U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Automation of the Cryptographic Module Validation Program (CMVP)
April 12, 2021

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Automation of the Cryptographic Module Validation Program (CMVP). Release of this project description begins a process to further identify project requirements, scope, and hardware and software components for use in a laboratory environment.

The NCCoE will solicit participation from industry to demonstrate first-party and third-party tests and test tools for automation of the CMVP, as well as first-party processes and means for communicating the results to NIST. Increased automation is necessary because a number of elements of the current validation processes are manual in nature, making third-party testing and government validation of cryptographic modules often incompatible with industry requirements. In addition to demonstrating tests, tools, and processes, this project will also result in practice descriptions in the form of white papers, playbook generation, and implementation demonstrations, which aim to improve the ability and efficiency of organizations.

The public comment period is open through May 12, 2021. See the publication details for a copy of the draft and instructions for submitting comments. You can also help shape and contribute to this project. Join the Community of Interest by sending an email to applied-crypto-visibility@nist.gov.

Related Topics

Security and Privacy: cryptography, testing & validation

Created April 12, 2021