Go and FIPS 140 March update

        March 16, 2026

Go and FIPS 140 March update
v1.26.0 Security Policy draft, and Entropy Certificate #E318

        v1.26.0 Security Policy draft for review
The full draft of the v1.26.0 Security Policy is ready for review.
Please check the tables and confirm they match your expectations.
We plan to submit it along with the rest of the FIPS 140-3 Go Cryptographic Module v1.26.0 CMVP validation report late next week.
Entropy Certificate #E318
After quite a bit of back and forth on our use of atomic memory instructions and on the specific details of the OE names, NIST has issued Entropy Certificate #E318 for our Go Entropy Source v1.0.0!
It is certified to provide 384-bit outputs with full entropy, so we can use it directly to seed our AES-256 Counter DRBG without a derivation function.
It has its own special-purpose SHA2-384 implementation with its own CAVP certificate and it is barely 200 lines with comments, so it can hopefully stay frozen for many years, and we plan to keep reusing it for the foreseeable future, adding OEs as necessary.
You can find the full EAR in the shared folder.

Your use of the information in this archive is governed by the Terms of Service.

                                Don't miss what's next. Subscribe to Geomys Go FIPS 140-3:

            Email address (required)