Cryptographic Module Testing Laboratory
Encyclopedia
A Cryptographic Module Testing Laboratory (CMTL) is an information technology
(IT) computer security
testing laboratory that is accredited to conduct cryptographic module evaluations for conformance to the FIPS 140-2
U.S.
Government standard.
The National Institute of Standards and Technology (NIST) National Voluntary Laboratory Accreditation Program (NVLAP) accredits CMTLs to meet Cryptographic Module Validation Program
(CMVP) standards and procedures.
(CC) Testing Laboratory (CCTL). The CC and FIPS 140-2 are different in the abstractness and focus of tests. FIPS 140-2 testing is against a defined cryptographic module and provides a suite of conformance tests to four FIPS 140 security levels. FIPS 140-2 describes the requirements for cryptographic modules and includes such areas as physical security
, key management
, self tests, roles and services, etc. The standard was initially developed in 1994 - prior to the development of the CC. The CC is an evaluation against a Protection Profile
(PP), usually created by the user, or security target (ST). Typically, a PP covers a broad range of products.
If the operational environment is a modifiable operational environment, the operating system requirements of the Common Criteria are applicable at FIPS Security Levels 2 and above.
Information technology
Information technology is the acquisition, processing, storage and dissemination of vocal, pictorial, textual and numerical information by a microelectronics-based combination of computing and telecommunications...
(IT) computer security
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
testing laboratory that is accredited to conduct cryptographic module evaluations for conformance to the FIPS 140-2
FIPS 140-2
The Federal Information Processing Standard Publication 140-2, , is a U.S. government computer security standard used to accredit cryptographic modules. The title is Security Requirements for Cryptographic Modules...
U.S.
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...
Government standard.
The National Institute of Standards and Technology (NIST) National Voluntary Laboratory Accreditation Program (NVLAP) accredits CMTLs to meet Cryptographic Module Validation Program
CMVP
The Cryptographic Module Validation Program is a joint American and Canadian security accreditation program for cryptographic modules. The program is available to any vendors who seek to have their products certified for use by the U.S...
(CMVP) standards and procedures.
CMTL requirements
These laboratories must meet the following requirements:- NIST Handbook 150, NVLAP Procedures and General Requirements
- NIST Handbook 150-17 Information Technology Security Testing - Cryptographic Module Testing
- NVLAP Specific Operations Checklist for Cryptographic Module Testing
FIPS 140-2 in relation to the Common Criteria
A CMTL can also be a Common CriteriaCommon Criteria
The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification...
(CC) Testing Laboratory (CCTL). The CC and FIPS 140-2 are different in the abstractness and focus of tests. FIPS 140-2 testing is against a defined cryptographic module and provides a suite of conformance tests to four FIPS 140 security levels. FIPS 140-2 describes the requirements for cryptographic modules and includes such areas as physical security
Physical security
Physical security describes measures that are designed to deny access to unauthorized personnel from physically accessing a building, facility, resource, or stored information; and guidance on how to design structures to resist potentially hostile acts...
, key management
Key management
Key management is the provisions made in a cryptography system design that are related to generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.Key management concerns...
, self tests, roles and services, etc. The standard was initially developed in 1994 - prior to the development of the CC. The CC is an evaluation against a Protection Profile
Protection Profile
A Protection Profile is a document used as part of the certification process according to the Common Criteria . As the generic form of a Security Target , it is typically created by a user or user community and provides an implementation independent specification of information assurance security...
(PP), usually created by the user, or security target (ST). Typically, a PP covers a broad range of products.
- A CC evaluation does not supersede or replace a validation to either FIPS 140-1 or FIPS 140-2. The four security levels in FIPS 140-1 and FIPS 140-2 do not map directly to specific CC EALEvaluation Assurance LevelThe Evaluation Assurance Level of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to...
s or to CC functional requirements. A CC certificate cannot be a substitute for a FIPS 140-1 or FIPS 140-2 certificate.
If the operational environment is a modifiable operational environment, the operating system requirements of the Common Criteria are applicable at FIPS Security Levels 2 and above.
- FIPS 140-1 required evaluated operating systems that referenced the Trusted Computer System Evaluation CriteriaTrusted Computer System Evaluation CriteriaTrusted Computer System Evaluation Criteria is a United States Government Department of Defense standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system...
(TCSEC) classes C2, B1 and B2. However, TCSEC is no longer in use and has been replaced by the Common Criteria. Consequently, FIPS 140-2 now references the Common Criteria.