top of page

What are Federal Information Processing Standards?

Federal Information Processing Standards (FIPS) are standards and guidelines issued by the National Institute of Standards and Technology (NIST) for use within non-military government agencies and contractors and vendors that work with these agencies. The purpose of these standards provides advice on IT systems and computer security within the agencies.

There are a number of specifications under FIPS developed by the US Government. The current list includes:

  • 140-2 - Security Requirements for Cryptographic Modules - relates to secure design and implementation of a cryptographic module

  • 180-4 - Secure Hash Standard (SHS) - specifies hash algorithms that can be used to generate digests of messages. The digests are used to detect whether messages have been changed since the digests were generated.

  • 186-4 - Digital Signature Standard (DSS) - algorithms that can be used to create a digital signature.

  • 197 - Advanced Encryption Standard (AES) - provides approved cryptographic algorithm used to protect electronic data.

  • 198-1 - The Keyed-Hash Message Authentication Code (HMAC) - a keyed-hash message authentication code (HMAC) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. It may be used to simultaneously verify both the data integrity and the authentication of a message, as with any MAC.

  • 199 - Standards for Security Categorization of Federal Information and Information Systems - provides a standard for categorizing federal information and information systems according to an agency's level of concern for confidentiality, integrity, and availability and the potential impact on agency assets and operations should their information and information systems be compromised through unauthorized access, use, disclosure, disruption, modification, or destruction.

  • 200 - Minimum Security Requirements for Federal Information and Information Systems - is part of the risk management framework and specifies minimum security requirements for federal information systems

  • 201-2 - Personal Identity Verification (PIV) of Federal Employees and Contractors - specifies technical requirements for common identification standard for Federal employees and contractors

  • 202 - SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions - KECCAK is the winning algorithm of the SHA-3 Cryptographic Hash Algorithm Competition on October 2, 2012. NIST has consulted with the Keccak design team and the cryptographic community in its effort to specify Keccak as the new SHA-3 Standard.

We have extensive expertise in navigating the ever-changing regulations and challenges that governmental agencies face, regardless of their size and function. With Bedrock Technology as your IT solution, you will always be prepared to provide the best services and operate at the top of your mission.

31 views0 comments

Recent Posts

See All
bottom of page