FIPS 140

The 140 series of Federal Information Processing Standards (FIPS) are U.S. government computer security standards that specify requirements for cryptography modules. As of December 2006, the current version of the standard is FIPS 140-2, issued on 25 May 2001.

Purpose of FIPS 140

The National Institute of Standards and Technology (NIST) issues the 140 Publication Series to coordinate the requirements and standards for cryptographic modules which include both hardware and software components for use by departments and agencies of the United States federal government. FIPS 140 does not purport to provide sufficient conditions to guarantee that a module conforming to its requirements is secure, still less that a system built using such modules is secure. The requirements cover not only the cryptographic modules themselves but also their documentation and (at the highest security level) some aspects of the comments contained in the source code.

User agencies desiring to implement cryptographic modules should confirm that the module they are using is covered by an existing validation certificate. FIPS 140-1 and FIPS 140-2 validation certificates specify the exact module name, hardware, software, firmware, and/or applet version numbers. For Levels 2 and higher, the operating platform upon which the validation is applicable is also listed. Vendors do not always maintain their baseline validations.

This page contains text from Wikipedia, the Free Encyclopedia - https://wn.com/FIPS_140

FIPS 140-3

The Federal Information Processing Standard (FIPS) Publication 140-3 was a proposed update to the U.S. government computer security standard used to accredit cryptographic modules. The title of the standard is Security Requirements for Cryptographic Modules and FIPS 140-2 remains the currently approved version. Efforts to update FIPS 140-2 date back to the early 2000s. The FIPS 140-3 (2013 Draft) was scheduled for signature by the Secretary of Commerce in August 2013, however that never happened and the draft was subsequently abandoned. In 2014, NIST released a substantially different draft of FIPS 140-3, this version effectively directing the use of an International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standard, 19790:2012, as the replacement for FIPS 140-2. The 2014 draft of FIPS 140-3 was also abandoned. On August 12, 2015, NIST formally released a statement on the Federal Register asking for comments on the potential use of portions of ISO/IEC 19790:2014 in the update of FIPS 140-2. The reference to a 2014-version of ISO/IEC 19790 was an inadvertent error in the Federal Registry posting, as 2012 is the most recent version.

This page contains text from Wikipedia, the Free Encyclopedia - https://wn.com/FIPS_140-3

Podcasts:

Email this Page Play all in Full Screen Show More Related Videos

back

Most Related
Most Recent
Most Popular
Top Rated

expand screen to full width
repeat playlist
shuffle
replay video
clear playlist restore
images list

PLAYLIST TIME:

Latest News for: fips 140 3

Edit

HPE intros virtual private cloud, on-premise options for Aruba Networking Central

Computer Weekly 10 Apr 2025

Among the new features is Aruba Networking Central On-Premises for Government, which is designed to provide a new deployment option that includes FIPS 140-2 certified server hardware to meet related government security requirements.

Article Search

tools

You can search using any combination of the items listed below.

Language:

Sort:

Indexed:

Search:

Duplicates: