Artifact GuideGLOBALFIPS 140-3 and algorithm validation

FIPS procurement evidence review CAVP, CMVP, and approved-mode workflow

A procurement workflow for checking whether a supplier crypto claim is supported by the right FIPS evidence: CAVP algorithm testing, CMVP module validation, tested environment, Security Policy scope, and approved-mode operation.

Use it to turn vague "FIPS compliant" claims into certificate numbers, boundaries, configurations, change triggers, and retention records backed by NIST sources.

Back to main artifactReview sources
Author
Sorena AI
Published
May 9, 2026
Updated
May 9, 2026
Sections
6

Structured answer sets in this page tree.

Primary sources
3

Cited legal and guidance references.

Publication metadata
Sorena AI
Published May 9, 2026
Updated May 9, 2026
Overview

Use this workflow when a product, cloud service, appliance, library, or supplier proposal claims FIPS-approved cryptography. The review is not satisfied by the word "FIPS" in a data sheet: procurement needs to know whether the claim is an algorithm implementation tested under CAVP, a cryptographic module validated under CMVP, a validated module used in approved mode, or an internal policy target that still needs evidence.

Section 1

Start by classifying the supplier claim

Separate four claims before reviewing any certificate. An approved algorithm standard such as AES or SHA is not the same thing as a CAVP-tested implementation. A CAVP algorithm certificate is not the same thing as a CMVP module certificate. A CMVP certificate still has a boundary, version, tested operating environment, approved services, and usage conditions. Procurement wording should mirror that exact scope.

Ask the supplier to identify the delivered product or service component that performs the cryptographic operation, then map the claim to evidence. If the supplier only provides a marketing statement such as "FIPS compliant crypto," treat it as incomplete until the implementation name, certificate number, module name, version, operating environment, and Security Policy are available.

  • Algorithm-only claim: request the CAVP certificate number, implementation name, algorithm family, version, and tested operating environment.
  • Module-validation claim: request the CMVP certificate number, module name, module version, validation status, tested operating environment, and public Security Policy.
  • Approved-mode claim: request the Security Policy section that lists approved services, non-approved services, service indicators, and any operator guidance needed to stay in approved mode.
  • Embedded or bound-module claim: require the supplier to identify the existing validated module by name, CMVP certificate number, version, and the subset of functionality reused by the delivered product.
  • Do not accept a certificate for a different product, version, hardware accelerator path, processor feature, or operating environment unless the Security Policy and certificate scope actually cover the delivered configuration.
Sources for this answer
CMVP Implementation Guidance for FIPS 140-3
Grounds the procurement distinction between CAVP-tested algorithm implementations, CMVP-validated modules, tested operating environments, Security Policy evidence, approved service indicators, and post-validation change impact.
NIST FIPS 140-3 security requirements for cryptographic modules
Primary standard for cryptographic module validation, approved security functions, agency procurement planning, and the warning that the CMVP historical list should not be used for procurement decisions.
NIST CAVP validation search
Public search page used to verify algorithm validation certificates by implementation, version, algorithm family, and tested operating environment before accepting supplier evidence.
Section 2

Build the evidence request package

A useful procurement package asks for the evidence a reviewer can tie to a shipped configuration. The CMVP IG states that algorithm validation certificates identify the validated algorithm implementation and tested operating environment, while module validation certificates identify the validated module and tested operating environment. That distinction should drive the intake form and the contract exhibit.

For software, firmware, and hybrid modules, pay close attention to operating environments. The IG says the CAVP-tested operating environment must be identical to, or fully included in, the environment used for module testing when a validated algorithm implementation is embedded in a module undergoing FIPS 140-3 testing. That makes CPU architecture, OS, firmware build, accelerator use, and deployment mode procurement evidence, not background detail.

