abstract | - This publication provides a standard to be used by U.S. federal organizations when these organizations specify that cryptographic-based security systems protecting unclassified information within computer and telecommunication systems (including voice systems). Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. This standard specifies the security requirements that are to be satisfied by a cryptographic module. The standard provides four increasing, qualitative levels of security intended to cover a wide range of potential applications and environments. The security requirements cover areas related to the secure design and implementation of a cryptographic module. These areas include basic design and documentation, module interfaces, authorized roles and services, physical security, software security, operating system security, key management, cryptographic algorithms, electromagnetic interference/electromagnetic compatibility (EMI/EMC), and self-testing. This standard superseded FIPS 140, General Security Requirements for Equipment Using the Data Encryption Standard, in its entirety.
|