U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Security Requirements for Cryptographic Modules [includes Change Notices as of 12/3/2002]

Published

Author(s)

National Institute of Standards and Technology (NIST), Annabelle Lee, Miles E. Smid, Stanley R. Snouffer

Abstract

This Federal Information Processing Standard (140-2) specifies the security requirements that will be satisfied by a cryptographic module, providing four increasing, qualitative levels intended to cover a wide range of potential applications and environments. The areas covered, related to the secure design and implementation of a cryptographic module, include specification; ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/electromagnetic compatibility (EMI/EMC); self-tests; design assurance; and mitigation of other attacks. [Supersedes FIPS 140-1 (January 11, 1994): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917970]
Citation
Federal Inf. Process. Stds. (NIST FIPS) - 140-2
Report Number
140-2
NIST Pub Series
Federal Inf. Process. Stds. (NIST FIPS)
Pub Type
NIST Pubs
Supercedes Publication
Security Requirements for Cryptographic Modules
Superceded By Publication
Security Requirements for Cryptographic Modules

Download Paper

https://doi.org/10.6028/NIST.FIPS.140-2
Local Download

Keywords

computer security, cryptographic module, FIPS 140-2, validation
Federal information processing standards (FIPS) and Cybersecurity and privacy

Citation

(NIST), N. , Lee, A. , Smid, M. and Snouffer, S. (2001), Security Requirements for Cryptographic Modules [includes Change Notices as of 12/3/2002], Federal Inf. Process. Stds. (NIST FIPS), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.FIPS.140-2, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=902003 (Accessed November 29, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created May 25, 2001, Updated September 29, 2025
Was this page helpful?