Security Requirements for Cryptographic Modules

National Institute of Standards and Technology

FIPS 140-2

Withdrawn on December 03, 2002. Superseded by FIPS 140-2

Security Requirements for Cryptographic Modules

Documentation Topics

Date Published: May 25, 2001 (Change Notice 1, 10/10/2001)

Supersedes: FIPS 140-2 (05/25/2001)

Author(s)

National Institute of Standards and Technology

Abstract

This Federal Information Processing Standard (140-2) specifies the security requirements that will be satisfied by a cryptographic module, providing four increasing, qualitative levels intended to cover a wide range of potential applications and environments. The areas covered, related to the secure design and implementation of a cryptographic module, include specification; ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/electromagnetic compatibility (EMI/EMC); self-tests; design assurance; and mitigation of other attacks.

Keywords

computer security; cryptographic module; FIPS 140-2; validation

Control Families

Identification and Authentication; System and Communications Protection; System and Information Integrity

Documentation

Publication:
No Download Available

Supplemental Material:
None available

Document History:
10/10/01: FIPS 140-2 (Final)

Topics

Security and Privacy

acquisition, audit & accountability, cryptography, identity & access management, planning, testing & validation

Laws and Regulations

Federal Information Security Modernization Act