A cryptographic module is a component of a computer system that securely implements cryptographic algorithms, typically with some element of
tamper resistance
Tamperproofing is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and time, the term " ...
.
NIST
The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical s ...
defines a cryptographic module as "The set of hardware, software, and/or firmware that implements security functions (including cryptographic algorithms), holds plaintext keys and uses them for performing cryptographic operations, and is contained within a cryptographic module boundary."
Hardware security modules, including
secure cryptoprocessors, are one way of implementing cryptographic modules.
Standards for cryptographic modules include
FIPS 140-3
The Federal Information Processing Standard Publication 140-3 (FIPS PUB 140-3) is a U.S. government computer security standard used to approve cryptographic modules. The title is ''Security Requirements for Cryptographic Modules''. Initial publica ...
and
ISO/IEC 19790
ISO/IEC 19790 is an ISO/IEC standard for security requirements for cryptographic modules. It addresses a wide range of issues regarding their implementation, including specifications, interface definitions, authentication, operational and physical ...
.
See also
*
Cryptographic Module Validation Program (CMVP)
*
Cryptographic Module Testing Laboratory
References
Cryptography
Computer security
{{cryptography-stub