What is FIPS? (In-Depth Overview)

Doing FIPS responsibly since 2014!
The wolfCrypt module now holds the world’s first SP800-140Br1 FIPS 140-3 Validated Certificate #4718.

INTRO (wolfSSL FIPS service(s)):

(skip to next paragraph for “What is FIPS”)

FIPS is rightly viewed as a complex process with a steep entry learning curve. Lucky for customers of wolfSSL Inc. our management and engineering team have taken the time to learn the documentation surrounding the topic and developed all the tooling necessary to complete FIPS validation testing of the wolfCrypt cryptographic module in coordination with an NVLAP accredited FIPS lab. In order to FIPS validate a new product or operating environment (OE), wolfSSL asks for simply a customer’s hardware, compiler/toolchain (IDE etc), and a guide such that one of our FIPS developers can sit down with nothing but a laptop and achieve compiling and running a hello-world.c application on the target product to be FIPS validated. Yes you read that right, wolfSSL does not need your proprietary application software, just a hello-world.c application to get started. The CMVP validates the cryptographic module running on the target, not the applications that are consuming that cryptographic module. The wolfSSL team will standup the wolfCrypt module on your target product using your own tooling (Compiler, Linker, Assembler) and take it through the certification process as quickly as possible leaving your dev team free to focus on preparing the end product while FIPS certification is taking place simultaneously! At the end wolfSSL staff will deliver highly detailed instructions on re-creating the exact same FIPS approved binary from the source code we deliver given all work was completed with your own tooling in keeping with ISO/IEC 19790:2012 B.2.5 as applied to open source software.

HISTORY (What is FIPS):

Since there are so many options for securing information, the U.S. and Canadian governments recognized in the 1990’s a need to standardize those algorithmic methods deemed to be the most secure and enforce use of only those algorithms in critical government systems. To “encourage” adoption of the requirements by the two governments, the organizations NIST (National Institute of Standards and Technology)¹ and the CCCS (Canadian Centre for Cyber Security)² were called upon to fulfill that mission. The two agencies were to collaboratively:

  1. Decide which algorithms were the best/strongest
  2. Evaluate: If an algorithm had multiple modes or key lengths which modes or key lengths (if any) were considered too weak and should be excluded?
  3. Determine if there were other requirements aside from just having the algorithms implemented correctly
    1. Did the algorithms NEED to be re-tested periodically? (IE as the device was powering up)
    2. Did the module need to be checked periodically to see if it had been tampered with since the factory? (IE an integrity check, etc)
  4. Finally to enforce/encourage adoption of these standards by federal agencies belonging to either government. (Eventually expanded to include medical and some private entities as well)

These standards were called the “Federal Information Processing Standards” or FIPS. These standards were documented in a series of “Special Publications” (SP’s).

 Out of a need to document which cryptographic modules and vendors were abiding by the standards set forth, a “certification” program was decided as the best approach. Vendors who made cryptographic modules could submit for and be awarded a certificate if their module was found to be compliant with all standards applicable to that module. The certificates would be hosted on the U.S. based NIST website so that federal agencies (or the public) could “browse” the available FIPS certified modules.

 It was a big job for the two agencies to handle alone, so in 1995 NIST and CCCS established two organizations called the “CMVP” (Cryptographic Module Validation Program)³ and CAVP (Cryptographic Algorithm Validation Program)4 to handle testing Cryptographic modules for compliance with the standards. These two organizations would also handle issuing the certificates for vendors and products that passed algorithm testing and were found to meet all applicable standards outlined in the SP’s.

 The CAVP issues algorithm certificates (which are a prerequisite to submitting a module for FIPS certification to the CMVP). The CMVP issues FIPS certificates for “tested configurations” or “operating environments” found to pass the CAVP testing and be in compliance with the standards. Both certificate types (CAVP algo certs and CMVP FIPS certs) are hosted on the NIST website. The certificates are public domain and can be searched by anyone.

