This bulletin summarizes the information found in FIPS 140-3: Security Requirements for Cryptographic Modules which is applicable to all federal agencies that use cryptographic-based security systems to provide adequate information security for all agency operations and assets as defined in 15 U.S.C. Section 278g-3. The updated standard specifies requirements for cryptographic modules within cyber systems protecting sensitive information. The most notable change in this version of the standard is the use of ISO/IEC standards, ISO/IEC 19790:2012 and associated testing standard ISO/IEC 24759:2017.
FIPS 140-3 Adopts ISO/IEC Standards, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=928007
(Accessed June 5, 2023)