What is FIPS 140-3?

Encryption has become a vital data protection tool used by global governments, defense and enterprises. However, not all solutions use the same cipher techniques. Several encryption algorithms can be used to secure data with varying levels of security. To establish acceptable standards for encryption technologies utilized by the U.S. Government, the National Institute of Standards and Technology (NIST) published the Federal Information Processing Standards (FIPS) FIPS-140. This program outlines the requirements for U.S. and Canadian government agencies to protect their data, data processing systems, and data processing devices.

Specifically, FIPS 140-3 details the security requirements for cryptographic module encryption that these government agencies can use to safeguard sensitive but unclassified information. NIST and the Canadian Centre for Cyber Security (CCCS) jointly established the Cryptographic Module Validation Program (CMVP) to certify IT products ready for procurement. Obtaining and using a FIPS-validated product ensures that the vendor has implemented the cryptographic module correctly and that it adheres to the Cyber Centre’s recommended security best practices for cryptography.

What is FIPS 140-3?

FIPS 140-3 replaces FIPS 140-2. It specifically addresses cryptographic modules that are designed to safeguard sensitive information in computer and telecommunications systems, including data storage, access control, personal identification, network communications, radio, facsimile, and video. Effective April 1, 2022, FIPS PUB 140-3 Security Requirements for Cryptographic Modules replaces FIPS 140-2 for new validation submissions. While the transition to FIPS 140-3 has started, FIPS 140-2 modules are active for 5 years after the date of validation or until September 21, 2026, at which point they will be placed on the historical list.

The standard outlines security compliance requirements for cryptographic modules used within a security system protecting sensitive but unclassified information (SBU). NIST characterizes cryptographic modules as a set of hardware, software, and/or firmware that utilizes approved security functions (such as cryptographic algorithms and key generation) and is enclosed within a defined cryptographic boundary. There are four progressive, qualitative levels of security (Levels 1-4) that encompass a broad spectrum of potential applications and environments where cryptographic modules can be utilized. These security prerequisites pertain to aspects associated with the secure design and execution of a cryptographic module.

What is the Difference Between FIPS 140-3 vs 140-2?

FIPS 140-3 is aligned with the International Organization for Standardization/International Electrotechnical Commission’s ISO/IEC 19790 standard. It includes a number of improvements to the security criteria compared to the FIPS 140-2 standard, such as:

• More stringent integrity test requirements.
• A new mandatory service is needed to provide the module name/identifier along with the version, which can be linked to validation records or certificates.
• Key zeroization is required for ALL unprotected “Sensitive Security Parameters” (SSP) at all levels, including public keys.
• Responsibilities, services, and authentication must be fulfilled by the implementation of a cryptographic module (rather than through policies, rules, etc.). For instance, limitations on password length.
• Suppliers must show sufficient internal testing on a module, along with the testing conducted in validation labs.

FIPS 140-3 introduces several changes to the requirements areas that must be addressed while maintaining the four qualitative security levels.

What are the FIPS 140-3 Security Levels?

There are four levels of security, each building on the requirements of the previous level, as fully outlined in the FIPS 140-3 standard.

FIPS 140-3 Level 1

Level 1 provides basic security requirements, which require the use of at least one approved algorithm or security function. Besides the basic production-grade requirements for different components, no physical security mechanisms are involved. Level 1 is suitable for cryptographic modules that are solely software-based, since Levels 2 through 4 require a hardware element.

FIPS 140-3 Level 2

Level 2 introduces a physical security component that necessitates features capable of revealing signs of tampering and safeguarding against unauthorized access, such as tamper-evident coatings or seals for plaintext cryptographic keys or critical security parameters (CSP), pick-resistant locks for doors or covers, and similar measures. At a minimum, it also mandates role-based authentication, whereby a cryptographic module verifies an operator’s authorization to assume a specific role and execute the corresponding set of functions.

FIPS 140-3 Level 3

Level 3 builds on Level 2, requiring more rigorous safeguards for physical security. The measures should have a strong likelihood of identifying intrusions and a specific reaction to any attempts at physical access, such as tamper-detection circuits that erase all plaintext cryptographic data upon detecting that doors or covers leading to this data have been opened. Furthermore, it necessitates identity-based authentication methods to bolster the security provided by role-based authentication mechanisms at Level 2. Private keys that enter or exit the system must be encrypted before they can be transferred to or from the system.

