• There are no items in your cart

FIPS PUB 140 : 0001

Withdrawn
Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
Withdrawn date

07-06-2023

1. OVERVIEW
   1.1 Security Level 1
   1.2 Security Level 2
   1.3 Security Level 3
   1.4 Security Level 4
2. DEFINITIONS AND ACRONYMS
   2.1 Definitions
   2.2 Acronyms
3. FUNCTIONAL SECURITY OBJECTIVES
4. SECURITY REQUIREMENTS
   4.1 Cryptographic Modules
   4.2 Module Interfaces
   4.3 Roles and Services
        4.3.1 Roles
        4.3.2 Services
        4.3.3 Operator Authentication
   4.4 Finite State Machine Model
   4.5 Physical Security
        4.5.1 Single-Chip Cryptographic Modules
        4.5.2 Multiple-Chip Embedded Cryptographic Modules
        4.5.3 Multiple-Chip Standalone Cryptographic Modules
        4.5.4 Environmental Failure Protection Features
              4.5.4.1 Environmental Failure Protection Features
              4.5.4.2 Environmental Failure Testing Procedures
   4.6 Software Security
   4.7 Operating System Security
   4.8 Cryptographic Key Management
        4.8.1 Key Generation
        4.8.2 Key Distribution
        4.8.3 Key Entry and Output
        4.8.4 Key Storage
        4.8.5 Key Destruction
        4.8.6 Key Archiving
   4.9 Cryptographic Algorithms
   4.10 Electromagnetic Interference/Electromagnetic Compatibility
        (EMI/EMC)
   4.11 Self-Tests
        4.11.1 Power-Up Tests
        4.11.2 Conditional Tests
APPENDIX A. SUMMARY OF DOCUMENTATION REQUIREMENTS
APPENDIX B. RECOMMENDED SOFTWARE DEVELOPMENT PRACTICES
APPENDIX C. SELECTED REFERENCES

Committee
AREA IPSC
DocumentType
Standard
PublisherName
US Military Specs/Standards/Handbooks
Status
Withdrawn

