New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae\" \/>\n<meta property=\"og:description\" content=\"In our recent post we talked about the recent changes to Common Criteria, FIPS, and UC APL, and the importance of putting these changes in context for your business. Today we have another change to tell you about. On July 25, CMVP issued an update to the FIPS 140-2 Implementation Guidance(IG). No matter where your module is in the...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\" \/>\n<meta property=\"og:site_name\" content=\"Corsec Security, Inc.\u00ae\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CorsecInc\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/sitdev.facebook.com\/pages\/Corsec\/158518584300710\" \/>\n<meta property=\"article:published_time\" content=\"2013-08-15T13:31:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-07-21T20:00:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"792\" \/>\n\t<meta property=\"og:image:height\" content=\"612\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jake Nelson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/corsecsecurity\" \/>\n<meta name=\"twitter:site\" content=\"@CorsecSecurity\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jake Nelson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\",\"url\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\",\"name\":\"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae\",\"isPartOf\":{\"@id\":\"https:\/\/www.corsec.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg\",\"datePublished\":\"2013-08-15T13:31:01+00:00\",\"dateModified\":\"2017-07-21T20:00:04+00:00\",\"author\":{\"@id\":\"https:\/\/www.corsec.com\/#\/schema\/person\/2249eea128c62c76370cf0ea198ef599\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage\",\"url\":\"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg\",\"contentUrl\":\"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg\",\"width\":792,\"height\":612,\"caption\":\"FIPS 140-2, FIPS 140-2 validation, FIPS Validation, FIPS 140-2 process, FIPS Inside, FIPS Compliant\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.corsec.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New FIPS 140-2 IG Update Released: What You Need to Know\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.corsec.com\/#website\",\"url\":\"https:\/\/www.corsec.com\/\",\"name\":\"Corsec Security, Inc.\",\"description\":\"Corsec helps companies complete security certifications and validations like FIPS 140-2, Common Criteria, and listing on the DoDIN APL \/ UC APL.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.corsec.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.corsec.com\/#\/schema\/person\/2249eea128c62c76370cf0ea198ef599\",\"name\":\"Jake Nelson\",\"description\":\"Jake Nelson leads Corsec's strategic direction for marketing and communication. He has nearly a decade of experience in corporate branding, content marketing, social media, marketing strategy and federal sales. Prior to Corsec, Jake helped start a sales and marketing consulting firm in the Washington DC area. He has also held various positions as head of sales, including the Director of federal civilian sales for an IT government contractor. Jake received his bachelor of business administration with a focus in Business to Business Marketing from James Madison University.\",\"sameAs\":[\"http:\/\/www.corsec.com\",\"https:\/\/sitdev.facebook.com\/pages\/Corsec\/158518584300710\",\"https:\/\/sitdev.linkedin.com\/pub\/jake-nelson\/b\/1b\/636\",\"https:\/\/x.com\/https:\/\/twitter.com\/corsecsecurity\"],\"url\":\"https:\/\/www.corsec.com\/author\/marketing\/\"}]}<\/script>\n","yoast_head_json":{"title":"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","og_locale":"en_US","og_type":"article","og_title":"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae","og_description":"In our recent post we talked about the recent changes to Common Criteria, FIPS, and UC APL, and the importance of putting these changes in context for your business. Today we have another change to tell you about. On July 25, CMVP issued an update to the FIPS 140-2 Implementation Guidance(IG). No matter where your module is in the...","og_url":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","og_site_name":"Corsec Security, Inc.\u00ae","article_publisher":"https:\/\/www.facebook.com\/CorsecInc\/","article_author":"https:\/\/sitdev.facebook.com\/pages\/Corsec\/158518584300710","article_published_time":"2013-08-15T13:31:01+00:00","article_modified_time":"2017-07-21T20:00:04+00:00","og_image":[{"width":792,"height":612,"url":"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg","type":"image\/jpeg"}],"author":"Jake Nelson","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/corsecsecurity","twitter_site":"@CorsecSecurity","twitter_misc":{"Written by":"Jake Nelson","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","url":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","name":"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae","isPartOf":{"@id":"https:\/\/www.corsec.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage"},"image":{"@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage"},"thumbnailUrl":"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg","datePublished":"2013-08-15T13:31:01+00:00","dateModified":"2017-07-21T20:00:04+00:00","author":{"@id":"https:\/\/www.corsec.com\/#\/schema\/person\/2249eea128c62c76370cf0ea198ef599"},"breadcrumb":{"@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage","url":"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg","contentUrl":"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg","width":792,"height":612,"caption":"FIPS 140-2, FIPS 140-2 validation, FIPS Validation, FIPS 140-2 process, FIPS Inside, FIPS Compliant"},{"@type":"BreadcrumbList","@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.corsec.com\/"},{"@type":"ListItem","position":2,"name":"New FIPS 140-2 IG Update Released: What You Need to Know"}]},{"@type":"WebSite","@id":"https:\/\/www.corsec.com\/#website","url":"https:\/\/www.corsec.com\/","name":"Corsec Security, Inc.","description":"Corsec helps companies complete security certifications and validations like FIPS 140-2, Common Criteria, and listing on the DoDIN APL \/ UC APL.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.corsec.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.corsec.com\/#\/schema\/person\/2249eea128c62c76370cf0ea198ef599","name":"Jake Nelson","description":"Jake Nelson leads Corsec's strategic direction for marketing and communication. He has nearly a decade of experience in corporate branding, content marketing, social media, marketing strategy and federal sales. Prior to Corsec, Jake helped start a sales and marketing consulting firm in the Washington DC area. He has also held various positions as head of sales, including the Director of federal civilian sales for an IT government contractor. Jake received his bachelor of business administration with a focus in Business to Business Marketing from James Madison University.","sameAs":["http:\/\/www.corsec.com","https:\/\/sitdev.facebook.com\/pages\/Corsec\/158518584300710","https:\/\/sitdev.linkedin.com\/pub\/jake-nelson\/b\/1b\/636","https:\/\/x.com\/https:\/\/twitter.com\/corsecsecurity"],"url":"https:\/\/www.corsec.com\/author\/marketing\/"}]}},"_links":{"self":[{"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/posts\/6482","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/comments?post=6482"}],"version-history":[{"count":0,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/posts\/6482\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/media\/6403"}],"wp:attachment":[{"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/media?parent=6482"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/categories?post=6482"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/tags?post=6482"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

