NIST Federal Information Processing Standard (FIPS) 140-3 (Second Draft), Security Requirements for Cryptographic Modules; Request for Additional Comments

AGENCY:

National Institute of Standards and Technology (NIST), Commerce.

ACTION:

Notice and Request for Comments.

SUMMARY:

The National Institute of Standards and Technology (NIST) seeks additional comments on specific sections of Federal Information Processing Standard 140-3 (Second Draft), Security Requirements for Cryptographic Modules, to clarify and resolve inconsistencies in the public comments received in response to the Federal Register (74 FR 91333) notice of December 11, 2009. The draft standard is proposed to supersede FIPS 140-2.

DATES:

Comments must be received on or before October 1, 2012.

ADDRESSES:

Written comments may be sent to: Chief, Computer Security Division, Information Technology Laboratory, Attention: Dr. Michaela Iorga, 100 Bureau Drive, Mail Stop 8930, National Institute of Standards and Technology, Gaithersburg, MD 20899-8930. Electronic comments may also be sent to: FIPS140-3@nist.gov, with a Subject: “Additional Comments-FIPS 140-3 (Second Draft).”

The current FIPS 140-2 standard can be found at: http://csrc.nist.gov/publications/PubsFIPS.html.

FOR FURTHER INFORMATION CONTACT:

Dr. Michaela Iorga, Computer Security Division, 100 Bureau Drive, Mail Stop 8930, National Institute of Standards and Technology, Gaithersburg, MD 20899-8930, Telephone (301) 975-8431.

SUPPLEMENTARY INFORMATION:

FIPS 140-1, Security Requirements for Cryptographic Modules, was issued in 1994 and was superseded by FIPS 140-2 in 2001. FIPS 140-2 identifies requirements for four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity (e.g., low value administrative data, million dollar funds transfers, and life protecting data), and a diversity of application environments.

In 2005, NIST announced that it planned to develop FIPS 140-3 and solicited public comments on new and revised requirements for cryptographic systems. On January 12, 2005, a notice was published in the Federal Register (70 FR 2122), soliciting public comments on a proposed revision of FIPS 140-2. The comments received by NIST supported reaffirmation of the standard, but suggested technical modifications to address advances in technology that had occurred after the standard had been approved. Using these comments, NIST prepared a Draft FIPS 140-3 (hereafter referred to as the “2007 Draft”), which was announced in the Federal Register (72 FR 38566) for review and comment on July 13, 2007.

Using the comments received in response to the July 13, 2007, notice and the feedback on requirements for software cryptographic modules obtained during the March 18, 2008, “FIPS 140-3 Software Security Workshop,” NIST developed the “Revised Draft FIPS 140-3” (hereafter referred to as “2009 Draft”), that was announced in the Federal Register (74 FR 65753) on December 11, 2009. The 2009 Draft and its Annexes and can be found at: http://csrc.nist.gov/publications/PubsDrafts.html.

The comments received in response to the December 11, 2009, request for comments suggested either modifying requirements or applying the requirements at a different security level. Some comments asked for clarification of the text of the standard, and some recommended editorial and formatting changes. None of the comments received opposed the approval of a revised standard.

During the process of addressing the public comments received in response to the Request for Comments published in the Federal Register on December 11, 2009 (74 FR 65753), NIST determined that additional feedback is required to resolve gaps and inconsistencies between the comments for particular sections of the “Second Draft FIPS 140-3.” As a result, NIST is requesting additional public comments on several sections, as indicated below in the Request for Comments section of this notice, to support comment resolution. Comments on any sections of the “Second Draft FIPS 140-3” not identified in the Request for Comments section will not be considered.

Request for Comments: Even though NIST has resolved a majority of the issues raised by the public comments on the “2009 Draft,” NIST is requesting additional comments only on the following sections and sub-sections to resolve gaps and inconsistencies between the comments.

4.2.2 Trusted Channel—the comments suggested that NIST should not mandate the implementation of a trusted channel at Security Level 3 and 4 for all modules. NIST is proposing deletion of the requirement, but to allow for adequate, comparable security, is proposing the addition of an optional “Remote Control Capability.” The proposed Remote Control Capability section would specify requirements addressing the module's ability to process logons, send service requests to, and receive service responses from a remote module without compromising security. If the Remote Control Capability is supported, this section would mandate the use of a Trusted Channel at Security Level 3 and 4. NIST would appreciate comments on the proposed approach.

4.3.1 Trusted Role—the comments raised a variety of different concerns, reflecting different interpretations of the purpose of the Trusted Role. To address these concerns NIST is proposing the deletion of the Trusted Role and replacement with a Self-initiated Cryptographic Capability, configured and activated by the Crypto Officer that would be preserved over rebooting or power cycling of the module. The capability would provide the module with the ability to perform cryptographic operations including Approved and Allowed security functions without external operator request. NIST would appreciate comments on the proposed approach.

4.7 Physical Security—Non-Invasive Attacks—the comments received suggest substantial changes that would either weaken or strengthen the impact of these requirements. Comments received included stronger security requirements for Security Level 3 and 4, making the section mandatory for all cryptographic modules, including the Security Level for this section as part of the overall Security Level, while other comments suggested not addressing non-invasive attacks within the standard. NIST would appreciate general and specific comments on the requirements to address non-invasive attacks.

4.8.4 Sensitive Security Parameter (SSP) Entry and Output—the comments received raised a variety of different concerns, reflecting different interpretations of the requirements on SSPs that are entered into or output from a module. SSP entry and output requirements depend on whether the SSP is entered or output manually or electronically, and whether the SSP is distributed manually or electronically. New technologies have called into question this taxonomy of SSP entry and output methods. NIST would appreciate comments on the most appropriate way to categorize these methods, and the appropriate requirements for each method.

Annex B, Section: Operator Authentication Mechanisms—the comments received indicated that the specification for the strength of the operator's authentication method was incomplete, particularly with respect to biometrics. For biometric authentication, NIST proposes the use of a Liveness Detection method associated with the Session False Match Rate for one attempt and the Generalized False Accept Rate for multiple attempts in one minute. NIST would appreciate comments on the proposed approach.

Comments on sections not specifically listed in this notice will not be considered.

Prior to the submission of the FIPS 140-3 to the Secretary of Commerce for review and approval, it is essential that consideration is given to the needs and views of the public, users, the information technology industry, and Federal, State and local government organizations. The purpose of this notice is to solicit such views on specific sections of the “2009 Draft.”

Authority: Federal Information Processing Standards (FIPS) are issued by the National Institute of Standards and Technology after approval by the Secretary of Commerce pursuant to Section 5131 of the Information Technology Management Reform Act of 1996 and the Federal Information Security Management Act of 2002 (Pub. L. 107-347).

E.O. 12866: This notice has been determined not to be significant for the purpose of E.O. 12866.