Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

FIPS 140-3 Adopts ISO/IEC Standards



Kim B. Schaffer


This bulletin summarizes the information found in FIPS 140-3: Security Requirements for Cryptographic Modules which is applicable to all federal agencies that use cryptographic-based security systems to provide adequate information security for all agency operations and assets as defined in 15 U.S.C. Section 278g-3. The updated standard specifies requirements for cryptographic modules within cyber systems protecting sensitive information. The most notable change in this version of the standard is the use of ISO/IEC standards, ISO/IEC 19790:2012 and associated testing standard ISO/IEC 24759:2017.
ITL Bulletin -


cryptographic modules, Federal Information Processing Standard (FIPS), ISO/IEC 19790, ISO/IEC 24759, computer security


Schaffer, K. (2019), FIPS 140-3 Adopts ISO/IEC Standards, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed April 12, 2024)
Created May 20, 2019, Updated March 17, 2020