Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

FIPS 140-3 Adopts ISO/IEC Standards



Kim B. Schaffer


This bulletin summarizes the information found in FIPS 140-3: Security Requirements for Cryptographic Modules which is applicable to all federal agencies that use cryptographic-based security systems to provide adequate information security for all agency operations and assets as defined in 15 U.S.C. Section 278g-3. The updated standard specifies requirements for cryptographic modules within cyber systems protecting sensitive information. The most notable change in this version of the standard is the use of ISO/IEC standards, ISO/IEC 19790:2012 and associated testing standard ISO/IEC 24759:2017.
ITL Bulletin -


cryptographic modules, Federal Information Processing Standard (FIPS), ISO/IEC 19790, ISO/IEC 24759, computer security
Created May 20, 2019, Updated March 17, 2020