What Is FIPS
What Are FIPS?
FIPS stands for "Federal Information Processing Standards." FIPS is a set of rules and guidelines developed by the U.S. government to ensure the security of computer systems and data. The National Institute of Standards and Technology (NIST) is responsible for creating these standards, which are then approved by the Secretary of Commerce.
FIPS provides guidelines on various aspects of information security, including data encryption, key generation, and system interoperability. The standards are established only when existing industry standards are insufficient to meet government security needs.
Who Uses FIPS?
FIPS are primarily used by U.S. government agencies, contractors, and vendors who manage sensitive but unclassified information. This includes sectors like unemployment insurance, student loans, and healthcare programs. While FIPS is mandatory for federal use, private companies also adopt FIPS voluntarily due to its strong reputation for ensuring data security.
Why Are FIPS Necessary?
FIPS are crucial for maintaining the security of computer systems and data across government agencies. By setting stringent standards for encryption and other security measures, FIPS ensures that information is protected using reliable and proven methods. These standards are rigorously tested and approved by the federal government, providing a trusted benchmark for secure computing practices.
What Are the Different FIPS Series?
FIPS encompasses a range of standards, each addressing specific aspects of information security. Here’s a brief overview of the FIPS series:
FIPS 46-3 (Withdrawn): Standard for Data Encryption Standard (DES) algorithm, which was widely used for encrypting data. It was withdrawn due to the development of more secure algorithms.
FIPS 81 (Withdrawn): Related to DES Modes of Operation, specifying how to apply the DES algorithm in different ways. Also withdrawn in favor of more secure encryption standards.
FIPS 140-2/3: These are standards for cryptographic modules, outlining the security requirements for cryptographic algorithms and their implementation. FIPS 140-2 is being replaced by FIPS 140-3.
FIPS 180-4: Specifies the Secure Hash Algorithm (SHA) family of functions, which are used to create a fixed-size hash from any input data, ensuring data integrity.
FIPS 186-4: Covers Digital Signature Algorithms (DSA, ECDSA, RSA) used to authenticate the identity of digital documents and communications.
FIPS 197: Defines the Advanced Encryption Standard (AES), a widely used encryption algorithm essential for securing electronic data.
FIPS 198-1: Specifies the Keyed-Hash Message Authentication Code (HMAC), used for verifying data integrity and authenticity.
FIPS 201-2: Establishes standards for Personal Identity Verification (PIV) of federal employees and contractors, ensuring secure identity management.
FIPS 200: Provides minimum security requirements for federal information systems, ensuring a baseline for security measures across all federal systems.
FIPS 140 Versions
FIPS 140-1 (1994)
- First version
- Established four security levels for cryptographic modules
FIPS 140-2 (2001)
- Replaced FIPS 140-1
- More stringent requirements
- Addressed new attack vectors
FIPS 140-3 (2019)
- Latest version
- Aligns with international standards (ISO/IEC 19790:2012)
- Enhanced security features and testing requirements
- Greater emphasis on software security
- Improved protections against side-channel and non-invasive attacks
Each version built upon its predecessor, increasing security requirements and addressing evolving technological challenges. FIPS 140-3 represents the most up-to-date and comprehensive standard, reflecting modern cryptographic needs and global compliance considerations.
FIPS 140 Security Levels
FIPS 140 (Federal Information Processing Standard 140) is a standard that specifies security requirements for cryptographic modules used to protect sensitive information. These requirements are crucial for ensuring the security of cryptographic hardware and software solutions, especially for government agencies and contractors. FIPS 140 defines four distinct security levels, each providing a different degree of protection based on the sensitivity of the data being protected and the environment in which the cryptographic module is deployed.
Security Level 1: Basic Security
Overview: Security Level 1 is the most basic level of security under FIPS 140. It requires that cryptographic modules use at least one approved algorithm, but there are no specific physical security requirements.
Physical Security: No physical tamper evidence is required. The module could be a software application running on a general-purpose computer or a simple hardware device without special protection against physical tampering.
Use Case: Suitable for low-risk environments where the main concern is using approved cryptographic algorithms rather than protecting against physical attacks. Example: a software encryption tool used in a low-security environment.
Security Level 2: Enhanced Security with Tamper Evidence
Overview: Security Level 2 adds requirements for physical security features and role-based authentication to control access to cryptographic keys and critical security parameters.
Physical Security: The module must include tamper-evident coatings or seals that show visible signs if someone attempts to access the device. Additionally, it must support role-based authentication, meaning that different users can have different levels of access to the cryptographic module's functions.
Use Case: Suitable for environments where there is a moderate risk of physical tampering and where user access needs to be controlled. Example: a hardware security module (HSM) in a server room with controlled access.
Security Level 3: High Security with Tamper-Resistance
Overview: Security Level 3 builds on the previous level by requiring stronger physical security measures, including tamper-resistance. This means that the module must be designed to resist tampering attempts and protect cryptographic keys from being exposed even during a physical attack.
Physical Security: The module must be tamper-resistant, meaning it actively resists physical attacks. For example, if someone tries to physically open the device, the cryptographic keys should be automatically erased to prevent them from being stolen. Additionally, the module must enforce identity-based authentication, where users must be individually authenticated before accessing critical functions.
Use Case: Ideal for high-risk environments where the protection of cryptographic keys from both physical and logical attacks is crucial. Example: an HSM used in a financial institution to secure transactions.
