Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-140D Rev. 2

Cryptographic Module Validation Program (CMVP)-Approved Sensitive Security Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759

Date Published: July 2023

Supersedes: SP 800-140D Rev. 1 (05/20/2022)


Alexander Calis (NIST)



Cryptographic Module Validation Program; CMVP; FIPS 140 testing; FIPS 140-3; ISO/IEC 19790; ISO/IEC 24759; sensitive security parameter establishment methods; sensitive security parameter generation; testing requirement; vendor evidence; vendor documentation
Control Families

None selected


Security and Privacy

cryptography, testing & validation