Skip to content
Please enter a keyword to search

  • FIPS PUB 140-2 : 0

    Withdrawn A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

    SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES

    Available format(s): 

    Withdrawn date:  05-07-2023

    Language(s): 

    Published date: 

    Publisher:  US Military Specs/Standards/Handbooks

    Sorry this product is not available in your region.

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    1. OVERVIEW
    2. GLOSSARY OF TERMS AND ACRONYMS
    3. FUNCTIONAL SECURITY OBJECTIVES
    4. SECURITY REQUIREMENTS
    APPENDIX A: SUMMARY OF DOCUMENTATION REQUIREMENTS
    APPENDIX B: RECOMMENDED SOFTWARE DEVELOPMENT PRACTICES
    APPENDIX C: CRYPTOGRAPHIC MODULE SECURITY POLICY
    APPENDIX D: SELECTED BIBLIOGRAPHY
    APPENDIX E: APPLICABLE INTERNET UNIFORM RESOURCE LOCATORS (URL)
    CHANGE NOTICE

    Abstract - (Show below) - (Hide below)

    Specifies a standard that will be used by Federal organizations when these organizations specify that cryptographic-based security systems are to be used to provide protection for sensitive or valuable data. Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. Provides the security requirements that will be satisfied by a cryptographic module. Also provides four increasing, qualitative levels of security intended to cover a wide range of potential applications and environments.

    General Product Information - (Show below) - (Hide below)

    Document Type Standard
    Publisher US Military Specs/Standards/Handbooks
    Status Withdrawn

    Standards Referenced By This Book - (Show below) - (Hide below)

