NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Cryptographic Algorithm Validation Program (CAVP)

The Computer Security Division at NIST maintains a number of cryptographic standards, and coordinates algorithm validation test suites for many of those standards. The Cryptographic Algorithm Validation Program (CAVP) encompasses validation testing for FIPS approved and NIST recommended cryptographic algorithms. Cryptographic algorithm validation is a prerequisite to the Cryptographic Module Validation Program (CMVP). The CAVP was established by NIST and the Communications Security Establishment Canada (CSEC) in July 1995. All of the tests under the CAVP are handled by third-party laboratories that are accredited as Cryptographic Module Testing (CMT) laboratories by the National Voluntary Laboratory Accreditation Program (NVLAP). Vendors interested in validation testing of their algorithm implementation may select any of the accredited laboratories. The CAVP currently has algorithm validation testing for the following cryptographic algorithms:

Symmetric Algorithm

  • FIPS 197:Advanced Encryption Standard (AES). FIPS 197 specifies the AES algorithm.
  • FIPS 46-3 and FIPS 81: Data Encryption Standard (DES) and DES Modes of Operation. FIPS 46-3 specifies the DES and Triple DES algorithms.
  • FIPS 185: Escrowed Encryption Standard (EES), which specifies the Skipjack algorithm.

Asymmetric Algorithms

Hash Algorithms

Random Number Generator Algorithms

Deterministic Random Bit Generator (DRBG) Algorithms

Message Authentication Algorithms

  • Special Publication 800-38B (May 2005): Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. CMAC can be considered a mode of operation of the block cipher because it is based on an approved symmetric key block cipher, such as the Advanced Encryption Standard (AES) algorithm currently specified in Federal Information Processing Standard (FIPS) Pub. 197. CMAC is also an approved mode of the Triple Data Encryption Algorithm (TDEA).
  • Special Publication 800-38C (May 2004): Counter with Cipher Block Chaining - Message Authentication Code (CCM). CCM is based on an approved symmetric key block cipher algorithm whose block size is 128 bits, such as the Advanced Encryption Standard (AES) algorithm currently specified in Federal Information Processing Standard (FIPS) Pub. 197 [2]; thus, CCM cannot be used with the Triple Data Encryption Algorithm [3], whose block size is 64 bits. Currently the only NIST-Approved 128 bit symmetric key algorithm is AES.
  • FIPS 198 (March 6, 2002): Keyed-Hash Message Authentication Code (HMAC). FIPS 198 specifies the HMAC algorithm.

Two other cryptographic standards (MAC; ANSI X9.17 Key Management) no longer have active validation testing. FIPS 113 remains in effect. Cryptographic module (FIPS 140-1 and FIPS 140-2) validation testing by the CMT laboratories may include testing for conformance to FIPS 113, as appropriate:

  • FIPS 113: Computer Data Authentication, which specifies the generation of a Message Authentication Code (MAC), from ANSI X9.9, and
  • FIPS 171: Key Management Using ANSI X9.17 (withdrawn February 08, 2005).
July 15, 2008