Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

FIPS 140-3 Derived Test Requirements (DTR):CMVP Validation Authority Updates to ISO/IEC 24759

Published

Author(s)

Kim B. Schaffer

Abstract

NIST Special Publication (SP) 800-140 specifies the Derived Test Requirements (DTR) for Federal Information Processing Standard (FIPS) 140-3. SP 800-140 modifies the test (TE) and vendor (VE) evidence requirements of International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 24759. As a validation authority, the Cryptographic Module Validation Program (CMVP) may modify, add or delete TEs and/or VEs as specified under paragraph 5.2 of ISO/IEC 24759. This NIST Special Publication should be used in conjunction with ISO/IEC 24759 as it modifies only those requirements identified in this document.
Citation
Special Publication (NIST SP) - SP 800-140
Report Number
SP 800-140

Keywords

Cryptographic Module Validation Program, CMVP, FIPS 140 testing, FIPS 140, ISO/IEC 19790, ISO/IEC 24759, testing requirement, vendor evidence

Citation

Schaffer, K. (2020), FIPS 140-3 Derived Test Requirements (DTR):CMVP Validation Authority Updates to ISO/IEC 24759, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-140 (Accessed December 4, 2021)
Created March 20, 2020, Updated May 24, 2020