Let's Talk Strategy!


The Best FIPS 140-2 Acronym, Abbreviation, and Terminology Glossary on the Internet

May 13, 2020 Walt Paley

The Best FIPS 140-2 Acronym, Abbreviation, and Terminology Glossary on the Internet

It's a bit grandiose for a blog post title, but this is long overdue and it feels good to move it from my "To Do" List to my "Revisit and Update in the Future" List. With that in mind, please enjoy this authoritative reference list of every acronym, abbreviation, and terminology found in FIPS 140, federal government and Public Sector procurement, and regulated industry compliance and certification. I plan to expand and improve this repository in the near future, so please contact us if you have suggestions.

Without further ado, here is The Best FIPS 140-2 Acronym, Abbreviation, and Terminology Glossary on the Internet, presented by SafeLogic!

Term Definition
3PAO Third Party Assessment Organization
ACVT Automated Cryptographic Validation Testing
ACVTS Automated Cryptographic Validation Testing System
ADI Alliance for Digital Innovation
AES Advanced Encryption Standard
AFCEA Armed Forces Communications and Electronics Association
ANSI X9.31 X9.31-1998, Digital Signatures using Reversible Public Key Cryptography for the Financial Services Industry (rDSA), September 9, 1998
API Application Programming Interface
APL Approved Products List
ATO Authority to Operate
C3PAO CMMC Third Party Assessment Organization
CAVP Cryptographic Algorithm Validation Program
CBC Cipher-Block Chaining
CC Common Criteria
CCCS Canadian Centre for Cyber Security
CCM Counter with CBC-MAC
CDH Computational Diffie-Hellman
CFB Cipher Feedback Mode
CMAC Cipher-based Message Authentication Code
CMMC Cybersecurity Maturity Model Certification
CMMC-AB CMMC Accreditation Body
CMVP Cryptographic Module Validation Program
CNSS Committee on National Security Systems
CO Crypto Officer
CPU Central Processing Unit
CS Ciphertext Stealing
CSD Computer Security Division
CSfC Commercial Solutions for Classified
CSO Cloud Service Offering
CSP Cloud Services Provider
CSP Critical Security Parameter
CST Cryptographic and Security Testing
CTR Counter-mode
CVL Component Validation List
DES Data Encryption Standard
DH Diffie-Hellman
DIB Defense Industrial Base
DISA Defense Information Systems Agency
DoD Department of Defense
DoDIN APL Department of Defense Information Network Approved Products List
DRAM Dynamic Random Access Memory
DRBG Deterministic Random Bit Generator
DSA Digital Signature Algorithm
DSTU4145 Ukrainian DSTU-4145-2002 Elliptic Curve Scheme
EC Elliptic Curve
ECB Electronic Code Book
ECC Elliptic Curve Cryptography
ECDSA Elliptic Curve Digital Signature Algorithm
EMC Electromagnetic Compatibility
EMI Electromagnetic Interference
FCC Federal Communications Commission
FedRAMP Federal Risk and Authorization Management Program
FFRDC Federally Funded Research and Development Centers
FIPS Federal Information Processing Standard
FIPS 140-2 Security Requirements for Cryptographic modules, May 25, 2001
FIPS 140-3 Security Requirements for Cryptographic modules, March 22, 2019
FIPS 180-4 Secure Hash Standard (SHS)
FIPS 186-2 Digital Signature Standard (DSS)
FIPS 186-3 Digital Signature Standard (DSS)
FIPS 186-4 Digital Signature Standard (DSS)
FIPS 197 Advanced Encryption Standard
FIPS 198-1 The Keyed-Hash Message Authentication Code (HMAC)
FIPS 202 SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions
FISMA Federal Information Security Management/Modernization Act
GCM Galois/Counter Mode
GMAC Galois Message Authentication Code
GOST Gosudarstvennyi Standard Soyuza SSR/Government Standard of the Union of Soviet Socialist Republics
GPC General Purpose Computer
HIPAA Health Insurance Portability and Accountability Act
HIPPA a common misspelling of HIPAA
HITRUST Health Information Trust Alliance
HMAC (Keyed-) Hash Message Authentication Code
IEC International Electrotechnical Commission
