Japan Cryptographic Module Validation Program JCMVP

The Japan Cryptographic Module Validation Program (JCMVP) has been established with the objective of having third-party entities perform testing and validation procedures systematically so as to enable Cryptographic Module users to recognize precisely and in detail that Cryptographic Modules consisting of hardware, software and/or firmware components, in which Approved Security Functions included in the
e-Government Recommended Ciphers List, etc. (e.g. cryptographic functions, hash functions and signature functions) are implemented, appropriately protect the security functions, cryptographic keys, passwords and other sensitive information stored therein. The JCMVP is expected to help the procurement based on
"Standards for Information Security Measures for the Central Government Computer Systems (Feburary 2009 (Fourth Edition))".

The JCMVP is operated by the Information-technology Promotion Agency, Japan (IPA) as a product certification system.

[JAPANESE]

Important Notice

Temporary Suspension of Acceptance of the Cryptographic Module Validation Application

IPA has been operating the cryptographic module validation and the cryptographic algorithm verification since fiscal year 2006. However, IPA has decided to temporarily suspend the acceptance of applications of cryptographic module validation from April 1st, 2024. For the time being, IPA continues to only accept applications for the cryptographic algorithm verification certificate as before.
Note that IPA will notify later if IPA decides to resume accepting applications for cryptographic module validation due to changes in circumstances.

Advance Notice

The Documents of This Program Will Be Updated.

To improve the operation of this program, IPA plans to revise the following the documents by the end of this year.

Electronic Application Procedures
The application documents by the applicant may be submitted electronically instead of in paper form. "Documents proving the corporate status" must still be submitted in paper form.
Note:
Application documents must be digitally signed by a public key certificate issued by a public certificate authority to the applicant.
Changes regarding issuance of Certificates, etc.
The Module Validation Certificates and the Algorithm Validation Certificates will be issued in the form of electronic data that have been digitally signed by IPA. Certificates on paper will also be issued upon explicit request.
Changes regarding the conclusion of non-disclosure agreements
In principle, non-disclosure agreements with the applicant will be concluded through the electronic contract introduced by IPA. Paper-based contracts will be available upon explicit request.

Contact information

For further information, contact to:
IT Security Center, Information-technology Promotion Agency, Japan

E-mail

Change log

Nov 12, 2024

Contact Information is updated.
Sep 10, 2024

The Register of Cryptographic Algorithm Verified Implementations is updated.
Aug 26, 2024

The Register of Cryptographic Algorithm Verified Implementations is updated.
Jul 9, 2024

The notice of this page is updated.
May 1, 2024

New notices are added to this page.
Feb 7, 2024

The List of Cryptographic Module Testing Laboratories is updated.
Nov 6, 2023

The Register of Cryptographic Algorithm Verified Implementations has been updated.
Apr 26, 2023

Web pages of JCMVP have is due to site renewal.
Dec 21, 2022

Since the way to make revisions of Approved Security Functions on August 22, 2022, did not follow the regulations of this program. Both old and new revisions of the documents were made public and effective until end of June, 2023.

The Register of Cryptographic Algorithm Verified Implementations is updated.
Nov 17, 2022

The Register of Cryptographic Algorithm Verified Implementations is updated.