 Once established, the CMVP and CAVP needed to establish a way to “test” the modules. To that end they called upon the NVLAP (National Voluntary Laboratory Accreditation Program)5 to accredit “third-party” testing laboratories that would serve as an intermediary between the vendors seeking FIPS certification and the CAVP/CMVP bodies.

 A last step in the history of FIPS was adoption of software modules. Originally when the standards were written, only dedicated hardware could perform the heavy lifting necessary for cryptographic mathematical operations so the standards were designed with ONLY hardware modules in mind. Doing cryptography in software at the time was impractical and therefore not considered in the original standards. As general purpose CPUs advanced, eventually it became feasible to implement algorithms in software and have those expensive math operations executed by a general purpose CPU in a reasonable amount of time. Once this reality arrived the standards were “adapted” to allow for both hardware and software modules. To this day there are “some scenarios” in the standards that only seem to make sense for hardware (See our blog post on vendor affirmation and how some software vendors are exploiting a loophole in the standards that was intended for hardware). NIST, the CMVP and CAVP have done a lot of work in the past few years bringing about the latest 140-3 standards. wolfSSL Inc. is thrilled to be the world’s first SP800-140Br1 FIPS 140-3 Validated, Certificate #4718, and one of the first software modules with a commercial FIPS 140-3 offering!

The Process (validating a module):

 Today a hardware or software vendor will work in coordination with an NVLAP accredited lab to complete algorithm testing and receive algorithms certificates.

(Milestone 1 of a FIPS certification effort)

 Once the vendor receives the prerequisite CAVP certificates they will perform operational testing with the same NVLAP accredited lab. Once all testing evidence has been captured and everything reviewed and approved by the NVLAP quality assurance department, the lab is ready to submit everything to the CMVP.

(Milestone 2 of a FIPS certification effort)

 The CMVP will coordinate with the vendor via the NVLAP accredited lab and once all requirements have been satisfied the CMVP will either issue a new FIPS certificate or update an existing certificate if the vendor is adding an operating environment to an existing certificate.

(Milestone 3 of a FIPS certification effort)

Submission Scenario(s) supported by wolfSSL Inc:

  • New cert (draw a new module boundary around specific algorithms and certify from scratch resulting in a new certificate)
  • OE addition (Add an OE to an existing certificate)
  • Revalidation (redraw the module boundary of an existing validated module to include new or remove existing algorithms from the boundary description)
  • Vendor Affirmation – wolfSSL is a software module vendor. As a responsible FIPS vendor wolfSSL feels that software vendors are generally incapable of determining how a change to the CPU or OS will affect the cryptography (especially if the CPU or OS changes completely). As such wolfSSL Inc does not currently offer Vendor Affirmation as a path to FIPS. Special circumstances MAY exist but would need to be evaluated on a case-by-case basis.

Timeline estimates for the various scenarios change over time. If you would like an up-to-date estimate for a given submission scenario please contact support@wolfssl.com for the latest.

Summary:

  • wolfSSL Inc can make the process of certifying your product painless and hands-free once we have the product and basic instructions for getting a hello-world app up and running on the target!
  • FIPS is a set of standards, detailed in Special Publications, that need to be met in order to be awarded a FIPS validation/certification published on the NIST website. A FIPS certificate, with the product listed in the certificate, is required to sell product(s) to medical, federal or military agencies and often required by some private sector entities as well.
  • The process can take time so please plan accordingly!

If you have any other questions about FIPS or the process or wolfSSL Inc please contact either fips@wolfSSL.com or support@wolfSSL.com anytime. We offer free pre-sales customer support, we have FIPS evaluation options and our staff are knowledgeable and eager to help!

