What is FIPS 140-2? Military-grade Protection

Federal Information Processing Standards Military Grade Protection

Federal Information Processing Standards (FIPS) are publicly announced standards developed by the United States federal government for use in computer systems and peripherals by government agencies and government contractors. The FIPS 140 is a U.S. government computer security standard used to approve cryptographic modules, level 2 is tamper-evident coatings or seals are placed on a cryptographic module so that the coating or seal must be broken to attain physical access to the plain text cryptographic keys and critical security parameters (CSPs) within the module. Even if these standards were enacted by the US, they are often mandatory in other countries, simply to avoid having to create another comparable standard.

Certifications and Confidentiality 

Most governments require the purchase of FIPS 140-2 certified external hard drives and flash drives. These appliances use hardware encryption, are tamper proof, and have no backdoor or override codes, which allow for recovery of data or decryption.  The encryption is independent from the pc or laptop operating system.


AES-256 encryption

The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.

AES is a subset of the Rijndael cipher developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen, who submitted a proposal to NIST during the AES selection process. Rijndael is a family of ciphers with different key and block sizes.

For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.

AES has been adopted by the U.S. government and is now used worldwide.

The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decryption of data.

A brute force attack against AES encrypted documents or drives would take years even using numerous super computers. 

Click here to learn about four (4) types of security levels of FIPS 140-2