Skip to content
Please enter a keyword to search

  • FIPS PUB 140 : 0001

    Withdrawn A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

    SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES

    Available format(s): 

    Withdrawn date:  06-07-2023

    Language(s): 

    Published date: 

    Publisher:  US Military Specs/Standards/Handbooks

    Sorry this product is not available in your region.

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    1. OVERVIEW
       1.1 Security Level 1
       1.2 Security Level 2
       1.3 Security Level 3
       1.4 Security Level 4
    2. DEFINITIONS AND ACRONYMS
       2.1 Definitions
       2.2 Acronyms
    3. FUNCTIONAL SECURITY OBJECTIVES
    4. SECURITY REQUIREMENTS
       4.1 Cryptographic Modules
       4.2 Module Interfaces
       4.3 Roles and Services
            4.3.1 Roles
            4.3.2 Services
            4.3.3 Operator Authentication
       4.4 Finite State Machine Model
       4.5 Physical Security
            4.5.1 Single-Chip Cryptographic Modules
            4.5.2 Multiple-Chip Embedded Cryptographic Modules
            4.5.3 Multiple-Chip Standalone Cryptographic Modules
            4.5.4 Environmental Failure Protection Features
                  4.5.4.1 Environmental Failure Protection Features
                  4.5.4.2 Environmental Failure Testing Procedures
       4.6 Software Security
       4.7 Operating System Security
       4.8 Cryptographic Key Management
            4.8.1 Key Generation
            4.8.2 Key Distribution
            4.8.3 Key Entry and Output
            4.8.4 Key Storage
            4.8.5 Key Destruction
            4.8.6 Key Archiving
       4.9 Cryptographic Algorithms
       4.10 Electromagnetic Interference/Electromagnetic Compatibility
            (EMI/EMC)
       4.11 Self-Tests
            4.11.1 Power-Up Tests
            4.11.2 Conditional Tests
    APPENDIX A. SUMMARY OF DOCUMENTATION REQUIREMENTS
    APPENDIX B. RECOMMENDED SOFTWARE DEVELOPMENT PRACTICES
    APPENDIX C. SELECTED REFERENCES

    General Product Information - (Show below) - (Hide below)

    Committee AREA IPSC
    Document Type Standard
    Publisher US Military Specs/Standards/Handbooks
    Status Withdrawn

    Standards Referenced By This Book - (Show below) - (Hide below)

