U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

Cryptographic Module Validation Program CMVP

Entropy Validations

As of November 7, 2020, the CMVP requires that all FIPS 140-2 and FIPS 140-3 module validation submissions include documentation justifying conformance to SP 800-90B if applicable. SP 800-90B, along with FIPS 140-2 Implementation Guidance (IG) documents 7.18, 7.19, and 7.20 and corresponding FIPS 140-3 IGs D.J, D.K, and D.O, outline the requirements for an entropy source to be included in a FIPS-approved cryptographic module. 

Currently entropy validations may be found within validated cryptographic modules under the "ENT" algorithm in the Validated Module Search. The CMVP is working to establish a separate Entropy Validation List so that an Entropy Validation Certificate may be referenced by multiple Module Validation Certificates. As well, by isolating the entropy validation requirements into a separate scope, the CMVP hopes to improve the speed and consistency of the validation process. 

The National Voluntary Laboratory Accreditation Program (NVLAP) manages the validation lab accreditation process. This is outlined in NIST Handbook 150-17. The CMVP is working to update this document with a new 17ESV accreditation scope. The 17ESV scope will allow accredited labs to submit justifications of conformance to SP 800-90B to the CMVP for entropy sources to receive an Entropy Validation Certificate. 

Questions may be directed to the CMVP.

Created October 11, 2016, Updated November 17, 2021