  • Certificate inventory: CAVP certificate numbers, CMVP certificate numbers, validation status, issue/update dates when present in the source listing, and supplier-provided implementation names.
  • Boundary evidence: module boundary diagram or description, product components inside and outside the cryptographic boundary, and any embedded or bound validated modules.
  • Security Policy evidence: approved services, non-approved services, roles, service indicators, operator guidance, algorithm tables, and caveats that affect allowed use.
  • Configuration evidence: delivered version, build options, hardware acceleration path, operating environment, firmware level, platform architecture, and cloud or appliance deployment profile.
  • Procurement controls: acceptance criteria for matching certificates to the delivered configuration, required supplier notices for changes, and rejection rules for historical, revoked, or mismatched certificate evidence.
Sources for this answer
CMVP Implementation Guidance for FIPS 140-3
Grounds the procurement distinction between CAVP-tested algorithm implementations, CMVP-validated modules, tested operating environments, Security Policy evidence, approved service indicators, and post-validation change impact.
NIST FIPS 140-3 security requirements for cryptographic modules
Primary standard for cryptographic module validation, approved security functions, agency procurement planning, and the warning that the CMVP historical list should not be used for procurement decisions.
NIST CAVP validation search
Public search page used to verify algorithm validation certificates by implementation, version, algorithm family, and tested operating environment before accepting supplier evidence.
Recommended next step

Operationalize FIPS procurement evidence review

Use this workflow to convert supplier "FIPS compliant" statements into certificate checks, Security Policy constraints, approved-mode controls, and change-review tasks.

Assessment workflow
Open Assessment Autopilot for FIPS procurement evidence

Convert certificate checks, Security Policy review, approved-mode evidence, and change triggers into accountable tasks.

Explore next step
Research workflow
Research FIPS certificate questions

Use cited NIST source material to resolve CAVP, CMVP, operating-environment, and approved-mode questions before acceptance.

Explore next step
Talk to Sorena
Talk through implementation

Review the cryptographic boundary, supplier evidence, certificate fit, and procurement acceptance criteria with Sorena.

Explore next step
Section 3

Review algorithm certificates separately from module certificates

Use CAVP evidence to prove that a named algorithm implementation was tested. Use CMVP evidence to prove that a cryptographic module was validated against FIPS 140-3. A product can include a tested algorithm without the whole delivered module being validated, and a validated module can contain usage limits that procurement must preserve in implementation instructions.

The review output should therefore avoid broad labels. Say "uses AES implementation covered by CAVP certificate X in operating environment Y" or "uses cryptographic module Z validated under CMVP certificate N when configured according to Security Policy S," rather than converting either certificate into a blanket product approval.

  • Match the certificate evidence to the actual delivered binary, firmware, hardware module, library, service boundary, or appliance model.
  • Record whether the certificate is algorithm-level or module-level, because remediation differs when either one does not match.
  • Check whether the module certificate relies on another validated module, an embedded module, a processor algorithm accelerator, or a processor algorithm implementation, then require the related caveats and Security Policy text.
  • For TLS, KDF, signature, hash, encryption, and key-establishment evidence, verify that the algorithm certificate context matches the protocol or service in which the product uses it.
  • Keep rejected evidence with the reason: wrong boundary, wrong operating environment, unsupported status, stale version, unlisted service, or unsupported approved-mode claim.
Sources for this answer
CMVP Implementation Guidance for FIPS 140-3
Grounds the procurement distinction between CAVP-tested algorithm implementations, CMVP-validated modules, tested operating environments, Security Policy evidence, approved service indicators, and post-validation change impact.
NIST FIPS 140-3 security requirements for cryptographic modules
Primary standard for cryptographic module validation, approved security functions, agency procurement planning, and the warning that the CMVP historical list should not be used for procurement decisions.
NIST CAVP validation search
Public search page used to verify algorithm validation certificates by implementation, version, algorithm family, and tested operating environment before accepting supplier evidence.
Section 4

Approved-mode and Security Policy review gates

Approved mode is a configuration and service-use question, not just a certificate lookup. The CMVP IG describes approved mode as a set of services that includes at least one approved security function or process and excludes non-approved security functions. Procurement reviewers should therefore ask how the delivered system enters approved mode, how operators can tell which mode is active, and which services are outside the allowed claim.

