Panel: Bringing Crypto Compliance and Validation Testing Objectives Together for FIPS 140-3 (C30b)
The Cryptographic Module Validation Program (CMVP) was established on July 17, 1995, by the National Institute of Standards and Technology (NIST) to validate cryptographic modules conforming to the Federal Information Processing Standards (FIPS) 140-1, Security Requirements for Cryptographic Modules, and other FIPS cryptography-based standards. This is a joint program with the Government of Canada. Currently, FIPS 140-3 was adopted and supersedes FIPS 140-2 and FIPS 140-1. The structure and the rules under the CMVP reflect the level of the technology utilized by the US Federal Government since its inception. As technology has advanced however, the crypto module testing process no longer satisfies current industry and government operational needs. Testing time is long, well beyond product development cycles across a wide range of technologies. Many vendors of products that provide cryptographic capabilities cannot keep up with the security of their crypto implementations while maintaining compliance to government standards. Similarly, government agencies and regulated industry using these products are unable to maintain high-security posture while stay compliant with regulatory requirements.
We also live in times of unprecedented levels of threats and exploits that require deploying the latest technology and frequent product updates to fix defects and remove security vulnerabilities, which doesn’t fit in the current model.
The moderator will introduce the panelists and open with a brief history of government validations and the ongoing effort at the National Cybersecurity Center of Excellence (NCCoE) to modernize the program based on transitioning to standardized evidence submission through a corresponding schema and protocol to a validation server that can process it automatically. There are four different workstreams: infrastructure development, TE classification and schema development, protocol development, project planning. Each workstream will be represented by a panelist. The moderator will have a prepared list of questions for members of the panel to provide a different point of view. In addition, we will demonstrate a proof-of-concept implementation of the approach in a live demo session.
We will discuss the benefits a model based on machine-readable test artifacts offers to resolve the conundrum between compliance and security. The panelists will debate the differences between the historical model and a technology driven model, the assurance gains and losses associated with each model, the feasibility of the new approach from technologic and economic perspectives.