Dictionary · FIPS PUB 140-2

Security-related information (e.g., secret and private cryptographic keys, and authentication data such as passwords and Personal Identification Numbers [PINs]) whose disclosure or modification can compromise the security of a cryptographic module.

FIPS-approved and/or NIST-recommended.

A mode of the cryptographic module that employs only Approved security functions (not to be confused with a specific mode of an Approved security function, e.g., Data Encryption Standard Cipher-Block Chaining (DES CBC) mode).

A security function (e.g., cryptographic algorithm, cryptographic key management technique, or authentication technique) that is either a) specified in an Approved Standard; b) adopted in an Approved Standard and specified either in an appendix of the Approved Standard or in a document referenced by the Approved Standard; or c) specified in the list of Approved security functions.

A cryptographic checksum based on an Approved security function (also known as a Message Authentication Code [MAC]).

The transport of cryptographic keys, usually in encrypted form, using electronic means such as a computer network (e.g., key transport/agreement protocols).

An explicitly defined continuous perimeter that establishes the physical bounds of a cryptographic module and contains all the hardware, software, and/or firmware components of a cryptographic module.

The unauthorized disclosure, modification, substitution, or use of sensitive data (including plaintext cryptographic keys and other CSPs).

The property that sensitive information is not disclosed to unauthorized individuals, entities, or processes.

An unencrypted cryptographic key.

Information that is entered into a cryptographic module for the purposes of directing the operation of the module.

An operator or process (subject), acting on behalf of the operator, performing cryptographic initialization or management functions.

A precise specification of the security rules under which a cryptographic module will operate, including the rules derived from the requirements of this standard (FIPS 140-2) and additional rules imposed by the vendor.

The set of hardware, software, and/or firmware that implements Approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.

A parameter used in conjunction with a cryptographic algorithm that determines - the transformation of plaintext data into ciphertext data, - the transformation of ciphertext data into plaintext data, - a digital signature computed from data, - the verification of a digital signature computed from data, - an authentication code computed from data, or - an exchange agreement of a shared secret.

Validates cryptographic modules to Federal Information Processing Standard (FIPS) 140-2 and other cryptography-based standards. The CMVP is a joint effort between National Institute of Standards and Technology (NIST) and the Communications Security Establishment (CSE) of the government of Canada. Products validated as conforming to FIPS 140-2 are accepted by the federal agencies of both countries for the protection of sensitive information (United States) or Designated Information (Canada). The goal of the CMVP is to promote the use of validated cryptographic modules and provide federal agencies with a security metric to use in procuring equipment containing validated cryptographic modules.

An analysis of the variations of the electrical power consumption of a cryptographic module, using advanced statistical methods and/or other techniques, for the purpose of extracting information correlated to cryptographic keys used in a cryptographic algorithm.

The result of a cryptographic transformation of data which, when properly implemented, provides the services of: 1. origin authentication, 2. data integrity, and 3. signer non-repudiation.

The entry of cryptographic keys into a cryptographic module using electronic methods such as a smart card or a key-loading device. (The operator of the key may have no knowledge of the value of the key being entered.)

A cryptographic key that has been encrypted using an Approved security function with a key encrypting key, a PIN, or a password in order to disguise the value of the underlying plaintext key.

A code computed from data and comprised of redundant bits of information designed to detect, but not correct, unintentional changes in the data.

A vector used in defining the starting point of an encryption process within a cryptographic algorithm.

The programs and data components of a cryptographic module that are stored in hardware within the cryptographic boundary and cannot be dynamically written or modified during execution.

A message authentication code that utilizes a keyed hash.

The property that sensitive data has not been modified or deleted in an unauthorized and undetected manner.

The activities involving the handling of cryptographic keys and other related security parameters (e.g., IVs and passwords) during the entire life cycle of the keys, including their generation, storage, establishment, entry and output, and zeroization.

The secure transport of cryptographic keys from one cryptographic module to another module.

The process by which cryptographic keys are securely established among cryptographic modules using manual transport methods (e.g., key loaders), automated methods (e.g., key transport and/or key agreement protocols), or a combination of automated and manual methods (consists of key transport plus key agreement).

A self-contained unit that is capable of storing at least one plaintext or encrypted cryptographic key or key component that can be transferred, upon request, into a cryptographic module.

A nonelectronic means of transporting cryptographic keys.

A string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorization.

An alphanumeric code or password used to authenticate an identity.

A physical entry or exit point of a cryptographic module that provides access to the module for physical signals, represented by logical information flows (physically separated ports do not share the same physical pin or wire).

A cryptographic key, used with a public key cryptographic algorithm, that is uniquely associated with an entity and is not made public.

A cryptographic algorithm that uses two related keys, a public key and a private key. The two keys have the property that deriving the private key from the public key is computationally infeasible.

A set of data that uniquely identifies an entity, contains the entity’s public key, and is digitally signed by a trusted party, thereby binding the public key to the entity.

A cryptographic key used with a public key cryptographic algorithm that is uniquely associated with an entity and that may be made public.

Random Number Generators (RNGs) used for cryptographic applications typically produce a sequence of zero and one bits that may be combined into sub-sequences or blocks of random numbers. There are two basic classes: deterministic and nondeterministic. A deterministic RNG consists of an algorithm that produces a sequence of bits from an initial value called a seed. A nondeterministic RNG produces output that is dependent on some unpredictable physical source that is outside human control.

A cryptographic algorithm that uses a single secret key for both encryption and decryption.

A cryptographic key, used with a secret key cryptographic algorithm, that is uniquely associated with one or more entities and should not be made public.

A process by which a cryptographic key is split into multiple key components, individually sharing no knowledge of the original key, that can be subsequently input into, or output from, a cryptographic module by separate entities and combined to recreate the original cryptographic key.

The special software within the cryptographic boundary (e.g., operating system, compilers or utility programs) designed for a specific computer system or family of computer systems to facilitate the operation and maintenance of the computer system, associated programs, and data.

A name referring to the investigation, study, and control of unintentional compromising emanations from telecommunications and automated information systems equipment.

A means by which an operator and a target of evaluation security function can communicate with the necessary confidence to support the target of evaluation security policy.

An individual or a process (subject) acting on behalf of the individual that accesses a cryptographic module in order to obtain cryptographic services.

A method of erasing electronically stored data, cryptographic keys, and CSPs by altering or deleting the contents of the data storage to prevent recovery of the data.