To be FIPS compliant, an organization must adhere to the various data security and computer system standards outlined in the Federal Information Processing Standards (FIPS).
Created by the National Institute of Standards and Technology’s (NIST’s) Computer Security Division, FIPS established a data security and computer system standard that organizations must adhere to per the Federal Information Security Management Act of 2002 (FISMA). FISMA requires United States federal government agencies reduce information technology risk to an acceptable level at a reasonable cost.
In 2014, FISMA was superseded by the Federal Information Security Modernization Act of 2014 (FISMA2014), which struck some elements from the original FISMA and amended it for the changes in cybersecurity needs and needed oversight.
To become FIPS compliant, a U.S. government agency or contractor’s computer systems must meet requirements outlined in the FIPS publications numbered 140, 180, 186, 197, 198, 199, 200, 201, and 202.
- FIPS 140 covers cryptographic module and testing requirements in both hardware and software.
- FIPS 180 specifies how organizations can be FIPS compliant when using secure hash algorithms for computing a condensed message.
- FIPS 186 is a group of algorithms for generating a digital signature.
- FIPS 197 is a standard that created the Advanced Encryption Standard, which is a publicly accessible cipher approved by the National Security Agency (NSA) for top secret information.
- FIPS 198 is about a mechanism for message authentication that utilizes cryptographic hash functions.
- FIPS 199 standardizes how federal agencies categorize and secure information and information systems the agency collects or maintains.
- FIPS 200 is a standard that helps federal agencies with risk management through levels of information security based on risk levels.
- FIPS 201 specifies the standard for common identification for federal employees and contractors.
- FIPS 202 gives the specifications for the Secure Hash Algorithm-3 (SHA-3) family of four cryptographic hash functions and two extendable-output functions.
FIPS 140: “Security Requirements for Cryptographic Modules”
The FIPS 140 standard is used in designing, implementing, and operating cryptographic modules. A cryptographic module is the set of hardware, software, and/or firmware that implements security functions, such as algorithms and key generation. The standard also defines the methods for testing and validation of the modules.
The security requirements cover cryptographic module interfaces; software and firmware security; operating environment, physical security; security parameter management; self-tests; mitigation of attacks; and roles, services, and authentication. Federal departments and agencies that operate cryptographic modules or have contracts to have the modules operated for them must have the modules they use pass tests for these requirements.
FIPS 140 outlines four levels of security. As the levels increase, they are not necessarily building on top of the previous. A higher level goes through additional testing for the level’s use case. What is applicable to a level 2 module may not apply to a level 4 module. Modules are validated based on how well they fulfill the needs of the scenarios they will be used in.
Level 1 is the lowest level of security. It covers the basic security features in a cryptographic module. Level 1 systems can use Integrated Circuit cards; however, software functions in a typical personal computer are acceptable.
Level 2 improves the physical security aspects of cryptographic modules. Examples of required physical security measures are tamper-evident coatings, seals, or pick-resistant locks. Role-based authentication is included in this security level and ensures the operator accessing the module is authorized and is limited to their assigned actions. Level 2 also allows for software cryptography in a multi-user system environment. That is where multiple users access a single system with one operating system (OS).
Level 3 requires enhanced physical security, potentially with products available from the private sector. A multi-chip embedded module has to be contained in a strong enclosure that zeroizes critical security parameters when it is removed. Zeroizing is the practice of turning machine settings to a zero value, which alters or deletes information. This security level also uses identity-based authentication. Identities, roles, and assigned actions are authenticated before access is granted. A module complying with Level 3 security has data ports for critical security parameters physically separated from other data ports. For multi-user systems, the OS must be more trusted than in Level 2.
Level 4 is the most secure part of the 140 standard. It requires tamper detection circuits to be able to detect any device penetration. This level is best for when cryptographic modules are in a physically unprotected environment that intruders can access. Module protection in Level 4 extends to keeping voltage and temperature conditions within normal operating ranges. Modules must be able to detect fluctuations and zeroize themselves. Modules can also be designed to operate outside its normal operating range and remain secure. For multi-user systems, Level 4 requires an OS that earned an even greater degree of trust.
As of February 2020, two revised editions of FIPS 140 are approved for testing available cryptographic modules for government use, FIPS 140-2 and FIPS 140-3. Modules are continually tested using the FIPS standards that are in effect.
The second edition went into effect in November 2001 and will continue to be tested until September 2021. The third edition of the standard was approved in March 2019 and became effective in September 2019. Modules will begin to be tested under 140-3 in September 2020. Modules will be tested using both 140-2 and 140-3 between September 2020 and September 2021.
FIPS 140-2 is based on changes in technology and standards from other standards bodies and on comments from vendors, laboratories, and user communities. 140-3 aligns with standards from the International Organization for Standardization and the International Electrotechnical Commission (ISO/IEC).
