top | item 31236672

(no title)

fl0wenol | 3 years ago

NSA is the entity in the DOD which sets certain minimum requirements and validates their cryptographic implementations. NIST owns the overarching standards for the whole government and sets requirements and performs validations through NVLAP that NSA doesn't, usually with their input.

When you see "FIPS", that means NIST approved/validated.

NSA approval/validation is relevant when the system has to handle classified information and often (but not necessarily) you start with components that have FIPS certification.

discuss

No comments yet.