FIPS 140-2
Encyclopedia
The Federal Information Processing Standard (FIPS
) Publication 140-2, FIPS PUB 140-2, is a U.S.
government computer security
standard
used to accredit cryptographic
modules. The title is Security Requirements for Cryptographic Modules. Initial publication was on May 25, 2001 and was last updated December 3, 2002.
(NIST) issued the FIPS 140
Publication Series to coordinate the requirements and standards for cryptography modules that include both hardware and software components. Federal agencies and departments can validate that the module in use is covered by an existing FIPS 140-1 or FIPS 140-2 certificate that specifies the exact module name, hardware, software, firmware, and/or applet version numbers. The cryptographic modules are produced by the private sector
or open source
communities for use by the U.S. government and other regulated industries (such as financial and health-care institutions) that collect, store, transfer, share and disseminate sensitive but unclassified
(SBU) information. A commercial cryptographic module is also commonly referred to as a Hardware Security Module
.
(CMVP) as a joint effort by the NIST and the Communications Security Establishment
(CSE) for the Canadian
government.
Security programs overseen by NIST and CSE focus on working with government and industry to establish more secure systems and networks by developing, managing and promoting security assessment tools, techniques, services, and supporting programs for testing, evaluation and validation; and addresses such areas as: development and maintenance of security metrics, security evaluation criteria and evaluation methodologies, tests and test methods; security-specific criteria for laboratory accreditation; guidance on the use of evaluated and tested products; research to address assurance methods and system-wide security and assessment methodologies; security protocol validation activities; and appropriate coordination with assessment-related activities of voluntary industry standards bodies and other assessment regimes.
(CSPs) within the module, or pick-resistant locks on covers or doors to protect against unauthorized physical access.
At this security level, the physical security mechanisms provide a complete envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access.
Penetration of the cryptographic module enclosure from any direction has a very high probability of being detected, resulting in the immediate zeroization of all plaintext CSPs.
Security Level 4 cryptographic modules are useful for operation in physically unprotected environments. Security Level 4 also protects a cryptographic module against a security compromise due to environmental conditions or fluctuations outside of the module's normal operating ranges for voltage and temperature. Intentional excursions beyond the normal operating ranges may be used by an attacker to thwart a cryptographic module's defenses. A cryptographic module is required to either include special environmental protection features designed to detect fluctuations and zeroize CSPs, or to undergo rigorous environmental failure testing to provide a reasonable assurance that the module will not be affected by fluctuations outside of the normal operating range in a manner that can compromise the security of the module.
security accreditation program for cryptographic modules produced by private sector vendors who seek to have their products certified for use in government departments and regulated industries (such as financial and health-care institutions) that collect, store, transfer, share and disseminate sensitive but unclassified
(SBU) information.
NVLAP accredited Cryptographic Modules Testing laboratories perform validation testing of cryptographic modules. Cryptographic modules are tested against requirements found in FIPS PUB 140-2, Security Requirements for Cryptographic Modules. Security requirements cover 11 areas related to the design and implementation of a cryptographic module. Within most areas, a cryptographic module receives a security level rating (1-4, from lowest to highest), depending on what requirements are met. For other areas that do not provide for different levels of security, a cryptographic module receives a rating that reflects fulfillment of all of the requirements for that area.
On a vendor's validation certificate, individual ratings are listed, as well as the overall rating.
NIST maintains validation lists for all of its cryptographic standards testing programs (past and present). All of these lists are updated as new modules/implementations receive validation certificates from NIST and CSE. Items on the FIPS 140-1 and FIPS 140-2 validation list reference validated algorithm implementations that appear on the algorithm validation lists.
Federal Information Processing Standard
A Federal Information Processing Standard is a publicly announced standardization developed by the United States federal government for use in computer systems by all non-military government agencies and by government contractors, when properly invoked and tailored on a contract...
) Publication 140-2, FIPS PUB 140-2, is a U.S.
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...
government computer security
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
standard
Standardization
Standardization is the process of developing and implementing technical standards.The goals of standardization can be to help with independence of single suppliers , compatibility, interoperability, safety, repeatability, or quality....
used to accredit cryptographic
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
modules. The title is Security Requirements for Cryptographic Modules. Initial publication was on May 25, 2001 and was last updated December 3, 2002.
