FIPS 140 for Smart Card Products
FIPS 140-2/140-3 certification for smart cards and secure elements: security levels, testing labs, and US government requirements.
FIPS 140 for Smart Card Products
Federal Information Processing Standard 140 (FIPS 140FIPS 140ComplianceUS government cryptographic module security standard.Click to view →) defines U.S. government requirements for cryptographic modules — the combination of hardware, software, and firmware that implements approved security functions. Smart card chips, Hardware Security Modules (HSMs), and Trusted Execution Environments that must operate in U.S. federal environments are validated through the Cryptographic Module Validation Program (CMVP), jointly operated by NIST and the Canadian Centre for Cyber Security (CCCS).
Use the EAL Comparator to map FIPS 140 security levels alongside Common CriteriaCommon CriteriaSecurityInternational IT security evaluation standard.Click to view → EALEALSecuritySecurity evaluation depth rating (1-7).Click to view → levels for multi-framework procurement decisions.
FIPS 140-2 vs FIPS 140-3
FIPS 140-3 (published 2019) supersedes FIPS 140-2 (published 2001), aligning U.S. requirements with the ISO/IEC 19790:2012 international standard:
| Feature | FIPS 140-2 | FIPS 140-3 |
|---|---|---|
| Basis | NIST-proprietary | ISO/IEC 19790:2012 + ISO/IEC 24759 |
| Security levels | 1–4 | 1–4 (same numbering) |
| Algorithm approvals | FIPS-approved only | CMVP-approved + NIST SP 800-140 series |
| Non-invasive attacks | Not addressed | Required at Level 3+ |
| Testing standard | CMVP DTR | ISO/IEC 24759 |
| Sunset for new submissions | 2020-09-22 | Active |
Modules validated under FIPS 140-2 remain acceptable in existing deployments until their certificate expires or is revoked; new procurements increasingly mandate FIPS 140-3.
Security Levels Explained
| Level | Physical Security | Use Case |
|---|---|---|
| 1 | Production-grade components, no physical protection required | Software cryptographic libraries |
| 2 | Tamper-evident coatings, role-based authentication | Network appliances, USB tokens |
| 3 | Tamper-detection, zeroisation on intrusion, identity-based auth | Smart card readers, HSMs |
| 4 | Complete physical envelope, environmental failure protection | High-security HSMs, military modules |
Smart card chips targeting Level 3 or Level 4 must demonstrate that any physical probing attempt triggers immediate zeroisation of critical security parameters (CSPs) such as private keys and symmetric keys.
Cryptographic Module Validation Program (CMVP)
The CMVP process involves three parties:
- Vendor — submits the module and its Security Policy document.
- Cryptographic and Security Testing (CST) laboratory — NVLAP-accredited lab that independently tests the module against the relevant DTR (Derived Test Requirements).
- CMVP (NIST/CCCS) — reviews the lab's report and issues a certificate, assigning a CMVP certificate number and listing the module in the NIST CMVP database.
Typical timelines for smart card products:
| Phase | Duration |
|---|---|
| Vendor documentation (Security Policy, design evidence) | 2–4 months |
| CST laboratory testing | 3–6 months |
| CMVP review queue | 6–18 months (varies by workload) |
| Total (new module) | 12–24 months |
Validated modules are listed at csrc.nist.gov/projects/cryptographic-module-validation-program.
Algorithm Requirements
FIPS 140-3 requires use of NIST-approved algorithms for all cryptographic functions. For smart card products, key approved algorithms include:
| Function | Approved Algorithms |
|---|---|
| Symmetric encryption | AESAESCryptographyNIST symmetric block cipher for smart card encryption.Click to view → (128, 192, 256-bit) |
| Asymmetric encryption/signatures | RSARSACryptographyPublic-key algorithm for smart card signatures and key exchange.Click to view → (2048+), ECDSA (P-256, P-384, P-521) |
| Key agreement | ECDH, DH (2048+) |
| Hashing | SHASHACryptographyNIST hash functions for smart card integrity and signatures.Click to view →-256, SHA-384, SHA-512 |
| Key derivation | SP 800-108 (KBKDF, PBKDF) |
| RNG | SP 800-90A CTR_DRBG |
Deprecated algorithms (3DES3DESCryptographyLegacy triple-DES symmetric cipher in payment smart cards.Click to view →, SHA-1 for digital signatures, RSA-1024) cannot be used as the sole mechanism for protection. Transition periods are published in NIST SP 800-131A.
FIPS 140 and Smart Card Deployments
U.S. federal identity programmes — PIV (FIPS 201FIPS 201ComplianceUS federal standard defining PIVPIVIdentityUS federal identity card standard.Click to view → smart card specifications.Click to view →), CAC, and logical access tokens — mandate FIPS 140 Level 2 or higher for the cryptographic module embedded in the card chip. PIV specifically requires the private key operations (signing, decryption) to occur within a FIPS 140-2 Level 2 validated boundary with Level 3 physical security for key extraction.
For JavaCardJavaCardSoftwareJava applet platform for smart cards.Click to view → implementations, the JavaCard virtual machine and underlying cryptographic API are evaluated as the module boundary; individual applets that call the JCAPI are considered software layers outside the module boundary unless they too are included in the validation scope.
See the PIV Card Architecture Guide and the Common Criteria Evaluation Process for related certification frameworks.
Pertanyaan yang Sering Diajukan
Our guides cover a range of experience levels. Getting Started guides introduce smart card fundamentals. Security guides address Common Criteria certification and key management. Programming guides target developers working with APDU commands, JavaCard applets, and GlobalPlatform card management.