CMUF-Common-Criteria

CMUF Monthly Update: June

The deadline is approaching for vendors that were moved to the Historical List because of their RNG use.  July 1 is the last day that a lab can submit a no-cost 3Sub to move a module …

Read more

Corsec - FIPS 140-2

Ixia Products Reach “In Process” for FIPS 140-2

Corsec would like to congratulate our partner, Ixia, which provides testing, visibility, and security solutions to strengthen applications across physical and virtual networks; on being listed on the “In Process” list for two of their FIPS 140-2 validations. Ixia’s products, the VisionONE …

Read more

Corsec - FIPS 140-2

FIPS 140-2 Sunset Policy Update!

CMVP; the governing body that oversees U.S. FIPS 140-2 validations, has made drastic changes over the past year to policy governing product certification longevity. This week they went one step further and have now updated …

Read more

FIPS 140, CSfC, Common Criteria, UC APL

Updates From Around the Globe

Over the past two months Corsec has traveled from Seoul, Korea to Ontario, Canada in order to attend security certification events such as the Common Criteria Users Forum (CCUF), and the International Cryptographic Module Conference (ICMC). The discussions …

Read more

Corsec - FIPS 140-2

Vocera Completes FIPS Validation

Corsec would like to thank and congratulate our partner Vocera Communications on completing the Federal Information Processing Standard for their Vocera Cryptographic Module v3.0 (#0894).  This module has now completed and finalized all the necessary requirements for …

Read more

Corsec - FIPS 140-2

Sonus Completes FIPS 140-2 Validation

Corsec would like to thank and congratulate our partner Sonus Networks Inc., on completing the FIPS 140-2 validation process for the Session Border Controller (SBC) 7000.  After a year of hard work, the Sonus SBC 7000’s achieved …

Read more

FIPS 140, CSfC, Common Criteria, UC APL

NIST’s Draft PUB on Entropy and RNG

Last month NIST released a draft publication on sources of Entropy and randomness in protecting sensitive data. The draft “Special Publication 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation”, is intended to help product vendors …

Read more

CMVP

CMVP Has Begun Archiving!

As previously mentioned, CMVP announced that all FIPS 140-2 validations that use Random Number Generators (RNG), as well as certifications that use both the NIST 800-90A DRBG and RNG will be required to re-validate, otherwise, they will …

Read more

OpenSSL-FIPS-Compliance

FIPS Compliance and OpenSSL

Product vendors often rely on OpenSSL to meet FIPS requirements. With the new CMVP requirements and regulations, vendors using certain versions of the OpenSSL cryptographic library to meet FIPS 140-2 requirements are in jeopardy of being out of …

Read more