FIPS PUB 140-2
Validation of crypto modules and algorithms
The test laboratory of TÜViT is the only one in Germany that is approved by NIST/NVLAP (USA) for validation testing according to FIPS PUB 140-2 (NVLAP Lab Code: 200636-0). Companies can have their implementation tested and certified according to the de facto standard for crypto modules.
Both crypto modules (Cryptographic Module Validation Programme (CMVP)) and implemented crypto algorithms (Cryptographic Algorithm Validation Programme (CAVP)) can be certified. To meet the various requirements, companies choose between four security levels. With the certification, companies satisfy the explicit requirements of their customers, such as those from American or Canadian authorities. Furthermore, the certificate is an important marketing instrument.
Our services in detail
- Validation in accordance with FIPS PUB 140-2 – Security Requirements for Cryptographic Modules
- Validation of crypto algorithms approved by NIST
- Consultancy regarding FIPS 140-2 requirements and their fulfilment
- Support in preparing your existing module documentation to make it FIPS 140-2 compliant
- Consultation on crypto-module design and/or creating new documentation (this point excludes the validation of the corresponding crypto-module by TÜViT)
Our procedure:
- Introductory workshop for explaining the requirements and their fulfilment by means of the crypto module (optional)
- Validation of the relevant algorithm implementations (as part of a module test or separately)
- Validation of the crypto module and its documentation
