Sign-In
Cart
Designing to Fips-140: A Guide for Engineers and Programmers
Paperback
Publisher Price: $59.99
Publisher: Apress
Published: Apr 26 2024
Pages: 213
Weight: 0.90
Height: 0.49 Width: 7.00 Depth: 10.00
Language: English
This book provides detailed and practical information for practitioners to understand why they should choose certification. It covers the pros and cons, and shows how to design to comply with the specifications (FIPS-140, SP800 documents, and related international specs such as AIS31, GM/T-0005-2021, etc.). It also covers how to perform compliance testing. By the end of the book, you will know how to interact with accredited certification labs and with related industry forums (CMUF, ICMC). In short, the book covers everything you need to know to make sound designs.
Although this was once a fairly niche topic, it is no longer so. Other industries--banking, military, healthcare, air travel, and more--have adopted FIPS certification for cryptographic products. The demand for these services has grown exponentially. Still, the available skills pool has not grown. Many people are working on products with zero usable information on what to do to meet these standards and achieve certification or even understand if such certification applies to their products.
What You Will Learn
- What is FIPS-140? What is the SP800 standard?
- What is certification? What does it look like? What is it suitable for?
- What is NIST? What does it do?
- What do accredited certification labs do?
- What do certification consultants do?
- Where and when is certification required?
- What do FIPS-140 modules look like?
- What are the sub-components of FIPS-140 modules (RNGs, PUFs, crypto functions)? How does certification work for them?
- What are the physical primitives (RNGs, PUFs, key stores) and how do you handle the additional complexity of certifying them under FIPS?
- What are the compliance algorithms (AES, SP800-90 algos, SHA, ECDSA, key agreement, etc.)?
- How do you design for certification (BIST, startup tests, secure boundaries, test access, zeroization, etc.)?
- How do you get CAVP certificates (cert houses, ACVTs)?
- How do you get CMVP certifications (cert houses, required documents, design information, security policy, etc.)?
Who This Book Is For
Hardware and software engineers or managers of engineering programs that include any form of cryptographic functionality, including silicon vendors, library vendors, OS vendors, and system integrators
Also from
Johnston, David
The Rhetoric of Leviathan: Thomas Hobbes and the Politics of Cultural Transformation
Johnston, David
Paperback
A General, Medical, and Statistical History of the Present Condition of Public Charity in France
Johnston, David
Hardcover
A Model Pastor Of The Old School. Recollections Of The Rev. D. Johnston And The Parish Of North Leith
Johnston, David
Foster, Margaret E.
Hardcover
A Model Pastor Of The Old School. Recollections Of The Rev. D. Johnston And The Parish Of North Leith
Foster, Margaret E.
Johnston, David
Paperback
A General, Medical, and Statistical History of the Present Condition of Public Charity in France
Johnston, David
Paperback
Blackstone's Police Manuals Volume 2: Evidence and Procedure 2026
Hutton, Glenn
Johnston, David
Connor, Paul
Paperback
Also in
Computer Security
Spies, Lies, and Cybercrime: Cybersecurity Tactics to Outsmart Hackers and Disarm Scammers
O'Neill, Eric
Hardcover
Digital Ethics in the Age of AI: Navigating the ethical frontier today and beyond
Mehan, Julie
Paperback
The Cybernetic Society: How Humans and Machines Will Shape the Future Together
Husain, Amir
Hardcover
Linux Basics for Hackers, 2nd Edition: Getting Started with Networking, Scripting, and Security in Kali
Occupytheweb
Paperback
Isc2 Cissp Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle
Chapple, Mike
Stewart, James Michael
Gibson, Darril
Paperback
Password Logbook (Hip Floral): Keep Track of Usernames, Passwords, Web Addresses in One Easy and Organized Location
Editors of Rock Point
Hardcover
Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers
Greenberg, Andy
Paperback
Comptia A+ Complete Study Guide, 2-Volume Set: Volume 1 Core 1 Exam 220-1201 and Volume 2 Core 2 Exam 220-1202
Docter, Quentin
Buhagiar, Jon
Paperback
Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy
Deibert, Ronald J.
Hardcover
Comptia Security+ Study Guide with Over 500 Practice Test Questions: Exam Sy0-701
Chapple, Mike
Seidl, David
Paperback
Raising Humans in a Digital World: Helping Kids Build a Healthy Relationship with Technology
Graber, Diana
Paperback
Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
Zetter, Kim
Paperback
Data Engineering for Cybersecurity: Build Secure Data Pipelines with Free and Open-Source Tools
Bonifield, James
Paperback
Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World
Menn, Joseph
Paperback
The Future of Hacking: The Rise of Cybercrime and the Fight to Keep Us Safe
Scherling, Laura S.
