NIST Special Publication 800-171 Revision 2
Date Published: January 28th, 2021
Withdrawn on May 14, 2024. Superseded by SP 800-171 Rev. 3
Author(s): Ron Ross (NIST), Victoria Pillitteri (NIST), Kelley Dempsey (NIST), Mark Riddle (NARA), Gary Guissanie (IDA)
Note: A Class Deviation is in effect as of May 2, 2024 (DEVIATION 2024O0013). The deviation clause requires contractors, who are subject to 252.204-7012, to comply with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 Revision 2, instead of the version of NIST SP 800-171 in effect at the time the solicitation is issued or as authorized by the contracting officer. Click Here
3.13.11: Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.
Control Family: System and Communications Protection
Control Type: Derived
SPRS Supplemental Guidance:
Subtract 5 points if no cryptography is employed
Subtract3 points if mostly not FIPS validated
CMMC Level(s):
SC.L2-3.13.11
DIBCAC HIGH Failure Rate (OTS):
1st of 110
Referenced in:
DFARS 252.204-7012
Derived From: NIST SP 800-53r4
SC-13
NIST Supplemental Guidance:
[NIST CRYPTO]
[NIST CAVP]
[NIST CMVP]
CSF v1.1:
PR.DS-5
Discussion:
Cryptography can be employed to support many security solutions including the protection of controlled unclassified information, the provision of digital signatures, and the enforcement of information separation when authorized individuals have the necessary clearances for such information but lack the necessary formal access approvals. Cryptography can also be used to support random number generation and hash generation. Cryptographic standards include FIPSvalidated cryptography and/or NSA-approved cryptography. See [NIST CRYPTO]; [NIST CAVP]; and [NIST CMVP].
Upon assessment, assessors must determine if-
3.13.10[a] cryptographic keys are established whenever cryptography is employed.
3.13.10[b] cryptographic keys are managed whenever cryptography is employed.
Assessors are instructed to-
Examine: [SELECT FROM: System and communications protection policy; procedures addressing cryptographic protection; system security plan; system design documentation; system configuration settings and associated documentation; cryptographic module validation certificates; list of FIPS-validated cryptographic modules; system audit logs and records; other relevant documents or records].
Interview: [SELECT FROM: System or network administrators; personnel with information security responsibilities; system developer; personnel with responsibilities for cryptographic protection].
Test: [SELECT FROM: Mechanisms supporting or implementing cryptographic protection].
FURTHER DISCUSSION
FIPS-validated cryptography means the cryptographic module has to have been tested and validated to meet FIPS 140-2 requirements. Simply using an approved algorithm is not sufficient – the module (software and/or hardware) used to implement the algorithm must be separately validated under FIPS 140. Accordingly, FIPS-validated cryptography is required to protect CUI when transmitted or stored outside the protected environment of the covered OSA information system (including wireless/remote access). Encryption used for other purposes, such as within applications or devices within the protected environment of the covered OSA information system, would not need to use FIPS-validated cryptography. This requirement, SC.L2-3.13.11, complements AC.L2-3.1.19, MP.L2-3.8.6, SC.L2-3.13.8, and SC.L2-3.13.16 by specifying that FIPS-validated cryptography must be used. While FIPSvalidated modules and algorithms are critical for protecting CUI, in limited cases Enduring Exceptions and temporary deficiencies may apply when implementing such cryptographic mechanisms.
Example
You are a system administrator responsible for deploying encryption on all devices that contain CUI. You must ensure that the encryption you use on the devices is FIPS-validated cryptography [a]. An employee informs you of a need to carry a large volume of CUI offsite and asks for guidance on how to do so. You provide the user with disk encryption software that you have verified via the NIST website that uses a CMVP-validated encryption module [a]. Once the encryption software is active, the user copies the CUI data onto the drive for transport.
Potential Assessment Considerations
Is cryptography implemented to protect the confidentiality of CUI at rest and in transit, through the configuration of systems and applications or through the use of encryption tools [a]?
