Lightship has released, as open source, an ACVP vector test harness for OpenSSL 3.x. The code can be found in our GitHub repository at https://github.com/lightshipsec/ls-acvp-harness. The README.md contains the current capabilities which we expect to update and maintain. At the …
Five Steps to Algorithm (CAVP) Validations at Lightship
Algorithm validation testing is a critical path issue for FIPS 140-3 validations and for NIAP Protection Profile-based Common Criteria evaluations. Equipment vendors are often surprised at the level of effort and the potential challenges in successfully completing the algorithm testing …
Funding for NIST CAVP Vendor Software Platform
As part of our continued push to modernize the product security certification industry, Lightship Security is pleased to announce that it is receiving advisory services and conditional research and development funding from the National Research Council of Canada Industrial Research …
The Role of Cryptographic Algorithm Validations in Common Criteria (CAVP FAQ)
[Updated July 6, 2021 – NIAP requires exact match CPU specs in CAVP certificates] Most CC evaluations performed in North America include cryptographic security claims called out in the target Protection Profile (PP) that is being used. Those requirements are …
FIPS 140-2/3 News
Updates – October, 2020 FIPS 140-3 is Here! In this latest installment of our FIPS blog, we will cover key transition dates, available training and the list of documentation inputs needed for a FIPS 140-3 validation.
Comparing CAVP and ACVP – Test Harness Implications
ACVP Test Harness Considerations
Automated Algorithm Testing Tutorial
Automated Algorithm Testing
OpenSSL and ACVP Parsing
OpenSSL is used in some part by an overwhelmingly large percentage of the enterprise vendor community. Those vendors which need to go through FIPS 140-2 or Common Criteria may find themselves needing to perform algorithm testing and may be presented …