Hardcover
Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance
Angwin, Julia
Paperback
Isc2 Cissp Certified Information Systems Security Professional Official Study Guide
Gibson, Darril
Chapple, Mike
Stewart, James Michael
Paperback
Hacking and Security: The Comprehensive Guide to Penetration Testing and Cybersecurity
Kloep, Peter
Kofler, Michael
Gebeshuber, Klaus
Paperback
Serious Cryptography, 2nd Edition: A Practical Introduction to Modern Encryption
Aumasson, Jean-Philippe
Paperback
Tor: Tor and the Deep Web: A Guide to Become Anonymous Online, Conceal Your IP Address, Block NSA Spying and Hack!
Welsh, Joshua
Paperback
Internet Password Logbook (Red Leatherette): Keep Track of Usernames, Passwords, Web Addresses in One Easy and Organized Location
Editors of Rock Point
Hardcover
A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend Them Back
Schneier, Bruce
Paperback
Comptia A+ Complete Certification Kit: Core 1 Exam 220-1201 and Core 2 Exam 220-1202
Buhagiar, Jon
McMillan, Troy
Docter, Quentin
Paperback
Comptia A+ Complete Practice Tests: Core 1 Exam 220-1201 and Core 2 Exam 220-1202
O'Shea, Audrey
Paperback
Humorous Cryptograms: 300 Large Print Puzzles To Keep You Entertained (Large Print Edition)
Nest, Game
Paperback
Shit I Can't Remember: Keep track of usernames, passwords, web addresses in one easy & organized location
Books, Family's
Paperback
Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali
Occupytheweb
Paperback
Hacking Exposed Industrial Control Systems: ICS and Scada Security Secrets & Solutions
Singer, Bryan
Shbeeb, Aaron
Bodungen, Clint
Paperback
Cyber War: The Next Threat to National Security and What to Do about It
Clarke, Richard A.
Knake, Robert
Paperback
Comptia A+ Complete Review Guide: Core 1 Exam 220-1201 and Core 2 Exam 220-1202
McMillan, Troy
Paperback
Faik: A Practical Guide to Living in a World of Deepfakes, Disinformation, and Ai-Generated Deceptions
Carpenter, Perry
Hardcover
Container Security: Fundamental Technology Concepts That Protect Cloud Native Applications
Rice, Liz
Paperback
Cybersecurity for Everyone: A Human-Centered Approach to Protecting Yourself and Your Community
Olieslaeger, Cathy
Paperback
Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation, Second Edition
Reiber, Lee
Paperback
Hacking: Computer Hacking for beginners, how to hack, and understanding computer security!
Dodson, Adam
Hardcover
Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion
Abelson, Hal
Ledeen, Ken
Lewis, Harry
Paperback
AWS Certified Security Study Guide: Specialty (Scs-C02) Exam
Goldfarb, Dario Lucas
Mu¿oz, Mauricio
Moraes, Alexandre M. S. P.
Paperback
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Fyodor
Lyon, Gordon
Paperback
Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World
Menn, Joseph
Paperback
Governance, Risk, and Compliance (GRC) in Cybersecurity: All you need to know
Relington, James
Paperback
Cyber Threat Hunters Handbook: Applying advanced analytics, automation, and collaborative intelligence for digital defense (English Edition)
Pereira Quiceno, David F.
Paperback
Comptia A+ Certmike: Prepare. Practice. Pass the Test! Get Certified!: Core 2 Exam 220-1202
Chapple, Mike
Paperback
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Stuttard, Dafydd
Pinto, Marcus
Paperback
Locksport: A Hackers Guide to Lockpicking, Impressioning, and Safe Cracking
Belgers, Walter
Weyers, Jos
Burrough, Matt
Paperback
Crypto Conned My 200K Nightmare: And 10 Key Steps To Safeguard Your Future
Holliday, Ed Doc
Paperback
Web Application Security: Exploitation and Countermeasures for Modern Web Applications
Hoffman, Andrew
Paperback
Comptia A+ Certmike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1201
Chapple, Mike
Paperback
Cybersecurity - Attack and Defense Strategies - Third Edition: Improve your security posture to mitigate risks and prevent attackers from infiltrating
Ozkaya, Erdal
Diogenes, Yuri
Paperback
Esclavos del Algoritmo. Manual de Resistencia En La Era de la Inteligencia Artificial / Slaves of the Algorithm
de Rivera, Laura G.
Paperback
Cybersecurity for Everyone: Securing your home or small business network
Sadler, Terence L.
Paperback
Cisa Certified Information Systems Auditor Study Guide: Covers 2024 - 2029 Exam Objectives
Gregory, Peter H.
