This is the first article of in our comprehensive series introducing Hardware Security Modules (HSM). We understand that some of these concepts can be difficult to grasp all in one read. So for this introduction, we don’t quite intend to break the ice, but only aim to scratch the surface on the topic of cryptographic module security standards.
Mainly, we aim to answer 3 essential questions in this regard:
First of all, we offer a simplified introduction to FIPS 140-2. Further, we show you the essential purpose behind FIPS and why it is so important. Finally, we summarize the procedure to have your HSM tested and certified as a FIPS compliant module, and also we break down the legal requirements you will need to follow when implementing an HSM or any cryptographic module used to handle sensitive information.So let’s take a quick look at what it means, and how to become, “FIPS 140-2 Tested and Certified”
The requirements specified in the Federal Information Processing Standard (FIPS) PUB 140- 2 outline a total of 11 areas of design and implementation of products in applied cryptography. These areas include:
To boot, every certified cryptographic module is categorized into 4 levels of security:
|Security Level 2.||Security Level 3.||Security Level 4.|
|Cryptographic Module Specification.||Specification of cryptographic module, cryptographic boundary, Approved algorithms, and Approved modes of operation. Description of cryptographic module including all hardware, software, and firmware components. Statement of module security policy.|
|Required and optional interfaces. Specification of all interfaces and of all input and output data paths.||Data ports for unprotected critical security parameters physically separated from other data ports.|
|Logical separation of required and optional roles and services.||Role-based or identity-based
|Identity-based operator authentication.|
|Specification of finite state machine model. Required states and optional states. State transition diagram and specification of state transitions.|
|Physical Security.||Production-grade equipment.||Locks or tamper evidence.||Tamper detection and response for covers and doors.||Tamper detection and response envelope. EFP and EFT.|
|Executable code. Authenticated software. Single operator.||CAPP evaluated at EAL2.||CAPP plus trusted path evaluated at EAL3 plus security
|CAPP plus trusted path evaluated at EAL4 plus security policy modeling, covert channel analysis, and modularity.|
|Approved key generation/distribution techniques.||Entry/output of keys in encrypted form or direct entry/exit with split knowledge procedures.|
|EMI/EMC.||FCC Part 15. Subpart B, Class A (Business use). Applicable FCC requirements (for voice).||FCC Part 15. Subpart B, Class B (Home use).|
|Self-Tests.||Power-up tests: cryptographic algorithm tests, software/firmware integrity tests, critical functions tests. Conditional tests.||Statistical RNG/PRNG tests – callable on demand.||Statistical RNG/PRNG tests–performed at power-up.|
|Configuration management (CM). Secure installation and generation. Design and policy correspondence. Guidance documents.||CM system. Secure
distribution. Functional specification. Functional testing.
implementation. Test Coverage analysis.
|Formal model. Detailed explanations (informal proofs). Preconditions and postconditions.|
|Specification of mitigation of attacks for which no testable requirements are currently available|
An example of a level 4 certified HSM is Utimaco’s Hardware security modules. Every Utimaco HSMs has been laboratory-tested and certified against FIPS 140-2 standards to help you comply with the standards you need to meet.
The FIPS 140-2 standard is applicable to all Federal departments and agencies operate or are operated for them under contract and use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems). Additionally, FIPS compliance is required in any regulated industry that collects, stores, transfers, shares or disseminates sensitive information. This includes products in regulated industries such as Banking, Health-care institutions, and National Defense. If you want to sell into these industries and cryptography is a central component of your product, you’ll need to prove FIPS compliance.To certify a cryptographic module such as an HSM, Private vendors must first undergo a series of FIPS testing by an independent, accredited Cryptographic and Security Testing (CST) laboratory, such as the National Voluntary Lab Accreditation Program. First, the CST laboratory uses the Derived Test Requirements (DTR) and Implementation Guidance (IG) to test cryptographic modules. Then they must validate the test results before issuing a certificate.
An FIPS 140-2 compliant cryptographic module must satisfy the following:
The NIST specifies certain crypto algorithms as FIPS 140-2 compliant, and also identifies which algorithms can be used for symmetric, asymmetric, message authentication, and hashing cryptographic functions. The following is a list of approved cryptographic algorithms:
The FIPS 140-2 standard is applicable to all Federal departments and any regulated industry that collects, stores, transfers, shares or disseminates sensitive information. More importantly, a cryptographic device with high security is necessary to maintain the privacy and integrity of the sensitive information protected by the module. Now that you have a general idea on the importance of FIPS 140-2 and how to comply, take some time to reflect on what you’ve learned and written down any ideas that come to mind. Then when you’re ready, let’s continue on to Part 2 of the Comprehensive Guide to Hardware Security Modules.