CMVP queue post shutdown
After the US government shutdown at the end of 2018 / beginning of 2019, the CMVP queue of FIPS 140-2 reports is in better shape than it was after the …
News
FIPS 140-2 Cert. Report for 2018
We’ve done the work consolidating the data into graphs to show the FIPS 140-2 program performance for 2018. Also included in the report are five-year trending graphs. FIPS Cert Stats …
CVE Got Your FIPS Module?
Q: I need to apply a fix to my FIPS 140-2 module to address a CVE. What process do I follow to maintain my FIPS 140-2 certificate? The Implementation Guidance for …
OpenSSL FIPS Module w/new Tested Configurations
KeyPair Consulting achieved FIPS 140-2 Cert. #3220 (which is a rebrand of the OpenSSL FIPS Object Module 2.0 SE Cert. #2398) with the addition of these new Tested Configurations: Android …
You Have Your FIPS Certificate. Now What?
Many years ago, I purchased my first new vehicle, a Dodge Ram Club Cab named “Big Red.” That truck allowed me to pack in students from my youth group, help …
What’s in a Logo?
When you start your own company, everything is exciting… especially the process of creating your identity. Here are some fun facts about the logo we selected for KeyPair Consulting: Since …
“FIPS 140-2 Inside” Paper
Sure, you are wise to include a previously validated FIPS 140-2 cryptographic module in your product, but are you adding value for your customers or causing procurement delays? In our …
How to Include Additional Operating Environments in Your Security Policy
Let’s assume that you have met the porting requirements for listing additional operating environments in your FIPS 140-2 Security Policy. (As a reminder, those requirements are detailed in the FIPS 140-2 …
Maintaining a FIPS 140-2 Certificate
I often receive questions about maintaining a FIPS 140-2 certificate after changes are made to the module. Here is some information from the trenches for those not familiar with the …
Accelerate Your FIPS 140-2 Validation
Rarely updated and often overlooked, the FIPS document Frequently Asked Questions for the Cryptographic Module Validation Program deserves a spot in your FIPS library. Any technology vendor starting a FIPS 140-2 project needs …