¹ The National Institute of Standards and Technology (NIST) was founded in 1901 and is now part of the U.S. Department of Commerce. NIST is one of the nation’s oldest physical science laboratories. To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. – https://www.nist.gov/about-nist

² The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure owners and operations, the private sector and the Canadian public. – https://www.cyber.gc.ca/en/about-cyber-centre

³ The Cryptographic Module Validation Program (CMVP) is a joint effort between the National Institute of Standards and Technology under the Department of Commerce and the Canadian Centre for Cyber Security, a branch of the Communications Security Establishment. The goal of the CMVP is to promote the use of validated cryptographic modules and provide Federal agencies with a security metric to use in procuring equipment containing validated cryptographic modules. – https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program

4 The CAVP was established in July 1995 by NIST and the Government of Canada’s CCCS. CSD’s Security Testing, Validation, and Measurement Group (STVMG) manages the validation testing of cryptographic modules and their underlying cryptographic algorithms through the CAVP and CMVP. – https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program

5 The National Voluntary Laboratory Accreditation Program (NVLAP) provides third-party accreditation to testing and calibration laboratories in response to legislative actions or requests from government agencies or private-sector organizations. NVLAP-accredited laboratories are assessed against the management and technical requirements published in the International Standard, ISO/IEC 17025:2017. – https://www.nist.gov/nvlap

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

wolfSSL Embraces RISC-V; FIPS 140-3 Certifications Now Available

wolfSSL Embraces RISC-V FIPS 140-3 Certifications Now Available

wolfSSL was a proud sponsor and exhibitor at the RISC-V Summit EU earlier this year. Thank you to all the attendees that stopped by; We enjoyed the interesting discussions regarding wolfSSL in your projects.

Some of the most common questions we heard:

Q: Is wolfSSL supported on RISC-V devices?

A: Yes! Absolutely. The wolfSSL libraries run on nearly every device, including RISC-V. For instance, recently we published a blog on the HiFive Unleashed RISC-V Benchmarks.

Q: Does wolfSSL have support for RISC-V Acceleration Extensions?

A: Yes! For example, see the GitHub wolfSSL PR #7569 that implemented the AES ECB / CBC / CTR / GCM / CCM for RISC-V 64-bit in assembly language where we saw a 50x improvement in performance.

Q: Does wolfSSL have support for IP Hardware Acceleration such as OpenTitan?

A: We are currently evaluating Open Titan and various other IP solutions. We added RISC-V hardware acceleration to the Espressif ESP32-C3 and ESP32-C6 devices earlier this year.

Q: Can RISC-V devices be FIPS 140-3 Certified?

A: Yes! Recently we announced that wolfSSL is the First in the World to offer FIPS 140–3 Automated Submission with our NIST Certificate #4718.

See our prior blogs on:

The What is FIPS (short version) blog also applies to RISC-V with regards to how your RISC-V Operating Environment (“OE”) can be certified:

  1. You send us your hardware and toolchain.
  2. We run the initial tests which ensure the cryptography module behaves according to specification given your specific hardware and operating system.
  3. The CMVP certified lab runs and verifies the tests and their documentation.
  4. The test results are submitted to CMVP for review.
  5. Your specific operating environment is added to our certificate.
  6. You are FIPS 140 compliant in 60-90 days.

For more details, see our blog What is FIPS (long version).

Are you interested in RISC-V or FIPS Certification? We want to hear about your project!
If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Why Would You Want wolfSSL’s FIPS 140-3 Certificate

As our readers know, wolfSSL is currently the leader in embedded FIPS certificates. The wolfCrypt module holds the world’s first SP800-140Br1 FIPS 140-3 Validated Certificate #4718, valid through July 10th, 2029.

There are a few significant changes coming with FIPS 140-3. Over the years with many specification updates, a few things got a little inconsistent, so these inconsistencies have been brought back in line. wolfSSL is prepared to deliver the first and best implementation of FIPS 140-3, so get ready.

