Skip to content
Home / Function (NIST CSF 2.0) / PR - Protect / DS - Data Security

Cryptography

In cryptography, normative documents are fundamental to ensuring that algorithms, protocols, and key management practices are secure, interoperable, and legally compliant. Standards such as ISO/IEC 19790 (security requirements for cryptographic modules), ISO/IEC 18033 (encryption algorithms), and NIST FIPS 140-3 define validated cryptographic methods and implementation requirements. Regulatory bodies like NIST in the U.S., ENISA in the EU, and national data protection authorities provide guidance on approved cryptographic techniques for protecting sensitive data. Adhering to these standards and regulations ensures that cryptographic measures are robust against attacks, support compliance with laws such as GDPR or HIPAA, and provide trust in digital communications and transactions.

NIST Federal Information Processing Standard (FIPS) Publication 140-3: Security Requirements for Cryptographic Modules

FIPS 140-3 is a mandatory standard for federal agencies and a benchmark for the private sector that defines the security requirements for hardware and software cryptographic modules. It superseded FIPS… Read More »NIST Federal Information Processing Standard (FIPS) Publication 140-3: Security Requirements for Cryptographic Modules