When it comes to data protection and encryption, the de facto global standard is set by the National Institute of Standards and Measures (NIST). NIST is the U.S. body that defined the Advanced Encryption Standard (AES), and AES 256-bit in XTS mode is the best commercial encryption available for data protection. NIST publishes standards for the U.S. government and military, called Federal Information Processing Standards (FIPS), to define and approve cryptographic standards; the FIPS 140 series is used to define the security of hardware and software encryption.
Why choose FIPS-validated solutions? As NIST explains , “Unvalidated cryptography is considered by NIST to provide no protection of information or data; in fact, the data would be considered unprotected plaintext.”
FIPS 140-2 was approved in May 2001. It has been in effect for over 20 years, as computing power has increased exponentially during that time. While FIPS 140-2 is still considered strong military-grade security, NIST published FIPS 140-3 and approved it in September 2019. To ensure compliance, NIST has established certified labs that conduct rigorous reviews and testing of software and physical devices for industry. The results are reviewed by NIST scientists before a FIPS 140-series certificate is officially awarded.
FIPS 140-3 compliant storage devices were launched in 2023, so governments and enterprises are expected to start adopting them. These devices come with enhanced levels of protection, with Level 3 being the gold standard with tamper resistance to detect physical intrusion attempts using a special epoxy resin on the physical circuitry.
FIPS 140-3 Improvements over FIPS 140-2
Since FIPS 140-2 was defined in the 20th century and approved in 2001, it was necessary to define an update for the 21st century. FIPS 140-3 is the update for the remainder of the 2020s. The update for the following decade will include enhanced protections for quantum computing.
The 256-bit XTS-AES encryption used in encrypted storage devices works as follows: A user creates a password for a new or newly formatted device. The device’s secure microprocessor generates a hardware AES encryption key using its random number generator, in accordance with NIST standards and approved algorithms. If the random number generator is not truly random in the mathematical sense, it can create a vulnerability that can be exploited by supercomputers to attempt to recreate this unique encryption key.
The FIPS 140-3 standard required manufacturers of secure microprocessors to improve their internal random number generator to increase entropy (or randomness). This cryptographic improvement alone has major mathematical implications because it ensures that XTS-AES encryption will remain hack-resistant for years or even decades, and will provide sufficient protection against quantum computers in the near future.
The following changes have also been added:
- Minimum PIN or password length: Passwords have been increased from 7 to 8 characters to better protect against automated password attacks. Note that brute force protection must also be present to perform an encrypted wipe of the device to stop these attacks immediately.
- No factory preset PIN or password: All users must set a PIN or password when using the device for the first time.
- Periodic self-test: Each device must perform a self-test to ensure that its safety is fully functional. If a problem is detected, the device must shut down. This protection helps detect malfunctions and potential attacks on the circuits, which can manifest themselves as malfunctions.
- Automatic shutdown for excessive thermal and voltage conditions: If a device exceeds predefined levels, it should shut down. Attackers sometimes use side-channel attacks that cause extreme thermal and voltage conditions; this response can block specific attacks.
This is an extremely simplified summary of what FIPS 140-3 Level 3 is, as it also includes many other protections and safeguards that have complex cryptographic purposes. Typically, a new FIPS 140 standard requires up to two years of effort from manufacturers. They must redesign their secure microprocessors, improve their devices’ firmware and how they handle critical security parameters (CSPs), go through NIST-certified lab testing (which includes source code reviews in addition to extensive testing), and finally launch their devices into the market.
Note that devices may be designated as FIPS 140-3 Level 3 (Pending) because once lab testing is complete, NIST can take up to 18 months to issue the final certificate due to the many pending software and hardware certifications. Kingston does not release its devices until lab testing is complete. You can view current certifications on the NIST website .
Synthesis
Military-grade data protection is based on FIPS 140 Level 3 as defined by NIST.
For the past two decades, FIPS 140-2 Level 3 has been the best commercial standard for portable storage USB flash drives and SSDs. For the next decade, FIPS 140-3 Level 3 will be the best practice for providing the most effective mobile data protection.
Kingston has spent hundreds of thousands of dollars and years of research and development to bring IronKey FIPS 140-3 Level 3 hardware-encrypted USB flash drives to market. These storage devices are designed from the ground up with data protection as their primary goal.
Kingston offers the flagship IronKey D500S USB flash drive, as well as the Keypad 200 Series in USB-A or USB-C options, which have passed FIPS 140-3 Level 3 compliance testing and are awaiting final NIST approval.