FIPS 140-3 Level 4

Level 4 ensures the strongest security measures possible are in place. The level provides complete protection of the cryptographic module and the capability to detect and respond to all unauthorized physical access attempts. It also requires the operating system (OS) used by the cryptographic module to exceed security in Levels 1-3. When there are several users of the system, the operating system is expected to meet an even greater standard.

Who must use FIPS 140-3 validated encryption?

Any federal agency of the U.S. government that gathers, holds, transfers, shares, or distributes sensitive but unclassified information (SBU) is required to utilize solutions validated by FIPS 140-3. Furthermore, any organization that implements systems within a U.S. federal SBU environment must also adhere to these compliance standards.

All Defense contractors, including primes and subcontractors, who must adhere to CMMC Levels 2 and 3 must use FIPS 140-validated cryptography to encrypt Controlled Unclassified Information (CUI). This follows the NIST 800-171 standards that CMMC is built upon.

However, as its predecessor, FIPS 140-2 has become the global de facto standard for encryption, many regulated industries, including healthcare, manufacturing, financial services, critical infrastructure, and other governments, have adopted it.

What’s the difference between FIPS validation, certification and compliance?

Some encryption products or IT systems refer to ‘FIPS Compliant Encryption’, ‘FIPS 140-3 Validated Encryption’ or ‘FIPS 140-3 Certified Encryption’. While these terms may sound similar, they are not all equal from a compliance perspective. Only validated modules can be used by U.S. and Canadian federal governments, and regulated industries such as Defense contractors, financial institutions and healthcare organizations.

‘FIPS 140-3 Validated Encryption’ and ‘FIPS 140-3 Certified Encryption’ indicate that a product has passed a rigorous validation process. NIST authorizes a few trusted third-party organizations to validate FIPS 140-3 applicants and issue the certifications. The process validates that a product meets FIPS 140-3 requirements to the specified level. Validation certificates are valid for five years.

‘FIPS Compliant Encryption’ generally refers to products using NIST-approved block cipher techniques.  Currently, there are two approved cipher algorithms that can be used to apply cryptographic protection (encryption) and remove or verify the protection that was previously applied (decryption): Advanced Encryption Standard (AES) and Triple DES.

AES is specified in FIPS 197, Advanced Encryption Standard (AES) and must be used with the modes of operation designed specifically for use with block cipher algorithms. Triple DES is specified in SP 800-67 Revision 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher  (commonly called Triple DES).

Why doesn’t everyone need FIPS 140-3 Level 4 validation?

It is a common misconception that the level of validation indicates how secure your encryption module is. In reality, it only implies how secure your encryption module is. Every manufacturer of an encryption product must decide whether to obtain FIPS 140-3 validation, and if so, at what level.

Each level in the FIPS 140-2 standards is specifically designed for a given task and working environment. For example, if you are on a local intranet in a secure facility and utilizing a software-only solution, it’s very likely that the FIPS 140-3 Level 1 validation is appropriate. If you are a soldier carrying a hardware device that manages rotating keys for secure communications during active battle, then FIPS 140-3 Level 4 may be more suitable.

A software-based product only requires Level 1. While nothing prevents a software-only encryption module from attaining FIPS 140-3 Level 3 or Level 4 certification, in practical terms, it is almost impossible due to the tamper-evident requirements.

archTIS encryption products and FIPS 140-3

archTIS’ NC Protect and NC Encrypt products offer multiple encryption options to suit customer needs and compliance requirements.

• NC Protect’s out-of-the-box encryption capabilities use Microsoft’s FIPS-validated Microsoft Purview Information Protection (MPIP) or RMS to apply encryption in Microsoft applications.
• The add-on NC Encrypt module provides non-Microsoft encryption and customer-controlled key management (HYOK and BYOK), utilizing FIPS-compliant AES 256-bit encryption. NC Encrypt is currently undergoing the FIPS validation process.
• Pairing NC Encrypt with Thales CipherTrust Manager enables customers to leverage their existing keys by connecting directly to existing HSMs/VSMs through a seamless integration.
• Additionally, Thales CipherTrust Manager and any HSMs connected to it must also undergo their own FIPS validation. Please check with your provider for their FIPS validation status.

Customers can trust that the cryptographic modules integrated into NC Protect and NC Encrypt comply with the rigorous FIPS standards, ensuring the highest levels of data security and compliance.

Contact us to learn more about our encryption, HYOK and BYOK solutions for Microsoft 365 and SharePoint Server.