Important News:SafeLogic's CryptoComply Achieves FIPS 140-3 Validation and Receives FIPS 140-3 certificate #4781! Read the blog post!
The SafeLogic Blog
FIPS Module 3.0 for OpenSSL 1.1 Update
December 22, 2016 •Mark Minnoch
In December, Acumen Security hosted our kick-off meeting for the FIPS Module 3.0 validation effort. I was SafeLogic’s delegate, Steve Marquess represented OpenSSL, and Ashit Vora, Tony Busciglio, and Ryan Thomas attended for Acumen. With the expected adoption of TLS 1.3 and upcoming algorithm transition deadlines (outlined in NIST SP 800-131A), the OpenSSL-SafeLogic-Acumen Security partnership strives to deliver a FIPS module that works with OpenSSL 1.1 during the 2017 calendar year.
For this project to be successful, we will need additional Project Sponsors. Technology vendors that plan to deliver products using OpenSSL 1.1 in the future should consider sponsorship to support the effort. Financial contributions from Project Sponsors will help fund the engineers developing the code (OpenSSL) and the FIPS Laboratory (Acumen Security) for their validation testing services.
Here is the tentative schedule for the FIPS Module 3.0:
- January 2017: Receive initial contributions from Project Sponsors
- February 2017: Technical parameters locked in for development
- March 2017: OpenSSL team begins development to meet FIPS requirements
- May 2017: Development checkpoint
- July 2017: SafeLogic reviews FIPS Module, finalizes FIPS 140-2 documentation
- August 2017: Acumen submits FIPS 140-2 report to CMVP
- October 2017: CMVP provides report comments to Acumen (2 month queue time expected)
- November 2017: CMVP issues FIPS 140-2 certificate for FIPS Module 3.0 (for OpenSSL 1.1)
Important Notes:
1. Additional Project Sponsors are needed to make their initial contributions in January to begin the process on time.
2. All development and testing work is scheduled based upon sponsorship contributions being delivered as planned. Additional sponsors will mitigate risk of delays.
3. FIPS Module 3.0 Technical Objectives and Sponsorship information are available here: https://wiki.openssl.org/index.php/FIPS_module_3.0
4. Early releases of the FIPS code will be available from Github for public review and testing.
5. For a quick history of how the OpenSSL/SafeLogic/Acumen team came together, please see our July announcement.
How Can My Company Become a Sponsor?
Thank you for your interest! We welcome additional sponsors to support this crucial development for the community. Please contact us directly to discuss and stay tuned for additional updates here at the SafeLogic blog.
Mark Minnoch
Mark Minnoch was a Technical Account Manager for SafeLogic.
Popular Posts
Search for posts
Tags
- FIPS 140 (109)
- FIPS validation (85)
- Encryption (70)
- cryptography (68)
- NIST (62)
- CryptoComply (60)
- SafeLogic (58)
- Industry News (54)
- cryptographic module (51)
- Conversations (49)
- CMVP (48)
- RapidCert (46)
- compliance (41)
- Ray Potter (33)
- SafeLogic News (33)
- Event (27)
- federal (27)
- CAVP (23)
- Cybersecurity (23)
- FIPS 140-3 (17)
- #LoveOurCustomers (15)
- OpenSSL (15)
- government (14)
- FedRAMP (13)
- CryptoCompact (12)
- Cryptology (12)
- DoD (12)
- RSA (12)
- compatible (12)
- healthcare (12)
- partners (12)
- NSA (11)
- post-quantum cryptography (10)
- AES (9)
- Apple (9)
- Cloud (9)
- health (9)
- security (9)
- time (9)
- CMMC (8)
- HIPAA (8)
- IoT (8)
- PQC (8)
