Abstract

ISO/IEC 19790:2006 specifies the security requirements for a cryptographic module utilized within a security system protecting sensitive information in computer and telecommunication systems.

ISO/IEC 19790:2006 specifies the following.

  • Four levels of increasing security for cryptographic modules. Each level offers an increase in security over the preceding level.
  • The following functional security objectives:
    • module specification;
    • ports and interfaces;
    • roles, services and authentication;
    • finite state model;
    • physical security;
    • operational environment;
    • cryptographic key management;
    • self-tests;
    • design assurance;
    • mitigation of other attacks.

ISO/IEC 19790:2006 will be complemented by a future International Standard defining the associated evaluation and test methods.

ISO/IEC 19790:2006 is derived from NIST Federal Information Processing Standard PUB 140-2 May 25, 2001.


General information 

  • Status
     :  Withdrawn
    Publication date
     : 2006-03
  • Edition
     : 1
    Number of pages
     : 51
  • Technical Committee
     : ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
  • ICS
     :
    35.030 IT Security

Life cycle


Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information.

  2. Store
  3. Standards catalogue
  4. ICS
  5. 35
  6. 35.030
  7. ISO/IEC 19790:2006