Home
Certification Support
- ITSEC
- Common Criteria
- FIPS 140-2
- BS 7799
Practice Management
Links
Site Map
Contact Rycombe
Search Site

 FIPS 140-2 Overview
Rycombe Consulting logo

FIPS 140-3 summary

In moving from FIPS 140-2 to FIPS 140-3, NIST has updated the standard to reflect changes in technology and has introduced a fifth security level.

Software requirements are given greater prominence in a new area dedicated to software security, and an area specifying requirements to protect against non-invasive attacks is provided.

Reference to Common Criteria and requirements for the use of Common Criteria certified operating systems has been dropped from the requirements and there is more emphasis on audit requirements through the operational environment requirements.

Major changes include the following:

At level 4, two factor authentication of operators is now required (At least two of three: something known, something possessed, some physical property).

Level 5 requires protection against electromagnetic emanation attacks as well as strong protection of public as well as cryptographic security parameters when the module is at rest.

Physical security requirements have been added to counter non-invasive attacks: At level 3, protection of CSPs against timing analysis attacks is required; at level 4 protection of CSPs against SPA and DPA attacks is required; and at level 5 protection of CSPs from EME attacks is required.

Design assurance requirements increase through the levels, so for example, at level 2 a functional specification is required and at level 3, a detailed design. Testing requirements have been introduced, with functional testing required at levels 1 and 2 and low-level testing required at level 3 and above.

New self-tests have been introduced. There is now the requirement for a pre-operational bypass test.

A software security section has been added to the requirements. These are summarised as follows:

  • Level 1: Executable code, Approved integrity technique, API, read and modify restrictions, zeroization upon unload, format checking.
  • Level 2: Digital signature-based integrity test.
  • Level 3: API command to initiate the software integrity test. Hash value zeroization.
  • Level 4: Encryption and decryption of CSPs and integrity test code.
  • Level 5: Encryption and decryption of PSPs and integrity test code.

There requirements are cumulative, with each subsequent level either augmenting or replacing the requirements of the previous level as appropriate.



© Rycombe Consulting 1999-2008. All Rights Reserved.