Join Keyfactor at RSA Conference™ 2024    |    May 6 – 9th    | Learn More

A Guide to FIPS 140-3


After 22 years, the National Institute of Standards and Technology (NIST) has released an update to the Federal Information Processing Standard (FIPS). The update brings the standard series up to speed with the evolution of cryptographic modules that has occurred since the last update in 2001.

FIPS 140-3 matters to any entities handling information that is sensitive to the United States or Canadian governments and their departments.

What is FIPS 140-3?

The FIPS series of standards is a product of the Cryptographic Module Validation Program (CMVP), a coordinated effort between NIST and the Canadian Centre for Cyber Security. 

The FIPS series of standards is mandated by the U.S. and Canadian governments to ensure the protection of Sensitive But Unclassified (SBU) information by their partners, vendors, and technologies. The FIPS 140 series mandates a universal validation scheme for all cryptographic modules involved in technology programs used by the government and highly regulated industries. 

Technically, FIPS compliance is mandatory for government agencies, their contractors and third-party partners, and cybersecurity organizations selling to high-governance industries. However, the standard has been broadly adopted across the globe as a reasonable security framework and best practice.

The new standard’s predecessor, FIPS 140-2, is on its way out. The CMVP stopped accepting FIPS 140-2 submissions for new validation certificates in 2022 and will move active FIPS 140-2 modules to the historical list in 2026.

As FIPS 140-3 becomes the norm, organizations must become compliant to continue service and avoid heavy penalties imposed by NIST. 

FIPS 140-2 vs FIPS 140-3: What’s the difference?

FIPS 140-2 and 140-3 differ in a few significant ways. Mainly, FIPS 140-3 specifies security requirements at every stage of cryptographic module creation — design, implementation, and deployment phases — not just post-completion. 

There are a few other updates to be mindful of:

  • While FIPS 140-2 assumed that all modules were hardware modules, FIPS 140-3 will address hardware, firmware, software, hybrid software, and hybrid firmware modules.
  • FIPS140-2 IG 1.9 restricted hybrid modules to a FIPS 140-2 Level 1 validation, but in FIPS 140-3, there is no restriction to the level at which a hybrid module may be validated. 
  • FIPS 140-2 required modules to support a crypto officer role and a user role, with an optional maintenance role. In FIPS 140-3, the crypto officer role is the only required role.
  • For levels 1-3, FIPS 140-2 and 140-3 are fairly similar. However, FIPS 140-3 requires multi-factor authentication at Level 4. 

Levels of FIPS 140-3

FIPS 140-3 considers four levels of security.

To ensure the technology meets the necessary standard of security, the FIPS 140-3 certification assesses four levels of security. Each level establishes its own criteria for cryptographic algorithms.

Level 1
This is the lowest level of security and requires the most basic encryption and key management capabilities. It is the level that software-only modules are certified at. 

Level 2
Level 2 starts to address physical security measures meant to guard against unauthorized access to the module (role based access) and detect physical tampering. 

Level 3
This level requires a more intense grade of physical security, at this level the hardware is expected to prevent tampering and access must be identity based.

Level 4
The highest level of physical and logistical security controls, Level 4 is designed to prevent the most sophisticated attacks and for the module to actively destroy any private keys and other security parameters if it detects some attacks.

Future updates to the FIPS 140 series

FIPS 140-3 addresses hardware, firmware, software, hybrid software, and hybrid firmware modules. Improving on FIPS 140-2 provides a clear path to implementing and certifying hybrid modules that can make use of technologies like Java Native Interface (JNI) for supporting hardware acceleration while also allowing the module to still be functional using pure Java if the hardware acceleration is not available.

Post-quantum cryptography (PQC) has become a trending topic, with the initial round of PQC standards expected to be published in early 2024. While FIPS 140-3 itself is not about PQC, anyone wishing to certify any of the PQC algorithms, including SP 800-208, will need to be doing FIPS 140-3. Apart from the official cessation of testing new 140-2 modules, the only implementation guidance on anything PQC appears for 140-3. If a module wishes to support any of the PQC standards in FIPS-approved mode, it has to be FIPS 140-3 certified. It is very important for providers of cryptography modules that wish to go on to certify with the new PQC algorithms and become quantum-ready to develop a strategy for migration to FIPS 140-3 now.

Learn more

Need help implementing cryptography? Experts are at the ready with Crypto Workshop by Keyfactor. Bouncy Castle APIs are open-source and owned by Australian-based software charity, Legion of the Bouncy Castle. Crypto Workshop is the commercial wing of the Bouncy Castle project — committed to ongoing development, FIPS certification, and support services.

Connect with us to learn more about:

Cryptography expertise
Get implementation guidance and technical support right from the developers of Bouncy Castle, backed by SLAs.

FIPS certification
Access the full test suite and FIPS-certify under the supported customer’s product and company name.

Post-quantum readiness
Begin working with post-quantum algorithms in your test environment with support from our experts.