NIST FIPS 140-2 Cryptography

What is NIST FIPS 140-2 Commercial Cryptography?

The National Institute of Standards and Technology (NIST) Federal Information Processing Standard FIPS 140-2 for Cryptography is an internationally recognized security certification standard for commercial cryptography. Applicable to both hardware and software based cryptography, the FIPS 140-2 standard sets out the requirements related to design, implementation, validation, and robustness to ensure cryptography equipment operates as expected.

Setting Requirements for Design, Implementation, Validation, and Robustness 

Cryptography refers to the algorithms and protocols used to secure or “hide” data from unauthorized access through encrypting and decrypting data. Common cryptography techniques include symmetric-key algorithms such as DES/3DES and AES and public-key algorithms such as RSA. Cryptography key management is also a significant factor in the FIPS 140-2 standard. Modern cryptography is used today in almost all forms of commerce, such as the financial markets, internet data security, and the defense industry for data and communications security.

The FIPS 140-2 standard provides four increasingly higher levels of security, numbered Level 1 thru Level 4, covering a wide range of security applications and environments. Level 1 covers basic security, whereas Level 4 provides the highest level of security. Commercial FIPS 140-2 validated products are most commonly validated to Levels 2 or 3. Equipment is evaluated independently, and validation is governed by the Cryptographic Module Validation Program (CMVP), a joint venture between the NIST in the United States and Canada's Communications Security Establishment (CSE).

How We've Grown

Our strategy at Curtiss-Wright Defense Solutions is to drive customer success by leveraging our best-in-class solutions and our world-class engineering team. At times, however, engineered to succeed means adding to our portfolio of innovative technologies through acquisition. We are constantly searching, through our Mergers & Acquisitions team, for organizations that complement our engineering culture and add to our portfolio of solutions to meet customer needs. We support our customer's success by delivering what we have today and an eye toward innovations you may require tomorrow. For information about companies and products that are now organized under Curtiss-Wright Defense Solutions over the years, please use the links below:

Review DAR Encryption Approaches

NSA Type 1 Encryption

Endorsed by the NSA for securing classified and sensitive U.S. Government information when appropriately keyed.

NSA CSfC and Common Criteria

Strategy to deliver secure solutions that leverage commercial technologies and products.