U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

SP 800-140D Rev. 1 (Draft)

CMVP Approved Sensitive Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759

Date Published: August 2021
Comments Due: September 20, 2021 (public comment period is CLOSED)
Email Questions to: sp800-140-comments@nist.gov

Author(s)

Kim Schaffer (NIST)

Announcement

The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and its associated validation testing program, the Cryptographic Module Validation Program (CMVP). The series specifies modifications to the derived test requirements (DTR) for FIPS 140-3 and is used in conjunction with ISO/IEC 24759.

Updates to the following publications within the subseries are now available for public comment:

  • Draft NIST SP 800-140C Rev. 1, CMVP Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759
  • Draft NIST SP 800-140D Rev. 1, CMVP Approved Sensitive Security Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759
  • Draft NIST SP 800-140F Rev. 1, CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 2475

We encourage you to use this template when preparing your comments.

Abstract

Keywords

Cryptographic Module Validation Program; CMVP; FIPS 140 testing; FIPS 140-3; ISO/IEC 19790; ISO/IEC 2759; Sensitive Parameter Establishment Methods; Sensitive Parameter Generation; testing requirement; vendor evidence; vendor documentation
Control Families

None selected

Documentation

Publication:
SP 800-140D Rev. 1 (Draft) (DOI)
Local Download

Supplemental Material:
Comments template (word)

Other Parts of this Publication:
SP 800-140C Rev. 1 (Draft)
SP 800-140F Rev. 1 (Draft)

Document History:
08/20/21: SP 800-140D Rev. 1 (Draft)

Topics

Security and Privacy
cryptography; testing & validation