FEATURED WHITEPAPERS

FIPS 140-Next is coming: What does it mean and what are you going to do?

This paper will look at the likely successor to FIPS 140-2, identify the differences between the two standards, and discuss some strategies to help product vendors ease the transition from FIPS 140-2 to FIPS 140-Next.

Download

Whitepapers

What is Suite-B Cryptography and How Does it Relate to Government Certifications?

This paper will  provide a high-level introduction to Suite-B cryptography, discuss how Suite-B relates to government certifications, and specifically address Suite-B requirements for commonly certified services, such as, TLS, SSH, and IKE/IPsec.

Whitepapers

The NDcPP is Here: What Does it Mean and What Should You Expect?

This paper will provide a high-level identification of the differences between the NIAP NDPP and the international NDcPP, and discuss some strategies to help product vendors ease the transition from NDPP to NDcPP.

Whitepapers

FIPS 140-Next is coming: What does it mean and what are you going to do?

This paper will look at the likely successor to FIPS 140-2, identify the differences between the two standards, and discuss some strategies to help product vendors ease the transition from FIPS 140-2 to FIPS 140-Next.

Podcasts

Coming Soon

Podcasts coming soon.

Videos

Coming Soon

Videos Coming Soon

Links

NIAP Approved Protection Profiles

This provides a complete list of all NIAP approved Protection Profiles and NIAP Protection Profiles in the process of development. This is very important since it defines the requirements a product needs to meet to be certified.

Links

FIPS 140-2 Standard

This is the actual FIPS 140-2 standard. It provides a ton of information, including, an overview of the structure of the standard and a high-level description of all of the requirements.

Links

NIAP Product Compliant List

This is the official list of products that have either been validated or vetted by the NIAP. This is a great resource for either pointing your customers to your CC certificate or figuring out what your competitor has already certified.

Links

NIAP Products In-Evaluation List

This links to the official list of products in the process of being evaluated in the US CC scheme. Like the previous link, this is a great resource to figure out who is currently doing what or to prove to your customer that you are in the process of testing.

Links

Common Criteria User Forum

The CC user forum is a organization comprised of all parties interested in participation and development of Common Criteria including End Users, Laboratories, and Governments.

Links

CC Standard Documentation

This provides links to all of the Common Criteria documentation. Be forewarned, it is an extensive list, so, expect to be flooded with information.

Links

Common Criteria Portal

This is the international home of the Common Criteria. This provides links to all of the Common Criteria certification schemes, all of the products evaluated in all of the schemes, and the latest news in the industry.

Links

Module Validation List

This links to the official list of all FIPS 140 validated modules. This is a great resource for either pointing your customers to your FIPS 140 certificate or figuring out what your competitor has already certified.

Links

Module In Process List

This links to the official list of cryptographic modules in the process of being validated. Like the previous link, this is a great resource to figure out who is currently doing what or to prove to your customer that you are in the process of testing. Note: Inclusion in the list is optional, so there may be additional products being tested.

Links

FIPS 140-2 Derived Test Requirements

This document provides a detailed description of all of the FIPS 140-2 testing requirements.

Links

FIPS 140-2 Implementation Guidance

This document provides the latest FIPS 140 requirement interpretations. This document is very important because it is the method in which the standard has evolved over the years.