FIPS 140-2/3

WHAT IS FIPS 140-2/3?

FIPS 140-2/3 is a U.S. government Federal Information Processing Standard (FIPS) used to approve cryptographic modules. Modules validated as conforming to FIPS 140-2/3 are accepted by U.S. and Canadian federal agencies for the protection of sensitive information. Other nations also rely on FIPS 140-2/3. ISO 19790 is an equivalent standard based on FIPS140-2/3.

FIPS 140-2/3 defines four levels of security, simply named “Level 1” to “Level 4” with 1 being the lowest and 4 being the highest.

WHAT IS THE CMVP?

The Cryptographic Module Validation Program (CMVP) is the program that is responsible for administration and oversight of FIPS 140-2/3 module validations. The CMVP is a joint effort between the U.S. National Institute of Standards and Technology (NIST) and Canada’s Communications Security Establishment (CSE).

CMVP resources:

 

FIPS 140-2/3

WHAT IS FIPS 140-2/3?

FIPS 140-2/3 is a U.S. government Federal Information Processing Standard (FIPS) used to approve cryptographic modules. Modules validated as conforming to FIPS 140-2/3 are accepted by U.S. and Canadian federal agencies for the protection of sensitive information. Other nations also rely on FIPS 140-2/3. ISO 19790 is an equivalent standard based on FIPS 140-2/3.

FIPS 140-2/3 defines four levels of security, simply named “Level 1” to “Level 4” with 1 being the lowest and 4 being the highest.

WHAT IS THE CMVP?

The Cryptographic Module Validation Program (CMVP) is the program that is responsible for administration and oversight of FIPS 140-2/3 module validations. The CMVP is a joint effort between the U.S. National Institute of Standards and Technology (NIST) and Canada’s Communications Security Establishment (CSE).

CMVP resources: