Hi All,
The National Cybersecurity Center of Excellence (NCCoE) has released the Draft NIST Cybersecurity White Paper (CSWP) 37, Automation of the NIST Cryptographic Module Validation Program: September 2024 Status Report. The comment period for this publication is open until December 2nd, 2024.
The Cryptographic Module Validation Program (CMVP) validates third-party assertions that cryptographic module implementations satisfy the requirements of Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules. The NCCoE has undertaken the Automated Cryptographic Module Validation Project (ACMVP) to support improvement in efficiency and timeliness of CMVP operations and processes.
The goal of this project is to demonstrate a suite of automated tools that would permit organizations to perform testing of their cryptographic products according to the requirements of FIPS 140-3, then directly report the results to NIST using appropriate protocols. This is a status report of progress made with the ACMVP and the planned next steps for the project.
Submit Your Comments
The public comment period for the draft is open until 11:59 p.m. EST on December 2nd, 2024. You can submit comments on this publication by sending an email to [email protected]. ------------------------------
Michael Roza CPA, CISA, CIA, CC, CCSKv5, CCZTv1, MBA, EMBA, CSA
------------------------------