Product Security Certification: FIPS 140-3
Intel is committed to product security certification, designing solutions to comply with government regulatory requirements such as Federal Information Processing Standard (FIPS) 140-3.
What is FIPS-140-3?
Federal Information Processing Standards (FIPS) 140 are specifications developed by the U.S. National Institute of Standards and Technology (NIST) covering security requirements for cryptographic modules. FIPS 140-3 refers specifically to version 3, the current version of the standard.
Validation is acquired from accredited independent labs and security levels range from level 1 (simple protections) to level 4 (hardened against many forms of attack); the number of applicable requirements and their stringency increases with each level.
“When our products meet leading standards for security, Intel is not only better situated to be a leader in the public sector market, but we also help enable our customers in other sectors to meet emerging market requirements."
- Mohsen Fazlian, Corporate Vice President, General Manager, Intel Product Assurance and Security
FIPS Commitment
Intel has committed that all products with cryptography that reach production in 2024 and beyond must be FIPS certifiable. This means products: identify cryptographic module(s) used, are designed and implemented to meet applicable FIPS 140-3 requirements, are documented and pre-tested, include one or more FIPS-approved algorithms and entropy source validation, are capable of performing required self-tests and other operations, and enable acquisition of FIPS 140-3 validation by Intel or customers (including OEMs).
To ensure products can be FIPS 140-3 validated, all Intel designs that contain cryptography (hardware, firmware, and software) must complete assigned tasks in our Security Development Lifecycle process. This mandate establishes that all products must design and implement to meet FIPS140-3 specification requirements to achieve future FIPS 140-3 validation.
FIPS Approach
Intel’s commitment to product security includes focus on compliance with government regulatory requirements and industry best practices.
Validated FIPS Cryptographic Modules
Certification: 4648
Cryptographic Module for Intel Platforms' Security Engine Chipset
Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2026-09-21
Certification: 4599
Cryptographic Module for Intel Platforms' Security Engine Chipset
Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2026-03-03
Cert #: 4355
Cryptographic Module for Intel Platforms' Security Engine Chipset
Standard: FIPS140-2
Security Level 1
Status: Historical
Module Type: Hybrid
Sunset Date: 2026-09-21
Certification: 4158
Cryptographic Module for Intel Converged Security and Manageability Engine (CSME)
Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2026-09-21
Certification: 4150
Intel Converged Security and Manageability Engine (CSME) Crypto Module for Tiger Point, Mule Creek Canyon and Rocket Lake PCH
Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2026-09-21
Certification: 4025
Intel Offload and Crypto Subsystem (OCS)
Standard: FIPS140-2
Security Level 2
Status: Active
Module Type: Hardware
Sunset Date: 2026-09-08
Certification: 3838
Cryptographic Module for Intel Platforms' Security Engine Chipset
Standard: FIPS140-2
Security Level 1
Status: Historical
Module Type: Hybrid
Sunset Date: 2026-03-03
Certification: 3511
Optane SSD DC D4800X
Standard: FIPS140-2
Security Level 2
Status: Active
Module Type: Hardware
Sunset Date: 2024-08-11
Certification: 2720
Cryptographic Module for Intel vPro Platforms' Security Engine Chipset
Standard: FIPS140-2
Security Level 1
Status: Historical
Module Type: Hybrid
Sunset Date: 1901-01-01
Certification: 2631
Intel OpenSSL FIPS Object Module
Standard: FIPS140-2
Security Level 1
Status: Historical
Module Type: Software
Sunset Date: 1901-01-01
Certification: 3838
Cryptographic Module for Intel Platforms' Security Engine Chipset
Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2024-03-03
Solution Briefs
Intel® Digital Random Number Generator Software Implementation Guide
Intel® Secure Key includes instructions RDRAND and RDSEED and the underlying the hardware implementation used to generate high-quality keys for cryptographic protocols. This guide provides technical information on usage, including code examples
FIPS 140-3: Intel’s Approach to Cryptographic Module Validation
FIPS 140 security requirements cover areas related to the secure design, implementation and operation of a cryptographic module. This technical overview covers Intel’s commitment to product security compliance with this key standard.
ESV Validation
Entropy Certificate #E57
Implementation Name: Intel® DRNG Entropy Source
Description: Intel® DRNG Entropy Source
Version: DRNG MSL v1
Noise Source Classification: Physical
Reuse Status: Open for Reuse
Entropy Certificate #E136
Implementation Name: NIST SP800-90B TRNG Entropy Source
Description: NIST SP800-90B TRNG Entropy Source
Version: 1.0
Noise Source Classification: Physical
Reuse Status: Open for Reuse
Entropy Certificate #E164
Implementation Name: Intel® Digital Random Number Generator SP800-90B
Description: metastable latch
Version: 1.0
Noise Source Classification: Physical
Reuse Status: Open for Reuse
Entropy Certificate #E179
Implementation Name: Intel® DRNG 4 Entropy Source
Description: Intel® DRNG 4 Entropy Source
Version: IP-DRNG 4
Noise Source Classification: Physical
Reuse Status: Open for Reuse
FIPS Support
If you have questions on Intel FIPS certification or support, please email your request to our FIPS Office.
Intel Product Security Center
View Security Advisories and get disclosure guidance on issues affecting Intel products.
Learn more