- Suite B (8)
- hack (8)
- testing (8)
- whitepaper (8)
- client (7)
- constrained devices (7)
- Advisories (6)
- Approved Products List (APL) (6)
- HITECH (6)
- ICMC (6)
- holiday (6)
- lab (6)
- vulnerability (6)
- Acumen (5)
- CEO (5)
- Dual EC DRBG (5)
- Microsoft (5)
- NIST 800-171 (5)
- NIST 800-53 (5)
- OpenSSL 3.0 (5)
- Wes Higaki (5)
- Whit Diffie (5)
- ePHI (5)
- healthIT (5)
- heartbleed (5)
- mHealth (5)
- procurement (5)
- vulnerable (5)
- C3PAO (4)
- Common Criteria (4)
- Google (4)
- Google Glass (4)
- HHS (4)
- HITECH Act (4)
- Mark Minnoch (4)
- deadline (4)
- encrypt (4)
- health IT (4)
- iOS (4)
- innovation (4)
- military (4)
- procure (4)
- public sector (4)
- AFCEA (3)
- Air Force (3)
- BSAFE (3)
- CSE (3)
- DFARS (3)
- DISA (3)
- EMM (3)
- FIPS 186 (3)
- FIPS-approved (3)
- HIMSS (3)
- HIPAA Safe Harbor (3)
- HITECH Safe Harbor (3)
- Implementation Guidance (3)
- Implementation Under Testing (3)
- InfoSec (3)
- NVLAP (3)
- National Institute of Standards and Technology (3)
- OCR (3)
- OpenSSL 1.1.1 (3)
- OpenSSL 3.x (3)
- POA&M (3)
- TLS 1.3 (3)
- competition (3)
- connected (3)
- constrained (3)
- data at rest (3)
- editorial (3)
- forum (3)
- goals (3)
- healthcare IT (3)
- iPhone (3)
- liberty (3)
- magazine (3)
- open source (3)
- patriotic (3)
- privacy (3)
- queue (3)
- revalidation (3)
- software (3)
- speaking (3)
- transition (3)
- vulnerabilities (3)
- 3PAO (2)
- ACVP (2)
- BA (2)
- BAA (2)
- CIO (2)
- CSEC (2)
- CSP (2)
- CoIT (2)
- Coalfire (2)
- Cyber Defense Magazine (2)
- Cyberattack (2)
- DIY (2)
- Defense Industrial Base (2)
- Diffie-Hellman (2)
- ECDH (2)
- EHR (2)
- FBI (2)
- FIPS 197 (2)
- FIPS 199 (2)
- FIPS ready (2)
- FinalCode (2)
- Firefox (2)
- HIPAA security controls (2)
- Historical Status (2)
- IPsec (2)
- IPsec VPN (2)
- Java (2)
- Level 1 (2)
- Level 2 (2)
- Level 3 (2)
- Level 4 (2)
- MFA (2)
- MSFT (2)
- Maribel Lopez (2)
- Module in Process (2)
- NIST 800-111 (2)
- NIST 800-38 (2)
- NSS (2)
- Network Security Services (2)
- OpenSSL 1.0.2 (2)
- RNG (2)
- RSA BSAFE (2)
- RSA Security (2)
- SHA (2)
- SPRS (2)
- SSL (2)
- SSL VPN (2)
- Securonix (2)
- StateRAMP (2)
- Steve Marquess (2)
- Suite A (2)
- TLS (2)
- U.S. (2)
- U.S. Armed Forces (2)
- UK (2)
- US (2)
- US Armed Forces (2)
- USA (2)
- Up (2)
- VPN (2)
- Walt Paley (2)
- backdoor (2)
- benchmark (2)
- code (2)
- competitor (2)
- constrained device (2)
- consultant (2)
- consultants (2)
- consulting (2)
- cost (2)
- cyber terrorism (2)
- data in motion (2)
- developer (2)
- doctor (2)
- entropy (2)
- excellence (2)
- fast (2)
- federal acquisition (2)
- federal procurement (2)
- federal shutdown (2)
- finance (2)
- firmware (2)
- founder (2)
- freedom (2)
- goal (2)
- gold (2)
- guest (2)
- hardware (2)
- hurdle (2)
- hybrid (2)
- iOS 6 (2)
- key management (2)
- leader (2)
- legacy (2)
- mandate (2)
- maturity (2)
- medal (2)
- overlap (2)
- patch (2)
- patches (2)
- patient (2)
- penalties (2)
- pilot (2)
- re-validation (2)
- regulated industry (2)
- research (2)
- rival (2)
- rsa conference (2)
- security breach (2)
- session (2)
- shutdown (2)
- solution (2)
- speed (2)
- sponsors (2)
- startup (2)
- sunset (2)
- support (2)
- team (2)
- technology (2)
- terrorism (2)
- terrorist (2)
- use case (2)
- vendor (2)
- year (2)
- year end (2)
- (ISC)2 (1)
- 21st Century Cures Act (1)
- Active Status (1)
- Alliance for Digital Innovation (1)
- Android (1)
- BYOD (1)
