Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Assuring Cryptographic Security: Development, Validation, and Use of FIPS 140-1 Compliant Products

Federal agencies and departments are required to comply with FIPS 140-1, Security Requirements for Cryptographic Modules. This involves the acquisition of validated cryptographic modules (which may be incorporated in a product/application) for protecting sensitive but unclassified data. Cryptographic modules are used to provide security services such as confidentiality, integrity, and authentication. FIPS 140-1 provides users with 1) a specification of security features that are required at each security level, 2) flexibility in choosing security requirements and environments, and 3) a guide to ensuring the modules in corporate necessary security features. Accredited laboratories perform conformance testing of FIPS 140-1 modules under the Cryptographic Module Validation (CMV) Program, which is a joint effort between NIST and CSE.


Highlights of the workshop include an overview of federal cryptography, a FIPS 140-1 Tutorial, and guidance on implementing FIPS 140-1. Detailed information on how to use the standard, its impact on Federal Agencies and industry, and how agencies can impact the program will also be provided. In addition, vendors will be provide with information on how to obtain validation for their modules. Panel discussions are planned with Federal Agencies currently implementing FIPS 140-1, vendors with available validated modules, the Cryptographic Module Testing Laboratories that perform validation testing, the banking community, and an overview of prudent practices. The workshop will conclude by looking to the future with discussions of possible enhancements to the standard and other related issues.

Event Details

Starts: May 11, 1998 - 09:00 AM EDT
Ends: May 12, 1998 - 04:00 PM EDT

Format: In-person Type: Conference

Attendance Type: Open to public
Audience Type: Industry,Government

NIST: Communications Security Establishment of the Government of Canada


Gaithersburg Hilton
Gaithersburg, MD

Related Topics

Security and Privacy: cryptography, testing & validation

Technologies: hardware, software & firmware

Created January 11, 2018, Updated January 25, 2021