atsec information security completes the CAVP cryptographic algorithm testing for ZTE
2010-10-29Beijing, China – atsec information security is pleased to announce that the cryptographic algorithms implemented in two modules developed by ZTE CORPORATION (branded as “ZTE”), UEPCM (UEP Cryptographic Module) and UPCL (Unified Platform Cryptographic Library), were tested by atsec information security, and validated under the CAVP (Cryptographic Algorithm Validation Program) by NIST (National Institute of Standards and Technology).
The successful validation results are published on NIST's official website. The certificate numbers, product information, and vendor information can be found on the validation list of the CAVP’s official website at http://csrc.nist.gov/groups/STM/cavp/validation.html.
The cryptographic algorithms implemented in UPCL (and their certification numbers) are:
- TDES (Certification Number #998, #999)
- AES (#1483, #1485)
- DSA (#468, #469)
- SHA (#1340, #1341)
- RN G(#808, #809)
- RSA (#727, #728)
- HMAC (#873, #874)
The cryptographic algorithms implemented in UEPCM (and certificate numbers) are:
- TDES (#1002, #1003)
- AES (#1497, #1498)
- DSA (#470, #471)
- SHA (#1348, #1349)
- RNG (#814, #815)
- RSA (#734, #735)
- HMAC(#880, #881)
The team members of both parties will continue to work together on FIPS 140-2 CMVP testing and validation.
The CAVP program was established by NIST in July 1995 and encompasses validation testing for “FIPS Approved” and “NIST recommended” cryptographic algorithms. Cryptographic algorithm validation is a prerequisite for FIPS 140-2 validations under the Cryptographic Module Validation Program (CMVP). All CAVP and CMVP testing is handled by third-party, Cryptographic and Security Testing (CST) Laboratories such as atsec’s CST LAB, accredited by the National Voluntary Laboratory Accreditation Program (NVLAP). atsec has abundant experience in this area, and is an industry leader on security testing and evaluation.
About atsec information security
atsec information security is an independent, standards-based information technology security services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich, Germany in 2000 and has extensive international operations with offices in the U.S., Germany, Sweden, and China. atsec's service includes formal laboratory testing and evaluation, independent testing and evaluation as well as information security consultancy.
atsec offers cryptographic module and algorithm testing under the Cryptographic Module Validation Program of the National Institute of Standards and Technology (NIST) in the U.S. and Communications Security Establishment Canada (CSEC) in Canada. atsec also offers formal testing under the NIST's PIV Program (NPIVP), Cryptographic Algorithm Validation Program (CAVP), Security Content Automation Protocol Program (SCAP), and product approval testing under the GSA FIPS 201 EP.
atsec works with such leading global companies as Apple, CloudShield, IBM, Hewlett and Packard, Honeywell, Patrick Townsend, Quantum Corporation and Red Hat.
