This week we are tackling the question: what is the difference between FIPS 140-2 and FIPS 140-3? wolfSSL is currently the leader in embedded FIPS certificates and we always want to keep our users up to the date on the latest standards!
With various specification updates, the newest standard of FIPS 140-3 will include the hardware module, firmware module, software module, hybrid-software module, and hybrid-firmware module and will have no restriction as to the level at which a hybrid module may be validated in the new standard. This is beneficial to vendors with hybrid modules looking to be validated at a higher level than level 1. FIPS 140-2 standard was originally written with all modules as hardware and only later were additional modules added.
While both FIPS 140-2 and FIPS 140-3 include the four logical interface data input, data output, control input, and status output. FIPS 140-3 introduces a fifth interface, called the control output interface for the use of output of commands including signals and control data to indicate the state of operation. Instead of the use of a “trusted path” used in FIPS 140-2, FIPS 140-3 uses a “trusted channel” which is a secure communications link between the cryptographic module and the end point device which is sending data to and receiving data from the module, with the goal of securing unprotected CSPs. In FIPS 140-3, the Level 4 module using a trusted channel must use multi-factor identity-based authentication for all services using the trusted channel.
Instead of requiring module support for crypto officer and user roles with the maintenance role as optional, FIPS 140-3 only requires the crypto officer role. There is a new capability within FIPS 140-3, called the “Self-Initiated Cryptographic Output Capability” where a module can perform cryptographic operations or other approved security functions without any operator intervention.
Check out our other blogpost on what is new with FIPS 140-3 here: https://www.wolfssl.com/whats-new-fips-140-3/
When it comes to wolfSSL, we are ready to offer the first implementation of FIPS 140-3:
- The power-on self-test is changing. It now takes two sets of tests: the Pre-operational Self-Test (POST) and the Conditional Algorithm Self-Test (CAST).
- The old Known Answer Tests used as a part of the old test are not required to run at startup. They are now conditional tests that must be run right before use of an algorithm. If you don’t use an algorithm, you don’t need to test it. The tests will run automatically on calling any API for an algorithm.
- The pre-operational self-test is now purely an integrity test of the executable in memory. The algorithms used for this test must be tested first. In our case, HMAC-SHA-256’s CAST is run automatically, then the POST. The POST will be run automatically as wolfCrypt’s default entry point in the code.
- All the tests may be and should be run periodically during run time. We will provide an API to run tests as desired. In an embedded application, you can run your CAST early before any algorithms are used as some CASTs do take time.