The list of all FIPS 140-1 and 140-2 validated modules can be
found here
http://csrc.nist.gov/cryptval/140-1/1401val.htm
(this includes software and hardware modules).

For "Mitigation of Other Attacks", the FIPS 140 evaluation doesn't
look at these.  Some vendors might consider these attacks and implement
some kind of protection, but these will not be evaluated.

Documentation for a specific module might discuss countermeasures
to these attacks if they have been implemented.

--Anton

----- Original Message -----
From: "Damien O'Rourke" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 21, 2003 11:14 AM
Subject: Cryptoprocessors compliant with FIPS 140-2


> Hi,
>
> I was wondering if anyone could list a number of cryptographic processors
> that are compliant with the Federal information processing standard (FIPS)
> 140-2 "Security Requirements for cryptographic modules".  I know that the
> IBM-4758 was compliant with FIPS 140-1 up to level 4 but I don't think
> it has been tested under the newer version of the standard (correct me if
> I'm
> wrong).  Specifically I am wondering about section 4.11 on page 39
entitled
> "Mitigation of Other Attacks" which discusses, power analysis, timing
> attacks,
> TEMPEST and fault induction.
>
> If you could tell me what level they have been certified to and where I
> might
> find some more information on them that would be great.  In fact, any
> relevant
> information would be greatly appreciated.  Thanks for your time.
>
> Best Regards,
> Damien.
>
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to
[EMAIL PROTECTED]
>


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to