The public Security Policy is the practical review anchor. It should identify approved and non-approved services, algorithm certificates, roles, interfaces, operating rules, and caveats. If the supplier claim depends on a mode switch, an approved service indicator, or operator guidance, those details belong in the procurement acceptance record.

  • Require a Security Policy reference for each accepted CMVP module certificate and cite the section that supports the procurement claim.
  • Verify the product configuration enables only the services and algorithms the supplier is claiming for approved-mode operation.
  • Document how service indicators, logs, configuration screens, or operational procedures show that the module is operating in the intended mode.
  • List non-approved algorithms or services separately and state whether they are disabled, allowed with no security claimed, or outside the procured use case.
  • Make implementation teams keep the Security Policy constraints in deployment guides, hardening baselines, and customer-facing evidence packs.
Sources for this answer
CMVP Implementation Guidance for FIPS 140-3
Grounds the procurement distinction between CAVP-tested algorithm implementations, CMVP-validated modules, tested operating environments, Security Policy evidence, approved service indicators, and post-validation change impact.
NIST FIPS 140-3 security requirements for cryptographic modules
Primary standard for cryptographic module validation, approved security functions, agency procurement planning, and the warning that the CMVP historical list should not be used for procurement decisions.
NIST CAVP validation search
Public search page used to verify algorithm validation certificates by implementation, version, algorithm family, and tested operating environment before accepting supplier evidence.
Section 5

Change impact and retention workflow

Procurement evidence expires operationally when the delivered configuration changes, even if the public certificate still exists. The CMVP IG includes examples where changes to versioning, excluded components, operating environments, processor acceleration, or embedded validated modules can require validation or revalidation analysis. The buyer should make those triggers part of supplier notice obligations and internal change control.

Retain the evidence in a way that lets future auditors reconstruct the accepted claim. Store the public source URL, certificate identifier, Security Policy version, supplier attestation, product version, operating environment, reviewer decision, and rejection notes together. When a supplier ships a cryptographic update, rerun the review rather than copying the previous acceptance forward.

  • Trigger reassessment after cryptographic library changes, module version changes, firmware updates, OS or processor changes, accelerator-path changes, cloud-region or platform changes, and certificate status changes.
  • Require suppliers to notify procurement/security when CAVP or CMVP evidence changes, moves to historical or revoked status, or no longer covers the delivered configuration.
  • Retain accepted evidence, rejected evidence, assumptions, source URLs, and reviewer approvals by product release or contract version.
  • For inherited or embedded validation claims, track the upstream validated module status because the downstream claim can depend on it.
  • Set a review cadence tied to release management and supplier change notices, not a generic calendar reminder detached from product change.
Sources for this answer
CMVP Implementation Guidance for FIPS 140-3
Grounds the procurement distinction between CAVP-tested algorithm implementations, CMVP-validated modules, tested operating environments, Security Policy evidence, approved service indicators, and post-validation change impact.
NIST FIPS 140-3 security requirements for cryptographic modules
Primary standard for cryptographic module validation, approved security functions, agency procurement planning, and the warning that the CMVP historical list should not be used for procurement decisions.
NIST CAVP validation search
Public search page used to verify algorithm validation certificates by implementation, version, algorithm family, and tested operating environment before accepting supplier evidence.
Section 6

Procurement review table

Use this operating table in intake notes or contract review. Each row should produce an auditable record, not just a yes/no answer.

1 | Claim intake | Procurement and security | Supplier FIPS claim, product/version, crypto component inventory | Is this an algorithm claim, module-validation claim, approved-mode claim, or internal target?

2 | Certificate match | Security reviewer | CAVP/CMVP certificate IDs, implementation names, module names, versions, tested operating environments | Does the public evidence match the delivered configuration?

