Wednesday, May 18, 2016

ICMC16: CAVP—Inside the World of Cryptographic Algorithm Validation Testing

Sharon Keller, Computer Scientist, NIST, CAVP.

CAVP used to be within the CMVP, because there were only 3 validate algorithms. They split in 2003, and now CAVP is a per-requisite to doing a CMVP validation with NIST.  NIST's Cryptographic Technology Group determine which algorithms should be included, and how they should be implemented in order to be secure.  CAVP then writes test suites to validate that an implementation meets these requirements.

It's beetter to test something instead of nothing at all. In 2011, introduced component testing when components of an algorithm isn't contained in a single boundary.  It is testing a component of a standard, not a mathematical function.

For example, ECDSA signature generation function has two steps - hash message and sign hash. For the PIV card, hashing of message done off the card and signature of the hash is done on the card.  So, created ECDSA signature generation component that takes a hash-length input and signs it

CAVP now tests SHA3!

Need to make sure everything works correctly, and if it deviates even a little bit, then the test needs to fail.  The Monte Carlo test goes though about 4 million iterations, designed to exercise the entire implementation. Their tests include positive testing - given known inputs, get the right output. Additionally do some negative testing to make sure the implementation recognizes invalid and valid values. For example, change the format of the data before submitting and make sure it fails.