Cryptography is a technique used to protect information from unauthorized access and to ensure the privacy of communications. Cryptographic modules are hardware or software that is used to perform cryptographic tasks. Cryptographic modules typically provide cryptographic services to applications and operating systems.
Cryptographic modules may be used to provide a variety of services, including message authentication, data encryption, and key management. Cryptographic modules may be used to protect information in transit, as well as information at rest. Cryptographic modules may be used to protect information in a variety of formats, including text, images, and video.
Cryptographic modules may be implemented in a variety of ways, including as stand-alone devices, as software libraries, or as hardware modules. Cryptographic modules may be used in a variety of settings, including in enterprise environments, in government applications, and in consumer devices.
Cryptographic modules typically provide a variety of cryptographic algorithms. Common cryptographic algorithms include digital signature algorithms, message digest algorithms, and public-key algorithms. Cryptographic modules may also provide other services, such as random number generation and management of cryptographic keys.
Cryptographic modules are designed to be tamper-resistant. Cryptographic modules typically include security features such as physical security, logical security, and cryptographic key management. Cryptographic modules may also include tamper-detection mechanisms.
Cryptographic modules are typically evaluated according to a variety of standards. Common standards for cryptographic modules include the Federal Information Processing Standards (FIPS), the Common Criteria for Information Technology Security Evaluation (CC), and the ISO/IEC 15408.
Cryptographic modules may be certified by independent certification bodies. Cryptographic modules that are certified by independent certification bodies are typically more expensive than those that are not certified.
Frequently Asked Questions
What is an embedded cryptographic module?
An embedded cryptographic module is a small, dedicated piece of hardware or software that implements cryptography. Embedded cryptographic modules are often integrated into products and applications to help secure the data they contain. end-users should contact the product or application vendor to determine if an embedded cryptographic module is present and what products utilize it.
What is the best reference for cryptographic modules?
The Federal Information Processing Standard FIPS 140, Security Requirements for Cryptographic Modules, is the best reference on cryptographic modules.
How do I find out if a product has a cryptographic module?
Contact the product or application vendor to determine if a product utilizes an embedded validated cryptographic module.
What are the security requirements for a security level 1 cryptographic module?
Security Level 1 cryptographic modules must have at least one approved algorithm or approved security function.
What is a cryptographic module and how does it work?
Cryptographic modules are include in digital devices to protect user data and ensure the security of communications. Cryptographic modules may be used for authentication, message authentication code (MAC) generation or verification, or key establishment.
