Security and Connectivity for IoT Devices


The Allegro Cryptographic Engine Listed as a CMVP Module in Process by NIST


Allegro is pending review for FIPS 140-3 validation from NIST for the Allegro Cryptography Engine – ACE™. Allegro has been added to the Modules in Process List (MIP), which highlights the modules that the NIST Cryptographic Module Validation Program (CMVP) is actively working on. The CMVP is a joint effort between the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment (CSE) in Canada.

The Allegro Cryptography Engine – ACE™

The ACE™ module allows IoT device manufacturers to meet government requirements for FIPS Validated Cryptography. ACE™ is a cryptographic library module for resource sensitive IoT devices that provides validated software implementations of FIPS-approved algorithms for the calculation of message digests, digital signature creation and verification, bulk encryption and decryption, key generation and key exchange. Used stand-alone or pre-integrated with the Allegro EdgeAgent Suite, ACE™ provides CAVP validated implementations of sophisticated FIPS approved encryption algorithms for use in embedded systems. As the transition from FIPS to FIPS 140-3 continues, Allegro is prioritizing the update for the ACE™ module to FIPS 140-3 well before the expiration of FIPS occurs in 2026. This third version of FIPS includes many updates and strong links to ISO documentation, which are standards that have been implemented worldwide.

Why Does the CMVP Exist?

The NIST CMVP plays a vital role in ensuring that cryptographic modules meet specific security standards, providing a consistent metric for evaluating security, and promoting strong security practices across various sectors. It helps federal agencies and other organizations in making informed decisions related to the purchase and implementation of cryptographic solutions, thereby enhancing the overall security of information systems.

Validation of Cryptographic Modules

The CMVP provides a standardized process for validating cryptographic modules. This includes testing the modules against established standards, such as Federal Information Processing Standards (FIPS) 140. The validation process ensures that the cryptographic algorithms and their implementation in a product meet specific security requirements.

Security Metric

By adhering to the standards set by the CMVP, federal agencies and other organizations can have a consistent security metric to evaluate the cryptographic security of various products. This helps in making informed decisions when purchasing and implementing cryptographic solutions.

Compliance with Federal Regulations

For U.S. federal agencies, using validated cryptographic modules is often a requirement for compliance with various regulations and directives. This ensures that sensitive information is protected in accordance with government standards.

International Recognition

Since the program is recognized internationally, products validated under the CMVP can be more easily marketed and accepted globally. This can be particularly beneficial for vendors looking to sell their products in various international markets.

Transparency and Trust

The list of validated modules is publicly available, providing transparency and helping organizations identify products that have been rigorously tested and validated. This can build trust in the products and the vendors that produce them.

Encouraging Strong Security Practices

By promoting the use of validated cryptographic modules, the CMVP encourages vendors to adhere to strong security practices in the design and implementation of their products. This can lead to an overall improvement in the security landscape.

Stay tuned for additional updates on FIPS 140-3 approval for the Allegro Cryptographic Engine (ACE™). Sign-up for our newsletter to get updates sent directly to your inbox.


Loren Shade

Let's Talk IoT Security

Implementing IoT device security can be a challenge. Let us help you by sharing our proven framework for integrating a proactive security approach into your design. Click the button below to schedule a one-on-one web conference to discuss your security needs.

Sign Up For Our Newsletter

Sign up for our newsletter and get the latest tips and insights related to IoT security

Download Allegro’s Playbook

  • This field is for validation purposes and should be left unchanged.

Contact Us Today

  • This field is for validation purposes and should be left unchanged.