This is a potential security issue, you are being redirected to https://csrc.nist.gov
Special Publications (SPs)
Security & Privacy
Laws & Regulations
Activities & Products
Computer Security Division
Applied Cybersecurity Division
Date Published: August 1995
On July 17, 1995, the National Institute of Standard and Technology (NIST), Computer Systems Laboratory (CSL), established the Cryptographic Module Validation (CMV) Program which validates cryptographic modules to Federal Information Processing Standard (FIPS) 140-1, Security Requirements for Cryptographic Modules. Under this program, vendors of cryptographic modules use independent, accredited testing laboratories to have their modules tested. The program was jointly developed by NIST and the Communications Security Establishment of the government of Canada. Products validated as conforming to FIPS 140-1 will be accepted for use by the federal agencies of both countries for the protection of sensitive, unclassified information. The goal of the CMV Program is to provide federal agencies with a security metric to use in procuring equipment containing cryptographic modules. The results of the independent testing, by accredited laboratories, provide this metric. Federal agencies can choose products from the FIPS 140-1 Validated Products List and know that their FIPS 140-1 requirements have been met.
This bulletin discusses when and how FIPS 140-1 should be used and examines the benefits that agencies can derive in using the standard. While the bulletin highlights several critical issues that federal agencies need to consider, agencies should rely on FIPS 140-1 for precise applicability statements, requirements, and policy for use.
August 1995 CSL Bulletin
Security and Privacycryptography;