Validating cryptography through FIPS 140-2 testing
UL will help you through the process, from design assessment through receiving your certificate number. Our FIPS 140-2 validation testing process includes:
- Design assessment to determine whether or not your product meets the FIPS requirements
- Algorithm testing to ensure that your cryptographic algorithms are implemented properly
- Source code review
- Physical security testing
- Operational testing
- Extensive reviews, including final approval by our Lab Director before submission to the Cryptographic Module Validation Program (CMVP)
- Coordination with the CMVP to ensure that your report goes through the validation process as smoothly as possible
Your benefits in being FIPS 140-2 validated
- UL can serve clients across the globe, boasting the largest FIPS validation test team to meet the need of our clients.
- UL has tested more cryptographic modules of all types and security levels than any other laboratory and is the most experienced FIPS 140-2 laboratory and consultant in the industry. Our security engineers and management played an integral role in the development of the original FIPS 140 standard, so we thoroughly understand the intent of the requirements and how to achieve compliance.
- Cryptographic Module Validation Program (CMVP)
- Requirements for FIPS 140-2 Validation Testing
- Cryptographic Algorithm Validation Program (CAVP)
- Product Profile and Documentation Workshop
- Algorithm Validation Testing
- Random Number Generator Entropy Analysis
- Physical Security Pre-Evaluation Services
- Compliance Consulting
- ISO 19790 Introductory Workshop
- ISO 19790 Validation Testing
Why UL for FIPS 140-2 validation
Since its advent, the 140-2 standard has built a global presence. When it comes to our role testing to this standard whose use has spread with some amount of successful recognition, we take advantage of the fact that we are closely affiliated with its development. We conduct efficient testing procedures that are carried out with this background in mind, enhanced by the diligent and thorough work we aim to perform. As we test to FIPS 140-2 for validated cryptography, it’s our goal to help contribute safety and rigor to cybersecurity and the implementation of encryption algorithms—always with expert knowledge and best practices at the forefront of our execution.