CAVP protocol testing - what does it really consist of ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I my experience of getting CAVP certification on my own (non openssl)
designs it is like this:

1) Pay few ten thousands of dollars to a certification company.
2) They send you a questionnaire about the algorithms you have in the
implementation.
3) You fill that in and return it to them with design documentation
4) Questions and answers go back and forth.
5) They send you test vectors to try out
6) At some point either you visit them or they visit you and they exercise
the system against some vectors to make sure you aren't cheating.
7) They submit paperwork to NIST
8) You await your listing on the NIST website.

The difficult bit is the vector generation software. Specs like SP800-90
have many degrees of freedom. The vector generating software doesn't have
nearly the degrees of freedom that the spec has, so there is reasonable
certainty that you can't reproduce the vectors they provide because your
implementation doesn't do things in the same order as the vector generator
software supplied by NIST.

This is when you get into deep discussions with the test house and send of
interpretations to NIST to try and get it resolved.

Bad specs, bad vectors = bad certification experience.



>> From: "Steve Marquess" <marquess at openssl.com>
>> Date: 10/21/15 14:18
>> See Appendix B of the OpenSSL FIPS User Guide:
>
>>  ??https://openssl.org/docs/fips/UserGuide-2.0.pdf
>
> Thanks.
>
>> The specific algorithm tests have changed quite a bit since then
>> (constant change is part of the fun), but the general concept is the
>> same. The algorithm testing is the easiest part of FIPS 140-2
>> validations.
>
> What would you consider being the difficult parts ?
>
>> Note the CAVP only tests specific cryptographic algorithms, not
>> cryptographic protocol suites like SSH (secsh). OpenSSH itself is just
>> application code from the perspective of FIPS 140-2 and thus out of
>> scope ...
>
>
> It has to do with NDcPP 1.0 I think. ??Key agreement schemes and key
> derivation functions??
> for several security-related communications protocols (SNMP, TLS, SSH,
> etc.)??
> must now be tested as part of the algorithm test process. ??
>
>
>
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux