FIPS 140-2
The dominant certification for cryptographic module, issued by NIST.
- About FIPS 140-2
- Solutions
- Related Products
- Resources
About FIPS 140-2
The Federal Information Processing Standard (FIPS) 140-2 is issued by the National Institute of Standards and Technology (NIST) and specifies security requirements for cryptographic modules. The requirements cover areas related to the secure design and implementation of a cryptographic module. These areas include:
- Cryptographic Module Specification
- Ports and Interfaces
- Roles, Services, and Authentication
- Finite State Model
- Physical Security
- Operational Environment
- Key Management
- EMI / EMC
- Self-Tests
- Design Assurance
- Mitigation of Other Attacks
FIPS 140-2 Security Levels
Based on the security requirements in the above areas, FIPS 140-2 defines four levels of security:
- Level 1 is the lowest security level that can be applied to both soft- and hardware. It is characterized by the sole fact that it uses a cryptographic function.
- Level 2 already has temper evidence as an additional security feature. This means that an attack may have been successful, but at least the fact that the secret has been divulged is known.
- Level 3 devices are measured on tamper detection and response, identity-based authentication and enhanced protection of secret and private keys.
- Level 4 devices are tamper resistant and provide environmental failure protection (with regard to voltage or temperature).
Solutions for FIPS 140-2
FIPS 140-2 Certified Hardware Security Modules
All Utimaco Hardware Security Modules (HSMs) are FIPS 140-2 Level 3 certified, with one model offering physical security compliant with FIPS 140-2 Level 4. Each HSM has been independently tested and certified to support your compliance needs. Certification for FIPS 140-3 Levels 3 and 4 is currently in progress for the u.trust General Purpose HSM Se-Series.
Related Products
It delivers scalable multi-tenancy functionality, superior performance, and customizability for a wide range of applications.
The Hardware Security Module specialized for eIDAS-compliance and VS-NfD classified use cases.
The only Hardware Security Module in the market that is certified according to FIPS 140-2 Level 4 – meeting the highest physical security requirements.
Utimaco’s General Purpose Hardware Security Module as a Service is providing access to a FIPS 140-2 Level 3 HSM hosted by Utimaco in a secure and certified datacenter.
The leading Payment Hardware Security Module in the industry, designed for secure and compliant non-cash retail payment transactions and cardholder authentication.
Resources
The u.trust General Purpose HSM Se-Series combines superior performance with multi-tenancy. From entry-level to high-performance use cases, all models are future-proof with post quantum cryptography readiness and are FIPS 140-2 Level 3 certified.
u.trust General Purpose HSM Se-Series
The u.trust General Purpose HSM Se-Series combines superior performance with multi-tenancy. From entry-level to high-performance use cases, all models are future-proof with post quantum cryptography readiness and are FIPS 140-2 Level 3 certified.
Download
The CC eIDAS compliance version for CryptoServer General Purpose HSM supports Trust Service Providers (TSPs) in fulfilling policy and security requirements defined in various ETSI technical standards (ETSI EN 319 401, EN 319 411, EN 319 421).
CryptoServer General Purpose HSM CC eIDAS
The CC eIDAS compliance version for CryptoServer General Purpose HSM supports Trust Service Providers (TSPs) in fulfilling policy and security requirements defined in various ETSI technical standards (ETSI EN 319 401, EN 319 411, EN 319 421).
Download
The data security standards for public authorities require the use of appropriate measures for ensuring the seamless protection of all sensitive data. One of the most efficient ways to do this is to use encryption tools that securely store and use keys in a VS-NfD HSM.
CryptoServer General Purpose HSM VS-NfD
The data security standards for public authorities require the use of appropriate measures for ensuring the seamless protection of all sensitive data. One of the most efficient ways to do this is to use encryption tools that securely store and use keys in a VS-NfD HSM.
Download
Utimaco's Trust as a Service is a cloud-enabled Marketplace that delivers Data Protection, Secure Payments, and Key Management online services. Leverage the cloud to deploy and manage your business while enjoying lower total cost of ownership, smooth integration, and the ability to scale instantly.
Trust as a Service
Utimaco's Trust as a Service is a cloud-enabled Marketplace that delivers Data Protection, Secure Payments, and Key Management online services. Leverage the cloud to deploy and manage your business while enjoying lower total cost of ownership, smooth integration, and the ability to scale instantly.
Download
The Atalla AT1000 Payment HSM secures the payment ecosystem and plays a crucial role in securing inter-banking communication, user- and card authentication, as well as user data protection for both in-person and remote payments transactions.
Atalla AT1000 Payment HSM
The Atalla AT1000 Payment HSM secures the payment ecosystem and plays a crucial role in securing inter-banking communication, user- and card authentication, as well as user data protection for both in-person and remote payments transactions.
Download
The CryptoServer General Purpose HSM CSe-Series is the Hardware Security Module that meets the highest physical security requirements for sensitive and critical applications prevalent in banking and government. It is certified according to FIPS 140-2 Level 4 (physical security).
CryptoServer General Purpose HSM CSe-Series
The CryptoServer General Purpose HSM CSe-Series is the Hardware Security Module that meets the highest physical security requirements for sensitive and critical applications prevalent in banking and government. It is certified according to FIPS 140-2 Level 4 (physical security).
Download
