Malaysian Cryptography Validation (MyCV)

OverviewHow To ApplyFAQContact
Share this page :

MyCV is a national scheme for validating and certifying the Cryptographic Module Validation (CMV) and the Cryptographic Algorithm Validation (CAV) services based on ISO/IEC 19790 and ISO/IEC 24759 standard and also to supports Dasar Kriptografi Nagara (DKN) or National Cryptoraphy Policy (NCP) implementation. Cryptographic Algorithm Validation (CAV) involves the validation of a cryptographic algorithm implementation. A cryptographic algorithm implementation is an entity that implements one or more cryptographic algorithms. The cryptographic algorithm boundary for this implementation is defined as the boundary encompassing the complete implementation.


Cryptographic Module Validation (CMV) involves the validation of cryptographic modules that comply with the requirements specified in the ISO/IEC 19790. This process also encompasses defining the boundary of the cryptographic module, determines its modes of operation and its associated services. Dasar Kriptografi Negara (DKN) is a national strategic approach to improve efficiency and achieve self-reliance in the use of cryptographic towards economic prosperity, social welfare and national security. In line with the National Cyber Security Policy (NCSP), this policy aims to protect the security of government information and critical national agencies through the use of cryptographic reliable product that will enhance the level of information security agency / organization concern. MyCB recover the costs for delivery of MyCV Scheme services through a service charge fees (excluding the SST) which includes:

  • Certification fee – this fixed fee covers only for the certification process under MyCB where it does not include any cost that is separately agreed between Cryptography Validation Facility (CVF) and the Vendor, or any incidental cost such as cost for site visit or training
    • Cryptography Algorithm Validation (CAV): RM 16,000
    • Cryptography Algorithm Validation (CAV) and Cryptography Module Validation (CMV): RM 16,000 for Security Level 1 and 2 RM 31,000 for Security Level 3 and 4
  • CVF license new application and renewal fee – RM 25,000 (the fee includes the costs of CVF new application / renew assessment and licensing agreement with MyCB)
  • CVF annual license fee - RM 5,000 (this is annually charge for three consequent year after the first year license)


Objective

  • To increase trust on the use of cryptography technology in IT products and digital environment;
  • To provide expertise and certification towards cryptographic modules and algorithm validation in compliance with ISO/IEC 19790 and ISO/IEC 24759 standard


Certification Benefits

  • Better security and trust of the user on cryptography
  • Promote the use of validated cryptographic algorithm/module
  • Recognized as trusted cryptographic/module at the national level


How To Apply


Certification Guideline MyCV

Pre-Requisite:
Cryptographic Algorithm Validation (CAV) is mandatory for any organization to proceed with Cryptographic Module Validation (CMV)


Initialise:
  • Review the Acceptance Package received from Cryptography Validation Facility (CVF)
  • Register application for (CAV) and/or (CMV)

Oversight:
  • Conduct oversight on testing and validation project perform by CVF
  • Review the CAV/CMV Package

Certify:
  • Draft the Certification Listing Form and Certificate
  • Management approval - Certification released



Customer Engagement FAQ

What is the Malaysian Cryptographic Validation (MyCV) initiative?

MyCV is a program established to validate and certify cryptographic modules according to the strict standards outlined in ISO/IEC 19790:2012 and ISO/IEC 24759:2017. It represents Malaysia's commitment to maintaining high levels of cryptographic security in its digital infrastructure.

What are the two main scopes within the MyCV scheme?

The MyCV scheme comprises Cryptographic Module Validation (CMV) and Cryptographic Algorithm Validation (CAV) scope. These two scopes ensure both modules and algorithms meet rigorous standards.

Who administers the MyCV scheme, and what services does it offer?

The MyCV scheme is administered by the Information Security Certification Body (ISCB) of CyberSecurity Malaysia. It offers validation and accreditation services, demonstrating Malaysia's dedication to a secure cyber environment.

How does MyCV ensure the reliability of cryptographic modules?

MyCV employs a comprehensive verification process for cryptographic modules, aligning with testing methodologies specified in ISO/IEC 24759:2017. This scrutiny guarantees the effectiveness and dependability of cryptographic solutions in safeguarding sensitive data and critical systems.

Why is Cryptographic Algorithm Validation (CAV) considered mandatory for MyCV?

CAV is mandatory as a prerequisite for Cryptographic Module Validation (CMV). It ensures that cryptographic algorithms used in cryptographic modules meet international standards and adhere to best practices in information security.

What is the significance of the National Trusted Cryptographic Algorithm List (MySEAL) within MyCV?

MySEAL specifies approved cryptographic algorithms suitable for use within the Malaysian context. It enhances the integrity and resilience of cryptographic solutions validated under the MyCV scheme.

Contact

For any enquiry please contact:
enquiry@cybersecurity.my

logo
CyberSecurity Malaysia is the national cyber security specialist agency under the purview of the Ministry of Digital (KD)
 
Select User Category
Contact Us

  • CyberSecurity Malaysia,
    Level 7 Tower 1, Menara Cyber Axis, Jalan Impact,
    63000 Cyberjaya, Selangor Darul Ehsan, Malaysia.

  • enquiry@cybersecurity.my

  • +603 - 8800 7999

  • +603 - 8008 7000

COPYRIGHT © CYBERSECURITY MALAYSIA

CONTACT US | DISCLAIMER | PERSONAL DATA PROTECTION NOTICE | SITEMAP

TOP