Cryptographic Module Validation Program CMVP
FIPS 140-3 IG Announcements
[10-07-2022]
Updated Guidance:
- 2.3.C PAA and PAIs - Clarified the testing requirements when a module incorporates PAA or PAI functionality. Updated known PAA/PAIs.
- 9.3.A Entropy Caveats - Added Additional Comment #7 on claiming multiple scenarios from this IG, and added Additional Comment #8 on which scenarios require an entropy assessment report.
- C.F Approved Modulus Sizes for RSA Digital Signature - Clarified algorithm status and requirements for RSA Signature Verification for both FIPS 186-2 and FIPS 186-4.
[05-16-2022]
New Guidance:
-
- D.Q Transition of the TLS 1.2 KDF to Support the Extended Master Secret
- D.R Hash Functions Acceptable for Use in the SP 800-90A DRBGs
Updated Guidance:
- 3.4.A Trusted Channel – Removed Additional Comment #2 as this is appropriate for FIPS 140-2, but does not align with requirements of ISO/IEC 19790:2012 Section 7.9.5 and IG 9.5.A.
- 9.5.A SSP Establishment and SSP Entry and Output – Added parenthesis in Resolution to highlight the fact that there are differences in requirements between CSPs that are keys versus non-keys.
[03-14-2022]
Updated Guidance:
- 2.4.A Definition and Use of a non-Approved Security Function – Added “with no security claimed” to the examples subtitle for clarity. Small editorial change in the Resolution to reference the correct algorithm table in SP 800-140B. Added a footnote to MD5.
- 2.4.B Tracking the Component Validation List – Added vendor affirmation of a SRTP KDF implementation.
[11-05-2021]
New Guidance:
-
- D.P SP 800-56Crev2 One-Step Key Derivation Function Without a Counter
Updated Guidance:
-
- Added a space to all ENT entries to ENT (P) or ENT (NP).
- 2.4.B Tracking the Component Validation List – Added references to SP 800-56Arev3 for the ECC-CDH primitive CVL in Resolution #1.
- 2.4.A Definition and Use of a non-Approved Security Function – Synchronized minor text in the Resolution to be consistent with IG 1.23 (FIPS 140-2). Clarified XOR example with a note. Added Additional Comment #2 to further clarify when a vendor can apply this IG.
- 10.3.A Cryptographic Algorithm Self-Test Requirements – Spelled out the ENT self-test requirements to avoid ambiguity.
- C.F Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 – Added Table 1 with a more relaxed upper bound limit and introduced supporting text including adding two new Additional Comments. Clarified the minimum number of the Miller-Rabin tests. Cleaned up old text in the Additional Comments.
- D.C References to the Support of Industry Protocols – Included guidance on the use of AES-CBC-MAC within OTAR.
- D.J Entropy Estimation and Compliance with SP 800-90B – Added Additional Comment #10 to clarify when other parties can write a labs’ entropy source description and its heuristic entropy analysis.
- D.L Critical Security Parameters for the SP 800-90A DRBGs – Added Additional Comment on the CTR_DRBG without a derivation function.
[08-30-2021]
New Guidance:
- 10.3.D Error Logging
- 10.3.E Periodic Self-Testing
- E.A Applicability of Requirements from SP 800-63B
Updated Guidance:
- 5.A Non-Reconfigurable Memory Integrity Test – Incorporated end of life procedures.
[05-04-2021]
New Guidance:
-
- 2.4.C Approved Security Service Indicator
- 9.7.B Indicator of Zeroization
- 10.3.C Conditional Manual Entry Self-Test Requirements
- 11.A CVE Management
- 12.A Mitigation of Other Attacks
- D.O Combining Entropy from Multiple Sources
Updated Guidance:
-
- 3.4.A Trusted Channel – clarified in the last bullet in Resolution 2 that the operator must stay in control over the physical path and prevent any unauthorized tampering.
- 4.1.A Authorised Roles - Clarified the requirements of the text “or other services that do not affect the security of the module”.
- 10.3.A Cryptographic Algorithm Self-Test Requirements – Updated to remain consistent with FIPS 140-2 IG 9.4. Also, clarified self-test rules around the PBKDF Iteration Count parameter.
- C.H Key/IV Pair Uniqueness Requirements from SP 800-38D - Removed Scenario 2’s second and fourth bullets and added the reasoning as Additional Comment #4.
- D.F Key Agreement Methods - Removed Additional Comment 10 since SP 800-56Arev3 testing is available and therefore vendor affirming to this standard is not permitted.
- D.G Key Transport Methods - Added “if applicable” for key confirmation under the first approved method.
- D.J Entropy Estimation and Compliance with SP 800-90B - Updated to align ENT references with that of IG D.O.
[09-21-2020]
The first release of the FIPS 140-3 Implementation Guidance document was published on September 21, 2020. This release incorporates 41 IGs, down from the 104 IGs currently in FIPS 140-2 IG document. Many of the IGs were no longer required as they were incorporated into ISO/IEC 19790, ISO/IEC 24759, and the SP 800-140x documents. Many thanks to those who helped identify, draft, review, and publish this new CMVP document.
Project Links
Additional Pages
Created October 11, 2016, Updated October 26, 2022