Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
CMVP Validation Authority Updates: Draft Revisions of NIST SP 800-140C/D/F Available for Comment
NIST has posted three draft revisions of SP 800-140C/D/F, specifying CMVP Validation Authority updates to ISO/IEC 24759, for public comment. The comment period closes September 20, 2021.
The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and its associated validation testing program, the Cryptographic Module Validation Program (CMVP). The series specifies modifications to the derived test requirements (DTR) for FIPS 140-3 and is used in conjunction with ISO/IEC 24759.
Updates to the following publications within the subseries are now available for public comment:
- Draft NIST SP 800-140C, Revision 1, CMVP Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759
- Draft NIST SP 800-140D, Revision 1, CMVP Approved Sensitive Security Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759
- Draft NIST SP 800-140F, Revision 1, CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 24759
The public comment period for these documents is open through September 20, 2021. Comments may address security, implementation, clarity, risk issues, and relevance to current applications. See the links above for downloads of the drafts and instructions for submitting comments (comment templates are provided for each).