Chat
Ask me anything
Ithy Logo

Embedded SoCs Supporting FIPS 140-3

The Federal Information Processing Standard (FIPS) 140-3 is a U.S. government standard that specifies security requirements for cryptographic modules. These modules are used in a wide range of applications, including embedded systems, computers, servers, and IoT devices. This standard is crucial for ensuring the protection of sensitive data and cryptographic keys. This document provides a detailed overview of embedded System on Chips (SoCs) and related components that support FIPS 140-3 certification, drawing from various sources to offer a comprehensive understanding.

Understanding FIPS 140-3

FIPS 140-3 defines four qualitative security levels, each addressing a different range of applications and security needs. These levels cover various aspects of cryptographic module security, including:

  • Cryptographic Module Specification: Defining the module's boundaries and functionalities.
  • Interfaces: Specifying how the module interacts with other components.
  • Roles and Services: Defining the different roles within the module and the services they can access.
  • Authentication: Ensuring only authorized users can access the module.
  • Physical Security: Protecting the module from physical tampering.
  • Lifecycle Assurance: Ensuring the module's security throughout its lifecycle.

Compliance with FIPS 140-3 is essential for any system that handles sensitive data, especially in government and regulated industries. The standard ensures that cryptographic modules are robust and reliable, providing a high level of security.

FIPS 140-3 Certified Embedded SoCs and Modules

Below is a detailed list of embedded SoCs and cryptographic modules that have achieved or are in the process of achieving FIPS 140-3 certification. This list includes manufacturers, specific products, certification details, and key specifications.

1. Marvell eHSM Series

Manufacturer: Marvell Semiconductor, Inc.

Products:

  • eHSM32 Level 3 Embedded Hardware Security Module
    • Certification: FIPS 140-3
    • Certification Date: March 18, 2024
    • Details: Designed for secure cryptographic operations.
  • eHSM64 Level 3 Embedded Hardware Security Module
    • Certification: FIPS 140-3
    • Certification Date: March 20, 2024
    • Details: Supports advanced cryptographic operations.

Key Features: These modules are designed to provide robust security for various applications requiring high-level cryptographic protection.

Source: NIST Cryptographic Module Validation Program

2. MediaTek CryptoCore v2

Manufacturer: MediaTek Inc.

Product: CryptoCore v2

  • Certification: FIPS 140-3 (Pending)
  • Certification Date: In process as per NIST listing
  • Details: Embedded cryptographic module designed to secure sensitive data in SoC environments.

Key Features: Provides secure cryptographic operations within MediaTek's SoC ecosystem.

Source: NIST Cryptographic Module Validation Program

3. Samsung TCG Opal SSC Cryptographic Sub-Chip

Manufacturer: Samsung Electronics Co., Ltd.

Product: S4LV006 S00

  • Certification: FIPS 140-3
  • Certification Date: December 22, 2023
  • Details: Designed for secure storage and encryption, compliant with the TCG Opal standard.

Key Features: Ensures secure data storage and encryption in compliance with industry standards.

Source: NIST Cryptographic Module Validation Program

4. Ranix Automotive HSM

Manufacturer: Ranix Inc.

Product: RA33BH

  • Certification: FIPS 140-3
  • Certification Date: April 5, 2024
  • Details: Automotive-grade hardware security module designed to protect vehicle communication and data.

Key Features: Provides robust security for automotive applications, protecting critical vehicle systems and data.

Source: NIST Cryptographic Module Validation Program

5. Intel Crypto Module for Meteor Point PCH

Manufacturer: Intel Corporation

Product: Converged Security and Manageability Engine (CSME)

  • Certification: FIPS 140-3
  • Certification Date: April 12, 2024
  • Details: Embedded in Intel's Meteor Point platform, providing secure management and cryptographic capabilities.

Key Features: Integrates secure management and cryptographic functions within Intel's platform.

Source: NIST Cryptographic Module Validation Program

6. Phison TCG OPAL SSC Self-Encrypting SSD Series

Manufacturer: Phison Electronics Corporation

Product: PS3112/PS5012 Series

  • Certification: FIPS 140-3
  • Certification Date: October 7, 2024
  • Details: Self-encrypting SSD series integrating TCG Opal SSC-compliant cryptographic modules for secure data storage.

Key Features: Provides secure data storage with integrated encryption capabilities.

Source: NIST Cryptographic Module Validation Program

7. IBM NVMe FlashCore Module 4

Manufacturer: IBM Corporation

Product: NVMe FlashCore Module 4

  • Certification: FIPS 140-3
  • Certification Date: June 10, 2024
  • Details: Secure storage solution with embedded cryptographic capabilities.

Key Features: Offers secure storage with integrated cryptographic functions for data protection.

Source: NIST Cryptographic Module Validation Program

8. Samsung Flash Memory Protector V5.0

Manufacturer: Samsung Electronics Co., Ltd.