Warning: The magic method WPML_Absolute_Url_Persisted::__wakeup() must have public visibility in /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php on line 30

Warning: Cannot modify header information - headers already sent by (output started at /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php:30) in /usr/home/corsec/public_html/corsec.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php:30) in /usr/home/corsec/public_html/corsec.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php:30) in /usr/home/corsec/public_html/corsec.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php:30) in /usr/home/corsec/public_html/corsec.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php:30) in /usr/home/corsec/public_html/corsec.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php:30) in /usr/home/corsec/public_html/corsec.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php:30) in /usr/home/corsec/public_html/corsec.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /usr/home/corsec/public_html/corsec.com/wp-content/plugins/sitepress-multilingual-cms/classes/url-handling/resolver/wpml-absolute-url-persisted.php:30) in /usr/home/corsec/public_html/corsec.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893
{"id":6482,"date":"2013-08-15T14:31:01","date_gmt":"2013-08-15T13:31:01","guid":{"rendered":"http:\/\/corsec.com\/?p=6482"},"modified":"2017-07-21T16:00:04","modified_gmt":"2017-07-21T20:00:04","slug":"new-fips-140-2-ig-update-released-what-you-need-to-know","status":"publish","type":"post","link":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","title":{"rendered":"New FIPS 140-2 IG Update Released: What You Need to Know"},"content":{"rendered":"

In our recent post<\/a> we talked about the recent changes to Common Criteria, FIPS, and DoDIN APL, and the importance of putting these changes in context for your business. Today we have another change to tell you about. On July 25, CMVP issued an update to the FIPS 140-2 Implementation Guidance<\/a>(IG). No matter where your module is in the validation process, there\u2019s information you need to know about, as this update affects you either way.<\/p>\n

