Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

CMVP Approved Sensitive Security Parameter Generation and Establishment Methods



Alexander Calis


The approved sensitive security parameter generation and establishment methods listed in this publication replace the ones listed in International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 19790 Annex D and ISO/IEC 24759 paragraph 6.16, within the context of the Cryptographic Module Validation Program (CMVP). As a validation authority, the CMVP may supersede Annex D in its entirety.
Special Publication (NIST SP) - SP 800-140Dr2
Report Number
SP 800-140Dr2


Cryptographic Module Validation Program, CMVP, FIPS 140 testing, FIPS 140-3, ISO/IEC 19790, ISO/IEC 24759, sensitive security parameter establishment methods, sensitive security parameter generation, testing requirement, vendor evidence, vendor documentation.


Calis, A. (2023), CMVP Approved Sensitive Security Parameter Generation and Establishment Methods, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed May 26, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created July 25, 2023