(Federal Information Processing Standard, FIPS)
The Federal Information Processing Standards (FIPS) are developed by the National Institute of Standards and Technology (NIST) and implemented by the US government to regulate information technology and computer security. The FIPS 140 series specify requirements for cryptography modules that all government technologies must comply to in order to protect valuable data. Currently, the FIPS 140-2 version is being used while a new 140-3 issue will soon be implemented. The FIPS 140-2 defines the following four levels of security:
The lowest level of security that meets basic requirement for specified cryptographic modules. However, there are no specific physical security mechanisms beyond basic requirements for production-grade components.
Level 2 enhances the physical security measures of a Level 1 cryptographic module by requiring anti-tampering coating or seals so that they must be broken for physical access to the module. In addition, Level 2 requires role-based authentication for operators to perform services.
Level 3 builds upon tamper-evident physical mechanisms and require mechanisms that can detect and respond to attempts at intrusion. These can include strong enclosures or tamper detection/response mechanisms that zeroes all plaintext CSPs when an attack is detected. Unlike Level 2, Level 3 security requires identity-based authentication.
The highest level of security. In addition to security requirements from the previous levels, Level 4 security provides complete physical envelopment of the cryptographic module. Level 4 also detects and responds to all unauthorized attempts at intrusion, resulting in immediate zeroization of all plaintext CSPs. Furthermore, Level 4 security also protects environmental factors like fluctuating voltage or temperatures outside normal operating ranges.
For more information of FIPS security levels, please refer to the document
Security Levels 1 and 2 are suited for regular IC chips and the basic infrastructure required of edge devices while Levels 3 and 4 are recommended for preventative server and system protection.
PUFsecurity’s basic hardware security functions include NeoPUF-based key protection, encryption, secure storage, as well as hardware and software authentication IPs. With the scope of choices and features we offer, we can cover all security needs from those demanded in Level 1 to those in Level 4, providing our clients with the chips and components that not only fulfill industry standards but also offer comprehensive safeguards.