Tested Configurations for OpenSSL 3.0
The OpenSSL Project’s FIPS 140-2 validation report for the OpenSSL FIPS Provider was submitted to the CMVP on September 17, 2021. The OpenSSL FIPS Provider cryptographic module is part of …
2020 FIPS 140-2 Cert. Stats
In 2020, Acumen Security produced the most FIPS 140-2 certificates. UL and atsec are 2nd and 3rd respectively. The number of FIPS 140-2 certificates issued each year continues to decline …
FIPS 186-2 Transition
If your FIPS 140-2 module includes any FIPS 186-2 algorithms (other than signature verification), then you may be one of the 100+ modules bumped to the CMVP’s historical list (aka …
FIPS 140-3 timeline
FIPS 140-3 is now published on the Federal Register. The important dates of interest with additional details follow: FIPS 140-3 is effective September 22, 2019. This is likely the earliest …
CMVP queue post shutdown
After the US government shutdown at the end of 2018 / beginning of 2019, the CMVP queue of FIPS 140-2 reports is in better shape than it was after the …
FIPS 140-2 Cert. Report for 2018
We’ve done the work consolidating the data into graphs to show the FIPS 140-2 program performance for 2018. Also included in the report are five-year trending graphs. FIPS Cert Stats …
CVE Got Your FIPS Module?
Q: I need to apply a fix to my FIPS 140-2 module to address a CVE. What process do I follow to maintain my FIPS 140-2 certificate? The Implementation Guidance for …
OpenSSL FIPS Module w/new Tested Configurations
KeyPair Consulting achieved FIPS 140-2 Cert. #3220 (which is a rebrand of the OpenSSL FIPS Object Module 2.0 SE Cert. #2398) with the addition of these new Tested Configurations: Android …
You Have Your FIPS Certificate. Now What?
Many years ago, I purchased my first new vehicle, a Dodge Ram Club Cab named “Big Red.” That truck allowed me to pack in students from my youth group, help …
How to Include Additional Operating Environments in Your Security Policy
Let’s assume that you have met the porting requirements for listing additional operating environments in your FIPS 140-2 Security Policy. (As a reminder, those requirements are detailed in the FIPS 140-2 …