U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Assuring Cryptographic Security: Development, Validation, and Use of FIPS 140-1 Compliant Products

Federal agencies and departments are required to comply with FIPS 140-1, Security Requirements for Cryptographic Modules. This involves the acquisition of validated cryptographic modules (which may be incorporated in a product/application) for protecting sensitive but unclassified data. Cryptographic modules are used to provide security services such as confidentiality, integrity, and authentication. FIPS 140-1 provides users with 1) a specification of security features that are required at each security level, 2) flexibility in choosing security requirements and environments, and 3) a guide to ensuring the modules in corporate necessary security features. Accredited laboratories perform conformance testing of FIPS 140-1 modules under the Cryptographic Module Validation (CMV) Program, which is a joint effort between NIST and CSE.

Topics

Highlights of the workshop include an overview of federal cryptography, a FIPS 140-1 Tutorial, and guidance on implementing FIPS 140-1. Detailed information on how to use the standard, its impact on Federal Agencies and industry, and how agencies can impact the program will also be provided. In addition, vendors will be provide with information on how to obtain validation for their modules. Panel discussions are planned with Federal Agencies currently implementing FIPS 140-1, vendors with available validated modules, the Cryptographic Module Testing Laboratories that perform validation testing, the banking community, and an overview of prudent practices. The workshop will conclude by looking to the future with discussions of possible enhancements to the standard and other related issues.

Event Details

Starts: May 11, 1998 - 09:00 AM EDT
Ends: May 12, 1998 - 04:00 PM EDT

Format: In-person Type: Conference

Attendance Type: Open to public
Audience Type: Industry,Government
Sponsors:

NIST: Communications Security Establishment of the Government of Canada



Location

Gaithersburg Hilton
Gaithersburg, MD

Related Topics

Security and Privacy: cryptography, testing & validation

Technologies: hardware, software & firmware

Created January 11, 2018, Updated June 22, 2020