FIPS 140-3 Derived Test Requirements (DTR): CMVP Validation Authority Updates to ISO/IEC 24759

Schaffer, Kim

doi:https://doi.org/10.6028/NIST.SP.800-140

NIST SP 800-140

FIPS 140-3 Derived Test Requirements (DTR): CMVP Validation Authority Updates to ISO/IEC 24759

Documentation Topics

Date Published: March 2020

Author(s)

Kim Schaffer (NIST)

Abstract

NIST Special Publication (SP) 800-140 specifies the modifications of the Derived Test Requirements (DTR) for Federal Information Processing Standard (FIPS) 140-3. SP 800-140 modifies the test (TE) and vendor (VE) evidence requirements of International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 24759. As a validation authority, the Cryptographic Module Validation Program (CMVP) may modify, add or delete TEs and/or VEs as specified under paragraph 5.2 of ISO/IEC 24759. This NIST Special Publication should be used in conjunction with ISO/IEC 24759 as it modifies only those requirements identified in this document.

Keywords

Cryptographic Module Validation Program; CMVP; FIPS 140 testing; FIPS 140; ISO/IEC 19790; ISO/IEC 24759; testing requirement; vendor evidence

Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-140
Download URL

Supplemental Material:
None available

Publication Parts:
SP 800-140A
SP 800-140B Rev. 1
SP 800-140C Rev. 2
SP 800-140D Rev. 2
SP 800-140E
SP 800-140F

Related NIST Publications:
FIPS 140-3

Document History:
10/09/19: SP 800-140 (Draft)
03/20/20: SP 800-140 (Final)

Topics

Security and Privacy

cryptography, testing & validation