cmvp status and fips 140-1&2 - nist · aes skipjack sha-1 sha-256 sha-384 sha-512 des mac ......
TRANSCRIPT
![Page 1: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/1.jpg)
3/26/02 1
CMVP Status andFIPS 140-1&2
Annabelle LeeDirector, CMVPMarch 26, 2002
![Page 2: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/2.jpg)
NIAP
SSLTLS
SMIMEIKEEKE
SPEKE
IPSEC
ITSECURITY
Systems
Smart CardsPKI
TelecomBiometricsHealthcare
FirewallsOperatingSystemsDBMSWeb
Browsers
CMVPDES
3DES
AES
Skipjack
SHA-1
SHA-256
SHA-384
SHA-512
DESMAC
HMAC
FIPS 140-2Crypto
ModulesRSA
ECDSA
DSA
DSA2RSA2
ECDSA2 Wrapping
D-HMQVRSA
FIPS171
Encryption Hashing Authentication Signature Key Mgt.
ProtocolsSecurity Specifications
Future Standard,Specification or
Recommendation
Standardin
Progress
Existing StandardTest Development
in Progress
Standard andTesting
Available
Existing Standardno
Testing
Industry Standard,Specification or
Recommendation
CygnaCom COACTSAIC TUVIT CSC
Domus InfoGard Atlan
AccreditedTesting
Labs
ARCA
EWA
![Page 3: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/3.jpg)
![Page 4: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/4.jpg)
3/26/02 4
Cryptographic Module Validation Program (CMVP)
Established by NIST and the Communications Security Establishment (CSE) in 1995Original FIPS 140-1 requirements and updated FIPS 140-2 requirements developed with industry inputSix NVLAP-accredited testing laboratories
True independent 3rd party accredited testing laboratoriesCannot test and provide design assistance
![Page 5: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/5.jpg)
CMVP Accredited Laboratories
InfoGard Laboratories
CEAL: a CygnaCom Solutions Laboratory
COACT Inc.
EWA - Canada LTD, IT Security
Evaluation Facility
Domus IT Security Laboratory
Atlan Laboratories
Sixth CMT laboratory added in 2001
![Page 6: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/6.jpg)
3/26/02 6
Applicability of FIPS 140-2
U.S. Federal organizations must use validated cryptographic modules
GoC departments are recommended by CSE to use validated cryptographic modules
International recognition
![Page 7: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/7.jpg)
3/26/02 7
Communications-Electronics Security Group (CESG) - UK
• December 28, 2001
– CESG proposes the use of FIPS 140 as the basis for the evaluation of cryptographic products used in a number of UK government applications and encourages the setting up of accredited laboratories in the UK to perform these evaluations.
![Page 8: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/8.jpg)
Vendor
Designs and Produces
Cryptographic Module and Algorithm
CMT Lab
Tests for Conformance
Cryptographic Module and Algorithm
CMVP
Validates
Test Results and Signs Certificate
User
Specifies and Purchases
Security and Assurance
Flow of a FIPS 140-2 Validation
![Page 9: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/9.jpg)
Level 1 is the lowest, Level 4 most stringent
Requirements are primarily cumulative by level
Overall rating is lowest rating in all sections
Not Validated
Security Spectrum
Level 1Level 2
Level 3Level 4
FIPS 140-2 Security Levels
![Page 10: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/10.jpg)
3/26/02 10
CMVP Status(March 2002)
Continued record growth in the number of cryptographic modules validated
Over 200 Validations representing nearly 250 modules
All four security levels of FIPS 140-1 represented on the Validated Modules List
Over forty participating vendors
![Page 11: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/11.jpg)
0
20
40
60
80
100
120
1995 1997 1999 2001
ProjectedLevel 4Level 3Level 2Level 1
FIPS 140-1 and FIPS 140-2 Validations by Year and Level
(January 15, 2002)
![Page 12: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/12.jpg)
Certificate 150May 23, 2001
Certificate 200 December 18, 2001
2001 Validation Milestones
• FIPS 140-2 Signed 05/25/01
• FIPS 140-2 DTR Available 11/15/01
• FIPS 140-2 Validations Accepted
![Page 13: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/13.jpg)
Validated Modules By Type
Accelerators
Co-Processors
Routers/VPNs
Kernels/Toolkits
PDAsPostal
Faxes
Link/FrameEncryptorsRadios/Phones
PC/Smart/Tokens
![Page 14: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/14.jpg)
3/26/02 14
Pre-validation Status ListPre-validation phases
Implementation Under Test (IUT)The crypto module and documentation are resident at the CMT labThe vendor has a viable contract with the CMT lab
Validation Review PendingTesting documentation submitted to NIST and CSE
Validation ReviewComments developed by NIST and CSECombined comments sent to CMT lab
![Page 15: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/15.jpg)
3/26/02 15
Pre-validation Status List (concluded)
Pre-validation phasesValidation Coordination (process may be iterative)
Testing documents revised Additional documentation (if required)Additional testing performed (if required)Resubmission to NIST and CSE
