-
Commercial Assurance of Cryptography in North America
Cryptographic Algorithm Validations The Cryptographic Algorithm Validation Program (CAVP) is an organization that is managed solely by the National Institute of Standards and Technology (NIST). Information about the CAVP scheme, including the official validation lists, can be found at NIST’s web page for the CAVP. The CAVP certifies…
-
The Third International Cryptographic Module Conference Has Begun
The 2015 International Cryptographic Module Conference (ICMC) started yesterday with a day of pre-conference workshops on FIPS 140 Projects, Breaking into Embedded Devices, and Addressing Unique Security Challenges through Standardization. The main conference was opened today by Yi Mao, Ph.D., CST Lab Manager of atsec, followed by keynote…
-
The Second International Cryptographic Module Conference
The 2014 ICMC started with a day of workshops on FIPS 140-2 and ISO/IEC 19790, followed today by keynote speakers Helmut Kurth (atsec information security) and Mary Ann Davidson (Oracle). Almost 200 attendees from around the world came to this year’s conference to discuss topics ranging from high-level…
-
A Summary of the First ICMC
The first ICMC is over.It was a wonderful event and thanks are due to all of the 171 participants for making it so. Participant Quote: “This conference is Win Win Win!”These attendees represented developers, governments, laboratories, consultants, and academics from the cryptographic module community. It turned out to…
-
The Top 3 Mistakes When Starting a FIPS 140-2 Project
1. Starting without the standard in mindProbably the biggest problem causing issue in a FIPS 140-2 validation project is when the developer decides to ‘back into’ the standard after the fact. Trying to validate a product that was developed without being mapped to the standard is more difficult…