Date Published: October 2019
Email Comments to:
NIST has released the following Draft NIST Special Publications (the SP 800-140x “subseries”) for public comment. They directly support Federal Information Processing Standards Publication (FIPS) 140-3, Security Requirement for Cryptographic Modules, and its associated validation testing program, the Cryptographic Module Validation Program (CMVP).
- Draft SP 800-140, FIPS 140-3 Derived Test Requirements (DTR)
- Draft SP 800-140A, CMVP Documentation Requirements
- Draft SP 800-140B, CMVP Security Policy Requirements
- Draft SP 800-140C, CMVP Approved Security Functions
- Draft SP 800-140D, CMVP Approved Sensitive Parameter Generation and Establishment Methods
- Draft SP 800-140E, CMVP Approved Authentication Mechanisms
- Draft SP 800-140F, CMVP Approved Non-Invasive Attack Mitigation Test Metrics
Public comments are due December 9, 2019. Also see an overview of the transition to FIPS 140-3.
Keywords Cryptographic Module Validation Program; CMVP; FIPS 140 testing; FIPS 140; ISO/IEC 19790; ISO/IEC 24759; testing requirement; vendor evidence