The CMVP is offering an interim validation process for module submissions. This interim validation option is voluntary; however, CSTLs must notify CMVP of the vendor's intent prior to 1 Oct 2024.
Vendors do not need to take any action if they would prefer to wait for their full review to be completed to receive full, five-year validation. Vendors who would like to elect the interim validation should follow the process below.
These module submissions will be reviewed for completeness by CMVP staff. If needed, there will be a brief period of Coordination with the CST lab to resolve any questions. Once this step is successfully completed:
The interim validation submission must meet the following criteria:
Algorithm/Scheme |
Standard |
Relevant IG(s)[1] |
ACVTS Prod Date[2] |
Submission Date[3] |
---|---|---|---|---|
AES-CBC-CS |
FIPS 140-2: A.12 |
Prior to Jun 30, 2020 |
Sep 1, 2020 |
|
AES FF1 |
FIPS 140-2: A.10 |
Prior to Jun 30, 2020 |
Sep 1, 2020 |
|
cSHAKE, TupleHash, ParallelHash, KMAC |
FIPS 140-2: A.15 |
Prior to Jun 30, 2020 |
Sep 1, 2020 |
|
RSA 4096 bit modulus[4] |
FIPS 140-2: G.18 |
Prior to Jun 30, 2020 |
Sep 1, 2020 |
|
Higher level algorithms using FIPS 202 functions[5] |
FIPS 140-2: A.11 FIPS 140-3: C.C |
Prior to Jun 30, 2020 |
Sep 1, 2020 |
|
ANS X9.42-2001 KDF |
FIPS 140-2: G.20 FIPS 140-3: 2.4.B |
Prior to Jun 30, 2020 |
Sep 1, 2020 |
|
ENT |
FIPS 140-2: 7.18, 7.19 FIPS 140-3: D.J, D.K |
N/A |
Nov 7, 2020[6] |
|
PBKDF |
FIPS 140-2: D.6 FIPS 140-3: D.N |
Prior to Jun 30, 2020 |
Dec 31, 2020 |
|
KAS-RSA or KAS-RSA-SSC IFC |
FIPS 140-2: D.8 FIPS 140-3: D.F |
Sep 30, 2020 |
Dec 31, 2020 |
|
KTS-RSA IFC |
FIPS 140-2: D.9 FIPS 140-3: D.G |
Sep 30, 2020 |
Dec 31, 2020 |
|
KAS or KAS-SSC DLC (FFC or ECC) |
FIPS 140-2: D.1-rev3, D.8 FIPS 140-3: D.F |
Sep 30, 2020 |
Dec 31, 2020[7] |
|
KDA[8] |
FIPS 140-2: D.10 |
Sep 30, 2020 |
Dec 31, 2020 |
|
TLS 1.3 KDF |
RFC 8446 - Sections 4.4.1 and 7.1 |
FIPS 140-2: G.20 FIPS 140-3: 2.4.B |
Jan 22, 2021 | Jun 30, 2021 |
RSADP 2.0 – adds support for 3072 and 4096 moduli in addition to 2048 |
SP 800-56B Rev. 2 |
FIPS 140-3: 2.4.C |
Dec 28, 2022 |
Mar 31, 2023 |
ECDSA, EdDSA, RSA | FIPS 186-5, SP 800-186 | FIPS 140-3: C.K | Feb 3, 2023 | Jul 25, 2023[9] |
ANSI X9.63-2001 KDF - adds support for SHA2-512/224, SHA2-512/256, SHA3-224, SHA3-256, SHA3-384 and SHA3-512 |
FIPS 140-2: A.11 FIPS 140-3: C.C |
Mar 21, 2023
|
Jun 30, 2023 |
|
SRTP (using the 48-bit index value) | FIPS 140-3: 2.4.C | Mar 21, 2023 | Jun 30, 2023 | |
Hash DRBG / HMAC DRBG - adds support for SHA3-224, SHA3-256, SHA3-384, and SHA3-512 |
FIPS 140-2: A.11 FIPS 140-3: C.C |
Oct 6, 2023 |
Mar 31, 2024 |
|
RSASP 2.0 – adds support for 3072 and 4096 moduli in addition to 2048 | FIPS 186-4 & FIPS 186-5 | FIPS 140-3: 2.4.C | Jan 18, 2024 | Jun 30, 2024 |
[1] Most algorithm self-test requirements are in IG 9.4 (for FIPS 140-2) and IG 10.3.A (for FIPS 140-3).
[2] Date in which the algorithm was moved onto the ACVTS production server.
[3] After this date, module submissions that modify or reset the sunset date must CAVP test the applicable algorithm(s) that are used in an approved mode and perform the required self-tests. The provision from the previous sentence is applicable even prior to this date if there is no vendor affirmed IG for this algorithm. For FIPS 140-3 submissions, algorithms that show a Submission Date on or before December 31, 2020 are immediately transitioned rather than following the date listed in this table.
