Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 24759:2017

Published

Author(s)

Kim B. Schaffer

Abstract

NIST Special Publication (SP) 800-140F replaces the approved non-invasive attack mitigation test metric requirements of ISO/IEC 19790 Annex F. As a validation authority, the Cryptographic Module Validation Program (CMVP) may supersede this Annex in its entirety. This document supersedes ISO/IEC 19790 Annex F and ISO/IEC 24759 paragraph 6. 18.
Citation
Special Publication (NIST SP) - 800-140F
Report Number
800-140F

Keywords

attack mitigation, Cryptographic Module Validation Program, CMVP, FIPS 140 testing, FIPS 140, ISO/IEC 19790, ISO/IEC 24759, non-invasive, testing requirement, vendor evidence, vendor documentation

Citation

Schaffer, K. (2020), CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 24759:2017, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-140F (Accessed December 7, 2021)
Created March 20, 2020, Updated May 4, 2021