ISO/IEC 27001:2013
A.10.1.1 Policy on the use of cryptographic controls
A.14.1.2 Securing application services on public networks
A.14.1.3 Protecting application services transactions
A.18.1.5 Regulation of cryptographic controls
FIPS 140-3 Transition Effort
Overview
While FIPS 140-2 continues on through 2026, development to support and validate FIPS 140-3 modules must be in place by September 2020. This project addresses questions concerning the process of migrating from FIPS 140-2 to FIPS 140-3. The transition process includes organizational, documentation and procedural changes necessary to update and efficiently manage the ever increasing list of security products that are tested for use in the US and Canadian governments. Changes also support the migration of internally developed security standards towards a set of standards developed and maintained by an international body, while also referencing government standards.
The Transition of FIPS 140-3 has Begun
On March 22, 2019, the Secretary of Commerce approved Federal Information Processing Standards Publication (FIPS) 140-3, Security Requirements for Cryptographic Modules, which supersedes FIPS 140-2. This was announced in the Federal Register on May 1, 2019 and became effective September 22, 2019.
The new standard also introduces some significant changes. Rather than encompassing the module requirements directly, FIPS 140-3 references ISO/IEC 19790:2012. The testing for these requirements will be in accordance with ISO/IEC 24759:2017. While there are few major technical requirement changes, the use of the ISO documents require several procedural changes in the management and execution of the validation program and process.
FIPS 140-2 Continues
FIPS 140-2 modules can remain active for 5 years after validation or until September 21, 2026, when the FIPS 140-2 validations will be moved to the historical list. Even on the historical list, CMVP supports the purchase and use of these modules for existing systems. While Federal Agencies decide when they move to FIPS 140-3 only modules, purchasers are reminded that for several years there may be a limited selection of FIPS 140-3 modules from which to choose. CMVP recommends purchasers consider all modules that appear on the Validated Modules Search Page and meet their requirements for the best selection of cryptographic modules, regardless of whether the modules are validated against FIPS 140-2 or FIPS 140-3.
As the effort for FIPS 140-3 development progresses, an important aspect is the continuation of efforts in supporting FIPS 140-2 validations. As there is limited resources, the queue of reviewing validation submissions is increasing. This is likely to continue well into 2021 as our resources are also needed to help develop the requirements for the new processes. Please have patience as we overhaul our processes to address the coming changes.
Transition Schedule
Updated - 06-02-2021
| Date | Activity |
|---|---|
| March 22, 2019 | FIPS 140-3 Approved |
| September 22, 2019 |
FIPS 140-3 Effective Date Drafts of SP 800-140x (Public comment closed 12-9-2019) |
| March 20, 2020 | Publication of SP 800-140x documents |
| May 20, 2020 | Updated CMVP Program Management Manual for FIPS 140-2 |
| July 1, 2020 | Tester competency exam updated to include FIPS 140-3 |
| September 21, 2020 |
Released FIPS 140-3 Implementation Guidance Released CMVP Management Manual for FIPS 140-3 |
| September 22, 2020 | CMVP accepted FIPS 140-3 submissions |
| September 22, 2021 |
CMVP no longer accepts FIPS 140-2 submissions for new validation certificates unless the vendor is under contract with a CSTL prior to June 15, 2021, the CSTL has submitted an extension request, and the CSTL has received acceptance by the CMVP. The CMVP continues to accept FIPS 140-2 reports that do not change the validation sunset date, i.e. Scenarios 1, 1A, 1B, 3A, 3B and 4 from FIPS 140-2 Implementation Guidance G.8. |
| April 1, 2022 | CMVP no longer accepts FIPS 140-2 submissions for new validation certificates. |
| September 22, 2026 | All FIPS 140-2 certificates are placed on the Historical List |
Frameworks & Controls
3.13: System and Communications Protection
3.13.3: Separate user functionality from system management functionality.
3.13.4: Prevent unauthorized and unintended information transfer via shared system resources
3.13.11: Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.
3.13.14: Control and monitor the use of Voice over Internet Protocol (VoIP) technologies.