background preloader

NIST Docs

Facebook Twitter

FIPS 140-1 Vendor List. NIST.gov - Computer Security Division - Computer Security Resource Center. What is the purpose of the CMVP?

NIST.gov - Computer Security Division - Computer Security Resource Center

On July 17, 1995, the National Institute of Standards and Technology (NIST) established the Cryptographic Module Validation Program (CMVP) that validates cryptographic modules to Federal Information Processing Standards (FIPS) Security Requirements for Cryptographic Modules, and other FIPS cryptography based standards. The CMVP is a joint effort between NIST and the Communications Security Establishment Canada (CSEC).

FIPS 140-2, Security Requirements for Cryptographic Modules, was released on May 25, 2001 and supersedes FIPS 140-1. Modules validated as conforming to FIPS 140-1 and FIPS 140-2 are accepted by the Federal Agencies of both countries for the protection of sensitive information. Vendors of cryptographic modules use independent, accredited Cryptographic and Security Testing (CST) laboratories to test their modules. Anchor vs. Reporter on-air fight. FIPS 140-2. The Federal Information Processing Standard (FIPS) Publication 140 is a US government standard that defines minimum security requirements for cryptographic modules in products and systems, as defined in Section 5131 of the Information Technology Management Reform Act of 1996.

FIPS 140-2

Testing against the FIPS 140 standard is maintained by the Cryptographic Module Validation Program, a joint effort of the US National Institute of Standards and Technology (NIST) and the Communications Security Establishment of Canada. The current version of the standard, FIPS 140-2, has security requirements covering 11 areas related to the design and implementation of a cryptographic module. FIPS 140 Validation. Updated: May 2014 Introduction This document provides information on how Microsoft products and cryptographic modules comply with the U.S.

FIPS 140 Validation

Federal government standard, Federal Information Processing Standard (FIPS) 140 – Security Requirements for Cryptographic Modules [FIPS 140]. Audience This document is primarily focused on providing information for three parties: "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" security setting effects in Windows XP and in later versions of Windows. FIPS 140 Validation. NIST.gov - Computer Security Division - Computer Security Resource Center. The CMVP list(s) of Validated Cryptographic Modules provide the official validation information for each module.

NIST.gov - Computer Security Division - Computer Security Resource Center

All questions regarding the implementation and/or use of any module located on the following lists should first be directed to the appropriate VENDOR point of contact (listed for each entry). Thank you. The FIPS 140-1 and FIPS 140-2 validation lists contain those cryptographic modules that have been tested and validated under the Cryptographic Module Validation Program as meeting requirements for FIPS PUB 140-1 and FIPS PUB 140-2. A validation certificate has been issued for each of the modules listed.

Algorithm Validation Lists - Cryptographic Algorithm Validation Program (CAVP) NIST, Computer Security Resource Center Algorithm Validation Lists All questions regarding the implementation and/or use of any algorithm located on the following lists should first be directed to the appropriate VENDOR point of contact (listed for each entry).

Algorithm Validation Lists - Cryptographic Algorithm Validation Program (CAVP)

Thank you. NIST maintains validation lists for each cryptographic standard testing program (past and present). Advanced Encryption Standard Algorithm Validation List. Advanced Encryption Standard Algorithm Validation List. Schannel (COM) The Secure Channel (Schannel) security package, whose authentication service identifier is RPC_C_AUTHN_GSS_SCHANNEL, supports the following public-key–based protocols: SSL (Secure Sockets Layer) versions 2.0 and 3.0, Transport Layer Security (TLS) 1.0, and Private Communication Technology (PCT) 1.0.

Schannel (COM)

TLS 1.0 is a standardized, slightly modified version of SSL 3.0 that was issued by the Internet Engineering Task Force (IETF) in January 1999, in document RFC 2246. Because TLS has been standardized, developers are encouraged to use TLS rather than SSL. PCT is included for backward compatibility only and should not be used for new development. Difference between AES CMAC and AES HMAC? All about SSL Cryptography. Background SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook).

All about SSL Cryptography

It allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. What Is SSL (Secure Sockets Layer)? About SSL Certificates and SSL Encryption What Is SSL?

What Is SSL (Secure Sockets Layer)?

SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser, or a mail server and a mail client (e.g., Outlook). SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server, they can see and use that information.

Public key certificate. Diagram of an example usage of digital certificate In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document used to prove the ownership of a public key.

Public key certificate

The certificate includes information about the key, information about its owner's identity, and the digital signature of an entity that has verified the certificate's contents are correct. Computer Security Publications - NIST Special Publications (SPs) NIST uses three NIST Special Publication subseries to publish computer/cyber/information security and guidelines, recommendations and reference materials: SP 800, Computer Security (December 1990-present): NIST's primary mode of publishing computer/cyber/information security guidelines, recommendations and reference materials (SP 800s are also searchable in the NIST Library Catalog); SP 1800, NIST Cybersecurity Practice Guides (2015-present): A new subseries created to complement the SP 800s; targets specific cybersecurity challenges in the public and private sectors; practical, user-friendly guides to facilitate adoption of standards-based approaches to cybersecurity; SP 500, Computer Systems Technology (January 1977-present): A general IT subseries used more broadly by NIST's Information Technology Laboratory (ITL), this page lists selected SP 500s related to NIST's computer security efforts.

Computer Security Publications - NIST Special Publications (SPs)

Note: Publications that link to dx.doi.org/... will redirect to another NIST website. Computer Security Publications - NIST Special Publications (SPs)