[11-15-2007] -- New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS6.0). Verison 6.0 of the CAVS tool adds testing for NIST SP 800-90 Deterministic Random Bit Generators.
The transition period ends February 15, 2008.
As has been the policy in the past:
Prior to the release of CAVS6.0, the CMVP allowed vendor affirmation for SP 800-90 DRBG implementations. During the transition period, the vendor has the option of either providing the vendor affirmation in FIPS 140-2 IG1.12 or going through the validation testing now available in CAVS6.0. Please see the CMVP Announcements for further information.
The CAVP will also review special conditions on a case-by-case basis.
[10-16-2006] [09-28-2006] New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS5.2). Version 5.2 of the CAVS tool includes the addition of tests to verify the absence of an identified RSA X9.31 and PKCS#1 V1.5 algorithmic implementation vulnerability. Information on this vulnerability can be found at the Computer Security Resource Center (News) October 12, 2006 News. A statement discussing the attack is available. CAVS5.2 also includes several modifications to the existing algorithm validation tests to provide requested enhancements to the tool. Additional information can be found at:Â Digital Signature Standard (DSS)
The transition period ends December 31, 2006.
As has been the policy in the past:
The CAVP will also review special conditions on a case-by-case basis.
For all validated cryptographic modules that incorporate RSA, the CMVP and CAVP strongly suggest re-testin of the RSA algorithmic implementations to determine if the vulnerability is present.
Please direct any CAVP or CMVP questions to the appropriate contact.
[04-03-2006] New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS5.0).Version 5.0 of the CAVS tool includes the addition of a validation test suite for the CMAC algorithm. Documentation describing the CMAC validation tests is located in the CMACVS document accessible via our webpage. CAVS5.0 also includes several modifications to the existing algorithm validation tests to provide requested enhancements to the tool.
The transition period ends July 3, 2006.
As has been the policy in the past:
The CAVP will also review special conditions on a case-by-case basis.
[05-11-2005] New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS4.6). Version 4.6 of the CAVS tool includes a couple of minor modifications. These modifications include:
The transition period ends July 3, 2006.
As has been the policy in the past:
The transition period ends August 11, 2005.
As has been the policy in the past:
The CAVP will also review special conditions on a case-by-case basis.
[01-31-2005] New release of the CAVS algorithm validation testing tool to the CMT Laboratories
The transition period ends April 30, 2005. New FIPS 140-2 validation test reports received from CMT Laboratories after the transition period must conform to the new algorithm testing schemes indicated above. For FIPS 140-2 re-validations received after April 30, 2005, if the security relevant changes do not require new algorithm testing, new algorithm testing is not required. If an algorithm is changed or added, that algorithm must conform to the new algorithm testing schemes indicated above.
For algorithm validation requests where a CMT Laboratory has used CAVS4.3 to create files and has already sent the sample and request files to the vendor, NIST will accept validations using the old tools during the transition period. The CMT Laboratory should contact those vendors to inform them that the algorithm validation files supplied to them will expire at the end of the transition period. If the vendor has not returned the response files by that time, the request and sample files will have to be regenerated by the CAVS4.4 tool and the vendor will have to regenerate the response files. The CMVP will also review special conditions on a case-by-case basis.
[09-01-2004] New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS4.0).
The transition period ends December 1, 2004. New FIPS 140-2 validations or re-validation test reports (RE: FIPS 140-2 IG G.8) received from CMT Laboratories after the transition period must conform to the new algorithm testing schemes indicated above and meet ALL current standards and IGs.
For algorithm validation requests where a CMT Laboratory has used CAVS3.3 to create files and has already sent the sample and request files to the vendor, NIST will accept validations using the old tools during the transition period. The CMT Laboratory should contact those vendors to inform them that the algorithm validation files supplied to them will expire at the end of the transition period. If the vendor has not returned the response files by that time, the request and sample files will have to be regenerated by the CAVS4.0 tool and the vendor will have to regenerate the response files. The CMVP will also review special conditions on a case-by-case basis.
[06-14-2004] New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS 3.3).
[03-11-2004] New release of the CAVS algorithm validation testing tool to the CMT Laboratories.
New and Updated Implementation Guidance:
The transition period ends June 04, 2004. New FIPS 140-2 validations or re-validation test reports (RE: FIPS 140-2 IG G.8) received from CMT Laboratories after the transition period must conform to the new algorithm testing schemes indicated above and meet ALL current standards and IGs.
For algorithm validation requests where a CMT Laboratory has used CAVS1.3 or DSSVS to create files and has already sent the sample and request files to the vendor, NIST will accept validations using the old tools during the transition period. The CMT Laboratory should contact those vendors to inform them that the algorithm validation files supplied to them will expire at the end of the transition period. If the vendor has not returned the response files by that time, the request and sample files will have to be regenerated by the CAVS3.0 tool and the vendor will have to regenerate the response files. The CMVP will also review special conditions on a case-by-case basis.
Security and Privacy: assurance, cryptography, testing & validation