Chapple, Mike
Paperback
Hacking & Tor: The Complete Beginners Guide To Hacking, Tor, & Accessing The Deep Web & Dark Web
Jones, Jack
Paperback
Certificate of Cloud Security Knowledge (Ccsk V5) Study Guide: In-Depth Guidance and Practice
Thompson, Graham
Paperback
Principles of AI Governance and Model Risk Management: Master the Techniques for Ethical and Transparent AI Systems
Sayles, James
Paperback
The Art of Deception: Controlling the Human Element of Security
Simon, William L.
Mitnick, Kevin D.
Paperback
Learn Computer Forensics - Second Edition: Your one-stop guide to searching, analyzing, acquiring, and securing digital evidence
Oettinger, William
Paperback
Wtf Is My Password: Keep track of usernames, passwords, web addresses in one easy & organized location - Orange Cover
Pray, Norman M.
Paperback
Mastering Palo Alto Networks - Second Edition: Build, configure, and deploy network solutions for your infrastructure using features of PAN-OS
'Reaper', Tom Piens Aka
Paperback
Securing the Digital Frontier: Cyber Security for Responsible Citizens and Strategic Thinkers
Martin, Andrew
Hardcover
Ghidra Software Reverse-Engineering for Beginners - Second Edition: Master the art of debugging, from understanding code to mitigating threats
Pérez, David Álvarez
Tiwari, Ravikant
Paperback
Understanding the Digital World: What You Need to Know about Computers, the Internet, Privacy, and Security, Second Edition
Kernighan, Brian W.
Paperback
Cism Certified Information Security Manager All-In-One Exam Guide [With CD (Audio)]
Gregory, Peter H.
Paperback
The Mathematics of Secrets: Cryptography from Caesar Ciphers to Digital Encryption
Holden, Joshua
Paperback
Identity Security for Software Development: Best Practices That Every Developer Must Know
Ailon, Uzi
Barker, Matt
Walsh, John
Paperback
Understand the Cyber Attacker Mindset: Build a Strategic Security Programme to Counteract Threats
Armstrong-Smith, Sarah
Paperback
Building a Career in Cybersecurity: The Strategy and Skills You Need to Succeed
Diogenes, Yuri
Paperback
The Online World, What You Think You Know and What You Don't: 4 Critical Tools for Raising Kids in the Digital Age
Mankarious, Rania
Paperback
Ethical Hacking for Beginners: A Step by Step Guide for you to Learn the Fundamentals of CyberSecurity and Hacking
Nastase, Ramon Adrian
Paperback
SSL/TLS Under Lock and Key: A Guide to Understanding SSL/TLS Cryptography
Schatten, Jeremy
Baka, Paul
Paperback
Firewalls Don't Stop Dragons: A Step-By-Step Guide to Computer Security and Privacy for Non-Techies
Parker, Carey
Paperback
Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition
Sims, Stephen
Harper, Allen
Linn, Ryan
Paperback
Building Secure and Reliable Systems: Best Practices for Designing, Implementing, and Maintaining Systems
Adkins, Heather
Blankinship, Paul
Beyer, Betsy
Paperback
Practical Cybersecurity Architecture - Second Edition: A guide to creating and implementing robust designs for cybersecurity architects
Kelley, Diana
Moyle, Ed
Paperback
Logical Investigative Methods: Critical Thinking and Reasoning for Successful Investigations
Girod, Robert J.
Paperback
Hacking Etico 101 - Cómo hackear profesionalmente en 21 días o menos!: 2da Edición. Revisada y Actualizada a Kali 2.0.
Astudillo B., Karina
Paperback
Intelligent Continuous Security: Ai-Enabled Transformation for Seamless Protection
Hornbeek, Marc
Paperback
Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming
Hickey, Matthew
Arcuri, Jennifer
Paperback
Redefining Hacking: A Comprehensive Guide to Red Teaming and Bug Bounty Hunting in an Ai-Driven World
Lazzara, Savannah
Thurner, Wesley
Santos, Omar
Paperback
Iapp Cipp / Us Certified Information Privacy Professional Study Guide
Chapple, Mike
Shelley, Joe
Paperback
Achieve Comptia Security+ Sy0-701 Exam Success: The Concise Certification Guide for Today's Busy Professional
Edwards, Jason
Paperback
Network Programmability and Automation: Skills for the Next-Generation Network Engineer
Lowe, Scott S.
Oswalt, Matt
Adell, Christian
Paperback
Mastering Linux Security and Hardening - Third Edition: A practical guide to protecting your Linux system from cyber attacks
Tevault, Donald a.
Hardcover