Purpose
The National Institute of Standards and TechnologyNational Institute of Standards and Technology
The National Institute of Standards and Technology , known between 1901 and 1988 as the National Bureau of Standards , is a measurement standards laboratory, otherwise known as a National Metrological Institute , which is a non-regulatory agency of the United States Department of Commerce...
(NIST) issued the FIPS 140
FIPS 140
The 140 series of Federal Information Processing Standards are U.S. government computer security standards that specify requirements for cryptography modules...
Publication Series to coordinate the requirements and standards for cryptography modules that include both hardware and software components. Federal agencies and departments can validate that the module in use is covered by an existing FIPS 140-1 or FIPS 140-2 certificate that specifies the exact module name, hardware, software, firmware, and/or applet version numbers. The cryptographic modules are produced by the private sector
Private sector
In economics, the private sector is that part of the economy, sometimes referred to as the citizen sector, which is run by private individuals or groups, usually as a means of enterprise for profit, and is not controlled by the state...
or open source
Open source
The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
communities for use by the U.S. government and other regulated industries (such as financial and health-care institutions) that collect, store, transfer, share and disseminate sensitive but unclassified
Sensitive but unclassified
Sensitive But Unclassified is a designation of information in the United States federal government that, though unclassified, often requires strict controls over its distribution...
(SBU) information. A commercial cryptographic module is also commonly referred to as a Hardware Security Module
Hardware Security Module
A hardware security module is a type of secure cryptoprocessor targeted at managing digital keys, accelerating cryptoprocesses in terms of digital signings/second and for providing strong authentication to access critical keys for server applications...
.
Cryptographic Module Validation Program
FIPS 140-2 establishes the Cryptographic Module Validation ProgramCMVP
The Cryptographic Module Validation Program is a joint American and Canadian security accreditation program for cryptographic modules. The program is available to any vendors who seek to have their products certified for use by the U.S...
(CMVP) as a joint effort by the NIST and the Communications Security Establishment
Communications Security Establishment
The Communications Security Establishment Canada is the Canadian government's national cryptologic agency. Administered under the Department of National Defence , it is charged with the duty of keeping track of foreign signals intelligence , and protecting Canadian government electronic...
(CSE) for the Canadian
Canada
Canada is a North American country consisting of ten provinces and three territories. Located in the northern part of the continent, it extends from the Atlantic Ocean in the east to the Pacific Ocean in the west, and northward into the Arctic Ocean...
government.
Security programs overseen by NIST and CSE focus on working with government and industry to establish more secure systems and networks by developing, managing and promoting security assessment tools, techniques, services, and supporting programs for testing, evaluation and validation; and addresses such areas as: development and maintenance of security metrics, security evaluation criteria and evaluation methodologies, tests and test methods; security-specific criteria for laboratory accreditation; guidance on the use of evaluated and tested products; research to address assurance methods and system-wide security and assessment methodologies; security protocol validation activities; and appropriate coordination with assessment-related activities of voluntary industry standards bodies and other assessment regimes.
Security Levels
FIPS 140-2 defines four levels of security, simply named "Level 1" to "Level 4". It does not specify in detail what level of security is required by any particular application.Level 1
Security Level 1 provides the lowest level of security. Basic security requirements are specified for a cryptographic module (e.g., at least one Approved algorithm or Approved security function shall be used). No specific physical security mechanisms are required in a Security Level 1 cryptographic module beyond the basic requirement for production-grade components. An example of a Security Level 1 cryptographic module is a personal computer (PC) encryption board.Level 2
Security Level 2 improves upon the physical security mechanisms of a Security Level 1 cryptographic module by requiring features that show evidence of tampering, including tamper-evident coatings or seals that must be broken to attain physical access to the plaintext cryptographic keys and critical security parametersCritical Security Parameter
In cryptography, the abbreviation CSP may refer to Critical Security Parameter. A Critical Security Parameter is information that is either user or system defined and is used to operate a cryptography module in processing encryption functions including cryptographic keys and authentication data,...
(CSPs) within the module, or pick-resistant locks on covers or doors to protect against unauthorized physical access.
