Current retired testing includes the following algorithms and references:
FIPS 46-3, Data Encryption Standard (DES), was withdrawn May 19, 2005 because the cryptographic algorithm no longer provided the security that is needed to protect Federal government information. DES is no longer an Approved algorithm.
The automated conformance tests for FIPS 113 and 171 are no longer operational. Currently, if a FIPS 140-1 or FIPS 140-2 cryptographic module implements either of these two standards, the CST testing laboratories perform some testing that these FIPS requirements are implemented correctly in the cryptographic module.
The MAC Validation System (MVS) tested for compliance with FIPS 113, Computer Data Authentication is no longer operational. A list of validated products is maintained by the Security Technology Group.
The Key Management Validation System (KMVS) tested for compliance with FIPS 171, Key Management Using ANSI X9.17 is no longer operational. A list of validated products is maintained by the Security Technology Group.
Please refer to CAVP Frequently Asked Questions (CAVP FAQ) GEN.23 and GEN.24 for information on the algorithm components that are no longer compliant because they are no longer secure enough. GEN.23 addresses the changes made to the Cryptographic Algorithm Validation lists as a result of the SP800-131A Transition which became effective January 1, 2014. GEN.24 identifies the elements of each algorithm that are now non-compliant.
Also see SP800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, published November 2015.
The Random Number Generators specified in FIPS 186-2 with Change Notice 1 dated October 5, 2001 (Appendix 3.1 and 3.2), ANSI X9.31 (Appendix A.2.4) and ANSI X9.62 (Appendix A.4)are no longer compliant as of January 1, 2016.
See SP800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, published November 2015 for more information.
Please refer to CAVP Frequently Asked Questions (CAVP FAQ) GEN.27 which identifies the algorithm components that are non-compliant beginning January 1, 2016.
Also see SP800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, published November 2015.
Security and Privacy: assurance, cryptography, testing & validation