How Can We Help?
What is FIPS?
What is FIPS?FIPS is an acronym that stands for Federal Information Processing Standard (FIPS)
What is a FIPS-Approved Security Method?
A security method (e.g., cryptographic algorithm, cryptographic key generation algorithm or key distribution technique, random number generator, authentication technique, or evaluation criteria) that is either a) specified in a FIPS, or b) adopted in a FIPS.
SOURCE: FIPS 196
FIPS-approved security methods include cryptographic algorithms, key generation algorithms, key distribution techniques, and authentication techniques. These methods are used to protect unclassified government information.
How are these methods approved?
- They meet the requirements of a Federal Information Processing Standard (FIPS) publication
- They pass rigorous testing
- They are certified by the National Institute of Standards and Technology (NIST)
Examples of FIPS-approved security functions: symmetric key encryption and decryption, digital signatures, message authentication, and hashing.
FIPS 140-2 security levels
- Level 1: Uses production-grade equipment and externally tested algorithms
- Level 2: Adds tamper-evidence and role-based authentication
- Level 3: Adds tamper-resistance and identity-based authentication
FIPS 140-3
- The successor to FIPS 140-2, approved in 2019
- Testing began in 2020, and the first validations were issued in 2022
