A cryptographic module is a component of a computer system that securely implements cryptographic algorithms, typically with some element of tamper resistance.
NIST defines a cryptographic module as "The set of hardware, software, and/or firmware that implements security functions (including cryptographic algorithms), holds plaintext keys and uses them for performing cryptographic operations, and is contained within a cryptographic module boundary."[1]
Hardware security modules, including secure cryptoprocessors, are one way of implementing cryptographic modules.
Standards for cryptographic modules include FIPS 140-3 and ISO/IEC 19790.[2][3]
See also
editReferences
edit- ^ "Cryptographic module - Glossary". csrc.nist.gov. Retrieved 2023-09-24.
- ^ "FIPS PUB 140-3: Security Requirements for Cryptographic Modules" (PDF). NIST. 2019-03-22.
- ^ "ISO/IEC 19790:2012: Information technology — Security techniques — Security requirements for cryptographic modules". ISO. Retrieved 2023-09-24.