- Brent Cook (1)
- Bruce Schneier (1)
- CCEVS (1)
- CES (1)
- CIO Prime Views (1)
- CIO Story (1)
- CIOstory (1)
- CNET (1)
- CNN (1)
- CNSA (1)
- CNSS (1)
- COTS (1)
- CSF (1)
- CTR_DRBG (1)
- CUI (1)
- Cryptographic Technology Group (1)
- Cryptsoft (1)
- CsfC (1)
- Cupertino (1)
- Cyber Monday (1)
- D-FLIP (1)
- DES (1)
- DHS (1)
- DIU (1)
- DIUx (1)
- DNA (1)
- DOJ (1)
- Daniel Franke (1)
- David Cameron (1)
- David Hook (1)
- DoDIN APL (1)
- EPCS (1)
- Entropy Source Validation (1)
- Erlich Bachman (1)
- Extended Support (1)
- FCA (1)
- FF1 (1)
- FF3 (1)
- FIPS Compliance (1)
- FISMA (1)
- FITARA (1)
- FOM (1)
- FOM 2.0 (1)
- FPE (1)
- FUD (1)
- Fed (1)
- Federal IT Sales Summit (1)
- G.18 (1)
- GCHQ (1)
- GNU (1)
- GNU Project (1)
- GSA (1)
- Gavin Belson (1)
- GnuPG (1)
- GoBe (1)
- HASH_DRBG (1)
- HIIPA (1)
- HIPPA (1)
- HIT (1)
- HITRUST (1)
- HITRUST CSF (1)
- HMAC_DRBG (1)
- Healbe (1)
- Hunter S. Thompson (1)
- IBM (1)
- ICMC 2013 (1)
- ICS (1)
- ICS-ISAC (1)
- IPB (1)
- ISO (1)
- ISO 24759 (1)
- ITexpo West (1)
- ITexpo West 2014 (1)
- Immix (1)
- In Progress (1)
- In Progress List (1)
- Inauguration (1)
- Industrial Control System (1)
- Infogard (1)
- Intel (1)
- Investigatory Powers Bill (1)
- Iron Mountain (1)
- JAR (1)
- JCE (1)
- JITC (1)
- JLTV (1)
- JSSE (1)
- Jack Barker (1)
- KAS (1)
- KBKDF (1)
- LRSB (1)
- Lockheed Martin (1)
- MDMPP (1)
- MDPP (1)
- MIT (1)
- MWC (1)
- Marissa Mayer (1)
- Mark Amtower (1)
- Matt Caswell (1)
- Matt Cornelius (1)
- Matthew Cornelius (1)
- Matthew Green (1)
- Maturity Model (1)
- Michael Leonard (1)
- MicroStrategy (1)
- Microsoft Surface (1)
- Multifactor (1)
- NCCoE (1)
- NCSL (1)
- NSA Suite B (1)
- Northrup Grumman (1)
- OCS (1)
- OMB (1)
- ONC (1)
- OSL (1)
- OSSL 1.1 (1)
- OSSL Foundation (1)
- OVS (1)
- Office 365 (1)
- Pulse Secure (1)
- Q4 (1)
- Quantum Dawn (1)
- Quest (1)
- RAR (1)
- REDCOM (1)
- RFP (1)
- Ralph C. Jensen (1)
- Ralph Jensen (1)
- Readiness Assessment Report (1)
- SLED (1)
- SP (1)
- SP 800-113 (1)
- SP 800-56 (1)
- SP 800-77 (1)
- SP800-131A (1)
- SP800-90A (1)
- SSLv3 (1)
- Sean Kerner (1)
- SecureAuth (1)
- Security B-Sides (1)
- Security Compass (1)
- SecurityToday (1)
- Sergey Brin (1)
- Seth Rosenblatt (1)
- Sethi (1)
- St Regis (1)
- Steve Jobs (1)
- Susan McAndrew (1)
- TLS 1.1 (1)
- TSMC (1)
- Tanuj Gulati (1)
- Theresa May (1)
- Tim Hudson (1)
- U.K. (1)
- U.S. Air Force (1)
- U.S. Marines (1)
- U.S. Military (1)
- U.S. Navy (1)
- US Air Force (1)
- US Army (1)
- US Marines (1)
- US Military (1)
- US Navy (1)
- USMC (1)
- United Kingdom (1)
- United States (1)
- United States of America (1)
- Up24 (1)
- Vectra (1)
- Vectra Networks (1)
- WEST (1)
- WEST 2020 (1)
- WolfSSL (1)
- Yier Jin (1)
- background (1)
- ban (1)
- banish (1)
- banished (1)
- banishment (1)
- banned (1)
- batterygate (1)
- benchmarks (1)
- best (1)
- checkmarks (1)
- chief (1)
- chip (1)
- chipgate (1)
- choice (1)
- choose (1)
- chosen (1)
- cipher (1)
- citizen (1)
- citizenship (1)
- co-founder (1)
- codebase (1)
- codies (1)
- comment period (1)
- compete (1)
- competitive (1)
- competitive advantage (1)
- complaint (1)
- complaints (1)
- concurrent (1)
- congress (1)
- contract (1)
- crime (1)
- criminal (1)
- cryptographer (1)
- cybertech (1)
- data (1)
- data center (1)
- data centers (1)
- data security (1)
- dates (1)
- david hume (1)
- debt ceiling (1)
- decryption (1)
- deploy (1)
- development (1)
