A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2

Abstract

Federal agencies, industry, and the public now rely on cryptography to protect information and communications used in critical infrastructures, electronic commerce, and other application areas. Cryptographic modules are implemented in these products and systems to provide cryptographic services such as confidentiality, integrity, non-repudiation and identification and authentication. Adequate testing and validation of the cryptographic module against established standards is essential for security assurance. Both Federal agencies and the public benefit from the use of tested and validated products. Without adequate testing, weaknesses such as poor design, weak algorithms, or incorrect implementation of the cryptographic module, can result in insecure products.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2001
Accession Number
ADA399528

Entities

People

  • Annabelle Lee
  • Arch Oldenhoeft
  • Ray Snouffer

Organizations

  • Booz Allen Hamilton

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Algorithms
  • Authentication
  • Commerce
  • Computer Access Control
  • Computer Programming
  • Computer Programs
  • Computers
  • Configuration Management
  • Cryptography
  • Cybersecurity
  • Electronic Commerce
  • Identification
  • Infrastructure
  • Operating Systems
  • Physical Security
  • Software Development
  • Standards

Fields of Study

  • Computer science
  • Mathematics

Readers

  • Cybersecurity.
  • Software Verification and Validation.
  • Systems Analysis and Design

Technology Areas

  • Cyber
  • Microelectronics