WOLFCRYPT FIPS 140-2
What is FIPS 140-2?
Federal Information Processing Standards (FIPS) 140-2 is a mandatory standard for the protection of sensitive or valuable data within Federal systems.
Why is FIPS 140-2 Important?
Federal agencies purchasing cryptographic-based security systems must confirm an associated FIPS 140-2 certificate exists.
This procurement “check-box” item is a deal breaker. Vendor claims of “designed for FIPS” or “FIPS ready” are not sufficient to pass this hurdle.
No FIPS certificate = No sale
Many private and commercial organizations perceive an advantage in selecting a product with a FIPS 140-2 certificate over a solution that has not undergone the rigorous approval process.
What is the status of the wolfSSL FIPS validation effort?
There are two versions of the wolfCrypt cryptography library that have been FIPS 140-2 validated (Certificate #2425 and #3389). For additional information contact firstname.lastname@example.org. Read our blog post update here, and our update on the most recent certificate here!
I am a Techie. What is so great about the wolfCrypt FIPS module?
wolfCrypt is a cryptographic software API library. Your application may rely on wolfCrypt to provide all of the cryptographic processing. Instead of performing your own FIPS validation, you may claim that you are using an embedded FIPS cryptographic module. This will make your Federal customers happy.
wolfCrypt is compliant with FIPS 140-2 Implementation Guidance 9.10. We implemented a default entry point to run self-tests automatically. The FIPS OpenSSL module does not provide a default entry point.
Can I get a FIPS certificate in my company’s name?
Yes. You have the option of rebranding the wolfCrypt module and NIST will issue a FIPS 140-2 certificate in your company’s name. Your Sales Teams will thank you.
How can wolfSSL help me?
At wolfSSL, our security experts have the FIPS expertise you need. We will form a FIPS strategy that is best for you, optionally including on-site FIPS consulting! Before you search for a FIPS Consultant or begin calling several of the 22 FIPS Laboratories, contact us. We can save you time, money, and effort.