Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Project Links

Implementation Guidance Announcements

2018

[05-25-2018] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.

  • Updated Guidance:
    • 05/25/18: IG G.8 Revalidation Requirements – Removed the “2 year” limitation on 3sub revalidations, which stated that modules on the historical list could not be submitted as a 3sub if the module’s sunset date exceeded 2 years.  Now, modules that are Active or Historical are eligible for scenario 3 revalidation without this limitation. 
    • 05/25/18: IG 9.11 Reducing the Number of Known Answer Tests – Changed the “type” of the parameter that “remembers” that self-tests were run successfully on a specific environment, from a CSP, to something that is treated the same as a public key, in which case the integrity of this parameter is assured by the module.

 

[03-27-2018] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.

  • Updated Guidance:
    • G.8 Revalidation Requirements - Updated to add Alternative Scenario 3A (allowing vendors to submit module revalidations based on CVE patches).
    • G.13 - Instructions for Validation Information Formatting - Updated to add clarification on how to document the binding module algorithm certificate.  The same rules that apply to an embedding module also applies to a binding module.
    • 9.1 Known Answer Test for Keyed Hashing Algorithm – Updated to align with IG 9.4 and IG 9.11. Also, added clarification on HMAC self-testing with additional examples and comments.
    • 9.2 Known Answer Test for Embedded Cryptographic Algorithms – Updated to align with IG 9.11. Also, removed obsolete material (such as self-testing the embedded algorithms by means of the RNG KATs where the RNGs are no longer approved).
    • A.13 SP 800-67rev1 Transition - Updated to incorporate the latest requirements for the published SP 800-67rev2 standard.

[01-19-2018] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.

  • Updated Guidance:
    • G.13 Instructions for Validation Information Formatting – Removed non-SP-800-38F compliant key wrapping methods from the allowed algorithm listing per SP 800-131A transition.  Added allowed non-SP-800-38F compliant key unwrapping examples.
    • ​D.9 Key Transport Methods  – Removed non-SP-800-38F compliant key wrapping methods from the allowed algorithm section per SP 800-131A transition.  Added two additional comments for clarity on SP 800-131A transition and KTS implementations.

 

[01/10/18] Annex A for FIPS PUB 140-2 has been updated.

2017

[12-04-2017] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.

  • New Guidance:
    • IG 9.12 Integrity Test Using Sampling
    • IG 9.13 Non-Reconfigurable Memory Integrity Test
    • IG A.15 Vendor Affirmation for the SP 800-185 Algorithms​
  • Updated Guidance:
    • G.8 Revalidation Requirements - added notes about which scenarios should be included on the MIP list. Also updated scenario 2 to allow for modules on the Historical list to be validated via this scenario.
    • G.13 Instructions for Validation Information Formatting – added a caveat example when a module implements a DRBG but does not meet IG 7.14 and IG 7.15 requirements.
    • A.5 Key/IV Pair Uniqueness Requirements from SP 800-38D – added bullet 4 in scenario 2 requiring the module to meet IG 7.15 for the strength of the IV.
    • Revised entire IG for grammatical and formatting inconsistencies.

[09-11-2017] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.

  • Minor editorial non-technical updates

[08-07-2017] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program has been updated.

  • New Guidance:
    • G.17: Remote Testing for Software Modules
    • 9.11: Reducing the Number of Known Answer Tests
    • 1.23: Definition and Use of a non-Approved Security Function
    • A.14: Approved Modulus Sizes for RSA Signature and Other Approved Public Key Algorithms
  • Updated Guidance:
    • G.13: Validation Certificate Formatting
    • 3.1: Authorized Roles
    • 9.9: Pair-Wise Consistency Self-Test When Generating a Key Pair
    • 14.1: Level of Detail When Reporting Cryptographic Services
    • 14.4: Operator Applied SecurityAppliances
    • A.2: Use of non-NIST Recommended Elliptic Curves
    • A.5: Key/IV Pair Uniqueness Requirements for SP 800-38D
    • A.11: The Use and the Testing Requirements for the Family of Functions defined in FIPS 202
    • A.13: SP 800-67rev1 Transition
    • D.2: Acceptable Key Establishment Protocols

[06/13/17] Annex A for FIPS PUB 140-2 has been updated.

  • Updated Guidance:
    • 9.9 Pair-Wise Consistency Self-Test When Generating a Key Pair – the scope is limited to the pair-wise consistency tests for keys used in RSA signature and RSA key transport schemes and removed “allowed” provision.

[05-10-2017] Annex A for FIPS PUB 140-2 has been updated.

  • New Guidance:
    • A.13 SP 800-67rev1 Transition
    • D.13 Elliptic Curves and the MODP Groups in Support of Industry Protocols
       
  • Updated Guidance:
    • G.8 Revalidation Requirements – added definition for scenario 2.
    • G.13 Validation Certificate Formatting – removed non-approved algorithms from the validation certificate, added examples for key establishment and included formatting instructions for virtual environments.
    • G.14 Validation of Transitioning Cryptographic Algorithms and Key Lengths,
      • 7.5 Strength of Key Establishment Methods,
      • A.11 The Use and the Testing Requirements for the Family of Functions defined in FIPS 202,
      • D.8 Key Agreement Methods,
      • D.11 References to the Support of Industry Protocols
        removed references to certificate formatting for non-approved algorithms.
    • 3.1 Authorized Roles – addressed relationship between authorized roles and operator authentication.
    • 3.4 Multi-Operator Authentication – resolve a conflict between IG 3.1 and IG 3.4.
    • A.8 Use of a Truncated HMAC – updated text, clarified examples and incorporated SP 800-107rev1 for all uses of a message authentication code.
    • D.9 Key Transport Methods – updated to explain that all approved key transport schemes shall use the KTS acronym and to allow an unwrapping of a key past the 2017 transition deadline.

[04-25-2017] Annex A for FIPS PUB 140-2 has been updated.

  • Updated Guidance:
    • D.12 Requirements for Vendor Affirmation to SP 800-133 – clarified some of the provisions.

[04-17-2017] Annex A for FIPS PUB 140-2 has been updated.

  • Updated Guidance:
    • 1.21 Processor Algorithm Accelerators (PAA) & Processor Algorithm Implementation (PAI) – add PAI where an accelerated function to support cryptographic algorithms is deemed to be the complete cryptographic algorithm and updated the list of known PAAs and PAIs.

[02-06-2017] Annex A for FIPS PUB 140-2 has been updated.

  • Updated Guidance:
    • 1.20 Sub-Chip Cryptographic Subsystems – updated 1.20 and 7.7 to resolve the asymmetric treatment of CM software and CM hardware.
      7.7 Key Establishment and Key Entry and Output – updated 1.20 and 7.7 to resolve the asymmetric treatment of CM software and CM hardware.
      D.11 References to the Support of Industry Protocols – clarified items 2 and 3.

For older announcements, see the Announcements Archive.

Created October 11, 2016, Updated August 09, 2018