Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-140

FIPS 140-3 Derived Test Requirements (DTR): CMVP Validation Authority Updates to ISO/IEC 24759

Date Published: March 2020


Kim Schaffer (NIST)



Cryptographic Module Validation Program; CMVP; FIPS 140 testing; FIPS 140; ISO/IEC 19790; ISO/IEC 24759; testing requirement; vendor evidence
Control Families

None selected


Download URL

Supplemental Material:
None available

Publication Parts:
SP 800-140A
SP 800-140B Rev. 1
SP 800-140C Rev. 2
SP 800-140D Rev. 2
SP 800-140E
SP 800-140F

Related NIST Publications:
FIPS 140-3

Document History:
10/09/19: SP 800-140 (Draft)
03/20/20: SP 800-140 (Final)


Security and Privacy

cryptography, testing & validation