FIPS 140-3: What you need to know

August 26, 2019

Federal Information Processing Standard (FIPS) is a US government computer security standard used to approve cryptographic modules. REDCOM is FIPS 140-2 validated, which means that our encryption modules have been closely examined by a NIST lab and given a CMVP certificate. But cryptography moves at a rapid pace, and an update to FIPS 140 was certainly overdue.

On March 22, 2019, the Federal Information Processing Standard (FIPS) 140-3 was approved by the US Secretary of Commerce. FIPS 140-3 will be effective as of September 22, 2019 and testing against the new standard will begin a year later, on September 22, 2020. FIPS 140-2 testing will continue for at least a year after FIPS 140-3 testing begins. Certificates have a 5-year sunset period, so FIPS-2 and 140-3 will coexist for a period of time.

REDCOM is aware of what needs to be done to keep up to date with all security protocols. So, what do you need to know in order to begin the FIPS 140-3 validation process? We’ve got it all mapped out for you.