U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-140D Rev. 1 (Initial Public Draft)

CMVP Approved Sensitive Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759

Date Published: August 2021
Comments Due: September 20, 2021 (public comment period is CLOSED)
Email Questions to: sp800-140-comments@nist.gov

Author(s)

Kim Schaffer (NIST)

Announcement

The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and its associated validation testing program, the Cryptographic Module Validation Program (CMVP). The series specifies modifications to the derived test requirements (DTR) for FIPS 140-3 and is used in conjunction with ISO/IEC 24759.

Updates to the following publications within the subseries are now available for public comment:

  • Draft NIST SP 800-140C Rev. 1, CMVP Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759
  • Draft NIST SP 800-140D Rev. 1, CMVP Approved Sensitive Security Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759
  • Draft NIST SP 800-140F Rev. 1, CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 2475

We encourage you to use this template when preparing your comments.

Abstract

Keywords

Cryptographic Module Validation Program; CMVP; FIPS 140 testing; FIPS 140-3; ISO/IEC 19790; ISO/IEC 2759; Sensitive Parameter Establishment Methods; Sensitive Parameter Generation; testing requirement; vendor evidence; vendor documentation
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-140Dr1-draft
Download URL

Supplemental Material:
Comments template (docx)

Other Parts of this Publication:
SP 800-140F Rev. 1

Document History:
08/20/21: SP 800-140D Rev. 1 (Draft)
02/10/22: SP 800-140D Rev. 1 (Draft)
05/20/22: SP 800-140D Rev. 1 (Final)

Topics

Security and Privacy

cryptography, testing & validation