密码模块验证体系(CMVP)发布第一个FIPS140-3证书(英文文章)
2022-12-09 09:08阅读:
The CMVP published four FIPS 140-3 certificates today, marking the
first modules to go through testing and validation under the new
version of the FIPS 140 standard. FIPS 140-3 became effective on
September 22, 2019, and testing began on September 22, 2020. FIPS
140-3 has been mandatory for new modules since September 22,
2021.
The certified modules are:
Certificate #4389 - Apple corecrypto Module v11.1
[Intel, User, Software]
Certificate #4390 - Apple corecrypto Module v11.1
[Intel, Kernel, Software]
Certificate #4391 - Apple corecrypto Module v11.1
[Apple silicon, User, Software]
Certificate #4392 - Apple corecrypto Module v11.1
[Apple silicon, Kernel, Software]
We want to thank the
CMVP for their leadership and hard work
in adopting ISO/IEC 19790 and 24759 as the successor to FIPS 140-2
and, in particular, the NIST CMVP for establishing the
infrastructure to support the validation under FIPS 140-3. In this
process, atsec helped in various ways, including with the
transition from the desktop version of the Cryptik tool to the
web-based Web Cryptik. atsec also spearheaded the effort to educate
the cryptographic module community with a series of trainings in
the
Cryptographic Module User Forum as well as
presentations at the
International Cryptographic Module Conference,
e.g. Swapneela Unkule's presentation “360 View Of FIPS 140-3
Certification”, where she laid out the differences in the
submission procedures between FIPS 140-2 and FIPS 140-3.
We are happy to see the first FIPS 140-3 certificates published -
happy for atsec, for the technical community, our customers, and
the CMVP. We hope to see many more certificates in the coming
months and years.