We\u2019re going to talk about two important changes to the FIPS 140-2 IG in today\u2019s post.<\/span><\/p>\n

Change #1: IG 9.10 Power-Up Tests for Software Module Libraries<\/i><\/strong><\/p>\n

In FIPS, the \u201coperator\u201d of a software cryptographic library has been traditionally defined as the calling application to which a library links. The library will load for execution when one of its functions is invoked. Many open source-based cryptographic libraries require that the initial invocation be to a function that performs the required power-up self-tests, and this behavior was acceptable\u2026 until now.<\/p>\n

CMVP has issued guidance that states that these cryptographic libraries can no longer rely on the calling application to make a specific function call that invokes the tests at power-up because this behavior fails the requirement that self-test execution at power-up be automatic, without requiring operator intervention. FIPS now requires that libraries include a code segment called a \u201cdefault entry point\u201d that automatically executes when the library is loaded, regardless of what function is initially invoked by the calling application. In addition, this code segment must perform the power-up self-tests.<\/p>\n

What\u2019s important here is that this IG update is effective immediately, and that it applies to modules that were submitted to the lab \u2212 and even to those already in the CMVP queue\u2212 prior to the IG update\u2019s July 25 release. This update impacts every candidate software library validation that has not yet reached Coordination.<\/p>\n

How does this affect you? Your library will probably need modification to include this DEP. How you design this feature is up to you; provided it meets the requirement of automatic execution of power-up self-tests upon library load\/link. The IG does include \u201cexamples\u201d here<\/a> of how a DEP might be defined.<\/p>\n

Change #2: IG D.11 References to the Support of Industry Protocols<\/i><\/strong><\/p>\n

Although FIPS 140-2 doesn\u2019t address protocols, it does address many of the underlying algorithms and schemes that provide support to a given protocol. And, because these algorithms (including encryption\/decryption, hashing, and key derivation) and schemes (including key agreement) are under FIPS purview, they must be validated through the Cryptographic Algorithm Validation Program<\/a>(CAVP) in order for them to be part of a cryptographic module in an Approved mode of operation.<\/p>\n

The FIPS validation now requires algorithm testing on key derivation functions (KDFs) if the module claims to implement any of the following protocols in an Approved mode of operation. You can find more information<\/a> in NIST SP 800-135 rev 1:<\/p>\n

