Skip To Main Content
Intel logo - Return to the home page
My Tools

Select Your Language

  • Bahasa Indonesia
  • Deutsch
  • English
  • Español
  • Français
  • Português
  • Tiếng Việt
  • ไทย
  • 한국어
  • 日本語
  • 简体中文
  • 繁體中文
Sign In to access restricted content

Using Intel.com Search

You can easily search the entire Intel.com site in several ways.

  • Brand Name: Core i9
  • Document Number: 123456
  • Code Name: Emerald Rapids
  • Special Operators: “Ice Lake”, Ice AND Lake, Ice OR Lake, Ice*

Quick Links

You can also try the quick links below to see results for most popular searches.

  • Product Information
  • Support
  • Drivers & Software

Recent Searches

Sign In to access restricted content

Advanced Search

Only search in

Sign in to access restricted content.
  1. Product Security Certification: FIPS 140-3

The browser version you are using is not recommended for this site.
Please consider upgrading to the latest version of your browser by clicking one of the following links.

  • Safari
  • Chrome
  • Edge
  • Firefox

Product Security Certification: FIPS 140-3

Intel is committed to product security certification, designing solutions to comply with government regulatory requirements such as Federal Information Processing Standard (FIPS) 140-3.

What is FIPS-140-3?

Federal Information Processing Standards (FIPS) 140 are specifications developed by the U.S. National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS) covering security requirements for cryptographic modules. FIPS 140-3 refers specifically to version 3, the current version of the standard.

Validation is issued by the NIST Cryptography Module Validation Program following testing by an accredited independent lab. Security levels range from level 1 (simple protections) to level 4 (hardened against many forms of attack); the number of applicable requirements and their stringency increases with each level. 

“When our products meet leading standards for security, Intel is not only better situated to be a leader in the public sector market, but we also help enable our customers in other sectors to meet emerging security requirements.”

- Anand Pashupathy, Vice President, General Manager, Intel Product Assurance and Security

FIPS Commitment

Intel is committed that all defined products with cryptography implementation or modification that reach production must be FIPS certifiable. This means products with defined cryptographic modules meet the following criteria:

 

  • Designed and implemented to meet applicable FIPS 140-3 requirements
  • Include one or more FIPS-approved algorithms and entropy source validation
  • Capable of performing required self-tests and other operations
  • Enable acquisition of FIPS 140-3 validation by Intel or customers (including OEMs)
  • Documentation is provided

To ensure products can be FIPS 140-3 validated, all Intel designs that contain cryptography implementation or modification (hardware, firmware, and software) must complete assigned tasks in our Security Development Lifecycle process. This mandate establishes that all products must design and implement to meet FIPS140-3 specification requirements to achieve future FIPS 140-3 validation.

FIPS Approach

Intel’s commitment to product security includes focus on compliance with government regulatory requirements and industry best practices.

Increase trustworthiness of our products through reduced risk and enhanced efficiency.

Help enable customers to meet regulatory and compliance needs, speeding time to market.

Role model best practices for secure development across hardware and software.

Show more Show less

Validated FIPS Cryptographic Modules

Certification: 4648

Cryptographic Module for Intel Platforms' Security Engine Chipset

Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2026-09-21

Certification: 4599

Cryptographic Module for Intel Platforms' Security Engine Chipset

Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2026-03-03

Cert #: 4355

Cryptographic Module for Intel Platforms' Security Engine Chipset

Standard: FIPS140-2
Security Level 1
Status: Historical
Module Type: Hybrid
Sunset Date: 2026-09-21

Certification: 4158

Cryptographic Module for Intel Converged Security and Manageability Engine (CSME)

Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2026-09-21

Certification: 4150

Intel Converged Security and Manageability Engine (CSME) Crypto Module for Tiger Point, Mule Creek Canyon and Rocket Lake PCH

Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2026-09-21

Certification: 4025

Intel Offload and Crypto Subsystem (OCS)

Standard: FIPS140-2
Security Level 2
Status: Active
Module Type: Hardware
Sunset Date: 2026-09-08

Certification: 3838

Cryptographic Module for Intel Platforms' Security Engine Chipset

Standard: FIPS140-2
Security Level 1
Status: Historical
Module Type: Hybrid
Sunset Date: 2026-03-03

Certification: 3511

Optane SSD DC D4800X

Standard: FIPS140-2
Security Level 2
Status: Active
Module Type: Hardware
Sunset Date: 2024-08-11

Certification: 2720

Cryptographic Module for Intel vPro Platforms' Security Engine Chipset

Standard: FIPS140-2
Security Level 1
Status: Historical
Module Type: Hybrid
Sunset Date: 1901-01-01

Certification: 2631

Intel OpenSSL FIPS Object Module

Standard: FIPS140-2
Security Level 1
Status: Historical
Module Type: Software
Sunset Date: 1901-01-01

