Digi Introduces First Embedded Module to Enable FIPS 140-2 Security for Wireless Devices

The XPress Crypto Module is validated by the National Institute of Standards and Technology (NIST) to Level 2 of the Federal Information Processing Standard (FIPS) 140-2 (certificate #1452). Digi has designed the cryptographic module into its XPress Ethernet Bridge, a 900 MHz wireless Ethernet bridge, in order to market the product as “FIPS 140-2 Inside.” OEM customers can follow this same design process to achieve rapid time to market for products bearing the official NIST FIPS 140-2 logo.

“Most federal agencies can only purchase wireless security products that include validated FIPS 140-2 software and hardware,” said Steve Mazur, director of government sales, Digi International. “The FIPS 140-2 validation process is time consuming and complex. Digi now offers a way to bring NIST FIPS 140-2 labeled products to market without spending months in certification testing.”

The XPress Crypto Module is FIPS 140-2 Level 2 certified and provides data encryption in a secure hardware platform. The cryptographic boundary is limited to the module so product features can be added without requiring recertification. The module supports a Serial Peripheral Interface (SPI) and can be readily embedded in a host microcontroller circuit. A USB control interface allows passwords and encryption keys to be set from a PC, ensuring physical control over access to the configuration. The circuit board is treated with a government approved, tamper-evident coating to protect encryption keys from being compromised.

The module features an industrial temperature range (-40°C to +85°C) and small form factor (30 mm x 50 mm x 15 mm), allowing it to be used in a wide variety of applications. Digi also offers other FIPS certified products including the Digi Passport® FIPS console server and XPress 900 MHz Ethernet Bridge.