As FIPS 140-3 is the replacement for FIPS 140-2 it is always a good idea to switch over to it as soon as possible. You will also want wolfSSL’s FIPS 140-3 Certificate for many additional reasons that include:

  • Merging the FIPS + ISO Standard
  • CAST Testing Streamlined – just testing the algos they are actually using.
  • Addition of TLS KDF in FIPS Boundary
  • Addition of SSH KDF in FIPS Boundary
  • Addition of RSA 4096
  • Addition of ECDSA + SHA-3
  • Removal of insecure algorithms: example Triple DES

Check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

ACVP and FIPS 140-3

As many in the FIPS world are aware NIST retired CAVP (Cryptographic Algorithm Validation Protocol) testing on June 30th of 2020, permanently replacing CAVP with ACVP (Automated Cryptographic Validation Protocol), also referred to as ACVTS (Automated Cryptographic Validation Test System).

In order to prepare for this transition NIST offered a “demo server” that Vendors like wolfSSL and FIPS Labs could utilize in standup of the new protocol. Once the transition was completed NIST also setup “production servers” which only FIPS Labs with a trusted certificate issued by NIST can connect to; Production Vectors passing are now the gateway to Algorithm Certification (IE certs like the ones wolfSSL just received!).

Algorithm Certification is a prerequisite to CMVP FIPS 140-3 validations. This design keeps in place the need for a FIPS lab to achieve algorithm certification but it now allows for Vendors such as wolfSSL to pre-test in advance of requesting production vectors for certification! wolfCrypt holds the world’s first SP800-140Br1 FIPS 140-3 Validated Certificate #4718.

wolfSSL also supports the new ACVP, which is the successor to the two decade old CAVP system from NIST. ACVP is intended to alleviate the manual steps of the older CAVP process, creating a more efficient and effective method for cryptographic algorithm testing and validation.

More on ACVP’s

ACVP stands for (Automated Cryptographic Validation Protocol) and it is the upcoming protocol that will be used for FIPS validation. This is going to be a prerequisite certificate for the CMVP(Cryptographic Module Validation Program) and CAVP(Cryptographic Algorithm Validation Program) certificates.

ACVP makes testing cryptographic algorithms and modules more efficient than the current method and more automated. There are three main parts to ACVP – a server, a proxy, and a client.

  • The server side handles requests for test vectors and requests for validation among other requests. This side is operated by a FIPS lab or by NIST themselves.
  • A proxy with ACVP can be used to communicate to offline systems and handle transferring information from the system being tested to the server. Often an ACVP client is used instead.
  • The last part being a client, which is most relevant to users who are wanting to get their cryptography FIPS validated. An ACVP client is directly hooked up to the module to be tested and then communicates with the ACVP server to send requests for test vectors, responses of the results from running those tests, and requests for algorithm validation. There are multiple pieces required to build a ACVP client in order to complete a validation process, some of the large portions of the effort go into
    • JSON parsing / creation for communication with a ACVP server
    • HTTPS GET / POST / PUT / DELETE messages used for securely transporting information
    • 2 factor authentication with TOTP (Time-Based One-Time Password Algorithm)
    • Plugging in the test harness that runs crypto operations

Ultimately an ACVP client communicates with the server to validate cryptographic operations. This includes creating, or referencing meta data such as; vendor, OE, and module information. A simplified message flow for getting an algorithm validated is as follows:

FIPS 140-3 and the TLS KDF

There has been a little turmoil between the CAVP and the FIPS community regarding the TLS KDF. The CAVP deprecated testing of the kdf-component-tls-1.0 at the beginning of the year. The community wasn’t ready and it was temporarily un-deprecated. wolfSSL and our wolfCrypt cryptography library are ready for the transition to the RFC7627 TLS KDF.

The kdf-component-tls-1.0 KDF is the standard TLSv1.2 KDF described in RFC5246. The preferred algorithm is the KDF described in RFC7627, also known as Extended Master Secret. This uses the TLSv1.2 KDF and replaces the client and master random values with hashes of the handshake messages up to the key exchange. This cryptographically ties the TLS master secret to the handshake. wolfSSL has enabled Extended Master Secret as a default since 2016.

If you want an up to date cryptography library and TLS stack that is ready for FIPS 140-3, contact us at fips@wolfssl.com or +1 425 245 8247 for more information.