    08/30190992 DC : 0 BS ISO 26430-6 - DIGITAL CINEMA (D-CINEMA) OPERATIONS - PART 6: AUDITORIUM SECURITY MESSAGES FOR INTRA-THEATER COMMUNICATIONS
    SCTE 165-10 : 2009 IPCABLECOM 1.5 - PART 10: SECURITY
    BS ISO 26430-2:2008 Digital cinema (D-cinema) operations Digital certificate
    TR 102 780 : 1.1.1 METHODS FOR TESTING AND SPECIFICATION (MTS); SECURITY; GUIDE TO THE USE OF METHODS IN DEVELOPMENT OF ETSI SECURITY STANDARDS
    INCITS/ISO/IEC 15945 : 2002 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES
    SCTE 135-3 : 2013 DOCSIS 3.0 - PART 3: SECURITY SERVICES
    ISO 17090-5:2017 Health informatics — Public key infrastructure — Part 5: Authentication using Healthcare PKI credentials
    ISO 26430-6:2009 Digital cinema (D-cinema) operations — Part 6: Auditorium security messages for intra-theater communications
    IEC 62351-9:2017 Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment
    IEC TR 62443-3-1:2009 Industrial communication networks - Network and system security - Part 3-1: Security technologies for industrial automation and control systems
    ASTM E 2085 : 2000 : REV A Standard Guide on Security Framework for Healthcare Information (Withdrawn 2009)
    14/30249803 DC : 0 BS ISO/IEC 27040 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY
    BS ISO 26430-6:2009 Digital cinema (D-cinema) operations Auditorium security messages for intra-theater communications
    IEEE 1547.3 : 2007 MONITORING, INFORMATION EXCHANGE, AND CONTROL OF DISTRIBUTED RESOURCES INTERCONNECTED WITH ELECTRIC POWER SYSTEMS
    13/30293455 DC : 0 BS EN 62591 - INDUSTRIAL COMMUNICATION NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - WIRELESSHART[TM]
    16/30335156 DC : 0 BS EN 14615 - POSTAL SERVICES - DIGITAL POSTAGE MARKS - APPLICATIONS, SECURITY AND DESIGN
    13/30284056 DC : 0 BS EN 62055-41 - ELECTRICITY METERING - PAYMENT SYSTEMS - PART 41: STANDARD TRANSFER SPECIFICATION (STS) - APPLICATION LAYER PROTOCOL FOR ONE-WAY TOKEN CARRIER SYSTEMS
    ISO 26430-2:2008 Digital cinema (D-cinema) operations — Part 2: Digital certificate
    BS EN 62351-9:2017 Power systems management and associated information exchange. Data and communications security Cyber security key management for power system equipment
    CAN/CSA-ISO/IEC 15945-04 (R2017) Information Technology - Security Techniques - Specification of TTP Services to Support the Application of Digital Signatures (Adopted ISO/IEC 15945:2002, first edition, 2002-02-01)
    ISO/IEC TR 24729-4:2009 Information technology Radio frequency identification for item management Implementation guidelines Part 4: Tag data security
    IEC TS 62351-2:2008 Power systems management and associated information exchange - Data and communications security - Part 2: Glossary of terms
    BS ISO/IEC 18031 : 2011 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
    ISO/IEC 11889-1:2015 Information technology Trusted platform module library Part 1: Architecture
    IEC TR 62351-13:2016 Power systems management and associated information exchange - Data and communications security - Part 13: Guidelines on security topics to be covered in standards and specifications
    ISO/IEC 14776-454:2018 Information technology Small computer system interface (SCSI) Part 454: SCSI Primary Commands - 4 (SPC-4)
    17/30281253 DC : 0 BS ISO 21188 - PUBLIC KEY INFRASTRUCTURE FOR FINANCIAL SERVICES - PRACTICES AND POLICY FRAMEWORK
    TS 102 042 : 2.4.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR CERTIFICATION AUTHORITIES ISSUING PUBLIC KEY CERTIFICATES
    BS ISO 17090-3:2008 Health informatics. Public key infrastructure Policy management of certification authority
    ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
    ISO 15782-1:2009 Certificate management for financial services Part 1: Public key certificates
    NFPA 731 : 2017 INSTALLATION OF ELECTRONIC PREMISES SECURITY SYSTEMS
    15/30328633 DC : 0 BS ISO/IEC 20922 - INFORMATION TECHNOLOGY - MESSAGE QUEUING TELEMETRY TRANSPORT (MQTT) V3.1.1
    BS ISO 15782-1:2009 Certificate management for financial services Public key certificates
    TR 102 437 : 1.1.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); GUIDANCE ON TS 101 456 (POLICY REQUIREMENTS FOR CERTIFICATION AUTHORITIES ISSUING QUALIFIED CERTIFICATES)
    EN 62351-9:2017 Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment
    ANSI X9.97-1 : 2009 FINANCIAL SERVICES - SECURE CRYPTOGRAPHIC DEVICES (RETAIL) - PART 1: CONCEPTS, REQUIREMENTS AND EVALUATION METHODS
    07/30170887 DC : DRAFT AUG 2007 BS ISO 26430-2 - DIGITAL CINEMA (D-CINEMA) OPERATIONS - PART 2: DIGITAL CERTIFICATE
    BS ISO/IEC 20922:2016 Information technology. Message Queuing Telemetry Transport (MQTT) v3.1.1
    ANSI X9.79-1 : 2001 FINANCIAL SERVICES PUBLIC KEY INFRASTRUCTURE - PART 1: PKI PRACTICES AND POLICY FRAMEWORK
    TS 102 023 : 1.2.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR TIME-STAMPING AUTHORITIES
    BS ISO 26430-1:2008 Digital cinema (D-cinema) operations Key delivery message
    PREN 14615 : DRAFT 2016 POSTAL SERVICES - DIGITAL POSTAGE MARKS - APPLICATIONS, SECURITY AND DESIGN
    NASA HDBK 0008 : 2012 NASA PRODUCT DATA AND LIFE-CYCLE - MANAGEMENT (PDLM) HANDBOOK
    DD IEC/TS 62351-2:2008 Power systems management and associated information exchange. Data and communications security Glossary of terms
    ISO 17090-3:2008 Health informatics Public key infrastructure Part 3: Policy management of certification authority
    SCTE 23-2 : 2017 DOCSIS 1.1 - PART 2: BASELINE PRIVACY PLUS INTERFACE
    SCTE 24-10 : 2016 IPCABLECOM 1.0 - PART 10: SECURITY SPECIFICATION
    ANSI X9.82-1 : 2006(R2013) RANDOM NUMBER GENERATION - PART 1: OVERVIEW AND BASIC PRINCIPLES
    CSA ISO/IEC 15945 : 2004 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES
    IEC TS 62443-1-1:2009 Industrial communication networks - Network and system security - Part 1-1: Terminology, concepts and models
    IEC 62591:2016 Industrial networks - Wireless communication network and communication profiles - WirelessHARTTM
    07/30170884 DC : DRAFT AUG 2007 BS ISO 26430-1 - DIGITAL CINEMA (D-CINEMA) OPERATIONS - PART 1: KEY DELIVERY MESSAGE
    ISO 26430-1:2008 Digital cinema (D-cinema) operations — Part 1: Key delivery message
    CSA ISO/IEC 15945 : 2004 : R2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES
    DD IEC TS 62224 : DRAFT 2007 MULTIMEDIA HOME SERVER SYSTEMS - CONCEPTUAL MODEL FOR DIGITAL RIGHTS MANAGEMENT
    ANSI INCITS 426 : 2007 FIBRE CHANNEL - SECURITY PROTOCOLS (FC-SP)
    ANSI X9.82-3 : 2007(R2017) RANDOM NUMBER GENERATION - PART 3: DETERMINISTIC RANDOM BIT GENERATORS
    TS 102 639-5 : 1.1.1 ACCESS AND TERMINALS, TRANSMISSION AND MULTIPLEXING (ATTM); THIRD GENERATION TRANSMISSION SYSTEMS FOR INTERACTIVE CABLE TELEVISION SERVICES - IP CABLE MODEMS; PART 5: SECURITY SERVICES
    TS 101 456 : 1.4.3 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR CERTIFICATION AUTHORITIES ISSUING QUALIFIED CERTIFICATES
    INCITS/ISO/IEC 15945 : 2002 : R2007 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES

