U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Cryptographic Module Validation Program CMVP

FIPS 140-3 IG Announcements

FIPS 140-3 IG - Latest version

[10-07-2022]

Updated Guidance:

 

  • 2.3.C  PAA and PAIs -  Clarified the testing requirements when a module incorporates PAA or PAI functionality.  Updated known PAA/PAIs.
  • 9.3.A Entropy Caveats - Added Additional Comment #7 on claiming multiple scenarios from this IG, and added Additional Comment #8 on which scenarios require an entropy assessment report. 
  • C.F Approved Modulus Sizes for RSA Digital Signature - Clarified algorithm status and requirements for RSA Signature Verification for both FIPS 186-2 and FIPS 186-4.

[05-16-2022]

New Guidance:

  •  
  • D.Q Transition of the TLS 1.2 KDF to Support the Extended Master Secret
  • D.R Hash Functions Acceptable for Use in the SP 800-90A DRBGs

Updated Guidance:

  • 3.4.A Trusted Channel – Removed Additional Comment #2 as this is appropriate for FIPS 140-2, but does not align with requirements of ISO/IEC 19790:2012 Section 7.9.5 and IG 9.5.A.
  • 9.5.A SSP Establishment and SSP Entry and Output – Added parenthesis in Resolution to highlight the fact that there are differences in requirements between CSPs that are keys versus non-keys. 

[03-14-2022]

Updated Guidance:

 

  • 2.4.A Definition and Use of a non-Approved Security Function – Added “with no security claimed” to the examples subtitle for clarity.  Small editorial change in the Resolution to reference the correct algorithm table in SP 800-140B.  Added a footnote to MD5.
  • 2.4.B Tracking the Component Validation List – Added vendor affirmation of a SRTP KDF implementation.

[11-05-2021]

New Guidance:

    • D.P SP 800-56Crev2 One-Step Key Derivation Function Without a Counter

Updated Guidance:

 

    • Added a space to all ENT entries to ENT (P) or ENT (NP).
    • 2.4.B Tracking the Component Validation List – Added references to SP 800-56Arev3 for the ECC-CDH primitive CVL in Resolution #1.
    • 2.4.A Definition and Use of a non-Approved Security Function – Synchronized minor text in the Resolution to be consistent with IG 1.23 (FIPS 140-2).  Clarified XOR example with a note.  Added Additional Comment #2 to further clarify when a vendor can apply this IG.
    • 10.3.A Cryptographic Algorithm Self-Test Requirements – Spelled out the ENT self-test requirements to avoid ambiguity.
    • C.F Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 – Added Table 1 with a more relaxed upper bound limit and introduced supporting text including adding two new Additional Comments.  Clarified the minimum number of the Miller-Rabin tests. Cleaned up old text in the Additional Comments.
    • D.C References to the Support of Industry Protocols – Included guidance on the use of AES-CBC-MAC within OTAR.
    • D.J Entropy Estimation and Compliance with SP 800-90B – Added Additional Comment #10 to clarify when other parties can write a labs’ entropy source description and its heuristic entropy analysis.
    • D.L Critical Security Parameters for the SP 800-90A DRBGs – Added Additional Comment on the CTR_DRBG without a derivation function.

[08-30-2021]

New Guidance:

  • 10.3.D Error Logging
  • 10.3.E Periodic Self-Testing
  • E.A Applicability of Requirements from SP 800-63B

Updated Guidance:

  • 5.A Non-Reconfigurable Memory Integrity Test – Incorporated end of life procedures.

[05-04-2021]

New Guidance:

    • 2.4.C Approved Security Service Indicator
    • 9.7.B Indicator of Zeroization
    • 10.3.C Conditional Manual Entry Self-Test Requirements
    • 11.A CVE Management
    • 12.A Mitigation of Other Attacks
    • D.O Combining Entropy from Multiple Sources

Updated Guidance:

    • 3.4.A Trusted Channel – clarified in the last bullet in Resolution 2 that the operator must stay in control over the physical path and prevent any unauthorized tampering.
    • 4.1.A Authorised Roles - Clarified the requirements of the text “or other services that do not affect the security of the module”.
    • 10.3.A Cryptographic Algorithm Self-Test Requirements – Updated to remain consistent with FIPS 140-2 IG 9.4. Also, clarified self-test rules around the PBKDF Iteration Count parameter.
    • C.H Key/IV Pair Uniqueness Requirements from SP 800-38D - Removed Scenario 2’s second and fourth bullets and added the reasoning as Additional Comment #4.
    • D.F Key Agreement Methods - Removed Additional Comment 10 since SP 800-56Arev3 testing is available and therefore vendor affirming to this standard is not permitted.
    • D.G Key Transport Methods - Added “if applicable” for key confirmation under the first approved method.
    • D.J Entropy Estimation and Compliance with SP 800-90B - Updated to align ENT references with that of IG D.O.

[09-21-2020]

The first release of the FIPS 140-3 Implementation Guidance document was published on September 21, 2020. This release incorporates 41 IGs, down from the 104 IGs currently in FIPS 140-2 IG document. Many of the IGs were no longer required as they were incorporated into ISO/IEC 19790, ISO/IEC 24759, and the SP 800-140x documents. Many thanks to those who helped identify, draft, review, and publish this new CMVP document.

Created October 11, 2016, Updated October 26, 2022