Download wolfSSL Now

FIPS 140-3 and SHA-1 Retirement

In December 2022, NIST announced that the venerable SHA-1 algorithm, introduced in 1995, is at end-of-life. While wolfSSL does not use or recommend SHA-1 for new designs, we implement and support it in our products. With the NIST announcement, that will soon change for new FIPS 140 submissions, as we too will retire SHA-1.

The wolfCrypt module holds the world’s first SP800-140Br1 FIPS 140-3 validated certificate #4718 includes SHA-1. Thus, customers with an existing requirement for SHA-1 will be able to satisfy that requirement with wolfCrypt FIPS 140-3.

However, and regardless of FIPS status, customers still using SHA-1 in security-critical roles — signatures, authentications, HMAC, KDFs, etc. — should refactor the implicated systems to use a modern hash algorithm such as SHA-2 or SHA-3. wolfSSL stands ready to help our customers select and implement an appropriate migration path.

All FIPS 140 modules submitted on or after December 31 2025 will exclude SHA-1, to avoid early certificate sunset under the timeline announced by NIST.

In preparation for this transition, wolfSSL has already prepared its FIPS 140-3 codebase to build, run, and pass full ACVP testing, with SHA-1 gated out. We are also routinely testing our mainline and FIPS codebases to assure correct function with SHA-1 disabled.

For more information on the announcement from NIST, check here.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

wolfSSL secures the world’s first SP800-140Br1 compliant FIPS 140-3 Validation Certificate

FIPS 140-3

In case you missed the news, wolfSSL Inc., a globally renowned leader in cryptography and network security solutions, is thrilled to announce the world’s first SP800 140Br1 compliant FIPS 140-3 Validation Certificate #4718 for wolfSSL’s wolfCrypt module.

EDMONDS, Wash., July 16, 2024 /PRNewswire-PRWeb/ — wolfSSL, INC., has partnered with AEGISOLVE, INC., on this unprecedented automated pilot program. Aegisolve is accredited by the National Voluntary Laboratory Accreditation Program (NVLAP Lab Code: 200802-0) for Cryptographic and Security Testing to assess and validate cryptographic based security systems and telecommunications infrastructure.

“As we move forward, wolfSSL remains focused on enhancing our technologies and expanding our capabilities. We are dedicated to continuous innovation in security. The advancements in our FIPS 140-3 module highlight our commitment to delivering state-of-the-art cryptographic solutions that meet the rigorous demands of today’s cybersecurity landscape.” Stated wolfSSL’s CTO, Todd Ouska. “Our collaboration with AEGISOLVE is just the beginning of a new era in cryptographic security, paving the way for future innovations and industry standards.”

“As a first of its kind, this is a tremendous achievement and a huge step forward for the next generation of FIPS 140-3 Validated Cryptographic Modules.” Reported Travis Spann, Founder and President of AEGISOLVE (NVLAP Lab Code: 200802-0). “AEGISOLVE is proud to have collaborated with the high-caliber wolfSSL team in the NIST SP800-140Br1 Pilot Project to achieve this groundbreaking milestone and we are eager to assist others to achieve the same goal.”

FIPS 140-3 validation testing is a rigorous and extensive process including detailed source code reviews, design reviews, documentation reviews, finite state machine verifications, CVE threat analysis, error injection, port sniffing, configuration management verifications, operational testing and test evidence auditing to the applicable requirements of the FIPS 140-3 Derived Test Requirements and FIPS 140-3 Implementation Guidance.

The National Institute of Standards and Technology (NIST) under the Cryptographic Module Validation Program (CMVP) issues the 140 Publication Series to coordinate the requirements and standards for cryptographic modules for use by departments and agencies of the United States federal government.

