Schaffer, K.
(2020),
CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-140B
(Accessed October 24, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B
Published
Author(s)
Abstract
NIST Special Publication (SP) 800-140B is to be used in conjunction with ISO/IEC 19790 Annex B and ISO/IEC 24759 6.14. The special publication modifies only those requirements identified in this document. SP 800-140B also specifies the content of the tabular and graphical information required in ISO/IEC 19790 Annex B. As a validation authority, the Cryptographic Module Validation Program (CMVP) may modify, add, or delete Vendor Evidence (VE) and/or Test Evidence (TE) specified under paragraph 6.14 of the ISO/IEC 24759 and specify the order of the security policy as specified in ISO/IEC 19790:2012 B.1.Citation
Special Publication (NIST SP) - 800-140B
Report Number
800-140B
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
Cryptographic Module Validation Program, CMVP, FIPS 140 testing, FIPS 140, ISO/IEC 19790, ISO/IEC 2759, testing requirement, vendor evidence, vendor documentation, security policy
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created March 20, 2020, Updated May 24, 2020