Industry participants and other interested parties are invited to participate in the Automation of the NIST Cryptographic Module Validation Program project. Please review the requirements identified in the Federal Register Notice. Anyone interested in becoming a collaborator should request and complete a Letter of Interest. The NCCoE considers participants who have submitted a completed Letter of Interest on a first-come, first-served basis.
The purpose of the project is to demonstrate the value and practicality of automation to improve the efficiency and timeliness of Cryptographic Module Validation Program (CMVP) operation and processes. A number of elements of the current validation processes are manual in nature, and the period required for third-party testing and government validation of cryptographic modules is often incompatible with industry requirements.
This project will demonstrate a suite of tools to modernize and automate manual review processes in support of existing policy and efforts to include technical testing of the CMVP. These automated tools will employ a vendor/manufacturer testing concept that permits organizations to perform the testing of their cryptographic products according to the requirements of FIPS 140-3, then directly report the results to NIST using appropriate protocols.
This project will demonstrate a suite of tools to modernize and automate manual review processes in support of existing policy and efforts to include technical testing of the CMVP.
NIST hosted a virtual workshop on the topic of automation of the CMVP in October 2020. The purpose of this workshop was to discuss the challenges and proposed approaches associated with automating the CMVP.
A Community of Interest (COI) is a group of professionals and advisors that share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Members typically meet monthly by teleconference. Share your expertise and consider becoming a member of this project's COI.