Highlights: Under wolfCrypt FIPS 140-2, power on times in standard and embedded targets could be slower due to power on self test requirements of the module. With the wolfCrypt FIPS 140-3 module self-tests are now only required the first time an algorithm is used or when the application decides is an ideal time to run the test during a slower event cycle and ahead of first algorithm use. This means much faster boot times and optimal power and resource consumption with careful planning!**

Differences between wolfCrypt FIPS 140-2 and wolfCrypt FIPS 140-3:
– 3DES removed from the module, 3DES no longer available
+ CAST (conditional algo self tests)
+ KDF-TLS, TLS v1.2 KDF and TLSv1.3 KDF
+ SSH KDF
+ AES-OFB mode
+ RSA 3072, 4096 and PSS
+ New Degraded mode of operation, which means that in the event of a CAST failure other algorithm services will remain available.

* FIPS 140-3: Federal Information Processing Standard Publication 140-3. For more about what FIPS is please checkout these blogs:

** For information on transitioning from 140-2 to 140-3 please checkout our blog: What is the difference between FIPS 140-2 and FIPS 140-3?

If you have questions about any of the above, please contact us at fips@wolfssl.com or +1 425 245 8247.

Download wolfSSL Now

Everything You Need To Know About FIPS 140-3

wolfSSL is currently the leader in embedded FIPS certificates. With current FIPS 140-3 validated certificate #4718 for the wolfCrypt Cryptographic Module, wolfSSL is thrilled to hold the world’s first SP800-140Br1-compliant FIPS 140-3 Validation Certificate. Join the wolfSSL team as we cover all things FIPS 140-3. We will cover the current transition to FIPS 140-3, its importance for cybersecurity, as well as how wolfSSL is implementing it in our products.

Watch the video: Everything You Need to Know about FIPS 140-3

FIPS 140-3 is the third revision of the Federal Information Processing Standard (FIPS) for cryptographic modules. The new revision of the standard includes an increased focus on algorithm agility, updated requirements for testing and validation, including changes to the testing methodology. wolfSSL is at the forefront of this important transition, and is working to ensure that its products continue to meet the highest standards of security and compliance.

FIPS 140-3 establishes the security requirements for cryptographic modules used by the U.S. government, as well as other organizations in the public and private sectors. By complying with the FIPS 140-3 standard, organizations can have greater confidence in the security of their cryptographic solutions, which is particularly important in today’s world where data breaches and cyber attacks are becoming more frequent and sophisticated.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

What is FIPS (short version)

Doing FIPS responsibly since 2014!

FIPS is a set of standards, detailed in Special Publications, that need to be met to be awarded a FIPS validation/certification published on the NIST website.

A FIPS certificate, with the product listed in the certificate, is required to sell product(s) to medical, federal, or military agencies and is often required by some private sector entities as well.

The typical FIPS certification process is as follows:

  1. You send us your hardware and toolchain
  2. We run the initial tests which ensure the cryptography module behaves according to specification given your specific hardware and OS
  3. The CMVP certified lab runs and verifies the tests and their documentation
  4. The test results are submitted to NIST for review
  5. Your specific operating environment is added to our certificate
  6. You are FIPS 140 compliant in 60-90 days

For more info please see the long version of this post.

If you have any questions about FIPS or the process of being awarded a FIPS validation/certifcation please contact us at fips@wolfssl.com, support@wolfssl.com or +1 425 245 8247 anytime. We offer free pre-sales customer support, we have FIPS evaluation options and our staff are knowledgeable and eager to help!

Download wolfSSL Now

What is FIPS (long version)

Doing FIPS responsibly since 2014!