FIPS 180: “Secure Hash Standard”
The current version of FIPS 180, 180-4, specifies secure hash algorithms for computing a condensed version of electronic data or “message”. Hash algorithms are an input number multiplied by another, resulting in a hash value. When the hash values are 128 bits long, it is very difficult to determine the two numbers used because there are 2^128 possible combinations.
In the FIPS 180-4 standard, there are two stages to the hash algorithms. First is preprocessing, and the second is hash computation.
Preprocessing is where the initial values are determined for the hash computation. The latter then generates a series of hash values. The final hash value generated is used to determine the message digest. A hash algorithm is given the hash value as an input and condenses it into the message digest. The digest is used to detect if messages have been altered since the original message digest was generated.
A message will have a corresponding message digest. In a scenario where the original message has been tampered with, the input to the hash algorithm would be different. The result of which is a message digest that does not match what the recipient expects. When there is no match, tampering can be detected.
The security aspect stems from two computationally infeasible outcomes. First is that it is very difficult to find a message’s corresponding message digest without being the intended recipient. Second is that message digests are so unique, it is very unlikely two messages will have the same digest. All federal departments and agencies must use FIPS 180 to protect sensitive unclassified information and federal applications.
Secure hash algorithms can be used with other cryptographic algorithms, like keyed-hash message authentication codes or random number generators.
FIPS 186: “Digital Signature Standard”
This standard, which organizations must adhere to be FIPS compliant, contains specifications for algorithms that can be used to authenticate a digital signature. A private key is used to generate the digital signature. A public related key is then used for verification. Each signatory has a private and public key pair. Since verification uses a public key, any user can verify a signature, but only the user with an authorized private key can generate the signature.
This figure shows the process of generating a secure signature using hash algorithms and private keys. It also shows signature verification that also uses hash algorithms and public keys. Source: NIST
FIPS 197: “Announcing the Advanced Encryption Standard (AES)”
The FIPS 197 standard, has come to be more commonly called the Advanced Encryption Standard (AES). It is a FIPS-approved cryptographic algorithm for protecting electronic data. More specifically, the AES algorithm is a symmetric block cipher. It encrypts the information by making data unintelligible in the form of a ciphertext. It decrypts information by turning the data back into its original form, called plaintext.
The cryptographic keys used by AES’s algorithm are 128, 192, and 256 bits that encrypt and decrypt data in 128-bit blocks.
FIPS-compliant federal departments and agencies have to meet FIPS 197 when handling sensitive but unclassified information that requires cryptographic protection. Commercial and private organizations are encouraged to use this standard to protect their own sensitive data.
The algorithm can run in software, firmware, hardware, or any combination of the three. Ultimately, the way it is implemented depends on factors like the application in use, the environment, or the technology in use.
FIPS 198: “The Keyed-Hash Message Authentication Code (HMAC)”
FIPS 198 is the specification for applications requiring message authentication. Construction of a message authentication code (MAC) allows for message authentication. MACs based on cryptographic hash functions are hash message authentication codes (HMACs). MACs authenticate both the source of a message and its integrity completely on their own.
HMACs have two distinct parameters: a message input and a secret key only the message originator and intended receivers know. These key-hashed functions are also used in challenge-response identification protocols, which are both a secret key and a challenge message.
This standard protects sensitive, though unclassified, information. It is available to private and commercial organizations.
FIPS 199: “Standards for Security Categorization of Federal Information and Information Systems”
FIPS 199 is a standardized way to categorize information and information systems in a secure way. It enables:
- Effective management and oversight of information security programs
- Consistent reporting to the Office of Management and Budget (OMB) and Congress on the effectiveness of information security policies, procedures, and practices
Security categories are based on how severely an organization would be affected by having its information accessed by a hacker. These information systems are critical to an organization’s ability to accomplish its assigned mission, protect its assets, fulfill its legal responsibilities, maintain its day-to-day functions, and protect individuals.
The potential impact on an organization can range from low to high in three types of security objectives: confidentiality, integrity, and availability. The confidentiality objective is to maintain information restrictions in place. The integrity objective is to prevent improper information modification or destruction, in addition to ensuring information authenticity. The availability objective is to ensure information can be accessed reliably and in a timely manner.
An organization’s risk assessments can be informed by security categories working in tandem with vulnerability and threat information.
FIPS 199 applies to information that:
- Does not require protection against unauthorized disclosure or has a classified status
- All federal information systems that are not designated as national security systems
This table shows the different low- to high-water marks necessary to ensure security objectives are accomplished. Organizations use this table to be FIPS compliant. Source: NIST
FIPS 200: “Minimum Security Requirements for Federal Information and Information Systems”
FIPS 200 provides 17 security-related areas that protect the confidentiality, integrity, and availability of federal information systems and the systems’ information. They must be adhered to in order to be FIPS compliant. The areas are:
- Access control: the limitation of information system access and use to authorized users.
- Awareness and training: Managers must know of risks and regulations on their information systems, while personnel must be trained in information security-related duties.
