Encryption is an important security tool for protecting sensitive data. However, not all solutions use the same cipher techniques. There are a number of encryption algorithms that can be used to secure data with varying levels of security. To set acceptable standards for encryption technologies used by the U.S. Government the National Institute of Standards and Technology (NIST) has published the Federal Information Processing Standards (FIPS) series. These standards define how U.S. government agencies protect their data, data processing systems, and data processing devices. FIPS 140-2 specifically outlines the security requirements for cryptographic module encryption.
Overview of the FIPS 140-2 Standard
NIST defines cryptographic modules as the collection of hardware, software, and/or firmware that applies approved security functions (including cryptographic algorithms and key generation) and is contained within a cryptographic boundary.
FIPS 140-2 specifically deals with cryptographic modules used to protect sensitive data in computer and telecommunication systems including data storage, access control and personal identification, network communications, radio, facsimile and video.
The standard specifies the security requirements that need to be satisfied by a cryptographic module utilized within a security system protecting sensitive but unclassified information (sensitive information or SBU). It provides four increasing, qualitative levels of security (Level 1- Level 4) which cover a wide range of potential applications and environments in which cryptographic modules may be employed. These security requirements cover areas related to the secure design and implementation of a cryptographic module.
As encryption has become such an important data protection tool for global government, defense and enterprises, the FIPS 140-2 standard has been adopted as the model for encryption best practices by government and intelligence agencies including the EU, Asia and South America, as well as regulated industries.
FIPS 140-2 Security Levels
There are four increasing, qualitative levels of security defined in FIPS 140-2 with 11 functional areas each must address:
- Cryptographic Module Specification
- Module Ports and Interfaces
- Roles, Services, and Authentication
- Finite State Model
- Physical Security
- Operational Environment
- Cryptographic Key Management
- Electromagnetic Interference / Electromagnetic Compatibility (EMI/EMC)
- Design Assurance
- Mitigation of Other Attacks
At a high level here’s a summary of each of the levels which are fully outlined in the FIPS 140-2 standard.
Level 1 provides basic security requirements such as at least one approved algorithm / security function. There are no physical security mechanisms involved aside from the basic production-grade requirements for different components. For example, a PC encryption board uses Security Level 1. It also allows the software and firmware components of a cryptographic module to be executed on a general-purpose computing system using an unevaluated operating system.
Level 2 adds a physical security mechanism, requiring features that can expose the signs of tampering and protect from unauthorized access, e.g., tamper-evident coatings or seals for plaintext cryptographic keys or CSP (critical security parameters), pick-resistant locks for doors or covers, etc. At a minimum, it also requires role-based authentication in which a cryptographic module authenticates the authorization of an operator to assume a specific role and perform a corresponding set of services.
Level 3 adds to the requirements in level 2 by requiring more rigorous safeguards for cases of physical access to the CSPs. Those measures should have a high probability of detecting an intrusion and a certain response to multiple access attempts, like tamper-detection circuitry that deletes all of the plaintext cryptographic data as soon as it detects that the doors or covers leading to this data are opened. Additionally, it requires identity-based authentication mechanisms to enhance the security provided by the role-based authentication mechanisms in Level 2. Private keys leaving or entering the system must also be encrypted before they can be moved to or from the system.
Level 4 provides the strongest security measures possible. It provides complete protection of the cryptographic module with the capability to detect and respond to an unauthorized access attempt. It also requires the Operating Systems (OS) being used by the cryptographic module to be more secure than Levels 1-3. If there are multiple system users, then the OS is held to an even higher standard.
Who does FIPS 140-2 apply to?
Any U.S. federal government agency that collects, stores, transfers, shares and disseminates sensitive but unclassified information (SBU) must use FIPS 140-2 validated solutions. Additionally, any company that deploys systems in a U.S. federal SBU environment must also be compliant.
However, with FIPS 140-2 becoming the global de-facto standard for encryption many regulated industries have adopted the standard including healthcare, manufacturing, financial services and critical infrastructure.
FIPS compliance, validation and certification
You may have seen encryption products or IT systems touting ‘FIPS Compliant Encryption’, ‘FIPS 140 2 Validated Encryption’ or ‘FIPS 140 2 Certified Encryption’ and wondered what it means.
‘FIPS 140-2 Validated Encryption’ and ‘FIPS 140-2 Certified Encryption’ indicate that a product has passed a validation process. NIST has licensed a few trusted third-party organizations to perform the validation of FIPS 140-2 certification applicants and issue the certifications on their behalf. The process validates that a product meets FIPS 140-2 requirements to the specified level.
‘FIPS Compliant Encryption’ generally refers to products using NIST-approved block cipher techniques. Currently, there are two approved cipher algorithms that can be used to apply cryptographic protection (encryption) and remove or verify the protection that was previously applied (decryption): Advanced Encryption Standard (AES) and Triple DES.
AES is specified in FIPS 197, Advanced Encryption Standard (AES) and must be used with the modes of operation designed specifically for use with block cipher algorithms. Triple DES is specified in SP 800-67 Revision 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher \ (commonly called Triple DES).
Why doesn’t everyone qualify for FIPS 140-2 Level 4?
It is a common misconception that the level of validation indicates how secure your encryption module is. In reality, it only implies how secure your encryption module is. Every manufacturer of an encryption product must decide if they will obtain FIPS 140-2 validation, and, if so, at what level.
Each level in the FIPS 140-2 standards is specifically designed for a given task and working environment. For example, if you are on a local intranet in a secure facility and utilizing a software-only solution, it’s very likely that the FIPS 140-2 Level 1 validation is appropriate. If you are a soldier carrying a hardware device that manages rotating keys for secure communications during active battle, then FIPS 140-2 Level 4 may be more suitable.
It is interesting to note that, technically, there is nothing overtly barring a software-only encryption module from attaining FIPS 140-2 Level 3 or Level 4 certification but, in practicality, it is almost impossible due to the tamper-evident requirements.
archTIS and FIPS 140-2
archTIS’ NC Protect product offers multiple encryption options to suit customer needs and compliance requirements.
- Built-in NC Protect encryption capabilities use Microsoft MPIP and RMS, both of which are FIPS 140-2 certified.
- The NC Encrypt module’s independent key management functionality uses FIPS Compliant Encryption employing AES 256-bit encryption. The cryptographic modules used to create and protect NC Encrypt’s Data Encryption Keys (DEKs) and Key Encryption Keys (KEKs) have gone through a rigorous process to ensure the integrity of the keys themselves, and that access to the keys is restricted to only those who are supposed to have access.
- The NC Encrypt CipherTrust Manager Connector offers FIPS 140-2 certified encryption as Thales products are tested and validated against the rigorous FIPS 140-2 standard.
You can be confident that the cryptographic modules used within the NC Protect suite meet FIPS 140-2 standards.