FIPS 140-1

Citation

 * NIST, Security Requirements for Cryptographic Modules (FIPS-140-1) (Jan. 1994) (full-text).

Overview
This publication provides a standard to be used by U.S. federal organizations when these organizations specify that cryptographic-based security systems are to be used to provide protection for sensitive or valuable data.

Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. This standard specifies the security requirements that are to be satisfied by a cryptographic module. The standard provides four increasing, qualitative levels of security intended to cover a wide range of potential applications and environments.

The security requirements cover areas related to the secure design and implementation of a cryptographic module. These areas include basic design and documentation, module interfaces, authorized roles and services, physical security, software security, operating system security, key management, cryptographic algorithms, electromagnetic interference/electromagnetic compatibility (EMI/EMC), and self-testing.