[04-15-09] -- New release of the CAVS algorithm validation testing tool to the CST Laboratories (CAVS7.4). This version of the CAVS tool adds the capability to test DRBG (NIST SP 800-90) implementations that do not have the optional reseed function. Each DRBG mechanism tab has a check box to indicate that the reseed function was not implemented. If checked, the generated request files provide inputs for the instantiate and generate functions only. The CAVS-generated TestedInfo.txt file indicates that the implementation does not support the reseed function.
The transition period ends July 06, 2009.
As has been the policy in the past:
- EFFECTIVE IMMEDIATELYÂ on any new validation requests for implementations of TDES, AES, DSA, SHA, RNG, RSA, HMAC, CCM, ECDSA, CMAC, DRBG 800-90, Key Agreement Scheme (KAS) FFC, KAS ECC and/or GCM 800-38D, the CMT lab must use the CAVS 7.4 to validate the IUT.
- For any algorithm validation request where a lab has used a version of CAVS prior to CAVS7.2 to create files and has already sent the sample and request files to the vendor, NIST will accept validations using this tool up through July 6, 2009. (Note that the transition date for CAVS 7.4 will be the same as CAVS 7.2 and CAVS 7.3.)
- Because CAVS 7.4 makes a very minor addition that does not affect any existing operations of the tool, for any algorithm validation request where a lab used CAVS 7.2 or CAVS 7.3 to create files, CAVS 7.4 can be used to validate these files.
- If there are any validation requests where a lab has used a version of CAVS prior to CAVS7.2 to create files and has not yet sent the appropriate files to the vendor, please regenerate everything using CAVS 7.4.
The CAVP will also review special conditions on a case-by-case basis.
[04-08-09] -- New release of the CAVS algorithm validation testing tool to the CST Laboratories (CAVS7.3). This version of the CAVS tool fixes a bug in the Utilities->Display Status function. The bug caused CAVS to end abnormally.
The transition period ends July 06, 2009.
As has been the policy in the past:
- EFFECTIVE IMMEDIATELYÂ on any new validation requests for implementations of TDES, AES, DSA, SHA, RNG, RSA, HMAC, CCM, ECDSA, CMAC, DRBG 800-90, Key Agreement Scheme (KAS) FFC, KAS ECC and/or GCM 800-38D, the CMT lab must use the CAVS 7.3 to validate the IUT.
- For any algorithm validation request where a lab has used a version of CAVS prior to CAVS7.2 to create files and has already sent the sample and request files to the vendor, NIST will accept validations using this tool up through July 6, 2009. (Note that the transition date will be the same as CAVS7.2.).
- Because CAVS7.3 fixes a very minor bug that only affects the ability to display the status of the tests and not the other operations of the tool, for any algorithm validation request where a lab used CAVS7.2 to create files, CAVS7.3 can be used to validate these files.
- If there are any validation requests where a lab has used a version of CAVS prior to CAVS7.2 to create files and has not yet sent the appropriate files to the vendor, please regenerate everything using CAVS 7.3.
The CAVP will also review special conditions on a case-by-case basis.
[04-06-09] -- New release of the CAVS algorithm validation testing tool to the CMT Laboratories (CAVS7.2). Version 7.2 of the CAVS tool includes several minor corrections and additions. They include:
- Minor correction to KAS ECC screen - corrected the wording on the screen - min of h should be max of h
- Minor correction to KAS ECC testing - corrected the length of a field which was causing KAS EEC testing to exit abnormally
- In the TestedInfo.txt file, added prerequisite of RNG to GCM if option 2 is selected
- In the TestedInfo.txt file, added statement for CMAC to ask for the prerequisite of TDES and/or AES, if applicable.
- Modified the SHA screen to allow the indication of "null string not supported".
- Modified the SHA screen to only have to enter "Byte only" once to apply to all supported SHA sizes.
The transition period ends July 06, 2009.
As has been the policy in the past:
- EFFECTIVE IMMEDIATELYÂ on any new validation requests for implementations of TDES, AES, DSA, SHA, RNG, RSA, HMAC, CCM, ECDSA, CMAC, DRBG 800-90, Key Agreement Scheme (KAS) FFC, KAS ECC and/or GCM 800-38D, the CMT lab must use the CAVS 7.2 to validate the IUT.
- For any algorithm validation request where a lab has used a previous version of CAVS to create files and has already sent the sample and request files to the vendor, NIST will accept validations using this tool up through July 06, 2009. The tool used to generate the files must be used to validate the files. For example, if CAVS7.1 was used to generate test vectors, then CAVS7.1 must be used to verify these values.
- If there are any validation requests where a lab has used a previous version of CAVS to create files and has not yet sent the appropriate files to the vendor, please regenerate everything using CAVS7.2.
The CAVP will also review special conditions on a case-by-case basis.