- Audit and accountability: Information system records must be made, protected, and retained for security audits in addition to being capable of tracing of information system users for accountability.
- Certification, accreditation, and security assessments: Security controls must be regularly tested for effectiveness, plans of actions must be made to correct security deficiencies and monitor information system security controls.
- Configuration management: There must be baseline configurations and documentation for hardware, software, firmware, and security settings.
- Contingency planning: Plans must exist for emergency response, backup operations, and disaster recovery.
- Identification and authentication: Access to the information system depends on the authenticated identification of users, processes, and devices.
- Incident response: Operational incident handling must include adequate preparation, detection, analysis, containment, recovery, and user response activities in addition to the tracking, documenting, and reporting of incidents.
- Maintenance: Regular maintenance must be performed on information systems using effective controls on tools, techniques, mechanisms, and personnel that conduct the maintenance.
- Media protection: Paper and digital media must be protected from unauthorized users and must be sanitized or destroyed before disposal or reuse.
- Physical and environmental protection: Information systems, equipment, operating environments, and supporting infrastructure must be protected from unauthorized users and environmental hazards via supporting utilities such as facility environmental controls.
- Planning: Organizations must develop, document, update, and implement security plans for information systems that describe the planned or in-place security controls and rules for accessing the systems.
- Personnel security: Organizations must ensure personnel with responsibility are trusted and vetted, terminated and transferred personnel lose access to information, and personnel that don’t comply with security policies are formally sanctioned.
- Risk assessment: Organizations must regularly assess risk coming to them from their information systems’ processing, storage, or transmission of information.
- Systems and services acquisition: Organizations and third parties must use sufficient resources for protecting information systems, incorporate information security considerations into life cycle operations, and restrict software usage and installation.
- System and communications protection: Communications must be monitored, controlled, and protected at network boundaries by designing effective security architecture, software development techniques, and systems engineering principles.
- System and information integrity: Organizations must identify, report, and correct system flaws; protect from malicious codes; and monitor and respond to security alerts.
FIPS 201: “Personal Identity Verification (PIV) of Federal Employees and Contractors”
FIPS 201 creates a common way for individuals to access buildings, computer systems, or data that must be kept secure. The scope of the standard focuses on the authentication of an individual’s identity, not the identity of a whole department or agency.
To be FIPS compliant, organizations are required to have a government-wide identity credential that “is issued based on criteria of verifying an individual employee’s identity; is strongly resistant to identity fraud, tampering, counterfeiting, and terrorist exploitation; can be rapidly authenticated electronically; and is issued by only by providers whose reliability has been established by an official accreditation process.”
The functional components of FIPS 201 have three major subsystems.
- PIV Front-End Subsystem: PIV card, card and biometric readers, and PIN input device
- PIV Card Issuance and Management Subsystem: identity proofing and registration, card and key issuance and management, and repositories and services required for the verification infrastructure
- PIV Relying Subsystem: physical and logical access control systems, protected resources, and authorization data
Authentication mechanisms have different levels of security that federal departments and agencies determine to be appropriate for the applications they use.
FIPS 202 “SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions”
FIPS 202 is a specification for the Secure Hash Algorithm-3 family of four cryptographic hash functions and two extendable-output functions. Hash functions are used in security functions including generating and verifying digital signatures, key derivation, and pseudorandom bit generation.
Extendable-output functions are different. However, they can be used similarly through their ability to adapt directly to the requirements and security considerations of specific applications.
Similar to other standards in this list, FIPS 202 is for protecting sensitive unclassified information. Either FIPS 202 or 180 can be used when federal applications require a secure hash algorithm. That extends to when the application is a component within other cryptographic algorithms and protocols.
FIPS Compliance: Key Takeaways
- To be FIPS compliant means an organization adheres to the Federal Information Processing Standards (FIPS) in order to act in accordance with the Federal Information Security Management Act of 2002 (FISMA) and the Federal Information Security Modernization Act of 2014 (FISMA2014).
- FIPS 140 covers the physical and virtual security aspects of cryptographic modules at four ascending levels of enhanced security.
- FIPS 180 shows how secure hash algorithms can provide security by making unique and hard-to-parse data messages transmitted through an organization’s information system.
- FIPS 186 establishes how digital signatures are generated and kept secure through public and private keys.
- The Advanced Encryption Standard, or FIPS 197, is a publicly available cryptographic algorithm used by the NSA.
- FIPS 198 is about how hash message authentication codes use secret keys for secure communication and for challenge-response identification.
- FIPS 199 enables federal departments and agencies to categorize their information systems so they can report on the adequacy and effectiveness of the security features in use.
- FIPS 200 covers the minimum security requirements of an information system in 17 areas.
- FIPS 201 establishes a standard for the physical and virtual credentials of federal employees and contractors
- FIPS 202 is similar to 180 and can be an alternative to it when secure hash algorithms are required by the federal government for organizations to be FIPS compliant.
Updated September 2020 by Ashley Wiesner