Cryptographic Algorithm Validation Program (CAVP)
The Computer Security Division at NIST maintains a number of cryptographic
standards, and coordinates algorithm validation test suites for many
of those standards. The Cryptographic Algorithm Validation Program
(CAVP) encompasses validation testing for FIPS approved and
NIST recommended cryptographic algorithms. Cryptographic algorithm validation
is a prerequisite to the Cryptographic Module Validation Program (CMVP).
The CAVP was established by NIST and the Communications Security Establishment
Canada (CSEC) in July 1995. All of the tests under the CAVP are handled
by third-party laboratories that are accredited as Cryptographic Module
Testing (CMT) laboratories by the National Voluntary Laboratory Accreditation
Program (NVLAP). Vendors interested in validation testing of their algorithm
implementation may select any of the accredited laboratories. The CAVP
currently has algorithm validation testing for the following cryptographic
algorithms:
Symmetric Algorithm
- FIPS
197:Advanced Encryption Standard (AES). FIPS 197 specifies
the AES algorithm.
- FIPS
46-3 and FIPS 81: Data Encryption Standard (DES)
and DES Modes of Operation. FIPS 46-3 specifies the DES
and Triple DES algorithms.
- FIPS
185: Escrowed Encryption Standard (EES), which specifies
the Skipjack algorithm.
Asymmetric Algorithms
Hash Algorithms
Random Number Generator Algorithms
Deterministic Random Bit Generator (DRBG) Algorithms
Message Authentication Algorithms
- Special
Publication 800-38B (May 2005): Recommendation for Block Cipher
Modes of Operation: The CMAC Mode for Authentication. CMAC can
be considered a mode of operation of the block cipher because it is
based on an approved symmetric key block cipher, such as the Advanced
Encryption Standard (AES) algorithm currently specified in Federal
Information Processing Standard (FIPS) Pub. 197. CMAC is also an approved
mode of the Triple Data Encryption Algorithm (TDEA).
- Special
Publication 800-38C (May 2004): Counter with Cipher Block
Chaining - Message Authentication Code (CCM). CCM is based on
an approved symmetric key block cipher algorithm whose block size
is 128 bits, such as the Advanced Encryption Standard (AES) algorithm
currently specified in Federal Information Processing Standard (FIPS)
Pub. 197 [2]; thus, CCM cannot be used with the Triple Data Encryption
Algorithm [3], whose block size is 64 bits. Currently the only NIST-Approved
128 bit symmetric key algorithm is AES.
- FIPS
198 (March 6, 2002): Keyed-Hash Message Authentication Code (HMAC).
FIPS 198 specifies the HMAC algorithm.
Two other cryptographic standards (MAC; ANSI X9.17 Key Management)
no longer have active validation testing. FIPS 113 remains in effect.
Cryptographic module (FIPS 140-1 and FIPS 140-2) validation testing
by the CMT laboratories may include testing for conformance to FIPS
113, as appropriate:
- FIPS 113: Computer Data Authentication,
which specifies the generation of a Message Authentication Code
(MAC), from ANSI X9.9, and
- FIPS 171: Key Management Using ANSI X9.17 (withdrawn February
08, 2005).