Data Encryption Standard (DES)

FIPS 46-3, Data Encryption Standard (DES), was withdrawn May 19, 2005 because the cryptographic algorithm no longer provided the security that is needed to protect Federal government information. DES is no longer an Approved algorithm.

Data (Message) Authentication Code (MAC) and Key Management Using ANSI X9.17

The automated conformance tests for FIPS 113 and 171 are no longer operational. Currently, if a FIPS 140-1 or FIPS 140-2 cryptographic module implements either of these two standards, the CST testing laboratories perform some testing that these FIPS requirements are implemented correctly in the cryptographic module.

Message Authentication Code (MAC), FIPS 113

The MAC Validation System (MVS) tested for compliance with FIPS 113, Computer Data Authentication is no longer operational. A list of validated products is maintained by the Security Technology Group.

Key Management Using ANSI X9.17, FIPS 171

The Key Management Validation System (KMVS) tested for compliance with FIPS 171, Key Management Using ANSI X9.17 is no longer operational. A list of validated products is maintained by the Security Technology Group.

Retired Algorithm Components as detailed in SP800-131A Transitions effective January 1, 2014

Please refer to CAVP Frequently Asked Questions (CAVP FAQ) GEN.23 and GEN.24 for information on the algorithm components that are no longer compliant because they are no longer secure enough. GEN.23 addresses the changes made to the Cryptographic Algorithm Validation lists as a result of the SP800-131A Transition which became effective January 1, 2014. GEN.24 identifies the elements of each algorithm that are now non-compliant.

Also see SP800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, published November 2015.

Random Number Generators (RNG)

The Random Number Generators specified in FIPS 186-2 with Change Notice 1 dated October 5, 2001 (Appendix 3.1 and 3.2), ANSI X9.31 (Appendix A.2.4) and ANSI X9.62 (Appendix A.4)are no longer compliant as of January 1, 2016.

See SP800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, published November 2015 for more information.

Retired Algorithm Components as detailed in SP800-131A Transitions effective January 1, 2016

Please refer to CAVP Frequently Asked Questions (CAVP FAQ) GEN.27 which identifies the algorithm components that are non-compliant beginning January 1, 2016.

Also see SP800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, published November 2015.