Level 3
In addition to the tamper-evident physical security mechanisms required at Security Level 2, Security Level 3 attempts to prevent the intruder from gaining access to CSPs held within the cryptographic module. Physical security mechanisms required at Security Level 3 are intended to have a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module. The physical security mechanisms may include the use of strong enclosures and tamper detection/response circuitry that zeroizes all plaintext CSPs when the removable covers/doors of the cryptographic module are opened.Level 4
Security Level 4 provides the highest level of security.At this security level, the physical security mechanisms provide a complete envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access.
Penetration of the cryptographic module enclosure from any direction has a very high probability of being detected, resulting in the immediate zeroization of all plaintext CSPs.
Security Level 4 cryptographic modules are useful for operation in physically unprotected environments. Security Level 4 also protects a cryptographic module against a security compromise due to environmental conditions or fluctuations outside of the module's normal operating ranges for voltage and temperature. Intentional excursions beyond the normal operating ranges may be used by an attacker to thwart a cryptographic module's defenses. A cryptographic module is required to either include special environmental protection features designed to detect fluctuations and zeroize CSPs, or to undergo rigorous environmental failure testing to provide a reasonable assurance that the module will not be affected by fluctuations outside of the normal operating range in a manner that can compromise the security of the module.
Operating platform
For Levels 2 and higher, the operating platform upon which the validation is applicable is also listed. Vendors do not always maintain their baseline validations.FIPS 140-2 testing in this program
The FIPS 140-2 standard is an information technologyInformation technology
Information technology is the acquisition, processing, storage and dissemination of vocal, pictorial, textual and numerical information by a microelectronics-based combination of computing and telecommunications...
security accreditation program for cryptographic modules produced by private sector vendors who seek to have their products certified for use in government departments and regulated industries (such as financial and health-care institutions) that collect, store, transfer, share and disseminate sensitive but unclassified
Sensitive but unclassified
Sensitive But Unclassified is a designation of information in the United States federal government that, though unclassified, often requires strict controls over its distribution...
(SBU) information.
Laboratories doing the testing
All of the tests under the CMVP are handled by third-party laboratories that are accredited as Cryptographic Module Testing laboratories by the National Voluntary Laboratory Accreditation Program. Vendors interested in validation testing may select any of the thirteen accredited labs.NVLAP accredited Cryptographic Modules Testing laboratories perform validation testing of cryptographic modules. Cryptographic modules are tested against requirements found in FIPS PUB 140-2, Security Requirements for Cryptographic Modules. Security requirements cover 11 areas related to the design and implementation of a cryptographic module. Within most areas, a cryptographic module receives a security level rating (1-4, from lowest to highest), depending on what requirements are met. For other areas that do not provide for different levels of security, a cryptographic module receives a rating that reflects fulfillment of all of the requirements for that area.
Validation
An overall rating is issued for the cryptographic module, which indicates:- the minimum of the independent ratings received in the areas with levels, and
- the fulfillment of all the requirements in the other areas.
On a vendor's validation certificate, individual ratings are listed, as well as the overall rating.
NIST maintains validation lists for all of its cryptographic standards testing programs (past and present). All of these lists are updated as new modules/implementations receive validation certificates from NIST and CSE. Items on the FIPS 140-1 and FIPS 140-2 validation list reference validated algorithm implementations that appear on the algorithm validation lists.
Annexes
FIPS PUB 140-2 Annexes:- Annex A: Approved Security Functions (Draft 01-04-2011)
- Annex B: Approved Protection Profiles (Draft 06-14-2007)
- Annex C: Approved Random Number Generators (Draft 11-22-2010)
- Annex D: Approved Key Establishment Techniques (Draft 01-04-2011)
External references
- FIPS PUB 140-2
- FIPS 140-2 Standard
- NIST Computer Security Resource Center
- NIST Cryptographic Module Validation Program (CMVP) website
- Communications Security Establishment Canada (CSEC) website
- Cryptographic Module Testing laboratories
- National Voluntary Laboratory Accreditation Program (NVLAP)
- NIST Validation lists
- Additional FIPS 140-2 Information on Google Knol
- NIST Publications
- Opensource FIPS 140-2 Validation of Mozilla NSS
- OpenSSL and FIPS 140-2
- OpenFIPS - free Apache License FIPS docs, templates and tools