08/30190992 DC : 0 BS ISO 26430-6 - DIGITAL CINEMA (D-CINEMA) OPERATIONS - PART 6: AUDITORIUM SECURITY MESSAGES FOR INTRA-THEATER COMMUNICATIONS
SCTE 165-10 : 2009 IPCABLECOM 1.5 - PART 10: SECURITY
BS ISO 26430-2:2008 Digital cinema (D-cinema) operations Digital certificate
TR 102 780 : 1.1.1 METHODS FOR TESTING AND SPECIFICATION (MTS); SECURITY; GUIDE TO THE USE OF METHODS IN DEVELOPMENT OF ETSI SECURITY STANDARDS
INCITS/ISO/IEC 15945 : 2002 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES
SCTE 135-3 : 2013 DOCSIS 3.0 - PART 3: SECURITY SERVICES
ISO 17090-5:2017 Health informatics — Public key infrastructure — Part 5: Authentication using Healthcare PKI credentials
ISO 26430-6:2009 Digital cinema (D-cinema) operations — Part 6: Auditorium security messages for intra-theater communications
IEC 62351-9:2017 Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment
IEC TR 62443-3-1:2009 Industrial communication networks - Network and system security - Part 3-1: Security technologies for industrial automation and control systems
ASTM E 2085 : 2000 : REV A Standard Guide on Security Framework for Healthcare Information (Withdrawn 2009)
14/30249803 DC : 0 BS ISO/IEC 27040 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY
BS ISO 26430-6:2009 Digital cinema (D-cinema) operations Auditorium security messages for intra-theater communications
IEEE 1547.3 : 2007 MONITORING, INFORMATION EXCHANGE, AND CONTROL OF DISTRIBUTED RESOURCES INTERCONNECTED WITH ELECTRIC POWER SYSTEMS
13/30293455 DC : 0 BS EN 62591 - INDUSTRIAL COMMUNICATION NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - WIRELESSHART[TM]
16/30335156 DC : 0 BS EN 14615 - POSTAL SERVICES - DIGITAL POSTAGE MARKS - APPLICATIONS, SECURITY AND DESIGN
13/30284056 DC : 0 BS EN 62055-41 - ELECTRICITY METERING - PAYMENT SYSTEMS - PART 41: STANDARD TRANSFER SPECIFICATION (STS) - APPLICATION LAYER PROTOCOL FOR ONE-WAY TOKEN CARRIER SYSTEMS
ISO 26430-2:2008 Digital cinema (D-cinema) operations — Part 2: Digital certificate
BS EN 62351-9:2017 Power systems management and associated information exchange. Data and communications security Cyber security key management for power system equipment
CAN/CSA-ISO/IEC 15945-04 (R2017) Information Technology - Security Techniques - Specification of TTP Services to Support the Application of Digital Signatures (Adopted ISO/IEC 15945:2002, first edition, 2002-02-01)
ISO/IEC TR 24729-4:2009 Information technology Radio frequency identification for item management Implementation guidelines Part 4: Tag data security
IEC TS 62351-2:2008 Power systems management and associated information exchange - Data and communications security - Part 2: Glossary of terms
BS ISO/IEC 18031 : 2011 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
ISO/IEC 11889-1:2015 Information technology Trusted platform module library Part 1: Architecture
IEC TR 62351-13:2016 Power systems management and associated information exchange - Data and communications security - Part 13: Guidelines on security topics to be covered in standards and specifications
ISO/IEC 14776-454:2018 Information technology Small computer system interface (SCSI) Part 454: SCSI Primary Commands - 4 (SPC-4)
17/30281253 DC : 0 BS ISO 21188 - PUBLIC KEY INFRASTRUCTURE FOR FINANCIAL SERVICES - PRACTICES AND POLICY FRAMEWORK
TS 102 042 : 2.4.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR CERTIFICATION AUTHORITIES ISSUING PUBLIC KEY CERTIFICATES
BS ISO 17090-3:2008 Health informatics. Public key infrastructure Policy management of certification authority
ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
ISO 15782-1:2009 Certificate management for financial services Part 1: Public key certificates
NFPA 731 : 2017 INSTALLATION OF ELECTRONIC PREMISES SECURITY SYSTEMS
15/30328633 DC : 0 BS ISO/IEC 20922 - INFORMATION TECHNOLOGY - MESSAGE QUEUING TELEMETRY TRANSPORT (MQTT) V3.1.1
BS ISO 15782-1:2009 Certificate management for financial services Public key certificates
TR 102 437 : 1.1.1 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); GUIDANCE ON TS 101 456 (POLICY REQUIREMENTS FOR CERTIFICATION AUTHORITIES ISSUING QUALIFIED CERTIFICATES)
EN 62351-9:2017 Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment
ANSI X9.97-1 : 2009 FINANCIAL SERVICES - SECURE CRYPTOGRAPHIC DEVICES (RETAIL) - PART 1: CONCEPTS, REQUIREMENTS AND EVALUATION METHODS
07/30170887 DC : DRAFT AUG 2007 BS ISO 26430-2 - DIGITAL CINEMA (D-CINEMA) OPERATIONS - PART 2: DIGITAL CERTIFICATE
BS ISO/IEC 20922:2016 Information technology. Message Queuing Telemetry Transport (MQTT) v3.1.1
ANSI X9.79-1 : 2001 FINANCIAL SERVICES PUBLIC KEY INFRASTRUCTURE - PART 1: PKI PRACTICES AND POLICY FRAMEWORK
TS 102 023 : 1.2.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR TIME-STAMPING AUTHORITIES
BS ISO 26430-1:2008 Digital cinema (D-cinema) operations Key delivery message
PREN 14615 : DRAFT 2016 POSTAL SERVICES - DIGITAL POSTAGE MARKS - APPLICATIONS, SECURITY AND DESIGN
NASA HDBK 0008 : 2012 NASA PRODUCT DATA AND LIFE-CYCLE - MANAGEMENT (PDLM) HANDBOOK
DD IEC/TS 62351-2:2008 Power systems management and associated information exchange. Data and communications security Glossary of terms
ISO 17090-3:2008 Health informatics Public key infrastructure Part 3: Policy management of certification authority
SCTE 23-2 : 2017 DOCSIS 1.1 - PART 2: BASELINE PRIVACY PLUS INTERFACE
SCTE 24-10 : 2016 IPCABLECOM 1.0 - PART 10: SECURITY SPECIFICATION
ANSI X9.82-1 : 2006(R2013) RANDOM NUMBER GENERATION - PART 1: OVERVIEW AND BASIC PRINCIPLES
CSA ISO/IEC 15945 : 2004 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES
IEC TS 62443-1-1:2009 Industrial communication networks - Network and system security - Part 1-1: Terminology, concepts and models
IEC 62591:2016 Industrial networks - Wireless communication network and communication profiles - WirelessHART<sup>TM</sup>
07/30170884 DC : DRAFT AUG 2007 BS ISO 26430-1 - DIGITAL CINEMA (D-CINEMA) OPERATIONS - PART 1: KEY DELIVERY MESSAGE
ISO 26430-1:2008 Digital cinema (D-cinema) operations — Part 1: Key delivery message
CSA ISO/IEC 15945 : 2004 : R2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES
DD IEC TS 62224 : DRAFT 2007 MULTIMEDIA HOME SERVER SYSTEMS - CONCEPTUAL MODEL FOR DIGITAL RIGHTS MANAGEMENT
ANSI INCITS 426 : 2007 FIBRE CHANNEL - SECURITY PROTOCOLS (FC-SP)
ANSI X9.82-3 : 2007(R2017) RANDOM NUMBER GENERATION - PART 3: DETERMINISTIC RANDOM BIT GENERATORS
TS 102 639-5 : 1.1.1 ACCESS AND TERMINALS, TRANSMISSION AND MULTIPLEXING (ATTM); THIRD GENERATION TRANSMISSION SYSTEMS FOR INTERACTIVE CABLE TELEVISION SERVICES - IP CABLE MODEMS; PART 5: SECURITY SERVICES
TS 101 456 : 1.4.3 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR CERTIFICATION AUTHORITIES ISSUING QUALIFIED CERTIFICATES
INCITS/ISO/IEC 15945 : 2002 : R2007 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SPECIFICATION OF TTP SERVICES TO SUPPORT THE APPLICATION OF DIGITAL SIGNATURES

