I’m pleased to provide a breakdown of exactly what you will find on the NIST website when reviewing a FIPS 140-2 validation listing. Whether you are a federal procurement officer, a technical consultant, a vendor representative, an end user, or really any role that may deal with FIPS 140-2, you should be able to interpret and verify the information on these certificates after reading this post. Bookmark this page for future reference, in fact. If you have any further questions, please don’t hesitate to contact me directly at Mark@SafeLogic.com. I'm here to help.
Here is a screen-captured example of a FIPS 140-2 validation listing, as shown on the NIST website. I will note where other validated modules may differ, but this is a good sample of a typical Software Level 1 certificate, the specialty of SafeLogic’s RapidCert program. (If you click anywhere on the image below, it will open full-size in a new tab.)
- The unique FIPS 140-2 validation listing number assigned to this cryptographic module. This is the number that a vendor should reference when relevant. In this example, FinalCode would announce, “Our products use FIPS 140-2 validated cryptography, see certificate #2717.”
- This is the validation owner. Company names include an embedded link to their website, and the physical address is provided by the vendor. It may not always be headquarters – sometimes it is a development office or similar.
- Every validation listing includes contact information. Often it is the product manager, CTO or another development stakeholder. In this example, it is a general mailbox and central phone number, which is also acceptable. Note the embedded link for direct email.
- This is the independent third party testing laboratory. Every validation has one, and it’s not possible to earn your FIPS 140-2 without an accredited lab. This particular example was tested by Acumen Security, which has done a fantastic job on many SafeLogic’s RapidCert efforts. Information on all the accredited labs can be found here: http://csrc.nist.gov/groups/STM/testing_labs/ and you can cross-reference the unique NVLAP (National Voluntary Laboratory Accreditation Program) code if you like.
- Every FIPS 140-2 validation listing has a name. They are usually pretty generic, just for simplicity, but federal agencies must verify that the specific version information matches the module version implemented by the product(s) that they are using.
- The caveat section contains information required by the CMVP for the cryptographic module. Common caveats describe “FIPS mode” and entropy, a hot button issue of late. CMVP also recently added a new reference, if another validated module has provided a basis for this certificate.
- A link to the consolidated validation certificate. CMVP realized that it was a real time suck to create individual certificates (and send them via snail mail), so instead, they publish a single certificate each calendar month, which lists the validations completed during that period. The PDF certificate includes signatures from both NIST and CSE and it looks pretty, but they are rarely referenced because the public website listing includes more information.
- Each validation includes a required Security Policy, which is linked via PDF. This documentation includes technical parameters for the cryptographic operations in FIPS mode and represents a significant portion of the time and effort wasted by vendors who insist on handling their validation in-house. With RapidCert, this documentation is already prepared for CryptoComply modules and is updated for client needs. Much more simple than starting from scratch.
- This FIPS 140-2 validation listing example features a Software validation, but CMVP also validates Hardware, Firmware and Hybrid modules.
- This is the completion date of the validation. If multiple dates are listed, those represent approved updates. Note that beginning in 2017, CMVP will be removing validations that are not dated within the preceding 5 years. This is an important step to ensure that all validated crypto modules are being maintained for compliance with current standards and requirements.
- FIPS 140-2 validations can be completed for Level 1, 2, 3, or 4. While Level 1 is appropriate for Software, the advanced levels feature increasing amounts of physical security, including tamper-evident seals and tamper response. These are key facets for Hardware validations, in particular.
- This is an area for Security Levels that differ from the Overall Level (see 11) or additional information. These may include notes in the following categories:
- Roles, Services, and Authentication
- Physical Security
- Cryptographic Module Specification
- EMI/EMC (electromagnetic interference/electromagnetic compatibility)
- Design Assurance
- Mitigation of Other Attacks
- The Operational Environment is a crucial section for Software validations. This is where it becomes explicit which platforms were tested within the scope of the validation. This example includes both Android and Apple iOS mobile operating systems. Note that it may be permissible to operate FIPS mode on other operating environments that are not listed here (by vendor affirmation that the module did not require modification for the unlisted environment).
- The FIPS Approved algorithms section lists the specific cryptographic algorithms Approved for use in the FIPS mode of operation, as well as references (but not embedded hyperlinks, unfortunately) to the CAVP certificates for each. This is the evidence that each algorithm was successfully tested by the lab as a prerequisite for the module testing.
- Other algorithms are included on the FIPS 140-2 validation listing if they are implemented in the module but are not specifically listed as FIPS Approved algorithms (#14). This list includes algorithms allowed for use in the FIPS mode of operation as well as any algorithms contained in the module that are not to be used in the FIPS mode of operation. The latter category may be algorithms that have been phased out or are included for other strategic reasons.
- This is a categorization of the module. Multi-Chip Stand Alone, Multi-Chip Embedded, or Single Chip. Software modules are classified as Multi-Chip Stand Alone since they run in a general purpose computer or mobile device.
- This is a brief summary of the role of the cryptographic module. Some are extremely brief, while zealous marketing folks have written others, but the vendor always provides it to offer some context.