• Shopping Cart
    There are no items in your cart

FIPS PUB 140-2 : 0

Withdrawn

Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES

Withdrawn date

05-07-2023

Sorry this product is not available in your region.

1. OVERVIEW
2. GLOSSARY OF TERMS AND ACRONYMS
3. FUNCTIONAL SECURITY OBJECTIVES
4. SECURITY REQUIREMENTS
APPENDIX A: SUMMARY OF DOCUMENTATION REQUIREMENTS
APPENDIX B: RECOMMENDED SOFTWARE DEVELOPMENT PRACTICES
APPENDIX C: CRYPTOGRAPHIC MODULE SECURITY POLICY
APPENDIX D: SELECTED BIBLIOGRAPHY
APPENDIX E: APPLICABLE INTERNET UNIFORM RESOURCE LOCATORS (URL)
CHANGE NOTICE

Specifies a standard that will be used by Federal organizations when these organizations specify that cryptographic-based security systems are to be used to provide protection for sensitive or valuable data. Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. Provides the security requirements that will be satisfied by a cryptographic module. Also provides four increasing, qualitative levels of security intended to cover a wide range of potential applications and environments.

DocumentType
Standard
PublisherName
US Military Specs/Standards/Handbooks
Status
Withdrawn

I.S. EN 62351-9:2017 POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 9: CYBER SECURITY KEY MANAGEMENT FOR POWER SYSTEM EQUIPMENT
CSA ISO/IEC TR 24729-4:14 (R2019) Information technology - Radio frequency identification for item management - Implementation guidelines - Part 4: Tag data security (Adopted ISO/IEC TR 24729-4:2009, first edition, 2009-03-15)
ISO/IEC 20922:2016 Information technology — Message Queuing Telemetry Transport (MQTT) v3.1.1
BS IEC 62055-41:2014 Electricity metering. Payment systems Standard transfer specification (STS). Application layer protocol for one-way token carrier systems
BS ISO 32000-2:2017 Document management. Portable document format PDF 2.0
12/30204795 DC : 0 BS ISO/IEC 19790 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
11/30251478 DC : 0 BS EN 1300 - SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
TS 119 421 : 1.0.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING TIME-STAMPS
ANSI INCITS 496 : 2012 INFORMATION TECHNOLOGY - FIBRE CHANNEL - SECURITY PROTOCOLS - 2 (FC-SP-2)
AAMI TIR57 : 2016 PRINCIPLES FOR MEDICAL DEVICE SECURITY - RISK MANAGEMENT
CEN/TS 16702-2:2015 Electronic fee collection - Secure monitoring for autonomous toll systems - Part 2: Trusted recorder
CEN ISO/TS 19299:2015 Electronic fee collection - Security framework (ISO/TS 19299:2015)
EN 319 421 : 1.1.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING TIME-STAMPS
S.R. CEN/TS 16702-2:2015 ELECTRONIC FEE COLLECTION - SECURE MONITORING FOR AUTONOMOUS TOLL SYSTEMS - PART 2: TRUSTED RECORDER
BS ISO 17090-5:2017 Health informatics. Public key infrastructure Authentication using Healthcare PKI credentials
ANSI INCITS 516 : 2013(R2018) INFORMATION TECHNOLOGY - SCSI STREAM COMMANDS - 4 (SSC-4)
CEA TR 4 : 2014 GUIDELINES FOR ADDING STRONG ENCRYPTION AND AUTHENTICATION TO APPLICATIONS USING ANSI/CEA-709.1
SCTE 41 : 2016 POD COPY PROTECTION SYSTEM
IEEE 1609.2-2013 IEEE Standard for Wireless Access in Vehicular Environments — Security Services for Applications and Management Messages
EN 319 411-2 : 2.2.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 2: REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING EU QUALIFIED CERTIFICATES
PREN 1300 : DRAFT 2017 SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
CAN/CSA-IEC/TS 62443-1-1:17 Industrial communication networks — Network and system security — Part 1-1: Terminology, concepts and models (Adopted IEC technical specification 62443-1-1:2009, first edition, 2009-07)
PD IEC/TS 62224:2013 Multimedia home server systems. Conceptual model for digital rights management
UNI/TS 11291-10 : 2013 GAS MEASUREMENT SYSTEMS - HOURLY BASED GAS METERING SYSTEMS - PART 10: SAFETY
IEEE 1363.3-2013 IEEE Standard for Identity-Based Cryptographic Techniques using Pairings
ANSI INCITS 522 : 2014 ATA/ATAPI COMMAND SET - 3 (ACS-3)