    I.S. EN 62351-9:2017 POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 9: CYBER SECURITY KEY MANAGEMENT FOR POWER SYSTEM EQUIPMENT
    CSA ISO/IEC TR 24729-4:14 (R2019) Information technology - Radio frequency identification for item management - Implementation guidelines - Part 4: Tag data security (Adopted ISO/IEC TR 24729-4:2009, first edition, 2009-03-15)
    ISO/IEC 20922:2016 Information technology Message Queuing Telemetry Transport (MQTT) v3.1.1
    BS IEC 62055-41:2014 Electricity metering. Payment systems Standard transfer specification (STS). Application layer protocol for one-way token carrier systems
    BS ISO 32000-2:2017 Document management. Portable document format PDF 2.0
    12/30204795 DC : 0 BS ISO/IEC 19790 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
    11/30251478 DC : 0 BS EN 1300 - SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
    TS 119 421 : 1.0.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING TIME-STAMPS
    ANSI INCITS 496 : 2012 INFORMATION TECHNOLOGY - FIBRE CHANNEL - SECURITY PROTOCOLS - 2 (FC-SP-2)
    AAMI TIR57 : 2016 PRINCIPLES FOR MEDICAL DEVICE SECURITY - RISK MANAGEMENT
    CEN/TS 16702-2:2015 Electronic fee collection - Secure monitoring for autonomous toll systems - Part 2: Trusted recorder
    CEN ISO/TS 19299 : 2015 ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK (ISO/TS 19299:2015)
    EN 319 421 : 1.1.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING TIME-STAMPS
    S.R. CEN/TS 16702-2:2015 ELECTRONIC FEE COLLECTION - SECURE MONITORING FOR AUTONOMOUS TOLL SYSTEMS - PART 2: TRUSTED RECORDER
    BS ISO 17090-5:2017 Health informatics. Public key infrastructure Authentication using Healthcare PKI credentials
    ANSI INCITS 516 : 2013(R2018) INFORMATION TECHNOLOGY - SCSI STREAM COMMANDS - 4 (SSC-4)
    CEA TR 4 : 2014 GUIDELINES FOR ADDING STRONG ENCRYPTION AND AUTHENTICATION TO APPLICATIONS USING ANSI/CEA-709.1
    SCTE 41 : 2016 POD COPY PROTECTION SYSTEM
    IEEE 1609.2-2013 IEEE Standard for Wireless Access in Vehicular Environments — Security Services for Applications and Management Messages
    EN 319 411-2 : 2.2.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 2: REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING EU QUALIFIED CERTIFICATES
    PREN 1300 : DRAFT 2017 SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
    CAN/CSA-IEC/TS 62443-1-1:17 Industrial communication networks — Network and system security — Part 1-1: Terminology, concepts and models (Adopted IEC technical specification 62443-1-1:2009, first edition, 2009-07)
    PD IEC/TS 62224:2013 Multimedia home server systems. Conceptual model for digital rights management
    UNI/TS 11291-10 : 2013 GAS MEASUREMENT SYSTEMS - HOURLY BASED GAS METERING SYSTEMS - PART 10: SAFETY
    IEEE 1363.3-2013 IEEE Standard for Identity-Based Cryptographic Techniques using Pairings
    ANSI INCITS 522 : 2014 ATA/ATAPI COMMAND SET - 3 (ACS-3)
    UNE-EN 1300:2014 Secure storage units - Classification for high security locks according to their resistance to unauthorized opening
    ISO/IEC TS 20540:2018 Information technology — Security techniques — Testing cryptographic modules in their operational environment
    BS EN 1300:2013 Secure storage units. Classification for high security locks according to their resistance to unauthorized opening
    ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
    BS ISO/IEC/IEEE 8802-1X : 2013 INFORMATION TECHNOLOGY - TELECOMMUNICATIONS AND INFORMATION EXCHANGE BETWEEN SYSTEMS - LOCAL AND METROPOLITAN AREA NETWORKS - PART 1X: PORT-BASED NETWORK ACCESS CONTROL
    ISO 21188:2018 Public key infrastructure for financial services — Practices and policy framework
    17/30333935 DC : 0 BS EN 1300 - SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
    IEC 62055-41:2014 RLV Electricity metering – Payment systems – Part 41: Standard transfer specification (STS) – Application layer protocol for one-way token carrier systems
    DIN EN 1300:2014-05 SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
    NEMA EVSE 1.2:2015 EV Charging Network Interoperability Standard Part 2: A Contactless RFID Credential for Authentication (UR Interface)
    ISO/IEC 19941:2017 Information technology — Cloud computing — Interoperability and portability
    BS ISO/IEC 11889-1:2009 Information technology. Trusted platform module Overview
    PD CEN/TS 16702-2:2015 Electronic fee collection. Secure monitoring for autonomous toll systems Trusted recorder
    ISO/IEC 14776-454:2018 Information technology Small computer system interface (SCSI) Part 454: SCSI Primary Commands - 4 (SPC-4)
    17/30354142 DC : 0 BS EN 419231 - PROTECTION PROFILE FOR TRUSTWORTHY SYSTEMS SUPPORTING TIME STAMPING
    BS EN 14615:2017 Postal services. Digital postage marks. Applications, security and design
    TS 103 161-9 : 1.1.1 ACCESS, TERMINALS, TRANSMISSION AND MULTIPLEXING (ATTM); INTEGRATED BROADBAND CABLE AND TELEVISION NETWORKS; IPCABLECOM 1.5; PART 9: SECURITY
    IEEE 1622-2011 IEEE Standard for Electronic Distribution of Blank Ballots for Voting Systems
    16/30327465 DC : 0 BS ISO 17090-5 - HEALTH INFORMATICS - PUBLIC KEY INFRASTRUCTURE - PART 5: AUTHENTICATION USING HEALTHCARE PKI CREDENTIALS
    ANSI INCITS 501 : 2016 INFORMATION TECHNOLOGY - SECURITY FEATURES FOR SCSI COMMANDS (SFSC)
    TS 102 640-3 : 2.1.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); REGISTERED ELECTRONIC MAIL (REM); PART 3: INFORMATION SECURITY POLICY REQUIREMENTS FOR REM MANAGEMENT DOMAINS
    DIN CEN ISO/TS 19299;DIN SPEC 74125:2016-02 ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK (ISO/TS 19299:2015)
    PREN 419231 : DRAFT 2017 PROTECTION PROFILE FOR TRUSTWORTHY SYSTEMS SUPPORTING TIME STAMPING
    SAE J 2945/1 : 2016 ON-BOARD SYSTEM REQUIREMENTS FOR V2V SAFETY COMMUNICATIONS
