Federal Information Processing Standards (FIPS) are standards developed by the U.S. federal government for computer systems. FIPS 140 is a series of standards specifically focused on the security requirements for cryptographic modules.
FIPS 140-2: Issued in 2001, this standard covers areas like cryptographic algorithm implementation, physical security, key management, and self-tests. For many years, it was the benchmark for cryptographic module security for U.S. federal agencies and regulated industries.
FIPS 140-3: This is the latest version, approved in 2019, which supersedes FIPS 140-2. FIPS 140-3 aligns more closely with international standards (ISO/IEC 19790) and introduces updates to security requirements.
WinMagic:
Our products has been FIPS 140-2 compliant for a long time, and are now on the “Modules In Process List” list awaiting full approval for FIPS 140-3. The MIP list contains cryptographic modules on which the CMVP is actively working. NIST will assign resources to review the reports when they have the bandwidth. Due to several factors including retirements, hiring freezes and process changes to make things more efficient it is hard to predict when NIST when complete their review, but it could be a year +-. In the meantime, our products continue to use our FIPS 140-2 modules which are completely fine and still valid.
.png)
.png)
The full MIP list can be viewed here:
https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/modules-in-process-list
Last Updated: 4/30/2025
KA-02070 | Settings in KnowConfigs.xml do not apply successfully for SD versions 9.1.102.293 and older on Windows 11 (24H2) without WMIC |