Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

FIPS 140-3(Retired Draft)

Security Requirements for Cryptographic Modules (Revised Draft)

Date Published: December 11, 2009
Comments Due: March 11, 2010 (public comment period is CLOSED)
Email Questions to:

Planning Note (8/30/2012):

A Federal Register Notice was posted, requesting additional comments on specific sections and subsections of the 2009 draft.


National Institute of Standards and Technology



computer security; telecommunication security; physical security; software security; cryptography; cryptographic modules; Federal Information Processing Standard (FIPS).
Control Families

Identification and Authentication; System and Communications Protection; System and Information Integrity;


Draft FIPS 140-3 (revised draft)

Supplemental Material:
Comments received and resolutions (pdf)
2012 Request for Additional Comments (other)

Document History:
07/13/07: FIPS 140-3 (Draft)
12/11/09: FIPS 140-3 (Draft)
03/22/19: FIPS 140-3 (Final)


Security and Privacy
cryptography; testing & validation

Laws and Regulations
Federal Information Security Modernization Act