2. Q: What is FIPS 140-2?
A: A Standard that outlines four levels of security
for cryptographic devices based on ten criteria
*source FIPS 140-2
3. • Level 1 • Level 2
Moderate
Security
Basic Security Tamper proof
No physical coatings, role
security required, based
cost effective authentication
High Security Enhanced
Tamper proof Security
coatings and Tamper proof
response, identit coatings and
y based response,
authentication, s identify based
ecurity envelope authentication
• Level 4 • Level 3
*source FIPS 140-2
4. COMPONENTS
A [module] shall be comprised of either software,
hardware, or firmware, or any combination thereof
A cryptographic boundary shall consist of an
explicitly defined perimeter
All algorithms shall be FIPS approved
Documentation shall be provided
Module Specification
*source FIPS 140-2
5. A cryptographic module shall have the
following four interfaces:
Data
Input
Interface
*
Status Data
Output Output
Interface Interface
Control
Input
Interface
Ports and Interfaces
*source FIPS 140-2
6. A cryptographic module shall
support the following authorized
roles for operators:
User Role
Crypto Officer Role
Maintenance Role
Roles, Services, and Authentication
*source FIPS 140-2
7. A Cryptographic module shall include
the following operational and error
states:
Power Crypto
Key Entry
On/Off Officer
States
States States
Self Test Error
User States
States States
Finite State Model
*source FIPS 140-2
8. Each Security level shall incorporate the physical
security requirements of the preceding level, with
incremental additional security measures added
each level:
Level 1: Production-grade components (with
standard passivation).
Level 2: Evidence of tampering (e.g., cover,
enclosure, or seal).
Level 3: Automatic zeroization when accessing the
maintenance access interface. Tamper
response and zeroization circuitry.
Protected vents.
Level 4: EFP or EFT for temperature and voltage.
Security envelope provided.
Physical Security
*source FIPS 140-2
9. Each Security level shall incorporate
the Operating System requirements of
the preceding level, with incremental
additional security measures added
each level.
The operating system shall be
evaluated at the FIPS CC evaluation
assurance level appropriate for the
security level.
Operating System Environment
*source FIPS 140-2
10. Cryptographic keys shall be
implemented according to a procedure
that takes the following into account:
1.
• Random Number Generators (RNGs)
2.
• Key Generation
3.
• Key Establishment
4.
• Key Entry and Output
5.
• Key Storage
6.
• Key Zeroization
Key Management
*source FIPS 140-2
11. Electromagnetic Interference/Electromagnetic
Compatibility (EMI/EMC) shall meet the following
requirements:
For Security Levels 1 and 2, a cryptographic module
shall (at a minimum) conform to the EMI/EMC
requirements specified by 47 Code of Federal
Regulations, Part 15, Subpart B, Unintentional
Radiators, Digital Devices, Class A (i.e., for business
use).
For Security Levels 3 and 4, a cryptographic module
shall (at a minimum) conform to the EMI/EMC
requirements specified by 47 Code of Federal
Regulations, Part 15, Subpart B, Unintentional
Radiators, Digital Devices, Class B (i.e., for home
use).
EMI/EMC
*source FIPS 140-2
12. A cryptographic module shall perform power-up
self-tests and conditional self-tests to ensure that
the module is functioning properly.
Power-up tests shall be performed by a cryptographic
module when the module is powered up (after being
powered off, reset, rebooted, etc.).
Conditional tests shall be performed by a
cryptographic module when the conditions specified
for the following tests occur: pair-wise consistency
test, software/firmware load test, manual key entry
test, continuous random number generator test, and
bypass test.
Self-Tests
*source FIPS 140-2
13. Design assurance pertains to the
following:
Configuration Management
Delivery and Operation
Development
Documentation
Design Assurance
*source FIPS 140-2
14. Security Level 1 Level 2 Level 3 Level 4
Module Specification of cryptographic module, cryptographic boundary, Approved algorithms, and Approved
Specification modes of operation. Description of cryptographic module, including all hardware, software, and
firmware components. Statement of module security policy.
Ports and Required and optional interfaces. Data ports for unprotected critical security parameters
Interfaces Specification of all interfaces and of all logically or physically separated from other data ports.
input and output data paths.
Roles, Services, Logical separation Role-based or Identity-based operator authentication.
and Authorization of required and identity-based
optional roles and operator
services. authentication.
Finite State Model Specification of finite state model. Required states and optional states. State transition diagram and
specification of state transitions.
Physical Security Production grade Locks or tamper Tamper detection Tamper detection and response
equipment. evidence. and response for envelope. EFP or EFT.
covers and doors.
Operating Single operator. Referenced PPs Referenced PPs Referenced PPs plus trusted path
Environment Executable code. evaluated at EAL2 plus trusted path evaluated at EAL4.
Approved integrity with specified evaluated at EAL3
technique. discretionary plus security policy
access control modeling.
mechanisms and
auditing.
Key Management Key management mechanisms: random number and key generation, key establishment, key
distribution, key entry/output, key storage, and key zeroization.
EMI/EMC 47 CFR FCC Part 15. Subpart B, Class A 47 CFR FCC Part 15. Subpart B, Class B
Self-Tests Power-up tests: cryptographic algorithm tests, software/firmware integrity tests, critical functions
tests. Conditional tests.
Design Assurance Configuration CM system. Secure High-level language Formal model. Detailed
management (CM). distribution. Functional implementation. explanations .
Secure install/config specification. Pre/Postconditions.
*source FIPS 140-2
15. Mitigation of Other Attacks:
Power Analysis
Timing Analysis
Fault Induction
Final Thoughts
*source FIPS 140-2