News

|

Feeds

|

Email

NEWARK, Del. and OTTAWA, ON, Oct. 9, 2025 /PRNewswire/ -- Lightship Security, an Applus+ Laboratories company and accredited cryptographic security test laboratory, and the OpenSSL Corporation, the co-maintainer of the OpenSSL Library, announce the submission of OpenSSL version 3.5.4 to the Cryptographic Module Validation Program (CMVP) for FIPS 140-3 validation.

This submission confirms that the code is complete and that all included algorithms have successfully passed NIST testing and independent laboratory review. The final CMVP review and certificate issuance remain as the last step in the process.

This submission marks a significant milestone in the ongoing collaboration between Lightship Security and the OpenSSL Corporation to provide validated cryptographic solutions that meet modern security and compliance requirements. The OpenSSL 3.5.4 FIPS Object Module provides an open-source, standards-compliant cryptographic module aligned with the FIPS 140-3 standard, enabling organisations across government and industry to deploy secure and compliant solutions once the validation certification is issued on the completion of the final step in the process.

OpenSSL 3.5, released in April 2025, introduced support for post-quantum cryptographic (PQC) algorithms, including ML-KEM, ML-DSA, and SLH-DSA, consistent with NIST's PQC standardisation. This submission is the first step toward a FIPS-140 validated PQC-ready module, supporting organisations preparing for quantum-resistant cryptographic deployments.

Jason Lawlor, President of Lightship Security, said:

"The submission of OpenSSL 3.5.4 to the CMVP marks an important step in sustaining validated, standards-based cryptography within one of the world's most widely used open-source libraries--foundational to internet infrastructure, embedded systems, and enterprise applications. Lightship Security is proud to continue supporting OpenSSL's FIPS 140-3 validation efforts to meet both current and emerging compliance requirements for global users."

Tim Hudson, President of the OpenSSL Corporation, said:

"OpenSSL 3.5.4 is not just a step toward future validation. It represents a completed, tested, and ready module that brings real value today. The final certificate will formalise what is already true: OpenSSL 3.5.4 meets the requirements of FIPS 140-3 while introducing post-quantum readiness for the years ahead."

This effort continues the history of the OpenSSL Library FIPS 140 validated modules that are widely deployed across government, defence, and commercial systems to support secure and compliant operations.

Contact:
OpenSSL Corporation
***@openssl.org

Photo(s):
https://www.prlog.org/13104111

Press release distributed by PRLog

View original content:https://www.prnewswire.com/news-releases/lightship-security-and-the-openssl-corporation-submit-openssl-3-5-4-for-fips-140-3-validation-302580027.html

SOURCE OpenSSL Corporation

Email

|

Slashdot

|

Digg

|

Del.icio.us

|

Feeds

RELATED NEWS ARTICLES

Identiv Completes Thailand Manufacturing Transition, Unlocking Next-Generation Multicomponent Manufacturing for Advanced IoT Solutions | Jan 22, 2026 Breakthrough Progress: METiS TechBio Publishes Consecutive Research Findings in Nature Communications and the Journal for ImmunoTherapy of Cancer | Jan 22, 2026 Truvista Fiber Acquires SlyTel | Jan 22, 2026 New Report Names States Most Vulnerable to Holiday Scams | Jan 22, 2026 Android Mobile Adware Surges in Second Half of 2025 | Jan 22, 2026 Healthcare Industry Executives are Likely to be Personal Targets of Cybercrime | Jan 22, 2026 LG ELECTRONICS INTRODUCES 2026 LG GRAM LINEUP ELEVATED BY AEROMINUM | Jan 22, 2026 Global Cyber Alliance Identifies Five Cybersecurity Forces That Defined 2025 - And Will Shape 2026 | Jan 22, 2026 pgEdge Announces pgEdge Agentic AI Toolkit for Postgres | Jan 22, 2026 Guardz 2025 SMB Cybersecurity Report: Nearly 50% of U.S. Small Businesses Have Been Hit by Cyber Attack | Jan 22, 2026