS 140 shall implement at least one Approved security function used in an Approved mode of operation. For an algorithm implementation to be listed on a cryptographic module validation certificate as an Approved security function, the algorithm implementation must meet all the requirements of FIPS 140 and must successfully complete the cryptographic algorithm validation process. However, a product or implementation does not meet the FIPS 140 module validation requirements by simply implementing an Approved security function and acquiring validations for each of the implemented algorithms. For more information, see the Cryptographic Module Validation Program.

 

Further Information

CAVP Management Manual

The CAVP Management Manual provides effective guidance for the CAVP Validation Authorities, CST laboratories, and vendors who participate in the program. It outlines the management activities and specific responsibilities of the various participating groups; however, it does not include any cryptographic standards. The manual may also interest consumers who acquire validated cryptographic modules and validated cryptographic algorithm implementations.

Last update: 06-24-2009

CAVP FAQ

The CAVP FAQ addresses many questions raised by the testing laboratories; it includes a section of general questions and sections for most of the tested algorithms. The FAQ addresses:

  • interpretations of algorithm specifications;
  • programmatic questions about the CAVP;
  • the Cryptographic Algorithm Validation System (CAVS) tool; and
  • information required during validation.

The FAQ is primarily intended for use by the testing labs. Vendors may also find the information useful when submitting their algorithms for testing.

Last update: 02-24-2022

Algorithm Prerequisite Testing

ACVTS testing assumes that other tests will be used to cover core cryptographic components of the algorithms. The Algorithm Testing Prerequisite table outlines the required tests that must be performed to receive an algorithm certificate for each algorithm. 

Last update: 06-24-2024

How to access ACVTS

How to access to the ACVTS demonstration (Demo) and production (Prod) systems.

 


The CAVP was established in July 1995 by NIST and the Government of Canada's CCCS. NIST Computer Security Division's Security Testing, Validation, and Measurement Group (STVM) manages the validation testing of cryptographic modules and their underlying cryptographic algorithms through the CAVP and CMVP.

Created October 05, 2016, Updated August 08, 2024