    Standards Referencing This Book - (Show below) - (Hide below)

    ANSI X9.26 : 1990 FINANCIAL INSTITUTION SIGN-ON AUTHENTICATION FOR WHOLESALE FINANCIAL SYSTEMS
    IEEE 828-2012 IEEE Standard for Configuration Management in Systems and Software Engineering
    ANSI X9.23 : 1988 FINANCIAL INSTITUTION ENCRYPTION OF WHOLESALE FINANCIAL MESSAGES
    ANSI X9.9 : 86(R1994) FINANCIAL INSTITUTION MESSAGE AUTHENTICATION (WHOLESALE)
    FIPS PUB 101 : 0 GUIDELINE FOR LIFECYCLE VALIDATION, VERIFICATION & TESTING OF COMPUTER SOFTWARE
    IEEE 729-1983 IEEE Standard Glossary of Software Engineering Terminology
    IEEE 1012-2012 IEEE Standard for System and Software Verification and Validation
    ISO 9074:1989 Information processing systems — Open Systems Interconnection — Estelle: A formal description technique based on an extended state transition model
    ANSI X9.17 : 1995 FINANCIAL INSTITUTION KEY MANAGEMENT (WHOLESALE),
    ISO 8807:1989 Information processing systems Open Systems Interconnection LOTOS A formal description technique based on the temporal ordering of observational behaviour
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective