Warning: Parameter 1 to Language::getMagic() expected to be a reference, value given in /home/govitwik/public_html/w/includes/StubObject.php on line 58
FIPS - GovITwiki


From GovITwiki

Jump to: navigation, search
Federal Information Processing Standard. A set of specifications produced by the National Institute of Standards and Technology for the U.S. federal government. FIPS specifications address communications, encryption, interoperability, hardware and other technical areas.

Information Technology Security for the U.S. Federal government falls into the following broad categories

Visit our full Glossary

Federal Information Processing Standards (FIPS) for security

There are several different types of Federal Information Processing Standards Listed below are several FIPS documents having to do with Computer Security. The National Institute of Standards reports: With the passage of the Federal Information Security Management Act (FISMA) of 2002, there is no longer a statutory provision to allow for agencies to waive mandatory Federal Information Processing Standards (FIPS). The waiver provision had been included in the Computer Security Act of 1987; however, FISMA supersedes that Act. Therefore, the references to the "waiver process" contained in many of the FIPS listed below are no longer operative.

Note, however, that not all FIPS are mandatory; consult the applicability section of each FIPS for details. FIPS do not apply to national security systems (as defined in FISMA).

FIPS 113 May 1985, Computer Data Authentication No electronic version available.

FIPS 140-1 Jan. 1994, Security Requirements for Cryptographic Modules pdf file (283 KB)

FIPS 140-2 May 2001, Security requirements for Cryptographic Modules pdf file (1.39 MB) Zipped pdf file (810 KB)

Annex A: Approved Security Functions [PDF] Annex B: Approved Protection Profiles [PDF] Annex C: Approved Random Number Generators [PDF] Annex D: Approved Key Establishment Techniques [PDF]

FIPS 180-2 August 2002, Secure Hash Standard (SHS) February 2004 -- A change notice for FIPS 180-2 has been attached that specifies SHA-224 and discusses truncation of the hash function output in order to provide interoperability.

1 file format: pdf file (237 KB)

FIPS 181 October 1993, Automated Password Generator Text file (20.5 KB)

FIPS 185 February 1994, Escrowed Encryption Standard Text file (18.7 KB) FIPS 186-2 January 2000, Digital Signature Standard (DSS)

October 2001 -- A change notice for FIPS 186-2, Digital Signature Standard (DSS) (.pdf file), has been made available that addresses key sizes and random number generation. This change notice replaces the item that was posted on August 3, 2001, Recommendations Regarding Federal Information Processing Standard (FIPS) 186-2, Digital Signature Standard (DSS). Comments and questions for this recommendation are requested and may be addressed to FIPS186@nist.gov.

1 file format: pdf file (312 KB)

FIPS 188 September 1994, Standard Security Labels for Information Transfer 4 file formats: Html webpage (63 KB) pdf file (86.4 KB) Postscript file (325 KB) Text file (53.1 KB)

FIPS 190 September 1994, Guideline for the Use of Advanced Authentication Technology Alternatives Text file (161 KB)

FIPS 191 November 1994, Guideline for The Analysis of Local Area Network Security pdf file (143 KB)

FIPS 196 February 1997, Entity Authentication Using Public Key Cryptography 2 file formats: Postscript file (369 KB) pdf file (159 KB)

FIPS 197 November 2001, Advanced Encryption Standard

Federal Agencies should also see OMB guidance.

2 file formats: pdf file (272 KB) Postscript file (1.96 MB)

FIPS 198 March 2002, The Keyed-Hash Message Authentication Code (HMAC)

pdf file (173 KB) This document file was updated on April 8, 2002.

FIPS 199 February 2004, Standards for Security Categorization of Federal Information and Information Systems

(Note: Original cover date of December 2003 changed to reflect the actual approval date by the Secretary of Commerce.)

pdf file (60 KB) FIPS 200 March 2006, Minimum Security Requirements for Federal Information and Information Systems pdf file (215 KB)

FIPS 201-1 March 2006, Personal Identity Verification (PIV) of Federal Employees and Contractors

Document Updated June 26, 2006:

pdf file (1.04 MB)

Personal tools