FIPS (Federal Information Processing Standards) Developed by the Computer Security Division within the National Institute of Standards and Technology (NIST). FIPS standards are designed to protect federal assets, including computer and telecommunications systems. The following FIPS standards apply to smart card technology and pertain to digital signature standards, advanced encryption standards, and security requirements for cryptographic modules.
FIPS 140 (1-3): The security requirements contained in FIPS 140 (1-3) pertain to areas related to the secure design and implementation of a cryptographic module, specifically: cryptographic module specification; cryptographic module ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/ electromagnetic compatibility (EMI/EMC); self-tests; design assurance; and mitigation of other attacks.
• FIPS 201: This specification covers all aspects of multifunction cards used in identity management systems throughout the U.S. government.
