U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Cryptographic Algorithm Validation Program CAVP

CAVP Testing: Individual Component Testing

Algorithm Specifications

Beginning in 2011, validation testing of individual algorithm components was made available. Many situations exist where the specifications of an algorithm standard are implemented in multiple cryptographic boundaries. For example, PIV Smartcard applications may implement one part of an algorithm on the smartcard and another part of the algorithm on the smartcard reader. Possible reasons for implementing an algorithm this way is processing limitations or size constraints. In this situation, the algorithm validation testing of the complete algorithm can't be utilized since this requires everything to be within the same cryptographic boundary. Therefore, component testing was introduced. Component testing allows assurance of the individual components of an algorithm. The algorithm specifications for the components for which we have validation testing are available from the corresponding algorithm sections in the Cryptographic Toolkit.

Current testing includes the following algorithm components:

ECCCDH Primitive (SP 800-56A)

ECDSA Signature Generation Primitive(FIPS 186-4)

KDFs (SP 800-135)

RSADP Decryption Primitive (PKCS#1 v2.1, Section 5.1.2)

RSA PKCS1.5 and PKCS PSS Signature Generation Primitive (FIPS 186-4)

 

Algorithm Validation Testing Requirements

SP 800-56A Elliptic Curve Cryptography Cofactor Diffie-Hellman (ECC CDH) Primitive Testing

The Elliptic Curve Cryptography Cofactor Diffie_Hellman (ECC CDH) Primitive Validation System (ECC_CDHVS) specifies validation testing requirements for testing only the SP800-56A Section 5.7.1.2 Elliptic Curve Cryptography Cofactor Diffie-Hellman (ECC CDH) Primitive.

Testing Notes

 

FIPS 186-4 ECDSA Signature Generation Component Testing

The Signature Generation Component test is described in the Elliptic Curve Digital Signature Algorithm Validation System (ECDSA2VS).

Testing Notes

 

SP800-135 Revision 1 Recommendation for Existing Application-Specific Key Derivation Functions

The SP800-135 Existing Application-Specific Key Derivation Function Validation System (ASKDFVS) specifies validation testing requirements for each individual key derivation function in SP 800-135 (Revision 1).

Testing Notes

 

RSADP Decryption Operation Primitive Component Testing

The RSADP Decryption Operation Primitive Component Validation System (RSADPVS) specifies validation testing requirements for the RSADP Decryption Operation Primitive Component as specified in Section 7.1.2 of the NIST SP 800-56B: Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography (August 2009) and in Section 5.1.2 of the PKCS#1 v2.1: RSA Cryptography Standard (June 14, 2002).

Testing Notes

  • This primitive is used by the key transport scheme referenced in both documents above.

 

FIPS 186-4 RSA PKCS1-v1_5 and PSS RSASP1 Signature Primitive Component Testing

The RSASP1 Signature Primitive Validation System (RSASP1VS) specifies validation testing requirements for the RSASP1 function as described in PKCS#1 v2.1: RSA Cryptography Standard, June 14, 2002. The RSASP1 function component only tests the modular exponentiation function. Therefore, the test for PKCS1.5 and PKCS PSS is identical. The format of the input message is not specified or tested by this validation test. It is outside the scope of the component test for RSASP1. (This was modified in January 2014 to only include the modular exponentiation function.)

Testing Notes

  • This validation test inputs messages. It returns the signature s verifying the correct result.
Back to Top

Test Vectors

Use of these test vectors does not replace validation obtained through the CAVP.

The test vectors linked below can be used to informally verify the correctness of the components listed above.

Standard Test Vectors

SP 800-56A

ECCCDH Primitive Test Vectors

FIPS 186-4

ECDSA Signature Generation Component

SP 800-135

IKEv1 KDF Test Vectors
IKEv2 KDF Test Vectors
TLS KDF Test Vectors
ANS X9.63-2001 KDF Test Vectors
SSH Test Vectors
SRTP KDF Test Vectors
SNMP KDF Test Vectors
TPM KDF Test Vectors

SP 800-56B Section 7.1.2

RSADP Decryption Operation Primitive Component Test Vectors

FIPS 186-4

FIPS 186-4 RSA PKCS1-v1_5 RSASP1 Signature Primitive Component Test Vectors

FIPS 186-4

FIPS 186-4 RSA PKCS1-vPSS RSASP1 Signature Primitive Component Test Vectors

Created October 05, 2016, Updated March 08, 2021