3 | Security Policy review | Product security and operations | Security Policy, approved services, service indicators, caveats, operator guidance | Can the deployment operate inside the validated boundary and approved-mode conditions?

4 | Change-control acceptance | Procurement, engineering, supplier owner | Supplier notice clause, release record, rejected-evidence log, reassessment trigger list | What changes force the evidence to be reviewed again?

  • Write the final acceptance sentence narrowly enough that it remains true when copied into a contract, security questionnaire, or customer evidence pack.
  • Attach the evidence pack to the product release, supplier contract, or system authorization record where it will actually be reused.
  • Escalate mismatches to engineering before signature; procurement should not paper over a certificate that does not cover the shipped boundary.
Sources for this answer
CMVP Implementation Guidance for FIPS 140-3
Grounds the procurement distinction between CAVP-tested algorithm implementations, CMVP-validated modules, tested operating environments, Security Policy evidence, approved service indicators, and post-validation change impact.
NIST FIPS 140-3 security requirements for cryptographic modules
Primary standard for cryptographic module validation, approved security functions, agency procurement planning, and the warning that the CMVP historical list should not be used for procurement decisions.
NIST CAVP validation search
Public search page used to verify algorithm validation certificates by implementation, version, algorithm family, and tested operating environment before accepting supplier evidence.
Primary sources

References and citations

CMVP Implementation Guidance for FIPS 140-3
csrc.nist.gov
Referenced sections
  • Grounds the procurement distinction between CAVP-tested algorithm implementations, CMVP-validated modules, tested operating environments, Security Policy evidence, approved service indicators, and post-validation change impact.
"The validation certificate serves as a benchmark"
NIST CAVP validation search
csrc.nist.gov
Referenced sections
  • Public search page used to verify algorithm validation certificates by implementation, version, algorithm family, and tested operating environment before accepting supplier evidence.
"validation-search"
NIST FIPS 140-3 security requirements for cryptographic modules
doi.org
Referenced sections
  • Primary standard for cryptographic module validation, approved security functions, agency procurement planning, and the warning that the CMVP historical list should not be used for procurement decisions.
"Agencies should develop plans for the acquisition"
Related guides

