Date: 2011/5/27 (Fri) 15F30`17F00

      Place: Collaboration Room #7 (Information Science Building, 5th floor)

      Name: Randall J.Easter
          Director of the NIST Cryptographic Module Validation Program, USA

      Title: NIST Cryptographic Validation Programs


      Abstract: The Computer Security Division as the National Institute of Standards and Technology conducts research, development and outreach necessary to provide standards and guidelines, mechanisms, tools, metrics and practices to protect our nation's information and information systems.The Cryptographic Algorithm Validation Program (CAVP) and the Cryptographic Module Validation Program (CMVP) were developed by NIST to support the needs of the user community for strong, independently tested and commercially available cryptographic algorithms and modules. Through these programs, NIST works with the commercial sector and the cryptographic community to achieve security, interoperability, and assurance of correct implementation. The goal of these programs is to promote the use of validated algorithms, modules and products which provides federal agencies with a security metric to use in procuring cryptographic modules. The testing performed by accredited laboratories and the validation performed by these two programs provides this metric. Federal agencies, industry, and the public can choose cryptographic modules and/or products containing cryptographic modules from the CMVP Validated Modules List and have confidence in the claimed level of security and assurance of correct implementation.Cryptographic algorithm and cryptographic module testing and validation are based on underlying published standards and guidance that is developed within the Computer Security Division in collaboration with many other organizations. As Federal agencies are required to use validated cryptographic modules for the protection of sensitive non-classified information, the validated modules and the validated algorithms they contain represent the culmination and delivery of the division's cryptography based work to the end user.


      CV: Mr. Easter is the Director of the NIST Cryptographic Module Validation Program (CMVP). Mr. Easter graduated from the Pennsylvania State University with a Bachelor's degree in Electrical Engineering. Prior to joining NIST, Mr. Easter was a Senior Engineer at IBM Corporation with over 20 years experience in mainframe scalar, vector and cryptographic processor hardware development; he was the principal designer and lead engineer for IBM's ES/3090 vector co-processor and cryptographic co-processor hardware and IBM's S/390 single-chip CMOS cryptographic co-processor. He was responsible for leading the effort for being awarded the first FIPS 140-1 overall Level 4 validation of a single-chip cryptographic module, Certificate #40, which implemented over 150 complex hardware-only cryptographic services. He is the author of twelve filed patents for hardware, logic design and cryptographic mechanisms. He joined NIST's Computer Security Division in 2000 and named the Director of the NIST CMVP in 2003. In 2003 the CMVP team was awarded the US Department of Commerce's Silver Award for Meritorious Federal Service. Since 2000, the number of FIPS 140-1 and FIPS 140-2 validations has grown from less than 50 annually to over 200 annually. Duties include the validation of commercial cryptographic modules, editor and author of cryptographic and security guidance and standards including international standards, and is trained as an ISO 9000-2000 lead auditor.

      [back]