Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [fips-140]

FIPS 140-2 is a U.S. government computer security standard used to accredit cryptographic modules.

The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2)[1, 2], is a U.S. government computer security standard used to accredit cryptographic modules. The title is Security Requirements for Cryptographic Modules. Initial publication was on May 25, 2001 and was last updated December 3, 2002.

45 questions
30
votes
4 answers

Why is FIPS 140-2 compliance controversial?

I was reading the comments of an article about a proposed new implementation of /dev/random in Linux today, and someone remarked that it must be bothersome to go through 43 revisions and still not have your patch landed. A few comments down the line…
Newbyte
  • 427
  • 4
  • 11
3
votes
2 answers

Are non-FIPS algorithms allowed to execute at all in a FIPS-compliant system?

If a piece of software is running in FIPS mode and using FIPS-certified cryptographic modules, is it permitted to execute any non-FIPS algorithms even if the security of the system is not uniquely dependent on them? Example: lets say you have a…
Adam Ierymenko
  • 896
  • 6
  • 20
3
votes
1 answer

Could a crypto system that uses non-FIPS crypto but then upgrades complete to FIPS be FIPS certified?

I know most people around here (including myself) are anti-FIPS, but I have a FIPS related question. Could a crypto system that is not FIPS, e.g. one based on primitives like Curve25519, achieve FIPS compliance if it is capable of upgrading to FIPS…
AdamIerymenko
  • 173
  • 5
2
votes
2 answers

FIPS 140-2, Level 1 validation vs. compilation

I'm working on a system that needs to use cryptographic functions that must be FIPS 140-2, Level 1 validated. The challenging part is that some of this system needs to run in the browser. For maintainability reasons and ease of use, I would really…
Markus A.
  • 201
  • 2
  • 5
1
vote
0 answers

Where is master password for Firefox stored. Is this password is same as the master password asked for NSS?

While working on FIPS requirement. I found that there is a master password required for LibNSS to access all primary cryptographic module. Similarly Firefox in FIPS mode also needs a master password although it is the password used to protect user…
AjayLohani
  • 139
  • 5
0
votes
1 answer

FIPS 140-2 compliance across symmetric and asymmetric primitives

I'm looking to learn more about FIPS compliance. I noted that it seems FIPS 140-2, is a holistic article, that then cites sub articles like FIPS 197... It's tricky to ascertain the full picture. Is there a document anyone knows of that will…
Woodstock
  • 1,384
  • 1
  • 13
  • 23