IG Implementation Guidance [in this case, within the context of FIPS 140 and the Cryptographic Module Validation Program]
IG Implementation Guidance
ILAC International Laboratory Accreditation Cooperation
ISO International Organization for Standardization
IV Initialization Vector
JAB Joint Authorization Board
JAR Java ARchive
JCA Java Cryptography Architecture
JCE Java Cryptography Extension
JDK Java Development Kit
JRE Java Runtime Environment
JVM Java Virtual Machine
KAS Key Agreement Scheme
KAT Known Answer Test
KDF Key Derivation Function
KW Key Wrap
KWP Key Wrap with Padding
MAC Message Authentication Code
MD5 Message Digest algorithm MD5
MOA Memorandum of Agreement
N/A Non Applicable
NDRNG Non Deterministic Random Number Generator
NIAP National Information Assurance Partnership
NIST National Institute of Standards and Technology
NSS National Security Systems
NSS Network Security Services
NVLAP National Voluntary Laboratory Accreditation Program
OCB Offset Codebook Mode
OFB Output Feedback
OMB Office of Management and Budget
OS Operating System
OUSD(A&S) Office of the Under Secretary of Defense for Acquisition and Sustainment
P-ATO Provisional Authority to Operate
PBKDF Password-Based Key Derivation Function
PKCS Public-Key Cryptography Standards
PKCS#1 v2.2 RSA Cryptography Standard
PKCS#12 v1.1 Personal Information Exchange Syntax Standard
PKCS#5 v2.0 Password-Based Cryptography Standard
PMO Program Management Office
PQG Diffie-Hellman Parameters P, Q and G
RC Rivest Cipher, Ron’s Code
PRNG Pseudo-Random Number Generator
RIPEMD RACE Integrity Primitives Evaluation Message Digest
RSA Rivest, Shamir, and Adleman
SHA Secure Hash Algorithm
SP 800-108 Recommendation for Key Derivation Using Pseudorandom Functions
SP 800-132 Recommendation for Password-Based Key Derivation
SP 800-135 Recommendation for Existing Application–Specific Key Derivation Functions
SP 800-20 Modes of Operation Validation System for Triple Data Encryption Algorithm (TMOVS)
SP 800-38A Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode
SP 800-38B Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication
SP 800-38C Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality
SP 800-38D Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC
SP 800-38F Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping
SP 800-56A Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
SP 800-56B Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography
SP 800-56C Recommendation for Key Derivation Methods in Key-Establishment Schemes
SP 800-67 Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
SP 800-89 Recommendation for Obtaining Assurances for Digital Signature Applications
SP 800-90A Recommendation for Random Number Generation Using Deterministic Random Bit Generators
SP 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
STIG Security Technical Implementation Guide
STVMG Security Testing, Validation and Measurement
TCBC TDEA Cipher-Block Chaining
TCFB TDEA Cipher Feedback Mode
TDEA Triple Data Encryption Algorithm
TDES Triple Data Encryption Standard
TECB TDEA Electronic Codebook
TLS Transport Layer Security
TOFB TDEA Output Feedback
UARC University Affiliated Research Centers
UC Unified Communications
UC APL Unified Communications Approved Products List (now the DoDIN APL)
USB Universal Serial Bus
XOF Extendable-Output Function


Walt Paley

Walt Paley

Walter Paley is the VP of Communications for SafeLogic. He is responsible for strategy, content, marketing, and outreach. Walt has worked with a series of start-ups and companies in growth stages, including Nukona (acquired by Symantec), Qubole, Bitzer Mobile (acquired by Oracle), and TigerText, among others. An Alumnus of the psychology program at UC San Diego, Walt lives in Southern California with his wife, kids, and their black lab, Echo.

Share This:

Back to posts

Popular Posts

Search for posts


See all