U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

NIST CSWP 37A Automation of the NIST Cryptographic Module Validation Program

Published

Author(s)

Christopher Celi, Alexander Calis, Murugiah Souppaya, William Barker, Karen Kent, Raoul Gabiam, Yi Mao, Barry Fussell, Andrew Karcher, Douglas Boldt

Abstract

The Cryptographic Module Validation Program (CMVP) validates third-party assertions that cryptographic module implementations satisfy the requirements of Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules. The NIST National Cybersecurity Center of Excellence (NCCoE) has undertaken the Automated Cryptographic Module Validation Project (ACMVP) to support improvement in the efficiency and timeliness of CMVP operations and processes. The goal is to demonstrate a suite of automated tools that would permit organizations to perform testing of their cryptographic products according to the requirements of FIPS 140-3, then directly report the results to NIST using appropriate protocols. This is a status report of progress made with the ACMVP project up through September 2024 and the planned next steps. Subsequent reports will cover updates post-September 2024.
Citation
NIST Cybersecurity White Papers (CSWP) - 37A
Report Number
37A
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.CSWP.37A
Local Download

Keywords

Automated Cryptographic Module Validation Project (ACMVP), Cryptographic Module Validation Program (CMVP), cryptography, cryptographic module, cryptographic module testing, cryptographic module validation
Cryptography and Conformance testing

Citation

Celi, C. , Calis, A. , Souppaya, M. , Barker, W. , Kent, K. , Gabiam, R. , Mao, Y. , Fussell, B. , Karcher, A. and Boldt, D. (2026), NIST CSWP 37A Automation of the NIST Cryptographic Module Validation Program, NIST Cybersecurity White Papers (CSWP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.CSWP.37A, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=960765 (Accessed March 18, 2026)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created March 16, 2026
Was this page helpful?