ESV and Me!

James RamageEntropy, FIPS 140-3

As of November 7, 2020, the Cryptographic Module Validation Program (CMVP) required that all FIPS 140-2 and FIPS 140-3 module validation submissions include documentation justifying conformance of the entropy source to NIST SP 800-90B, if the module is “either generating the entropy itself or it is making a call to request the entropy from a well-defined source”. Compliance documentation would include an Entropy Assessment Report (EAR) and statistical testing of entropy data samples using the NIST 90B Test Tool.

It is worth noting that if modules are “passively receiving the entropy while exercising no control over the amount or the quality of the obtained entropy” they do not have to show conformance to NIST SP 800-90B. However, supporting rationale will be required by the CMVP and an entropy caveat must be added to the module’s FIPS certificate.

Entropy sources conforming to NIST SP 800-90B, are currently awarded an ENT (P) or ENT (NP) listing on the module certificate, where (P) indicates a physical (hardware) and ENT (NP) indicates a non-physical (operating system) entropy source. An ENT listing is a single module certificate that has an “ENT” algorithm listing but does not actually have an associated certificate number. The listing of validated Entropy sources can be found here: https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/search?ipp=25

In March 2022 the CMVP introduced the Entropy Source Validation (ESV) program, which provides numbered certificates (e.g., #Exxxx) for entropy sources conforming to NIST SP 800-90B. To “test drive” the new ESV process and to certify a module entropy source. The Lightship Security team was the lab of record for the very first ESV certificate, ESV #E1!

ESV certificates will be available for “re-use” by vendors in the following ways:

  1. The original entropy source vendor can re-use their ESV certificate in future module validations without having to revalidate the implementation if it hasn’t changed.
  2. In addition, 3rd parties can “re-use” an ESV certificate if allowed by the entropy source vendor and with compliance to specified operating environment (OE) and conditions. A new document called a “public use document” (PUD), describes the certified entropy source and how to properly incorporate the entropy source into a device, application, or library. To leverage an existing ESV certificate, the module’s Security Policy (SP) document will provide a reference to the posting, similar to Cryptographic Algorithm Validation Program (CAVP) certificate usage.

Adding new operating environments to an ESV certificate is also allowed by performing updates to the EAR, PUD and statistical testing, as necessary. The CMVP will require a letter from an accredited Cryptographic and Security Testing (CST) lab to revise the ESV certificate to add the new OE.

Another nuance of this process is that ENT listings can be converted to ESV certificates to take advantage of entropy source re-use.  The CMVP recently introduced “a process to convert an ENT certificate into a standalone ESV certificate”. We suggest you contact the Lightship lab for more details as the conversion process must be performed by an accredited CST lab, such as Lightship Security.

In addition to the use of the ESV program in FIPS validations, what is the position of the Common Criterial (CC) schemes and governing bodies on re-use of ESV certificates? At this time, the adoption of ESV certificates in CC is still under discussion with results to be determined – stay tuned to this space  for updates!

 

Contact us to find out how we can help achieve your FIPS 140-3 and ESV goals!

James Ramage

James Ramage is a senior FIPS evaluator at Lightship. He has been doing FIPS evaluations and security certifications for 5+ years and enjoys working with customers, training team members and evaluating new technologies.