Explore more topics

AES FIPS 197 requirements and evidence
AES FIPS 197 guidance for identifying supported key sizes, separating the block cipher from modes of operation, and avoiding unsupported FIPS validation claims.
CAVP and ACVP validation evidence for FIPS algorithms
How to read CAVP algorithm certificates, ACVTS/ACVP test coverage, CMVP module validation, and FIPS 140-3 procurement evidence without overstating the claim.
CAVP Validation Evidence Workflow for FIPS Algorithms
Workflow for collecting CAVP and ACVP evidence: algorithm certificates, implementation names, tested parameters, operating environments, and CMVP handoff records.
FIPS 180-4 and FIPS 202 secure hash guidance
Choose and evidence SHA-2, SHA-3, and SHAKE use under FIPS 180-4, FIPS 202, CAVP validation, and FIPS 140-3 module claims.
FIPS 186-5 and FIPS 204 digital signatures
Compare FIPS 186-5 classical digital signatures with FIPS 204 ML-DSA, including scope, algorithm choices, key-use limits, and validation evidence boundaries.
FIPS 203 ML-KEM vs RSA and ECDH key establishment
Compare FIPS 203 ML-KEM with RSA and ECDH key-establishment schemes using NIST SP 800-56A, SP 800-56B, CAVP, and CMVP grounding.
FIPS 203, 204, and 205 Post-Quantum Algorithms
FAQ on how FIPS 203 ML-KEM, FIPS 204 ML-DSA, and FIPS 205 SLH-DSA fit FIPS-approved cryptographic algorithm planning, implementation evidence, and validation checks.
FIPS Algorithm Procurement Evidence FAQ
What procurement teams should collect before accepting FIPS algorithm or module claims: CAVP certificates, CMVP module status, security policy scope, and supplier change triggers.
FIPS approved algorithm selector workflow
A source-linked workflow for selecting FIPS and NIST-approved cryptographic algorithms without overstating module validation, CAVP evidence, or approved-mode claims.
FIPS approved mode procurement: certificates, boundaries, and evidence
Procurement guidance for FIPS approved mode claims: how to check CMVP certificates, CAVP evidence, module boundaries, tested environments, and supplier evidence before purchase.
FIPS crypto transition and deprecation tracker
Track FIPS algorithm transitions, withdrawn guidance, CAVP evidence, CMVP module impact, procurement triggers, and approved-mode caveats without overstating validation status.
FIPS cryptographic algorithm selector
Choose between FIPS algorithm standards for AES, SHA-2, SHA-3, digital signatures, ML-KEM, ML-DSA, and SLH-DSA without overstating validation scope.
FIPS KDF and MAC coverage for validated modules
Map FIPS 140-3 KDF and MAC coverage to approved security functions, CAVP evidence, self-tests, service indicators, and module security policy entries.
FIPS Key Management Mapping for Algorithms and SSP Evidence
Map FIPS 140-3 key management requirements to approved algorithms, SSP establishment methods, CAVP evidence, module boundaries, and key-use records.
FIPS validation certificates for cryptographic algorithms
How to read CAVP algorithm validation certificates and CMVP module validation certificates without overstating FIPS-approved cryptographic algorithm claims.
FIPS-approved cryptographic algorithms FAQ
Answers to common FIPS algorithm questions: approved security functions, CAVP validation, CMVP module scope, AES modes, SHA-2, SHA-3, signatures, and post-quantum algorithms.
How FIPS 180-4 and FIPS 202 Hash Functions Fit FIPS Algorithm Approval
Use FIPS 180-4 for SHA-1 and SHA-2 hash algorithms, FIPS 202 for SHA-3 and SHAKE functions, and CAVP/CMVP evidence without treating a hash certificate as module validation.
How FIPS 186-5 Signature Algorithms Fit FIPS Approval
Use FIPS 186-5 for RSA, ECDSA, deterministic ECDSA, EdDSA, HashEdDSA, DSA verification limits, approved hashes, and CAVP/CMVP evidence boundaries.
ML-DSA vs ECDSA under FIPS 204 and FIPS 186-5
Compare ML-DSA and ECDSA for FIPS-aligned digital signature designs, including parameter choices, key handling, CAVP algorithm evidence, and CMVP module boundaries.
Post-quantum FIPS 203, 204, and 205: ML-KEM, ML-DSA, and SLH-DSA
A grounded guide to the three NIST post-quantum FIPS standards: when ML-KEM, ML-DSA, and SLH-DSA apply, what evidence to keep, and how CAVP and CMVP claims differ.
Post-Quantum Migration for FIPS Cryptography
Plan post-quantum migration for FIPS cryptography by separating ML-KEM key establishment, ML-DSA and SLH-DSA signatures, CAVP algorithm evidence, and CMVP module validation boundaries.
Post-Quantum Migration Tracker for FIPS 203, 204, and 205
Track post-quantum cryptography migration evidence for FIPS 203 ML-KEM, FIPS 204 ML-DSA, FIPS 205 SLH-DSA, CAVP algorithm certificates, and CMVP module boundaries.
SHA-2 vs SHA-3 under FIPS 180-4 and FIPS 202
Compare SHA-2 and SHA-3 for FIPS use: approved functions, validation evidence, compatibility, procurement checks, and when migration is not required.
TLS use-case mapping for FIPS algorithm evidence
Map TLS uses to FIPS algorithm, CAVP, CMVP, approved-mode, certificate-authority, and evidence checks without overstating protocol validation claims.
What does FIPS 197 AES mean for FIPS-approved algorithms?
FIPS 197 defines AES as a FIPS-approved block cipher, but AES use alone is not the same as CAVP algorithm testing or FIPS 140-3 module validation.