Freescale Logo
   

Federal Information Processing Standard (FIPS)

The National Institute of Standards (NIST) defines cryptographic testing requirements “applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems).” These requirements collectively form the Federal Information Processing Standard (FIPS 140-2) used in designing and implementing cryptographic modules that Federal departments and agencies are allowed to purchase.

Given the U.S. Government’s purchasing power, and the influence its product selections have on state and local governments, the commercial importance of FIPS certification is obvious.

FIPS 140-2 is an umbrella regulation, defining several levels of system-level certification. For systems vendors, the most important certifications are defined by the Cryptographic Module Validation Program (CMVP). Modules (or whole systems when those systems are smaller) are certified as a combination of specific hardware and software that defines a cryptographic boundary. The degree to which the module protects secrets within its cryptographic boundary against hardware and software attacks determines whether the certification is achieved at level 1, 2, 3 or 4.

Freescale communications processors and StarCore® DSPs are not cryptographic modules in the NIST definition, as they cannot function until they are combined with other components and software. As a result, the measure of ‘cryptographic correctness’ is performed at the algorithm level through NIST’s Cryptographic Algorithm Validation Program (CAVP). Testing is conducted at NIST authorized 3rd party labs, and certificates are posted on the NIST website.

The following CAVP certificates have been issued for Freescale products:

DES Modes of Operation Validated Implementations

#181 MPC190

Triple DES Modes of Operation Validated Implementations

#758 SEC 3.0

#757 SEC 2.1

#415 SEC 2.0
#389 SEC 1.0
#129 MPC190

AES Modes of Operation Validated Implementations

#963 SEC 3.0

#962 SEC 2.1

#358 SEC 2.0
#324 SEC 1.0

SHS Validated Implementations 

#934 SEC 3.0

#933 SEC 2.1

RSA Validated Implementations 

#466 SEC 3.0

#465 SEC 2.1

HMAC Validated Implementations 

#538 SEC 3.0

#537 SEC 2.1

RNG Validated Implementations 

#544 SEC 3.1