What is a critical security parameter?
A critical security parameter (CSP) is data that a cryptography module uses to process encryption functions. The data includes passwords, security codes, cryptographic keys, personal identification numbers (PIN) and other unprotected security information.
Established information security rules protect CSPs that can only be accessed by authorized computer systems. CSPs obtained by unauthorized users pose security threats.
The Federal Information Processing Standards (FIPS) 140 series are computer security specifications and requirements for cryptography modules. In May 2001 the latest version was published as FIPS 140-2.
FIPS 140-2 consists of four levels of security:
Level 1: Has limited security requirements for the cryptographic module, but no physical security
Level 2: dictates physical security, e.g. B. Tamper-proof measures and plain text evidence for cryptographic keys and CSPs
Level 3: Adds physical security to prevent CSP access within the cryptographic module as well as CSP zeroing after opening the module
Level 4: Offers the most robust security for cryptographic modules