Certification: 3838

Cryptographic Module for Intel Platforms' Security Engine Chipset

Standard: FIPS140-2
Security Level 1
Status: Active
Module Type: Hybrid
Sunset Date: 2024-03-03

Certification: 5032

Intel® QuickAssist Technology (QAT) Provider

Standard: FIPS140-3
Security Level 1
Status: Active
Module Type: Software Hybrid
Sunset Date: 2026-06-25

Show more Show less

Solution Briefs

Intel® Digital Random Number Generator Software Implementation Guide

Intel® Secure Key includes instructions RDRAND and RDSEED and the underlying the hardware implementation used to generate high-quality keys for cryptographic protocols. This guide provides technical information on usage, including code examples

FIPS 140-3: Intel’s Approach to Cryptographic Module Validation

FIPS 140 security requirements cover areas related to the secure design, implementation and operation of a cryptographic module. This technical overview covers Intel’s commitment to product security compliance with this key standard.

ESV Validation

Entropy Certificate #E57

Implementation Name: Intel® DRNG Entropy Source

Description: Intel® DRNG Entropy Source
Version: DRNG MSL v1
Noise Source Classification: Physical
Reuse Status: Open for Reuse

Entropy Certificate #E136

Implementation Name: NIST SP800-90B TRNG Entropy Source

Description: NIST SP800-90B TRNG Entropy Source
Version: 1.0
Noise Source Classification: Physical
Reuse Status: Open for Reuse

Entropy Certificate #E164

Implementation Name: Intel® Digital Random Number Generator SP800-90B

Description: metastable latch
Version: 1.0
Noise Source Classification: Physical
Reuse Status: Open for Reuse

Entropy Certificate #E179

Implementation Name: Intel® DRNG 4 Entropy Source

Description: Intel® DRNG 4 Entropy Source
Version: IP-DRNG 4
Noise Source Classification: Physical
Reuse Status:  Open for Reuse

Show more Show less

Unlock Compliance with Confidence: Intel® Secure Key Validation Service

Customers developing products with cryptography for certain government or regulated sectors (federal, financial, healthcare, or cloud services) must undergo validation to comply with standards including FIPS 140-3 or Common Criteria.

One of the prerequisites for cryptographic module validation is NIST Entropy Source Validation (ESV), demonstrating the statistical soundness and security properties of your random number generator’s entropy source.

Intel has introduced a comprehensive service to assist customers in obtaining this validation for Intel® Secure Key, our Digital Random Number Generator (DRNG) that is included with all Intel products. 

What is Intel® Secure Key?

Our proprietary DRNG, included with all Intel processors, is a hardware-based and highly performant solution that offers customers strong advantages:

 

  • Easily accessible: Via RDRAND and RDSEED processor instructions, bypassing the operating system and hypervisor ​​

  • Proven design: Entirely hardware attack-resistant design following NIST recommendations for full entropy, isolated ​from OS and software, eliminating related attacks

  • High throughput: Built to support heavy server application workloads
     

The Intel® Secure Key Validation Service leverages Intel and third-party NIST Cryptographic and Security Testing (CST) labs to streamline ESV for Intel® Secure Key in your operating environment(s).

Customers benefit from comprehensive guidance and management of the entire ESV process, helps ensure a smooth, efficient experience. Leveraging Intel’s established relationships and proven methodologies, you can achieve ESV in your name and restricted for reuse, gaining a competitive advantage and increasing brand equity.

CST labs benefit from Intel bringing all required data and documentation on the customer’s behalf, speeding the validation process.

To learn more about the Intel® Secure Key Validation Service, email: FIPSoffice@intel.com.

FIPS Support

If you have questions on Intel FIPS certification or support, please email your request to our FIPS Office.

Intel Product Security Center

View Security Advisories and get disclosure guidance on issues affecting Intel products.

Learn more

  • Overview
  • FIPS Validated Modules
  • Solution Briefs
  • ESV Validation
  • Intel® Secure Key
  • Support
  • Company Overview
  • Contact Intel
  • Newsroom
  • Investors
  • Careers
  • Corporate Responsibility
  • Inclusion
  • Public Policy
  • © Intel Corporation
  • Terms of Use
  • *Trademarks
  • Cookies
  • Privacy
  • Supply Chain Transparency
  • Site Map
  • Recycling
  • Your Privacy Choices California Consumer Privacy Act (CCPA) Opt-Out Icon
  • Notice at Collection

Intel technologies may require enabled hardware, software or service activation. // No product or component can be absolutely secure. // Your costs and results may vary. // Performance varies by use, configuration, and other factors. Learn more at intel.com/performanceindex. // See our complete legal Notices and Disclaimers. // Intel is committed to respecting human rights and avoiding causing or contributing to adverse impacts on human rights. See Intel’s Global Human Rights Principles. Intel’s products and software are intended only to be used in applications that do not cause or contribute to adverse impacts on human rights.

Intel Footer Logo