[4] This entry represents an addition of the RSA 4096-bit modulus testing to FIPS 186-4 (e.g. KeyGen, SigGen, SigVer).
[5] Not all higher-level algorithms support CAVP testing using FIPS 202 functions (e.g. DRBG, DSA, all CVL KDFs besides ANS x9.42, RSA). This date applies to the following higher-level algorithms (unless the algorithm itself has a later transition date) which do support FIPS 202 functions: ECDSA, HKDF, HMAC, KAS/KAS-RSA/SSC (SP 800-56Arev3 and SP 800-56Brev2), KBKDF, ANS x9.42 CVL, PBKDF. This table may need to be updated in the future.
[6] SP 800-90B compliance is required after November 7, 2020 for FIPS 140-2. This entry will be updated once ENT certification becomes available. In addition, this date is applicable to the vetted conditioning components specified in SP 800-90B section 3.1.5.1.1 which must be CAVP tested if implemented as part of an approved SP 800-90B compliant ENT.
[7] This date is applicable to the Safe Primes Groups as specified in SP 800-56Arev3 Appendix D which must be CAVP tested if implemented as part of an approved SP 800-56Arev3 compliant KAS.
[8] This includes the HKDF which is compliant to SP 800-56C (Rev.1 and Rev.2) and separately CAVP testable.
[9] Per IG C.K, "It is strongly recommended for modules submitted to the CMVP to comply with FIPS 186-5 and SP 800-186, even before the transition dates specified in this IG" if all applicable requirements are met, including algorithm self-tests per IG 10.3.A.
Algorithm/Scheme |
Standard |
Relevant IG(s) |
Submission Date[1] |
Historical Date[2] |
FIPS 186-2 RSA Key Gen or Sig Gen[3] |
FIPS 140-2: G.18 FIPS 140-3: N/A |
August 31, 2020 |
September 1, 2020 |
|
RSA-based KAS or KTS compliant to SP 800-56B |
FIPS 140-2: D.4, D.8, D.9 FIPS 140-3: N/A |
December 31, 2020 |
N/A |
|
RSA-based key transport schemes that are not compliant to either SP 800-56B or SP 800-56B Rev. 2 |
|
FIPS 140-2: Allowed per D.9 FIPS 140-3: N/A |
December 31, 2020 |
N/A |
RSA-based key transport schemes that only use PKCS#1-v1.5 padding[5] |
RFC 2313 Section 8.1 |
Allowed per FIPS 140-2: D.9 FIPS 140-3: D.G |
December 31, 2023 |
FIPS 140-2: N/A FIPS 140-3: January 1, 2024 |
DLC-based KAS compliant to SP 800-56A |
FIPS 140-2: D.8 FIPS 140-3: N/A |
December 31, 2020 |
July 1, 2022 |
|
DLC-based KAS compliant to SP 800-56A Rev. 2 |
FIPS 140-2: D.1rev2 FIPS 140-3: N/A |
December 31, 2020 |
July 1, 2022 |
|
Key agreement schemes that are not compliant with any version of SP 800-56A |
|
FIPS 140-2: D.8 FIPS 140-3: N/A |
December 31, 2020 |
July 1, 2022 |
Triple-DES encryptions[7] |
|
December 31, 2023 |
FIPS 140-2: N/A FIPS 140-3: January 1, 2024 |
|
FIPS 186-4 DSA Key Gen, Sig Gen, or
PQG Gen [8]; FIPS 186-4 X9.31 RSA Key Gen, RSA Sig Gen |
FIPS 140-3: C.K |
February 4, 2024 |
N/A |
|
AES-CBC-MAC within OTAR |
P25 OTAR (Over-The-Air-Rekeying) defined in TIA-102.AACA-B |
FIPS 140-3: D.C |
October 31, 2023 |
N/A |
[1] The last date that a module that implements this algorithm in the approved mode can be submitted to the CMVP. Submissions that do not modify or initiate a sunset date can still be submitted after this date.
[2] Date in which modules that implement these algorithms in an approved mode will be moved to the historical list. If marked N/A, the module will NOT be moved to the historical list based on this transition.
[3] Per IG G.18, this includes modules that were CAVP tested for FIPS 186-2 RSA SigGen with modulus size lower than 4096 or FIPS 186-2 RSA KeyGen of any modulus size.
[4] Vendor affirmed, as testing for this algorithm is not available.
[5] Not compliant to SP 800-56B Rev. 2.
[6] Vendor affirmed, as testing for this algorithm is not available.
[7] Triple-DES decryptions are approved beyond this date for “Legacy Use”.
[8] Even after the transition date, DSA Key Gen and DSA PQG Gen tests are still permitted only for legacy purposes as part of an approved SP 800-56Arev3 FFC scheme. Otherwise, they will no longer be permitted in the approved mode for submissions after this date.
Security and Privacy: cryptography, testing & validation
Technologies: hardware, software & firmware