INTRO (wolfSSL FIPS service(s)):

(skip to next paragraph for “What is FIPS”)

FIPS is rightly viewed as a complex process with a steep entry learning curve. Lucky for customers of wolfSSL Inc. our management and engineering team have taken the time to learn the documentation surrounding the topic and developed all the tooling necessary to complete FIPS validation testing of the wolfCrypt cryptographic module in coordination with an NVLAP accredited FIPS lab. In order to FIPS validate a new product or operating environment (OE), wolfSSL asks for simply a customer’s hardware, compiler/toolchain (IDE etc), and a guide such that one of our FIPS developers can sit down with nothing but a laptop and achieve compiling and running a hello-world.c application on the target product to be FIPS validated. Yes you read that right, wolfSSL does not need your proprietary application software, just a hello-world.c application to get started. The CMVP validates the cryptographic module running on the target, not the applications that are consuming that cryptographic module. The wolfSSL team will standup the wolfCrypt module on your target product and take it through the certification process as quickly as possible leaving your dev team free to focus on preparing the end product while FIPS certification is taking place simultaneously!

HISTORY (What is FIPS):

Since there are so many options for securing information, the U.S. and Canadian governments recognized in the 1990’s a need to standardize those algorithmic methods deemed to be the most secure and enforce use of only those algorithms in critical government systems. To “encourage” adoption of the requirements by the two governments, the organizations NIST (National Institute of Standards and Technology)¹ and the CCCS (Canadian Centre for Cyber Security)² were called upon to fulfill that mission. The two agencies were to collaboratively:

  1. Decide which algorithms were the best/strongest
  2. Evaluate: If an algorithm had multiple modes or key lengths which modes or key lengths (if any) were considered too weak and should be excluded?
  3. Determine if there were other requirements aside from just having the algorithms implemented correctly
    1. Did the algorithms NEED to be re-tested periodically? (IE as the device was powering up)
    2. Did the module need to be checked periodically to see if it had been tampered with since the factory? (IE an integrity check, etc)
  4. Finally to enforce/encourage adoption of these standards by federal agencies belonging to either government. (Eventually expanded to include medical and some private entities as well)

These standards were called the “Federal Information Processing Standards” or FIPS. These standards were documented in a series of “Special Publications” (SP’s).

Out of a need to document which cryptographic modules and vendors were abiding by the standards set forth, a “certification” program was decided as the best approach. Vendors who made cryptographic modules could submit for and be awarded a certificate if their module was found to be compliant with all standards applicable to that module. The certificates would be hosted on the U.S. based NIST website so that federal agencies (or the public) could “browse” the available FIPS certified modules.

It was a big job for the two agencies to handle alone, so in 1995 NIST and CCCS established two organizations called the “CMVP” (Cryptographic Module Validation Program)³ and CAVP (Cryptographic Algorithm Validation Program)? to handle testing Cryptographic modules for compliance with the standards. These two organizations would also handle issuing the certificates for vendors and products that passed algorithm testing and were found to meet all applicable standards outlined in the SP’s.

The CAVP issues algorithm certificates (which are a prerequisite to submitting a module for FIPS certification to the CMVP). The CMVP issues FIPS certificates for “tested configurations” or “operating environments” found to pass the CAVP testing and be in compliance with the standards. Both certificate types (CAVP algo certs and CMVP FIPS certs) are hosted on the NIST website. The certificates are public domain and can be searched by anyone.

Once established, the CMVP and CAVP needed to establish a way to “test” the modules. To that end they called upon the NVLAP (National Voluntary Laboratory Accreditation Program)? to accredit “third-party” testing laboratories that would serve as an intermediary between the vendors seeking FIPS certification and the CAVP/CMVP bodies.

A last step in the history of FIPS was adoption of software modules. Originally when the standards were written, only dedicated hardware could perform the heavy lifting necessary for cryptographic mathematical operations so the standards were designed with ONLY hardware modules in mind. Doing cryptography in software at the time was impractical and therefore not considered in the original standards. As general purpose CPUs advanced, eventually it became feasible to implement algorithms in software and have those expensive math operations executed by a general purpose CPU in a reasonable amount of time. Once this reality arrived the standards were “adapted” to allow for both hardware and software modules. To this day there are “some scenarios” in the standards that only seem to make sense for hardware (See our blog post on vendor affirmation and how some software vendors are exploiting a loophole in the standards that was intended for hardware). NIST, the CMVP and CAVP have done a lot of work in the past few years bringing about the latest 140-3 standards and wolfSSL Inc is very excited to be one of the first software modules with a commercial FIPS 140-3 offering!