UNE-EN 1300:2014 Secure storage units - Classification for high security locks according to their resistance to unauthorized opening
ISO/IEC TS 20540:2018 Information technology — Security techniques — Testing cryptographic modules in their operational environment
BS EN 1300:2013 Secure storage units. Classification for high security locks according to their resistance to unauthorized opening
ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
BS ISO/IEC/IEEE 8802-1X : 2013 INFORMATION TECHNOLOGY - TELECOMMUNICATIONS AND INFORMATION EXCHANGE BETWEEN SYSTEMS - LOCAL AND METROPOLITAN AREA NETWORKS - PART 1X: PORT-BASED NETWORK ACCESS CONTROL
ISO 21188:2018 Public key infrastructure for financial services — Practices and policy framework
17/30333935 DC : 0 BS EN 1300 - SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
IEC 62055-41:2014 RLV Electricity metering – Payment systems – Part 41: Standard transfer specification (STS) – Application layer protocol for one-way token carrier systems
DIN EN 1300:2014-05 SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
NEMA EVSE 1.2:2015 EV Charging Network Interoperability Standard Part 2: A Contactless RFID Credential for Authentication (UR Interface)
ISO/IEC 19941:2017 Information technology — Cloud computing — Interoperability and portability
BS ISO/IEC 11889-1:2009 Information technology. Trusted platform module Overview
PD CEN/TS 16702-2:2015 Electronic fee collection. Secure monitoring for autonomous toll systems Trusted recorder
ISO/IEC 14776-454:2018 Information technology Small computer system interface (SCSI) Part 454: SCSI Primary Commands - 4 (SPC-4)
17/30354142 DC : 0 BS EN 419231 - PROTECTION PROFILE FOR TRUSTWORTHY SYSTEMS SUPPORTING TIME STAMPING
BS EN 14615:2017 Postal services. Digital postage marks. Applications, security and design
TS 103 161-9 : 1.1.1 ACCESS, TERMINALS, TRANSMISSION AND MULTIPLEXING (ATTM); INTEGRATED BROADBAND CABLE AND TELEVISION NETWORKS; IPCABLECOM 1.5; PART 9: SECURITY
IEEE 1622-2011 IEEE Standard for Electronic Distribution of Blank Ballots for Voting Systems
16/30327465 DC : 0 BS ISO 17090-5 - HEALTH INFORMATICS - PUBLIC KEY INFRASTRUCTURE - PART 5: AUTHENTICATION USING HEALTHCARE PKI CREDENTIALS
ANSI INCITS 501 : 2016 INFORMATION TECHNOLOGY - SECURITY FEATURES FOR SCSI COMMANDS (SFSC)
TS 102 640-3 : 2.1.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); REGISTERED ELECTRONIC MAIL (REM); PART 3: INFORMATION SECURITY POLICY REQUIREMENTS FOR REM MANAGEMENT DOMAINS
PREN 419231 : DRAFT 2017 PROTECTION PROFILE FOR TRUSTWORTHY SYSTEMS SUPPORTING TIME STAMPING
SAE J2945/1_201603 On-Board System Requirements for V2V Safety Communications
S.R. CEN/TS 419241:2014 SECURITY REQUIREMENTS FOR TRUSTWORTHY SYSTEMS SUPPORTING SERVER SIGNING
I.S. EN 14615:2017 POSTAL SERVICES - DIGITAL POSTAGE MARKS - APPLICATIONS, SECURITY AND DESIGN
CEN/TS 419241:2014 Security Requirements for Trustworthy Systems Supporting Server Signing
S.R. CEN ISO/TS 19299:2015 ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK (ISO/TS 19299:2015)
ARINC 823P2:2008 DataLink Security, Part 2 - Key Management
ISO/TS 19299:2015 Electronic fee collection Security framework
EN 1300:2013 Secure storage units - Classification for high security locks according to their resistance to unauthorized opening
UNI EN 1300 : 2014 SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
14/30302798 DC : 0 BS ISO/IEC 11889-1 - INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 1: ARCHITECTURE
CAN/CSA-IEC/TR 62443-3-1:17 Industrial communication networks — Network and system security — Part 3-1: Security technologies for industrial automation and control systems (Adopted IEC technical report 62443-3-1:2009, first edition, 2009-07)
NASA STD 4009 : 2014 SPACE TELECOMMUNICATIONS RADIO SYSTEMS (STRS) ARCHITECTURE STANDARD
14/30284313 DC : 0 BS ISO 32000-2 - DOCUMENT MANAGEMENT - PORTABLE DOCUMENT FORMAT - PART 2: PDF 2.0
ISO/IEC 21277:2018 Information technology — Radio frequency identification device performance test methods — Crypto suite
ANSI INCITS 467 : 2011 INFORMATION TECHNOLOGY - SCSI STREAM COMMANDS - 3 (SSC-3)