    S.R. CEN/TS 419241:2014 SECURITY REQUIREMENTS FOR TRUSTWORTHY SYSTEMS SUPPORTING SERVER SIGNING
    I.S. EN 14615:2017 POSTAL SERVICES - DIGITAL POSTAGE MARKS - APPLICATIONS, SECURITY AND DESIGN
    CEN/TS 419241:2014 Security Requirements for Trustworthy Systems Supporting Server Signing
    S.R. CEN ISO/TS 19299:2015 ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK (ISO/TS 19299:2015)
    ARINC 823P2:2008 DATALINK SECURITY - PART 2: KEY MANAGEMENT
    ISO/TS 19299:2015 Electronic fee collection Security framework
    EN 1300:2013 Secure storage units - Classification for high security locks according to their resistance to unauthorized opening
    UNI EN 1300 : 2014 SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
    14/30302798 DC : 0 BS ISO/IEC 11889-1 - INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 1: ARCHITECTURE
    CAN/CSA-IEC/TR 62443-3-1:17 Industrial communication networks — Network and system security — Part 3-1: Security technologies for industrial automation and control systems (Adopted IEC technical report 62443-3-1:2009, first edition, 2009-07)
    NASA STD 4009 : 2014 SPACE TELECOMMUNICATIONS RADIO SYSTEMS (STRS) ARCHITECTURE STANDARD
    14/30284313 DC : 0 BS ISO 32000-2 - DOCUMENT MANAGEMENT - PORTABLE DOCUMENT FORMAT - PART 2: PDF 2.0
    ISO/IEC 21277:2018 Information technology — Radio frequency identification device performance test methods — Crypto suite
    ANSI INCITS 467 : 2011 INFORMATION TECHNOLOGY - SCSI STREAM COMMANDS - 3 (SSC-3)
    CAN/CSA-ISO/IEC 11889-1:16 Information technology Trusted Platform Module Library Part 1: Architecture (Adopted ISO/IEC 11889-1:2015, second edition, 2015-12-15)
    BS ISO 21188:2006 Public key infrastructure for financial services. Practices and policy framework
    BS ISO/IEC 19941:2017 Information technology. Cloud computing. Interoperability and portability
    ANSI X9.84 : 2010(R2017) BIOMETRIC INFORMATION MANAGEMENT AND SECURITY FOR THE FINANCIAL SERVICES INDUSTRY
    DIN CEN ISO/TS 19299;DIN SPEC 74125:2016-02 ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK (ISO/TS 19299:2015)
    ANSI X9.97-1 : 2009 FINANCIAL SERVICES - SECURE CRYPTOGRAPHIC DEVICES (RETAIL) - PART 1: CONCEPTS, REQUIREMENTS AND EVALUATION METHODS
    ANSI X9.112-2 : 2014 WIRELESS MANAGEMENT AND SECURITY - PART 2: ATM AND POS
    TS 102 220 : 1.1.1 ACCESS AND TERMINALS (AT); TECHNICAL SPECIFICATION: DELIVERY OF CABLE BASED SERVICES ACROSS A HOME ACCESS TO THE DEVICES IN THE HOME
    IEEE 802.16-2012 IEEE Standard for Air Interface for Broadband Wireless Access Systems
    ANSI X9.79-4 : 2013 PUBLIC KEY INFRASTRUCTURE (PKI) - PART 4: ASYMMETRIC KEY MANAGEMENT
    BS ISO/IEC 19790:2012 Information technology. Security techniques. Security requirements for cryptographic modules
    UNI CEN/TS 419241 : 2014 SECURITY REQUIREMENTS FOR TRUSTWORTHY SYSTEMS SUPPORTING SERVER SIGNING
    PD CEN ISO/TS 19299:2015 Electronic fee collection. Security framework
    12/30247184 DC BS ISO 32000-2 - DOCUMENT MANAGEMENT - PORTABLE DOCUMENT FORMAT - PART 2: PDF 2.0
    SCTE 24-10 : 2016 IPCABLECOM 1.0 - PART 10: SECURITY SPECIFICATION
    IEC 61753-052-6 : 2016 DOCSIS 3.1 - PART 5: SECURITY SPECIFICATION (INPUT)
    ISO/IEC/IEEE 8802-1X:2013 Telecommunications and exchange between information technology systems Requirements for local and metropolitan area networks Part 1X: Port-based network access control
    ANSI INCITS 513 : 2015 INFORMATION TECHNOLOGY - SCSI PRIMARY COMMANDS - 4 (SPC-4)
    ISO/IEC 29180:2012 Information technology — Telecommunications and information exchange between systems — Security framework for ubiquitous sensor networks
    IEC PAS 62734:2012 Industrial communication networks - Fieldbus specifications - Wireless systems for industrial automation: process control and related applications
    I.S. EN 1300:2013 SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
    IEC TS 62224:2013 Multimedia home server systems - Conceptual model for digital rights management
    EN 14615:2017 Postal services - Digital postage marks - Applications, security and design
    INCITS/ISO/IEC 11889-4 : 2009(R2014) INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 4: COMMANDS
    PD IEC/PAS 62734:2012 Industrial communication networks. Fieldbus specifications. Wireless systems for industrial automation: process control and related applications
    EN 319 411-1 : 1.2.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 1: GENERAL REQUIREMENTS
    BS ISO/IEC/IEEE 8802-1AR:2014 Information technology. Telecommunications and information exchange between systems. Local and metropolitan area networks Secure device identity
    TS 119 411-1 : 1.0.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 1: GENERAL REQUIREMENTS
    ANSI X9.82-3 : 2007(R2017) RANDOM NUMBER GENERATION - PART 3: DETERMINISTIC RANDOM BIT GENERATORS
    ISA 99.00.01 : 2007 SECURITY FOR INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS - PART 1: TERMINOLOGY, CONCEPTS, AND MODELS
    ISO/IEC/IEEE 8802-1AR:2014 Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Part 1AR: Secure device identity
    IEC 62055-41:2018 RLV Electricity metering - Payment systems - Part 41: Standard transfer specification (STS) - Application layer protocol for one-way token carrier systems
    PD CEN/TS 419241:2014 Security Requirements for Trustworthy Systems Supporting Server Signing
    IEEE 1667-2015 IEEE Standard for Discovery, Authentication, and Authorization in Host Attachments of Storage Devices
    ISO 32000-2:2017 Document management Portable document format Part 2: PDF 2.0
    IEC 62055-41 REDLINE : 3ED 2018 ELECTRICITY METERING - PAYMENT SYSTEMS - PART 41: STANDARD TRANSFER SPECIFICATION (STS) - APPLICATION LAYER PROTOCOL FOR ONE-WAY TOKEN CARRIER SYSTEMS
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective