Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Date Published: May 25, 2001 (Change Notice 2, 12/3/2002)
Superseded By:
FIPS 140-3 (03/22/2019)
Supersedes:
FIPS 140-2 (10/10/2001)
Planning Note (3/22/2019):
Testing of cryptographic modules against FIPS 140-2 will end on September 22, 2021. See FIPS 140-3 Development for more details.
Identification and Authentication; System and Communications Protection; System and Information Integrity
Publication:
FIPS 140-2 (DOI)
Local Download
Supplemental Material:
Annex A: Approved Security Functions (pdf)
Annex B: Approved Protection Profiles (pdf)
Annex C: Approved Random Number Generators (pdf)
Annex D: Approved Key Establishment Techniques (pdf)
FIPS 140-2 (EPUB) (txt)
Comments on FIPS 140-1 (Oct. 1998) (pdf)
Document History:
12/03/02: FIPS 140-2 (Final)
Security and Privacy
acquisition; audit & accountability; cryptography; identity & access management; planning; testing & validation
Laws and Regulations
Federal Information Security Modernization Act