ZTE Corporation announced it has received validation from the National Institute of Standards and Technology (NIST) for Federal Information Processing Standards (FIPS) in regards to 140-2 Cryptographic Algorithm Validation Program (CAVP) in wireless infrastructure equipment. ZTE is the first Chinese telecom provider ever to receive the NIST FIPS 140-2 security validation.

Falling under the Federal Information Security Management Act (FISMA), NIST is the federal technology agency that works with the industry to develop and apply technology, measurements, and standards by issuing Federal Information Processing Standards (FIPS) certificates. As the latest certificate stands (version FIPS140-2), any product with a cryptographic module being purchased in the U.S. requires FIPS validation from NIST.

After ZTE selected a cryptographic library as part of its unified platform, a FIPS validation process was then conducted by ATSEC, an accredited laboratory in the U.S. under the National Voluntary Laboratory Accreditation Program (NVLAP). Cryptographic libraries are commonly used on ZTE’s wireless infrastructure products for security purposes and feedback showed ATSEC was pleased to see ZTE pass a strict set of tests in a very short period of time.

Mr. Yan Liu, managing director, ATSEC China, said, “The success of ZTE’s FIPS CAVP validation indicates the high assurance of the algorithm implementations on these products and ATSEC will continue to work with ZTE on FIPS CMVP testing and validation.”