Security Level 4: Maximum Security for Critical Applications
Overview: Security Level 4 provides the highest level of security defined by FIPS 140. It is designed for environments where the risk of physical and environmental attacks is extreme. This level includes all the requirements of Level 3, plus additional measures to protect the module even in harsh or hostile environments.
Physical Security: The module must be able to detect and respond to all types of environmental attacks (e.g., voltage fluctuations, temperature changes) by zeroizing (erasing) all cryptographic keys. It should also be capable of operating in a physically secure environment that actively monitors and responds to potential threats.
Use Case: Suitable for environments where the highest level of security is required, such as military or defense applications where cryptographic modules might be exposed to extreme conditions or highly sophisticated attacks. Example: a cryptographic module used in a classified government facility.
Summary of FIPS 140 Security Levels
- Level 1: Basic security with no physical protection.
- Level 2: Enhanced security with tamper evidence and role-based authentication.
- Level 3: High security with tamper-resistance and identity-based authentication.
- Level 4: Maximum security with advanced tamper detection, response, and protection against environmental attacks.
Difference Between FIPS Compliance and FIPS Certification/Validation
FIPS Compliance and FIPS Certification/Validation are related but distinct concepts in the context of security standards. Understanding the difference between these two terms is essential for organizations dealing with cryptographic products and services, especially when working with U.S. government agencies or handling sensitive information.
FIPS Compliance
FIPS compliance refers to a product, system, or solution adhering to the Federal Information Processing Standards (FIPS). Compliance means that the product uses cryptographic algorithms and modules that are designed to meet the requirements of FIPS standards, such as FIPS 140-2 or FIPS 140-3. However, it does not necessarily mean that the product has been officially tested and certified by an accredited laboratory.
Key Points of FIPS Compliance:
- Self-Declaration: A vendor might declare their product as FIPS compliant if it uses FIPS-approved algorithms and follows the security guidelines outlined in the FIPS standards.
- Unverified: While the product may indeed adhere to the standards, FIPS compliance alone does not guarantee that the product has undergone formal testing and validation by the National Institute of Standards and Technology (NIST) or an accredited lab.
- Useful for Non-Government Applications: Private sector organizations or those not under strict regulatory requirements might choose products that are FIPS compliant, even if they haven't been officially certified.
FIPS Certification/Validation
FIPS certification or FIPS validation is a more rigorous process than compliance. It involves formal testing and evaluation of a cryptographic module by a NIST-accredited laboratory to ensure that it meets all the security requirements specified in a particular FIPS standard, typically FIPS 140-2 or FIPS 140-3. After successful testing, NIST officially certifies or validates the product, making it recognized as FIPS certified.
Key Points of FIPS Certification/Validation:
- Official Testing: FIPS certification requires the cryptographic module to be tested by a NIST-approved laboratory. The testing process rigorously evaluates the module against the standards, ensuring it meets all specified security levels.
- NIST Approval: Once the testing is successfully completed, NIST grants the certification, officially recognizing the module as FIPS validated. This certification is documented and listed on the NIST website.
- Mandatory for Government Use: For U.S. federal agencies and contractors, using FIPS-certified products is mandatory for handling sensitive but unclassified information. This certification provides a guarantee that the product meets federal security standards.
Summary of Differences
Compliance:
- Indicates that a product follows FIPS standards.
- Based on self-declaration by the vendor.
- Does not involve formal testing by an accredited lab.
- Suitable for non-governmental applications where formal certification is not required.
Certification/Validation:
- Involves formal testing by a NIST-accredited lab.
- Results in an official recognition by NIST.
- Required for products used by U.S. federal agencies.
- Provides a higher level of assurance regarding security and compliance.
Why the Difference Matters
- For Vendors: Vendors aiming to sell to the U.S. government or organizations requiring the highest security standards must obtain FIPS certification/validation, as compliance alone is not sufficient.
- For Customers: Organizations, especially those in regulated industries or working with government agencies, need to ensure they are using FIPS-certified products to meet regulatory requirements and ensure data security.
- For Security Assurance: Certification provides a formal and recognized guarantee of security, while compliance, though beneficial, does not offer the same level of assurance.
FIPS Compliance: What Developers Need to Know
What Changes Should Be Made in an Application?
To achieve FIPS compliance, developers need to make specific changes to their applications, depending on the FIPS revision in question (e.g., FIPS 140-2, FIPS 140-3, FIPS 200). The minimum required changes include:
- Removing Non-Approved Cryptography: This typically involves eliminating the use of cryptographic algorithms like
MD5
andSHA-1
. - Replacing Bouncy Castle Jars: Developers should replace standard Bouncy Castle jars like
bcprov
orbcpg
with FIPS-compliant versions such asbc-fips
andbcpg-fips
.
How to Test FIPS Compliance
Testing for FIPS compliance requires an environment where FIPS is enabled, commonly known as FIPS mode. In this environment, the use of non-compliant algorithms is prohibited, and the application may fail to start or throw runtime errors if such algorithms are used. Therefore, thorough testing is essential to ensure compliance.
For an example of a FIPS-enabled environment, developers can explore existing Docker images that have FIPS mode enabled.
Considerations for External Services
While not strictly required, if you plan to obtain FIPS certification, it is advisable to ensure that all external services your application interacts with are also running in FIPS mode. This includes services like Kafka, Cassandra, and others.