Cloud Key Management

CMVP Validation Authority Updates: Draft Revisions of NIST SP 800-140C/D/F Available for Comment

  • 1.  CMVP Validation Authority Updates: Draft Revisions of NIST SP 800-140C/D/F Available for Comment

    Posted Aug 21, 2021 06:07:00 AM
    Hi All,

    @Paul Rich

    NIST just published CMVP Validation Authority Updates: Draft Revisions of NIST SP 800-140C/D/F Available for Comment

    The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and its associated validation testing program, the Cryptographic Module Validation Program (CMVP). The series specifies modifications to the derived test requirements (DTR) for FIPS 140-3 and is used in conjunction with ISO/IEC 24759.

    Updates to the following publications within the subseries are now available for public comment:
    • Draft NIST SP 800-140C, Revision 1, CMVP Approved Security Functions: CMVP Validation Authority Updates to ISO/IEC 24759
    • Draft NIST SP 800-140D, Revision 1, CMVP Approved Sensitive Security Parameter Generation and Establishment Methods: CMVP Validation Authority Updates to ISO/IEC 24759
    • Draft NIST SP 800-140F, Revision 1, CMVP Approved Non-Invasive Attack Mitigation Test Metrics: CMVP Validation Authority Updates to ISO/IEC 24759

    The public comment period for these documents is open through September 20, 2021. Comments may address security, implementation, clarity, risk issues, and relevance to current applications. See the publication details for downloads and instructions for submitting comments (comment templates are provided for each).



    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------