Thales announced that keyAuthority, a high-assurance enterprise key management solution, has passed the FIPS 140-2 Level 3 security test programs. Validation to FIPS 140-2 is mandated in many industry and government sectors and is a frequently stated best practice for any organization seeking to protect sensitive data.
Thales keyAuthority is a standards-based key management solution with a tamper resistant and tamper evident chassis that provides protection and policy based automation for the key management lifecycle ranging from generation, distribution, archival and ultimately key destruction. Key Authority can support up to 25 million keys used by thousands of cryptographic devices.
NIST and the Canadian Communications Security Establishment administer FIPS 140-2 validation scheme for cryptographic modules. Certified independent test laboratories perform testing with validation ultimately being approved by NIST.
The FIPS 140-2 scheme applies to a range of cryptographic devices including key managers and hardware security modules and supports multiple levels of validation that range from purely software based systems (Level 1) to hardened tamper resistant and tamper responsive systems that deliver significantly higher levels of assurance.