Loading…

		

		
		
		
		
		

	
						
		
			

				
				

					
					
FIPS 140-2

				

				
				

					



	
FIPS 140-2 Compliance


    

    
		
What is FIPS 140-2?


		

			FIPS 140-2 is the current version of the Federal Information Processing
			Standardization 140 (FIPS 140) publication that specifies requirements
			for cryptography modules. The National Institute of Standards and Technology
			(NIST) issued the FIPS 140 series to uphold the standards that describe
			the United States Federal Government requirements that IT products should meet. 
		


		

			Read more about FIPS 140 in the 
			official NIST publication.
		

    
	



    

    
		
How do our products help to meet FIPS 140-2 compliance standards?


		

			Both Kryptel and Silver Key fully address the standards outlined in FIPS 140-2
			by strongly encrypting the data itself rather than the storage device. Data remains
			protected even if placed on removable media that is lost or stolen during transit. 
		


		

			When the FIPS 140-2 compliance mode is turned on, all the proprietary crypto modules
			get unplugged, and every password- or encryption-related operation is performed by
			NIST-certified CryptoAPI.
		


		

			

				FIPS Validation
				Certificate #
			


			

				Windows XP/SP3
				989
			


			

				Windows Vista
				893/1002
			


			

				Windows 7
				1330
			


			

				Windows Server 2003
				382
			


			

				Windows Server 2008
				1010
			


			

				Windows Server 2008 R2
				1337
			


			

				Windows Server 2012
				1747
			

		

    
    



    

    
		
Turning on FIPS 140-2 compliance mode

    
		
Kryptel


		

			Press "Start / All Programs / Kryptel / Settings"
			to open the Settings panel. Select the "Compatibility" page, change the
			container formats to "FIPS 140-2 compliant", and press "OK". That
			setting works for both interactive and command-line modes.
		


		

			In order to check the container type, open it in Kryptel Browser, select
			"File / Properties", and open the "Encryption" tab. The "Storage Type"
			field should show "FIPS 140-2 compliant".
		


    
		
Silver Key


		

			Press "Start / All Programs / Silver Key / Settings"
			to open the Settings panel. Select the "Cipher" page, change the
			engine to "FIPS 140-2 compliant", and press "OK". That
			setting works for both interactive and command-line modes.
		


		

			In order to check the parcel type, open it in Parcel Analyzer, and check the
			parcel properties in the right pane. The "Cipher"
			field should show "FIPS 140-2 AES".
		

    
    



    

    
		
Limitations of FIPS 140-2 compliance mode


		
    
			
  • The only key material supported is password.
    • 

			
  • The only available cipher is CryptoAPI-supplied AES.
    • 

			
  • Components like Kryptel Browser or Silver Key Parcel Analyzer don't
			maintain password cache and can't perform password matching. This means
			that password can't be automatically applied and you will have to enter it each time.
    • 

			
  • Kryptel data recovery is not supported.
    •