[12-24-2008] -- New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS7.0). Version 7.0 of the CAVS tool adds testing for NIST SP 800-56A Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography and NIST SP 800-38D Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC.
The transition period ends March 24, 2009.
As has been the policy in the past:
Prior to the release of CAVS7.0, the CMVP allowed vendor affirmation for SP800-56A implementations (IG1.12) and vendor affirmation for SP 800-38D implementations (IG.1.13). During the transition period, the vendor has the option of either providing the vendor affirmation in FIPS 140-2 IG1.12 or IG1.13 or going through the validation testing now available in CAVS7.0. The transition period for accepting vendor affirmation for SP 800-56A is being determined but will exceed the 3 months specified above. Please see the CMVP Announcements for further information.
The CAVP will also review special conditions on a case-by-case basis.
[02-06-2008] -- New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS6.1). The CAVS 6.1 tool fixes an error with HMAC_DRBG SP 800-90 DRBG testing. CAVS 6.0 was erroneously using the Hash_DRBG mechanism to generate returned bits for the HMAC_DRBG tests in the .fax files. A second modification made to CAVS6.1 regarding SP 800-90 DRBG testing involved changing the requested number of bits to always be a multiple of the blocksize.
With regards to DSA validation testing, CAVS6.1 DSA screens have been modified to only allow modulus sizes providing at least 80 bits of security as required by SP800-57; i.e., only the 1024 bit modulus size is allowable.
The transition period ends May 6, 2008.
As has been the policy in the past:
Security and Privacy: assurance, cryptography, testing & validation