FIPS 140-2 and Wi-Fi Client Devices White Paper

November 20, 2015, 5:15 pm

AES-CCMP is an approved cryptographic method for FIPS 140-2, which defines the standard for cryptographic modules that protect sensitive but unclassified information. Since 2006, support for AES-CCMP has been a requirement for Wi-Fi® certification, so nearly every Wi-Fi chip supports AES-CCMP in hardware, i.e. on the chip. Very few Wi-Fi products, however, are validated for FIPS 140-2, primarily because Wi-Fi chips lack support for loopback, which is required for some FIPS 140-2 validation tests. Alternatives to chip-based AES-CCMP for FIPS 140-2 involve software cryptography, which is ill-suited to devices that have relatively modest CPU and memory resources or require long battery life. Organizations considering FIPS 140-2 for Wi-Fi client devices should consider whether or not WPA2™-Enterprise with chip-based AES-CCMP provides sufficient security. Read more in Laird's FIPS 140-2 and Wi-Fi Client Devices white paper. The technical article explains FIPS 140-2 and touches on the following topics and more:

  • Self-tests
  • AES-CCMP
  • WPA2
  • Supplicant: authentication and key derivation
  • AES-CCMP in hardware and software

Download the white paper, here.