\n
American National Standard (ANS) X9.42-2001-Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography (ANS X9.42-2001) [ANS X9.42] (also in RFC 2631 [RFC 2631])<\/li>\n
American National Standard (ANS) X9.63-2001-Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography (ANS X9.63-2001) [ANS X9.63] (also in RFC 3278 [RFC 3278])<\/li>\n
Internet Key Exchange (IKE) (version 1: RFC 2409 [RFC 2409] and version 2: RFC 4306 [RFC 4306])<\/li>\n
Secure Shell (SSH): RFC 4251 [RFC 4251]<\/li>\n
Transport Layer Security (TLS) version 1.0: RFC 2246 [RFC 2246], version 1.1: RFC 4346 [RFC 4346] and version 1.2: RFC 5246 [RFC 5246]<\/li>\n
The Secure Real-time Transport Protocol (SRTP): RFC 3711 [RFC 3711]<\/li>\n
User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMP): RFC 2574 [RFC 2574]<\/li>\n
Trusted Platform Module (TPM) (Parts 1 [TPM Principles], 2 [TPM Structures] and 3 [TPM Commands])<\/li>\n<\/ul>\n
If KDF testing is not performed, then the KDF must be listed as \u201cnon-compliant\u201d in your documentation, and the module\u2019s Security Policy must include a caveat that states that the associated protocol(s) cannot be used in an Approved mode of operation.<\/p>\n
This update applies to you if your candidate module is in the test lab now but has not yet been submitted to CMVP. If the module has already been submitted to CMVP, it will be validated under the previous rule.<\/p>\n
If you have not yet submitted your modules, take note! You\u2019ll be required to comply with the new guidance<\/strong>. Not every instance of this new change has been made clear as of this writing. For example, Corsec is in the process of determining the requirements for KDF testing on modules that use Open-SSL-based crypto engines, but we do know that similar efforts will be necessary for other open source-based libraries and other vendor-specific implementations.<\/p>\n
If you\u2019re uncertain how all the recent IG changes might affect your FIPS validation, or would like additional details about the new FIPS 140-2 IG, let us know<\/a>. We\u2019ll be happy to help.<\/p>\n","protected":false},"excerpt":{"rendered":"
In our recent post we talked about the recent changes to Common Criteria, FIPS, and UC APL, and the importance of putting these changes in context for your business. Today we have another change to tell you about. On July 25, CMVP issued an update to the FIPS 140-2 Implementation Guidance(IG). No matter where your module is in the…<\/p>\n","protected":false},"author":2,"featured_media":6403,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[63],"tags":[87,4,39],"class_list":["post-6482","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-industry-updates","tag-fips-140-2","tag-security-certifications","infinite-scroll-item","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","no-featured-image-padding"],"yoast_head":"\nNew FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae\" \/>\n<meta property=\"og:description\" content=\"In our recent post we talked about the recent changes to Common Criteria, FIPS, and UC APL, and the importance of putting these changes in context for your business. Today we have another change to tell you about. On July 25, CMVP issued an update to the FIPS 140-2 Implementation Guidance(IG). No matter where your module is in the...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\" \/>\n<meta property=\"og:site_name\" content=\"Corsec Security, Inc.\u00ae\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CorsecInc\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/sitdev.facebook.com\/pages\/Corsec\/158518584300710\" \/>\n<meta property=\"article:published_time\" content=\"2013-08-15T13:31:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-07-21T20:00:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"792\" \/>\n\t<meta property=\"og:image:height\" content=\"612\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jake Nelson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/corsecsecurity\" \/>\n<meta name=\"twitter:site\" content=\"@CorsecSecurity\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jake Nelson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\",\"url\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\",\"name\":\"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae\",\"isPartOf\":{\"@id\":\"https:\/\/www.corsec.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg\",\"datePublished\":\"2013-08-15T13:31:01+00:00\",\"dateModified\":\"2017-07-21T20:00:04+00:00\",\"author\":{\"@id\":\"https:\/\/www.corsec.com\/#\/schema\/person\/2249eea128c62c76370cf0ea198ef599\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage\",\"url\":\"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg\",\"contentUrl\":\"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg\",\"width\":792,\"height\":612,\"caption\":\"FIPS 140-2, FIPS 140-2 validation, FIPS Validation, FIPS 140-2 process, FIPS Inside, FIPS Compliant\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.corsec.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New FIPS 140-2 IG Update Released: What You Need to Know\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.corsec.com\/#website\",\"url\":\"https:\/\/www.corsec.com\/\",\"name\":\"Corsec Security, Inc.\",\"description\":\"Corsec helps companies complete security certifications and validations like FIPS 140-2, Common Criteria, and listing on the DoDIN APL \/ UC APL.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.corsec.