Note: This set of articles was prepared in 2006 by Thomas Jerry Scott to supplement his Computer Security classes. Most of these documents have been edited to fit into a common format. Each of the these FIPS standards describes practices approved for PKI, crytography, and authentication. Hopefully, reading through these documents will help you understand many of the concepts and standards behind them for Internet based PKI systems.

Table of Contents for the FIPS Standards

  1. FIPS 46-3: Data Encryption Standard (DES) -- Reaffirmed, October 25, 1999
  2. FIPS 113-3: Computer Data Authentication, May 30, 1985

  3. FIPS 140-1: Security Requirements For Cryptographic Modules -- Jan 11, 1994
  4. FIPS 140-2: Security Requirements for Cryptographic Modules, May 25, 2001

  5. FIPS 180-2: Secure Hash Standard (SHS), August 1, 2002
  6. FIPS 186-2 With Change: Digital Signature Standard (DSS), January 27, 2000

  7. FIPS 196: Entity Authentication Using Public Key Cryptography, February 18, 1997
  8. FIPS 197: Advanced Encryption Standard, November 26, 2001

  9. FIPS 198: The Keyed-Hash Message Authentication Code (HMAC), March 6, 2002
  10. FIPS 199: Standards for Security Categorization of Federal Information and Information Systems, February 2004.

  11. FIPS 201: Personal Identity Verification for Federal Employees and Contractors, February 2005

  12. NIST: An Example CPS for A Federal PKI

  13. NIST: Federal PKI Overview -- Nice Review of PKI for Federal Institutions

  14. Return to the PKI Main Menu