Setting Requirements for Design, Implementation, Validation, and Robustness in Cryptography Equipment
The National Institute of Standards and Technology (NIST) Federal Information Processing Standard FIPS 140-2 for Cryptography is an internationally recognized security certification standard for commercial cryptography. Applicable to both hardware and software based cryptography, the FIPS 140-2 standard sets out the requirements related to design, implementation, validation, and robustness to ensure cryptography equipment operates as expected.
Cryptography refers to the algorithms and protocols used to secure or “hide” data from unauthorized access by means of encrypting and decrypting data. Common cryptography techniques include symmetric-key algorithms such as DES/3DES and AES, as well as public-key algorithms such as RSA. Cryptography key management is also a significant factor in the FIPS 140-2 standard.
Modern cryptography is used today in almost all forms of commerce, such as the financial markets and for internet data security, and in the defense industry for data and communications security.
The FIPS 140-2 standard provides four increasingly higher levels of security, numbered Level 1 thru Level 4, covering a wide range of security applications and environments. Level 1 covers basic security, whereas Level 4 provides the highest level of security. Most commonly, commercial FIPS 140-2 validated products are validated to Levels 2 or 3.
Equipment is evaluated independently and validation is governed by the Cryptographic Module Validation Program (CMVP), a joint venture between the NIST in the United States, and the Communications Security Establishment (CSE) in Canada.
Curtiss-Wright Defense Solutions offers a range of products designed to the FIPS 140-2 standard. Some of these products include:
|VPX3-685 3U VPX 14/17/20-port + 2x 10GbE Managed Ethernet Switch & Secure Router||Common Criteria Certified and FIPS 140-2 Validated - Certificate #2085|
|FSM: 3U VPX Flash Storage Module with FIPS ASIC||FIPS 140-2 Validated ASIC- certificate #1472|
|DTS1: 1-slot Rugged Network Attached File Server||DZUS network file server|
|DTS3: 3-slot rugged Network Attached File Server||DZUS network file server|
|CNS2-FC: 2-slot Rugged Network Attached Storage with Fibre Channel and iSCSI||FIPS 140-2 validated AES256-bit encryptor|
|CNS4: 4-slot Rugged Network File Server||ATR network file server|