Validation FinalizationFinal resolution of validation review commentsCertificate number assignedCertificate printing and signature process initiated
![Page 16: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/16.jpg)
FIPS 140-2 - Testing Begins
FIPS 140-2 Testing officially began November 15, 2001FIPS 140-1 Testing ends May 25, 2002Testing laboratories may submit FIPS 140-1 validation test reports until May 25, 2002After May 25, 2002 all validations and revalidations must be done against FIPS 140-2
![Page 17: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/17.jpg)
FIPS 140-2 - Testing Begins …
Agencies may continue to purchase, retain and use FIPS 140-1 validated products after May 25, 2002
NIST has provided common algorithmic testing tool to Accredited Laboratories:
Includes DES, Triple-DES and AESDSA and SHA-1 - to be integrated ECDSA available as separate tool – to be integrated RSA, SHA-{256,384,512}, DH, MQV - future
![Page 18: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/18.jpg)
3/26/02 18
CMVP Status(continued)
End of FIPS 140-1 testing and beginning of FIPS 140-2 testing and validations with new implementations of FIPS 197 (AES) expected to cause unparalleled growth
Increasing international recognition of the CMVP and FIPS 140-2
![Page 19: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/19.jpg)
3/26/02 19
CMVP Status(concluded)
CMVP web-siteJanuary 2002 through March 2002
Approximately 80,000 hits per month
November 2001Over 125,000 hits
![Page 20: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/20.jpg)
… Making a Difference
164 Cryptographic Modules Surveyed (during testing)
80 (48.8%) Security Flaws discovered158 (96.3%) FIPS Interpretation and Documentation Errors
332 Algorithm Validations (during testing) (DES, Triple-DES, DSA and SHA-1)
88 (26.5%) Security Flaws216 (65.1%) FIPS Interpretation and Documentation Errors
Areas of Greatest Difficulty Physical SecuritySelf TestsRandom Number GenerationKey Management
![Page 21: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/21.jpg)
Program Efficiency:107 Modules Validated in calendar year
2001 by 2.5 FTE
42.8 modules per FTE
… Making a Difference
![Page 22: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/22.jpg)
Computer Security Division Restructuring for Testing
Security Technology Group(CMVP)
Network Security Group(NIAP)
Computer Security Division
Security Technology
Group
NetworkSecurityGroup
SecurityTesting &Metrics*
SecurityGuidance
Computer Security Division
![Page 23: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/23.jpg)
3/26/02 23
Crypto Modules to ProductsVery difficult for User’s to correlate list of crypto modules to vendor productsIdeas?
Vendor Web LinkProduct List by typeDifferent Vendor contact?
![Page 24: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/24.jpg)
AlcatelAlgorithmic Research, Ltd.Ascom Hasler Mailing SystemsAttachmate Corp.Avaya, Inc.Baltimore Technologies (UK)
Ltd.Blue Ridge NetworksCerticom Corp.Chrysalis-ITS Inc.Cisco Systems, Inc.Cryptek Security
Communications, LLCCTAM, Inc.Cylink CorporationDallas Semiconductor, Inc.Datakey, Inc.Ensuredmail, Inc.Entrust Technologies LimitedEracom Technologies Group,
Eracom Technologies Australia, Pty. Ltd.
F-Secure CorporationFortress Technologies Francotyp-PostaliaGTE InternetworkingIBMIntel Network Systems, Inc.IRE, Inc.Kasten Chase Applied ResearchL-3 Communication SystemsLitronic, Inc.M/A Com Wireless SystemsMicrosoft Corporation.Motorola, Inc.Mykotronx. IncNational Semiconductor Corp.nCipher Corporation Ltd.NeopostNeopost IndustrieNeopost Ltd.Neopost Online Netscape Communications Corp.
NetScreen Technologies, Inc.Network Associates, Inc.Nortel NetworksNovell, Inc.Oracle CorporationPitney Bowes, Inc.PrivyLink Pte LtdPSI Systems, Inc.Rainbow TechnologiesRedCreek CommunicationsResearch In MotionRSA Data Security, Inc.SchlumbergerSemaSpyrus, Inc.Stamps.comTechnical Communications Corp.Thales e-SecurityTimeStep CorporationTranscrypt InternationalTumbleweed Communications Corp.V-ONE Corporation, Inc.
Participating Vendors(March 2002)
![Page 25: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/25.jpg)
FIPS 140-1 Product Display
![Page 26: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/26.jpg)
Annabelle Lee - [email protected] Easter - [email protected] Hastings - [email protected] Snouffer - [email protected]
![Page 27: CMVP Status and FIPS 140-1&2 - NIST · AES Skipjack SHA-1 SHA-256 SHA-384 SHA-512 DES MAC ... Progress Existing Standard Test Development in Progress ... 2001 by 2.5 FTE](https://reader030.vdocument.in/reader030/viewer/2022021716/5b2b33f87f8b9a34518b4f4e/html5/thumbnails/27.jpg)
FIPS 140-1 and FIPS 140-2Derived Test Requirements (DTR)Annexes to FIPS 140-2Implementation GuidancePoints of ContactLaboratory InformationValidated Modules ListSpecial Publication 800-23
http://www.nist.gov/cmvp