(Also, some might say I am relying on my Magic 8 Ball for my FIPS 140-3 posts.)
This is the second post in my FIPS 140-3 Survival Kit series. As of this post, no formal announcement has been made on the replacement standard to FIPS 140-2. Be sure to read the first post for proper context.
For Technology Vendors in the planning phase for future products, here are 8 important requirements that are likely to change from the current FIPS 140-2 requirements:
- EMI/EMC testing - there are no EMI/EMC requirements in ISO 19790. Everyone is thrilled that this requirement got cut -- especially those vendors with short-shelf-life products.
- EFP or EFT for Level 3 - This FIPS 140-2 Level 4 requirement has been pushed down to Level 3 in ISO 19790. (Note: Only EFP is allowed at Level 4 in ISO 19790)
- Cryptographic integrity tests - For Level 2 and above, either an Approved keyed MAC based integrity check (Level 2) or an Approved digital signature based integrity test (Levels 2-4) is required. FIPS 140-2 allowed a non-cryptographic error detection code as a start-up integrity check for HW/FW modules.
- Conditional tests for algorithms - known-answer tests (KATs) are not required for all of the Approved algorithms on power-up. A conditional test of an Approved algorithm is required prior to use of that algorithm. This will allow for faster module start-up times!
- Degraded operation - ISO 19790 allows for a module to transition to a degraded operation if the mechanism or function causing the failure is isolated.
- One role minimum - Only the Crypto Officer Role is required. Other roles may be defined as needed (User Role, Maintenance Role, ...).
- Multi-factor authentication - If you are designing a Level 4 module, then you will need to employ multi-factor identity based authentication for access control.
- Zeroisation gets stricter - At Levels 2 and 3, you can no longer overwrite an SSP (Sensitive Security Parameter) with another SSP. Temporary SSPs must be zeroised when no longer needed. At Level 4, even cryptographically protected SSPs must be zeroised. (Note: In ISO 19790, things get "zeroised" not "zeroized")
My next FIPS 140-3 Survival Kit post will take a look into SSPs.