The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2),[1][2] is a U.S. government computer security standard used to approve cryptographic modules. The title is Security Requirements for Cryptographic Modules. Initial publication was on May 25, 2001, and was last updated December 3, 2002.
Its successor, FIPS 140-3, was approved on March 22, 2019, and became effective on September 22, 2019.[3] FIPS 140-3 testing began on September 22, 2020, and the first FIPS 140-3 validation certificates were issued in December 2022.[4] FIPS 140-2 testing was still available until September 21, 2021 (later changed for applications already in progress to April 1, 2022[5]), creating an overlapping transition period of more than one year. FIPS 140-2 test reports that remain in the CMVP queue will still be granted validations after that date, but all FIPS 140-2 validations will be moved to the Historical List on September 21, 2026 regardless of their actual final validation date.[6]
- ^ "FIPS PUB 140-2: Security Requirements for Cryptographic Modules". NIST. July 26, 2007. Archived from the original on August 25, 2007. Retrieved May 18, 2013.
- ^ "Federal Information Processing Standards (FIPS) Publications: FIPS 140--2, Security Requirements for Cryptographic Modules". NIST. May 2001. Retrieved May 18, 2013.
- ^ "Announcing Approval and Issuance of FIPS 140-3, Security Requirements for Cryptographic Modules". www.nist.gov. National Institute of Standards and Technology. May 1, 2019. Retrieved May 29, 2019.
- ^ "Cryptographic Module Validation Program". www.nist.gov.
- ^ "FIPS 140-3 Transition Effort". www.nist.gov. National Institute of Standards and Technology. June 2, 2021. Retrieved August 18, 2021.
- ^ "FIPS 140-3 Transition Effort". www.nist.gov. National Institute of Standards and Technology. September 21, 2020. Retrieved October 19, 2020.
© MMXXIII Rich X Search. We shall prevail. All rights reserved. Rich X Search