CAN/CSA-ISO/IEC 11889-1:16 Information technology Trusted Platform Module Library Part 1: Architecture (Adopted ISO/IEC 11889-1:2015, second edition, 2015-12-15)
BS ISO 21188:2006 Public key infrastructure for financial services. Practices and policy framework
BS ISO/IEC 19941:2017 Information technology. Cloud computing. Interoperability and portability
ANSI X9.84 : 2010(R2017) BIOMETRIC INFORMATION MANAGEMENT AND SECURITY FOR THE FINANCIAL SERVICES INDUSTRY
DIN CEN ISO/TS 19299;DIN SPEC 74125:2016-02 ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK (ISO/TS 19299:2015)
ANSI X9.97-1 : 2009 FINANCIAL SERVICES - SECURE CRYPTOGRAPHIC DEVICES (RETAIL) - PART 1: CONCEPTS, REQUIREMENTS AND EVALUATION METHODS
ANSI X9.112-2 : 2014 WIRELESS MANAGEMENT AND SECURITY - PART 2: ATM AND POS
TS 102 220 : 1.1.1 ACCESS AND TERMINALS (AT); TECHNICAL SPECIFICATION: DELIVERY OF CABLE BASED SERVICES ACROSS A HOME ACCESS TO THE DEVICES IN THE HOME
IEEE 802.16-2012 IEEE Standard for Air Interface for Broadband Wireless Access Systems
ANSI X9.79-4 : 2013 PUBLIC KEY INFRASTRUCTURE (PKI) - PART 4: ASYMMETRIC KEY MANAGEMENT
BS ISO/IEC 19790:2012 Information technology. Security techniques. Security requirements for cryptographic modules
UNI CEN/TS 419241 : 2014 SECURITY REQUIREMENTS FOR TRUSTWORTHY SYSTEMS SUPPORTING SERVER SIGNING
PD CEN ISO/TS 19299:2015 Electronic fee collection. Security framework
12/30247184 DC BS ISO 32000-2 - DOCUMENT MANAGEMENT - PORTABLE DOCUMENT FORMAT - PART 2: PDF 2.0
SCTE 24-10 : 2016 IPCABLECOM 1.0 - PART 10: SECURITY SPECIFICATION
IEC 61753-052-6 : 2016 DOCSIS 3.1 - PART 5: SECURITY SPECIFICATION (INPUT)
ISO/IEC/IEEE 8802-1X:2013 Telecommunications and exchange between information technology systems — Requirements for local and metropolitan area networks — Part 1X: Port-based network access control
ANSI INCITS 513 : 2015 INFORMATION TECHNOLOGY - SCSI PRIMARY COMMANDS - 4 (SPC-4)
ISO/IEC 29180:2012 Information technology — Telecommunications and information exchange between systems — Security framework for ubiquitous sensor networks
IEC PAS 62734:2012 Industrial communication networks - Fieldbus specifications - Wireless systems for industrial automation: process control and related applications
I.S. EN 1300:2013 SECURE STORAGE UNITS - CLASSIFICATION FOR HIGH SECURITY LOCKS ACCORDING TO THEIR RESISTANCE TO UNAUTHORIZED OPENING
IEC TS 62224:2013 Multimedia home server systems - Conceptual model for digital rights management
EN 14615:2017 Postal services - Digital postage marks - Applications, security and design
INCITS/ISO/IEC 11889-4 : 2009(R2014) INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 4: COMMANDS
PD IEC/PAS 62734:2012 Industrial communication networks. Fieldbus specifications. Wireless systems for industrial automation: process control and related applications
EN 319 411-1 : 1.2.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 1: GENERAL REQUIREMENTS
BS ISO/IEC/IEEE 8802-1AR:2014 Information technology. Telecommunications and information exchange between systems. Local and metropolitan area networks Secure device identity
TS 119 411-1 : 1.0.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 1: GENERAL REQUIREMENTS
ANSI X9.82-3 : 2007(R2017) RANDOM NUMBER GENERATION - PART 3: DETERMINISTIC RANDOM BIT GENERATORS
ISA 99.00.01 : 2007 SECURITY FOR INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS - PART 1: TERMINOLOGY, CONCEPTS, AND MODELS
ISO/IEC/IEEE 8802-1AR:2014 Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Part 1AR: Secure device identity
IEC 62055-41:2018 RLV Electricity metering - Payment systems - Part 41: Standard transfer specification (STS) - Application layer protocol for one-way token carrier systems
PD CEN/TS 419241:2014 Security Requirements for Trustworthy Systems Supporting Server Signing
IEEE 1667-2015 IEEE Standard for Discovery, Authentication, and Authorization in Host Attachments of Storage Devices
ISO 32000-2:2017 Document management Portable document format Part 2: PDF 2.0

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.