U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

SP 800-140D Rev. 1

CMVP Approved Sensitive Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759

Date Published: May 2022

Supersedes: SP 800-140D (03/20/2020)


Kim Schaffer (NIST), Alexander Calis (NIST)



Cryptographic Module Validation Program; CMVP; FIPS 140 testing; FIPS 140-3; ISO/IEC 19790; ISO/IEC 24759; sensitive security parameter establishment methods; sensitive security parameter generation; testing requirement; vendor documentation; vendor evidence
Control Families

None selected


SP 800-140D Rev. 1 (DOI)
Local Download

Supplemental Material:
None available

Other Parts of this Publication:
SP 800-140
SP 800-140A
SP 800-140B
SP 800-140C Rev. 1
SP 800-140E
SP 800-140F

Document History:
08/20/21: SP 800-140D Rev. 1 (Draft)
02/10/22: SP 800-140D Rev. 1 (Draft)
05/20/22: SP 800-140D Rev. 1 (Final)


Security and Privacy
cryptography; testing & validation