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.corsec.com\/#\/schema\/person\/2249eea128c62c76370cf0ea198ef599\",\"name\":\"Jake Nelson\",\"description\":\"Jake Nelson leads Corsec's strategic direction for marketing and communication. He has nearly a decade of experience in corporate branding, content marketing, social media, marketing strategy and federal sales. Prior to Corsec, Jake helped start a sales and marketing consulting firm in the Washington DC area. He has also held various positions as head of sales, including the Director of federal civilian sales for an IT government contractor. Jake received his bachelor of business administration with a focus in Business to Business Marketing from James Madison University.\",\"sameAs\":[\"http:\/\/www.corsec.com\",\"https:\/\/sitdev.facebook.com\/pages\/Corsec\/158518584300710\",\"https:\/\/sitdev.linkedin.com\/pub\/jake-nelson\/b\/1b\/636\",\"https:\/\/x.com\/https:\/\/twitter.com\/corsecsecurity\"],\"url\":\"https:\/\/www.corsec.com\/author\/marketing\/\"}]}<\/script>\n","yoast_head_json":{"title":"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","og_locale":"en_US","og_type":"article","og_title":"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae","og_description":"In our recent post we talked about the recent changes to Common Criteria, FIPS, and UC APL, and the importance of putting these changes in context for your business. Today we have another change to tell you about. On July 25, CMVP issued an update to the FIPS 140-2 Implementation Guidance(IG). No matter where your module is in the...","og_url":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","og_site_name":"Corsec Security, Inc.\u00ae","article_publisher":"https:\/\/www.facebook.com\/CorsecInc\/","article_author":"https:\/\/sitdev.facebook.com\/pages\/Corsec\/158518584300710","article_published_time":"2013-08-15T13:31:01+00:00","article_modified_time":"2017-07-21T20:00:04+00:00","og_image":[{"width":792,"height":612,"url":"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg","type":"image\/jpeg"}],"author":"Jake Nelson","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/corsecsecurity","twitter_site":"@CorsecSecurity","twitter_misc":{"Written by":"Jake Nelson","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","url":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/","name":"New FIPS 140-2 IG Update Released: What You Need to Know - Corsec Security, Inc.\u00ae","isPartOf":{"@id":"https:\/\/www.corsec.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage"},"image":{"@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage"},"thumbnailUrl":"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg","datePublished":"2013-08-15T13:31:01+00:00","dateModified":"2017-07-21T20:00:04+00:00","author":{"@id":"https:\/\/www.corsec.com\/#\/schema\/person\/2249eea128c62c76370cf0ea198ef599"},"breadcrumb":{"@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#primaryimage","url":"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg","contentUrl":"https:\/\/www.corsec.com\/wp-content\/uploads\/Corsec-FIPS-140-2-Brand_03.jpg","width":792,"height":612,"caption":"FIPS 140-2, FIPS 140-2 validation, FIPS Validation, FIPS 140-2 process, FIPS Inside, FIPS Compliant"},{"@type":"BreadcrumbList","@id":"https:\/\/www.corsec.com\/new-fips-140-2-ig-update-released-what-you-need-to-know\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.corsec.com\/"},{"@type":"ListItem","position":2,"name":"New FIPS 140-2 IG Update Released: What You Need to Know"}]},{"@type":"WebSite","@id":"https:\/\/www.corsec.com\/#website","url":"https:\/\/www.corsec.com\/","name":"Corsec Security, Inc.","description":"Corsec helps companies complete security certifications and validations like FIPS 140-2, Common Criteria, and listing on the DoDIN APL \/ UC APL.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.corsec.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.corsec.com\/#\/schema\/person\/2249eea128c62c76370cf0ea198ef599","name":"Jake Nelson","description":"Jake Nelson leads Corsec's strategic direction for marketing and communication. He has nearly a decade of experience in corporate branding, content marketing, social media, marketing strategy and federal sales. Prior to Corsec, Jake helped start a sales and marketing consulting firm in the Washington DC area. He has also held various positions as head of sales, including the Director of federal civilian sales for an IT government contractor. Jake received his bachelor of business administration with a focus in Business to Business Marketing from James Madison University.","sameAs":["http:\/\/www.corsec.com","https:\/\/sitdev.facebook.com\/pages\/Corsec\/158518584300710","https:\/\/sitdev.linkedin.com\/pub\/jake-nelson\/b\/1b\/636","https:\/\/x.com\/https:\/\/twitter.com\/corsecsecurity"],"url":"https:\/\/www.corsec.com\/author\/marketing\/"}]}},"_links":{"self":[{"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/posts\/6482","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/comments?post=6482"}],"version-history":[{"count":0,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/posts\/6482\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/media\/6403"}],"wp:attachment":[{"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/media?parent=6482"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/categories?post=6482"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.corsec.com\/wp-json\/wp\/v2\/tags?post=6482"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}