Negli Stati Uniti, la convalida (certificazione) che cerchi nel governo e in alcune aree regolamentate è elencata nel NIST Validated FIPS 140-1 e FIPS 140-2 Moduli di crittografia elenco.
In base al standard FIPS 140-2 i requisiti basati sulla manomissione iniziano al livello 2.
Sicurezza FIPS 140-2 Livello 2:
Security Level 2 enhances the physical security mechanisms of a Security Level 1 cryptographic module by adding the requirement for tamper-evidence, which includes the use of tamper-evident coatings or seals or for pick-resistant locks on removable covers or doors of the module. Tamper-evident coatings or seals are
placed on a cryptographic module so that the coating or seal must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters (CSPs) within the module. Tamper-evident seals or pick-resistant locks are placed on covers or doors to protect against unauthorized physical access.
e poi FIPS 140-2 Security Level 3:
In addition to the tamper-evident physical security mechanisms required at Security Level 2, Security Level 3 attempts to prevent the intruder from gaining access to CSPs held within the cryptographic module. Physical security mechanisms required at Security Level 3 are intended to have a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module. The physical security mechanisms may include the use of strong enclosures and tamper detection/response circuitry that zeroizes all plaintext CSPs when the removable covers/doors of the cryptographic module are
opened.
e il Livello 4, il più alto:
Security Level 4 provides the highest level of security defined in this standard. At this security level, the physical security mechanisms provide a complete envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access. Penetration of the cryptographic module enclosure from any direction has a very high probability of being detected, resulting in the immediate zeroization of all plaintext CSPs. Security Level 4 cryptographic modules are useful for operation in physically unprotected environments.
Ci sono alcune chiavette USB convalidate a FIPS 140-2 Overall Level 3; dovrai controllare le unità reali, ma è lì che devi cercare gli Stati Uniti.