Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CMVP Approved Sensitive Security Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759:2017(E)



Kim B. Schaffer


NIST Special Publication (SP) 800-140D replaces the approved sensitive security parameter generation and establishment methods requirements of ISO/IEC 19790 Annex D. As a validation authority, the Cryptographic Module Validation Program (CMVP) may supersede this Annex in its entirety. This document supersedes ISO/IEC 19790 Annex D and ISO/IEC 24759 paragraph 6.16.
Special Publication (NIST SP) - 800-140D
Report Number


Cryptographic Module Validation Program, CMVP, FIPS 140 testing, FIPS 140-3, ISO/IEC 19790, ISO/IEC 2759, Sensitive Security Parameter Establishment Methods, Sensitive Security Parameter Generation, testing requirement, vendor evidence, vendor documentation
Created March 20, 2020, Updated May 24, 2020