ANSI X9.26 : 1990 FINANCIAL INSTITUTION SIGN-ON AUTHENTICATION FOR WHOLESALE FINANCIAL SYSTEMS
IEEE 828-2012 IEEE Standard for Configuration Management in Systems and Software Engineering
ANSI X9.23 : 1988 FINANCIAL INSTITUTION ENCRYPTION OF WHOLESALE FINANCIAL MESSAGES
ANSI X9.9 : 86(R1994) FINANCIAL INSTITUTION MESSAGE AUTHENTICATION (WHOLESALE)
FIPS PUB 101 : 0 GUIDELINE FOR LIFECYCLE VALIDATION, VERIFICATION & TESTING OF COMPUTER SOFTWARE
IEEE 729-1983 IEEE Standard Glossary of Software Engineering Terminology
IEEE 1012-2012 IEEE Standard for System and Software Verification and Validation
ISO 9074:1989 Information processing systems — Open Systems Interconnection — Estelle: A formal description technique based on an extended state transition model
ANSI X9.17 : 1995 FINANCIAL INSTITUTION KEY MANAGEMENT (WHOLESALE),
ISO 8807:1989 Information processing systems Open Systems Interconnection LOTOS A formal description technique based on the temporal ordering of observational behaviour

View more information
Sorry this product is not available in your region.

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.