Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

SP 800-140 Series Supplemental Information

The following table summarizes the SP 800-140x series publications and their relationships to ISO/IEC 19790:2012(E) and ISO/IEC 24759:2017(E).  The sub-pages of this webpage provide the supplemental information associated with that SP 800-140x document.

NIST Special Publications (SPs) that Modify ISO/IEC Standards

NIST SP                            Title  





SP 800-140 FIPS 140-3 Derived Test Requirements (DTR) modifies --

§6.1 through 


SP 800-140A CMVP Documentation Requirements modifies Annex A §6.13
SP 800-140B CMVP Security Policy Requirements modifies Annex B §6.14
SP 800-140Cr2 CMVP-Approved Security Functions modifies Annex C §6.15
SP 800-140Dr2 CMVP-Approved Sensitive Security Parameter Generation and Establishment Methods modifies Annex D §6.16
SP 800-140E CMVP-Approved Authentication Mechanisms modifies Annex E §6.17
SP 800-140F CMVP-Approved Non-Invasive Attack Mitigation Test Metrics modifies Annex F §6.18

Created October 11, 2016, Updated July 10, 2024