Cryptographic algorithm validation is a prerequisite of validations under the , as each approved algorithm implemented in a module must be validated as meeting the requirements of the applicable FIPS, NIST or ANSI standard.
For each algorithm requiring validation, EWA-Canada generates test files and provides these to the vendor who must then run them through their cryptographic algorithm implementation to generate a correct set of outputs from the supplied input vectors. Once the output files are returned, they are verified and, if correct, a submission is made to the CAVP for validation of the algorithm implementations and issuance of algorithm validation certificates.
EWA-Canada can perform verification of the following:
Random Number Generator (RNG) Algorithms
- ANSI X9.31 - Appendix A.2.4 - Using 2-Key Triple DES (specifies the RNG for the RSA algorithm)
- ANSI X9.62 - Appendix A.4 (specifies the RNG for the ECDSA algorithm)
Message Authentication Algorithms
The EWA-Canada IT Security Evaluation & Test Facility can also perform the testing of the algorithm implementations or refer you to a FIPS 140-2 support specialist to perform the testing.