Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-140F Rev. 1 (Initial Public Draft)

CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 24759

Date Published: August 2021
Comments Due: September 20, 2021 (public comment period is CLOSED)
Email Questions to: sp800-140-comments@nist.gov

Author(s)

Kim Schaffer (NIST)

Announcement

The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and its associated validation testing program, the Cryptographic Module Validation Program (CMVP). The series specifies modifications to the derived test requirements (DTR) for FIPS 140-3 and is used in conjunction with ISO/IEC 24759.

Updates to the following publications within the subseries are now available for public comment:

  • Draft NIST SP 800-140C Rev. 1, CMVP Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759
  • Draft NIST SP 800-140D Rev. 1, CMVP Approved Sensitive Security Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759
  • Draft NIST SP 800-140F Rev. 1, CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 2475

We encourage you to use this template when preparing your comments.

Abstract

Keywords

attack mitigation; Cryptographic Module Validation Program; CMVP; FIPS 140 testing; FIPS 140; ISO/IEC 19790; ISO/IEC 24759; non-invasive; testing requirement; vendor evidence; vendor documentation
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-140Fr1-draft
Download URL

Supplemental Material:
Comment template (docx)

Document History:
08/20/21: SP 800-140F Rev. 1 (Draft)

Topics

Security and Privacy

cryptography, testing & validation