- dictionary (1)
- differentiator (1)
- disambiguate (1)
- download (1)
- drones (1)
- eBay (1)
- eBay breach (1)
- eHealth (1)
- eWeek (1)
- editor (1)
- editor-in-chief (1)
- education (1)
- effort (1)
- elliptic curve cryptography (1)
- embedded (1)
- emerging (1)
- engineer (1)
- engineering (1)
- enterprise security (1)
- exhibit (1)
- exhibit hall (1)
- expectations (1)
- expert (1)
- expertise (1)
- experts (1)
- expire (1)
- extended (1)
- fall (1)
- faq (1)
- finalist (1)
- finalists (1)
- financial (1)
- fines (1)
- fintech (1)
- fips inside (1)
- fiscal (1)
- fiscal year (1)
- fitness tracker (1)
- fitness trackers (1)
- fix (1)
- fixes (1)
- flight (1)
- forecast (1)
- format-preserving (1)
- format-preserving encryption (1)
- fraud (1)
- frempetitor (1)
- frempetitors (1)
- frenemies (1)
- frenemy (1)
- furlough (1)
- future (1)
- global (1)
- globee (1)
- glossary (1)
- goose (1)
- gov (1)
- gov't (1)
- guest blog (1)
- guest post (1)
- hashed (1)
- head-to-head (1)
- hill (1)
- hiring freeze (1)
- history (1)
- honor (1)
- honored (1)
- hospital (1)
- human rights (1)
- hume (1)
- humor (1)
- hurdles (1)
- iMessage (1)
- iOS 7 (1)
- iPad (1)
- iToilet (1)
- industry (1)
- intellectual property (1)
- interim final rule (1)
- international (1)
- interview (1)
- issues (1)
- kratos (1)
- launch (1)
- libgcrypt (1)
- malicious (1)
- maverick (1)
- medals (1)
- medical (1)
- medicine (1)
- meek (1)
- mobile security (1)
- mobility (1)
- mocana (1)
- money (1)
- multi-factor (1)
- multi-factor authentication (1)
- musings (1)
- national cybersecurity strategy (1)
- naval aviator (1)
- need for speed (1)
- neglect (1)
- network (1)
- new (1)
- new OSSL (1)
- news (1)
- nominate (1)
- nominated (1)
- nominee (1)
- offload (1)
- opportunities (1)
- opportunity (1)
- outsource (1)
- panel (1)
- parallel (1)
- passwords (1)
- past (1)
- patient data (1)
- philosopher (1)
- philosophy (1)
- piece (1)
- pilots (1)
- plane (1)
- plans (1)
- platinum (1)
- post (1)
- presentation (1)
- priorities (1)
- priority (1)
- prize (1)
- profile (1)
- proposed (1)
- proud (1)
- provider (1)
- public (1)
- public comment (1)
- public comment period (1)
- public list (1)
- quant (1)
- quant self (1)
- quantified (1)
- quantified self (1)
- queue length (1)
- quinquennial (1)
- re-validate (1)
- reflection (1)
- regulations (1)
- representatives (1)
- required (1)
- requirement (1)
- researchers (1)
- reseller (1)
- revalidate (1)
- revenue (1)
- revoke (1)
- revoked (1)
- rights (1)
- rivals (1)
- roadblock (1)
- roadmap (1)
- sales (1)
- salted (1)
- savings (1)
- scalability (1)
- season (1)
- security software (1)
- select (1)
- selected (1)
- selection (1)
- self-driving (1)
- self-driving car (1)
- senate (1)
- senators (1)
- server (1)
- simplify (1)
- smart cars (1)
- smart home (1)
- smart toilet (1)
- smartwatch (1)
- sole-source (1)
- speaking session (1)
- specialization (1)
- stand for (1)
- standards (1)
- start-up (1)
- state (1)
- stealth mode (1)
- stigma (1)
- story (1)
- strategy (1)
- summer (1)
- sunet (1)
- sunset date (1)
- sunsetted (1)
- symposium (1)
- talk (1)
- tech (1)
- technical (1)
- term (1)
- terminology (1)
- terms (1)
- threat detection (1)
- threats (1)
- toilet (1)
- top gun (1)
- training (1)
- trophy (1)
- unicorn (1)
- value (1)
- vendors (1)
- website (1)
- whining (1)
- whistleblower (1)
- whistleblowing (1)
- wifi (1)
- wrap (1)
- wrap-up (1)