-
First Commercial ACVP Testing with Regular Three-party Setup Completed
The atsec Automated Cryptographic Validation Protocol (ACVP) tool set demonstrated that ACVT is fully production-ready with the completion of the ACVP test run of 3,529 test vector sets managed by 329 test sessions. The testing marks the first successful production test run of ACVT with the three-party approach…
-
Stephan Mueller publishes SP800-90B compliant Linux implementation of CPU Jitter RNG
NIST’s Special Publication 800-90B “Recommendation for the Entropy Sources Used for Random Bit Generation” (SP800-90B) lays out the testing requirements for random bit generators. According to Implementation Guidance 7.18, compliance to SP800-90B will be mandatory for FIPS 140-2 validations starting November 8th 2020. Our colleague Stephan Mueller recently…
-
CST Newsletter and FIPS 140-3 Change Summary
We invite you to take a look at our CST Newsletter. This newsletter is intended to inform our customers about recent changes within the Implementation Guidance and NIST’s Cryptographic Module Validation Program (CMVP). We also included a high-level summary of changes to the testing and documentation that FIPS…
-
atsec adds Singaporean Common Criteria Scheme accreditation
atsec is pleased to announce that it has been licensed by CSA to be a Common Criteria Testing lab (CCTL) under the Singapore Common Criteria Scheme (SCCS). Please check the Common Criteria Portal:https://www.commoncriteriaportal.org/labs/index.cfm as well the Singapore Common Criteria Scheme:https://www.csa.gov.sg/our-programmes/certification-and-labelling-schemes/singapore-common-criteria-scheme/approved-labs atsec is already operating Common Criteria labs under…
-
atsec’s ACVT service is operational
atsec is proud to announce that the Automated Cryptographic Validation Testing (ACVT) service is operational. The atsec Cryptographic Security Testing (CST) laboratory is the first ever to achieve operational status with the Automated Cryptographic Validation Protocol (ACVP) production server operated by NIST. atsec’s ACVP tools are fully implemented…
-
Congratulating Qualcomm on CC certification of their Snapdragon 855 SOC
atsec congratulates Qualcomm on the successful evaluation of their Snapdragon 855 system on a chip (SOC) processor. The evaluation was performed jointly by atsec information security laboratory GmbH and T-Systems International GmbH laboratory; with the software evaluation being performed by atsec, and the hardware evaluation performed by T-Systems. atsec…
-
ATSEC PROVIDED PCI TRAINING AT VISA SECURITY SUMMIT 2019
China, Shanghai—From June 19th to 20th, Visa held the Asia Pacific Security Summit in Shanghai, China. During the “Ecosystem Data Security Workshop” on the 19th, Diana Greenhaw, VISA’s Vice President of Global Payment System Risk, gave a speech on “Ecosystem Risk Updates—A Global Perspective”. As one of the…
-
FIPS 140-2 and ISO Standards
atsec customers who have projects for testing, validating, and certifying cryptographic modules for the US government market are intimately familiar with the FIPS 140-2 standard. This standard and its associated supporting documents are produced and published by NIST. Together, the suite of documents define the specification and testing…
-
Commercial Assurance of Cryptography in North America
Cryptographic Algorithm Validations The Cryptographic Algorithm Validation Program (CAVP) is an organization that is managed solely by the National Institute of Standards and Technology (NIST). Information about the CAVP scheme, including the official validation lists, can be found at NIST’s web page for the CAVP. The CAVP certifies…