Product: Flash Memory Protector V5.0

  • Certification: FIPS 140-3
  • Certification Date: November 29, 2024
  • Details: Designed to protect data stored in flash memory devices.

Key Features: Provides secure protection for data stored in flash memory.

Source: NIST Cryptographic Module Validation Program

9. ST Engineering & i-Engine SAM/SSID Applets on NXP P71 Series

Manufacturer: ST Engineering Electronics Ltd., I-Engine Pte Ltd.

Products:

  • SAM Applet on NXP P71 Series
    • Certification: FIPS 140-3
    • Certification Date: September 24, 2024
    • Details: Provides secure cryptographic operations for embedded systems.
  • SSID Applet on NXP P71 Series
    • Certification: FIPS 140-3
    • Certification Date: September 24, 2024
    • Details: Focuses on secure SSID management and cryptographic operations.

Key Features: These applets provide secure cryptographic operations and SSID management on the NXP P71 series.

Source: NIST Cryptographic Module Validation Program

10. ID-One PIV 243 & FIDO

Manufacturer: IDEMIA

Product: ID-One PIV 243 & FIDO

  • Certification: FIPS 140-3
  • Certification Date: September 19, 2024
  • Details: Supports Personal Identity Verification (PIV) and FIDO standards, ensuring secure authentication.

Key Features: Provides secure authentication using PIV and FIDO standards.

Source: NIST Cryptographic Module Validation Program

11. STMicroelectronics STSAFE-TPM Family

Manufacturer: STMicroelectronics

Products:

  • ST33KTPM2X
  • ST33KTPM2XSPI
  • ST33KTPM2XI2C
  • ST33KTPM2I
  • ST33KTPM2A (Commercialized as STSAFE-V100-TPM)

Certification: FIPS 140-3 Certified

Key Specifications:

  • Use Cases: Secure boot, remote/anonymous attestation, secure storage.
  • Extended User Memory: 200 kBytes.
  • Secure Firmware Update: Supports adding new cryptographic algorithms, including post-quantum cryptography (PQC).
  • Compliance:
    • Trusted Computing Group (TCG) TPM 2.0.
    • Common Criteria EAL4+ (passing AVA_VAN.5 vulnerability analysis).
    • FIPS 140-3 Level 1 (with physical security Level 3).
  • Applications:
    • PCs, servers, IoT devices, medical equipment, and infrastructure systems.
    • Automotive integration (ST33KTPM2A is AEC-Q100 qualified for automotive use).
    • Long-lifetime industrial systems (ST33KTPM2I).

Key Features: These TPMs provide robust cryptographic asset protection and are used in a variety of applications, including PCs, servers, network-connected IoT devices, medical equipment, and infrastructure high-assurance equipment. The ST33KTPM2I is qualified for long lifetime industrial systems, and the ST33KTPM2A (commercialized as STSAFE-V100-TPM) is AEC-Q100 qualified for automotive integration.

Source: STMicroelectronics Press Release

12. Marvell LiquidSecurity HSMs

Manufacturer: Marvell Technology

Products: LiquidSecurity 1 and LiquidSecurity 2 hardware security modules (HSMs).

Certification: FIPS 140-3 Level-3 certified.

Key Features: These HSMs are used for secure key protection and management, credit card purchases, ATM withdrawals, sign-in services, and other high-volume transactions. They are designed to eliminate the friction associated with achieving better security and are traditionally packaged as 1U and 2U server appliances.

13. NXP Semiconductors EdgeLock SE052F

Manufacturer: NXP Semiconductors

Product: EdgeLock SE052F secure element.

Certification: FIPS 140-3 Level 3 certified.

Key Features: This is the first hardware secure element for the Industrial IoT (IIoT) certified to FIPS 140-3 Level 3. It combines protection and convenience, making it easier to develop and deliver secure, differentiated IoT devices. The EdgeLock SE052F features cryptographic functionalities such as ECDSA, ECDH/E, RSA up to 4K, and authenticated AES encryption modes CCM/GCM.

Additional Resources

For further details and to verify the certification status of specific modules, refer to the official NIST Cryptographic Module Validation Program (CMVP) website:

https://csrc.nist.gov/projects/cryptographic-module-validation-program

This website provides a searchable database of all validated cryptographic modules, including those used in embedded systems. It is an essential resource for anyone looking to implement FIPS 140-3 compliant solutions.

Conclusion

The landscape of FIPS 140-3 certified embedded SoCs and modules is continually evolving, with new products and certifications being added regularly. The list provided here offers a comprehensive overview of the current state, highlighting key manufacturers and their offerings. When selecting a module for your application, it is crucial to ensure that it meets the specific security requirements and is validated under the FIPS 140-3 standard. Always refer to the official NIST CMVP database for the most up-to-date information and certification details.


December 15, 2024
Ask Ithy AI
Download Article
Delete Article
|Help|Privacy|Terms