[12-01-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated

New Implementation Guidance:

• 1.8 Listing of DES Implementations
• 7.5 Strength of Key Establishment Methods

[11-17-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated

Updated Implementation Guidance:

• G.2 Completion of a test report: Information that must be provided to NIST and CSEC
  • Updated NIST contact.

[09-26-2005] CMVP and IPA/Instac Physical Security Testing Workshop

A workshop was hosted by the CMVP (NIST and CSEC) and IPA/Instac Japan to address new physical testing methods as new mitigation methods are deployed in cryptographic modules. Presentations and papers presented at the Physical Security Testing Workshop.

[09-12-2005] Annex D: Approved Key Establishment Techniques [ PDF ] has been updated

Information regarding allowed asymmetric key establishment methods moved to FIPS 140-2 IG 7.1.

[09-12-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated

New Implementation Guidance:

• G.11 Testing using Emulators and Simulators
• 1.6 Use of Non-NIST-Recommended Asymmetric Key Sizes and Elliptic Curves
• 1.7 Multiple Approved Modes of Operation
• 5.2 Testing Tamper Evident Seals
• 7.4 Zeroization of Power-Up Test Keys

Updated Implementation Guidance:

• G.1 Request for Guidance from the CMVP
• 1.2 FIPS Approved Mode of Operation
• 7.1 Acceptable Key Establishment Protocols
• 7.2 Use of IEEE 802.11i Key Derivation Protocols

[07-25-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated

Updated Implementation Guidance:

• G.2 Completion of a test report: Information that must be provided to NIST and CSEC
  • Updated CSEC contact.

[06-30-2005] FIPS 140-2 Annex D: Approved Key Establishment Techniques [ PDF ] has been updated

Clarification regarding the use of asymmetric keys for key wrapping as a key transport method for key establishment.

[05-19-2005] FIPS 140-2 Annex A: Approved Security Functions [ PDF ] has been updated

DES and Triple-DES

National Institute of Standards and Technology, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, Special Publication 800-67, May 2004.

[01-31-2005] FIPS 140-2 Annex C: Approved Random Number Generators [ PDF ] has been updated

NIST-Recommended Random Number Generator Based on ANSI X9.31 Appendix A.2.4 Using the 3-Key Triple DES and AES Algorithms added.

[01-21-2005] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [ PDF ] has been updated

New Implementation Guidance:

• 6.4 Approved Integrity Techniques
• 7.2 Use of IEEE 802.11i Key Derivation Protocols
• 7.3 Use of other Core Symmetric Algorithms in ANSI X9.31 RNG

Updated Implementation Guidance:

• G.1 Implementation guidance requests to NIST and CSEC
  • Updated NIST and CSEC contacts.
• G.2 Completion of a test report: Information that must be provided to NIST and CSEC
  • Updated CSEC contact. Change requirements for signature page.
• G.3 Partial Validations and Not Applicable Areas of FIPS 140-2
  • Added guidance regarding Not Applicable Areas.
• G.5 Maintaining validation compliance of software or firmware cryptographic modules
  • Clarified the distinct actions a vendor or user may affirm compliance.
• G.8 re-validation Requirements
  • Added Regression Test Suite and clarifications.