The Process (validating a module):

Today a hardware or software vendor will work in coordination with an NVLAP accredited lab to complete algorithm testing and receive algorithms certificates.

(Milestone 1 of a FIPS certification effort)

Once the vendor receives the prerequisite CAVP certificates they will perform operational testing with the same NVLAP accredited lab. Once all testing evidence has been captured and everything reviewed and approved by the NVLAP quality assurance department, the lab is ready to submit everything to the CMVP.

(Milestone 2 of a FIPS certification effort)

The CMVP will coordinate with the vendor via the NVLAP accredited lab and once all requirements have been satisfied the CMVP will either issue a new FIPS certificate or update an existing certificate if the vendor is adding an operating environment to an existing certificate.

(Milestone 3 of a FIPS certification effort)

Submission Scenario(s) supported by wolfSSL Inc:

  • New cert (draw a new module boundary around specific algorithms and certify from scratch resulting in a new certificate)
  • OE addition (Add an OE to an existing certificate)
  • Revalidation (redraw the module boundary of an existing validated module to include new or remove existing algorithms from the boundary description)
  • Vendor Affirmation – wolfSSL is a software module vendor. As a responsible FIPS vendor wolfSSL feels that software vendors are generally incapable of determining how a change to the CPU or OS will affect the cryptography (especially if the CPU or OS changes completely). As such wolfSSL Inc does not currently offer Vendor Affirmation as a path to FIPS. Special circumstances MAY exist but would need to be evaluated on a case-by-case basis.

Timeline estimates for the various scenarios change over time. If you would like an up-to-date estimate for a given submission scenario please contact support@wolfssl.com for the latest.

Summary:

  • wolfSSL Inc can make the process of certifying your product painless and hands-free once we have the product and basic instructions for getting a hello-world app up and running on the target!
  • FIPS is a set of standards, detailed in Special Publications, that need to be met in order to be awarded a FIPS validation/certification published on the NIST website. A FIPS certificate, with the product listed in the certificate, is required to sell product(s) to medical, federal or military agencies and often required by some private sector entities as well.
  • The process can take time so please plan accordingly!

If you have any other questions about FIPS or the process or wolfSSL Inc please contact either fips@wolfssl.com or support@wolfssl.com anytime. We offer free pre-sales customer support, we have FIPS evaluation options and our staff are knowledgeable and eager to help!

¹ The National Institute of Standards and Technology (NIST) was founded in 1901 and is now part of the U.S. Department of Commerce. NIST is one of the nation’s oldest physical science laboratories. To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. – https://www.nist.gov/about-nist

² The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure owners and operations, the private sector and the Canadian public. – https://www.cyber.gc.ca/en/about-cyber-centre

³ The Cryptographic Module Validation Program (CMVP) is a joint effort between the National Institute of Standards and Technology under the Department of Commerce and the Canadian Centre for Cyber Security, a branch of the Communications Security Establishment. The goal of the CMVP is to promote the use of validated cryptographic modules and provide Federal agencies with a security metric to use in procuring equipment containing validated cryptographic modules. – https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program

? The CAVP was established in July 1995 by NIST and the Government of Canada’s CCCS. CSD’s Security Testing, Validation, and Measurement Group (STVMG) manages the validation testing of cryptographic modules and their underlying cryptographic algorithms through the CAVP and CMVP. – https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program

? The National Voluntary Laboratory Accreditation Program (NVLAP) provides third-party accreditation to testing and calibration laboratories in response to legislative actions or requests from government agencies or private-sector organizations. NVLAP-accredited laboratories are assessed against the management and technical requirements published in the International Standard, ISO/IEC 17025:2017. – https://www.nist.gov/nvlap

If you have questions about any of the above, please contact us at facts@wolfssl.com or +1 425 245 8247.

Download wolfSSL Now

Posts navigation

1 2 3