NATO seeks custom software tool to test cryptographic standards compliance

NATO wants to buy software tools that can validate whether cryptography systems are meeting a new set of standards.

The new tool will be a custom-software build, but NATO is requiring the developer not use a niche software solution. NATO is instead requiring the use of a “widely used programming or scripting language.”

As part of its market research work, NATO is asking for estimates of development costs.

“The purpose of this RFI is to obtain (a) rough order magnitude price quote for performing the work,’ NATO said in a Sam.gov posting Monday.

NATO’s Communications and Information Agency is using the cost information to decide how much funding it will need to develop what is known as a conformance test tool.

NATO wants to standardize cryptographic key management across the alliance. The organization's new standard for its cryptographic equipment is known as the NATO Key Management Interoperability Specification. The tool will evaluate products for conformance to the standard.

The tool will automatically run tests to see if systems pass or fail. For failed tests, the tool will generate reports on deficiencies.

NATO authorities, national governments, product developers and certification bodies will use the tests.

Responses to the request for information are due Aug. 19.