FIPS 140-3 Compliance¶
CIQ provides FIPS 140-3 validated cryptographic modules for Rocky Linux from CIQ (RLC) LTS releases. This page documents current certification status, explains FIPS terminology, and answers common compliance questions.
Certification Status¶
Last Updated: February 2026
Official NIST Resources
- CMVP Validated Modules Search - Search for validated certificates
- Modules In Process List - View modules currently under review
Rocky Linux from CIQ 9.6 LTS¶
| Module | Version | Status | Certificate | Sunset | Package |
|---|---|---|---|---|---|
| Kernel Crypto API | 5.14.0-570 | Module in Process | — | — | kernel-5.14.0-570.52.1.el9_6_ciqfips.2.1 |
| OpenSSL FIPS Provider | 3.0.7-27 | Active | #5116 | 1/5/2031 | openssl-fips-provider-3.0.7-27.el9_6ciqfips.0.2.7 |
| libgcrypt | 1.10.0-11 | Active | #5117 | 1/5/2031 | libgcrypt-1.10.0-11.el9_6ciqfips.1.1 |
| GnuTLS | 3.8.3-6 | Module in Process | — | — | gnutls-3.8.3-6.el9_6ciqfips.1.3 |
| NSS | 3.112.0-4 | Module in Process | — | — | nss-3.112.0-4.el9_6ciqfips.2.1 |
Rocky Linux from CIQ 9.2 LTS¶
| Module | Version | Status | Certificate | Sunset | Package |
|---|---|---|---|---|---|
| Kernel Crypto API | 5.14.0-284 | Active | #5113 | 12/17/2030 | kernel-5.14.0-284.30.1.el9_2.ciqfips.0.8.1 |
| OpenSSL FIPS Provider | 3.0.7-27 | Active | #5116 | 1/5/2031 | openssl-fips-provider-3.0.7-27.el9_2.ciqfips.0.2.7 |
| libgcrypt | 1.10.0-10 | Active | #5117 | 1/5/2031 | libgcrypt-1.10.0-10.el9_2.ciqfips.0.4 |
| GnuTLS | 3.7.6-23 | Module in Process | — | — | gnutls-3.7.6-23.el9_2.ciqfips.3.4 |
| NSS | 3.90.0-7 | Module in Process | — | — | nss-3.90.0-7.el9_2.ciqfips.0.2 |
Rocky Linux from CIQ 8.10 LTS¶
| Module | Version | Status | Certificate | Sunset | Package |
|---|---|---|---|---|---|
| Kernel Crypto API | 4.18.0-553 | Active | #5095 | 11/23/2030 | kernel-4.18.0-553.16.1.el8_10.ciqfips.0.5 |
| OpenSSL | 1.1.1k-12 | Module in Process | — | — | openssl-1.1.1k-12.el8_10.ciqfips.0.9 |
| libgcrypt | 1.10.0-10 | Active | #5117 | 1/5/2031 | libgcrypt-1.10.0-10.el8_10.ciqfips.0.4 |
| GnuTLS | 3.6.16-6 | Module in Process | — | — | gnutls-3.6.16-6.el8_10.ciqfips.0.11 |
| NSS | 3.90.0-7 | Module in Process | — | — | nss-3.90.0-7.el8_10.ciqfips.0.3 |
Rocky Linux from CIQ 8.6 LTS¶
| Module | Version | Status | Certificate | Sunset | Package |
|---|---|---|---|---|---|
| Kernel Crypto API | 4.18.0-553 | Active | #5095 | 11/23/2030 | kernel-4.18.0-553.16.1.el8_6.ciqfips.0.5 |
| OpenSSL | 1.1.1k-12 | Module in Process | — | — | openssl-1.1.1k-12.el8_6.ciqfips.0.9 |
| libgcrypt | 1.10.0-10 | Active | #5117 | 1/5/2031 | libgcrypt-1.10.0-10.el8_6.ciqfips.0.4 |
| GnuTLS | 3.6.16-6 | Module in Process | — | — | gnutls-3.6.16-6.el8_6.ciqfips.0.11 |
| NSS | 3.90.0-7 | Module in Process | — | — | nss-3.90.0-7.el8_6.ciqfips.0.3 |
What is FIPS 140?¶
FIPS 140 (currently FIPS 140-3, succeeding FIPS 140-2) is a standard published by the National Institute of Standards and Technology (NIST) that specifies requirements for cryptographic modules. It focuses on:
- Correct implementation of approved cryptographic algorithms
- Proper key management and module boundaries
- Self-testing capabilities
- Physical and operational security requirements
Important
FIPS certification validates cryptographic implementation correctness, not overall system security. A FIPS-certified system still requires proper security hardening, access controls, and vulnerability management.
FIPS 140-2 to 140-3 Transition¶
FIPS 140-2 validations will expire in Q3 2026, and NIST no longer accepts new FIPS 140-2 submissions. Organizations relying on FIPS 140-2 certified modules should plan their migration to FIPS 140-3 validated solutions.
FIPS 140-3 introduces several technical improvements over its predecessor:
| Area | FIPS 140-3 Requirement | Reference |
|---|---|---|
| Self-Testing | Stricter pre-operational and conditional self-test requirements | SP 800-140F, SP 800-140C |
| Approved/Non-Approved Modes | Clearer guidance on separating approved services from non-approved services | SP 800-140E |
| Entropy Source Validation | Entropy Source Validation (ESV) requirements for random number generation | SP 800-90C |
| Error Handling | More robust error state handling and failure mode requirements | FIPS 140-3 Section 9 |
All CIQ FIPS modules for Rocky Linux 8 and Rocky Linux 9 are validated against FIPS 140-3.
CIQ's FIPS Modules¶
CIQ's FIPS modules are engineered to meet the stricter requirements of FIPS 140-3 while providing capabilities beyond what is available in upstream distributions.
Module Enhancements¶
CIQ's cryptographic modules include several enhancements while maintaining full API/ABI compatibility:
| Module | Enhancement | Availability |
|---|---|---|
| OpenSSL | ED25519 and ED448 elliptic curve signing support in FIPS mode | Rocky 8 & 9 |
| OpenSSL | Full TLS 1.3 validation in FIPS mode | Rocky 8 |
| libgcrypt | Enhanced implementation for stricter FIPS 140-3 requirements | Rocky 8 & 9 |
| Kernel | Validated entropy sources (SP 800-90B)—full strength without caveats | Rocky 8 & 9 |
ED25519/ED448 Support
CIQ's OpenSSL modules include FIPS-validated ED25519 and ED448 elliptic curve algorithms, providing modern signature capabilities while maintaining FIPS compliance. This enhancement is unique to CIQ's implementation.
Open Source Availability¶
CIQ's FIPS module source code is publicly available for review and debugging:
- Repository: github.com/ciq-rocky-fips
This transparency enables engineering and SRE teams to inspect the cryptographic implementation, debug issues, and verify the code matches certified versions.
Entropy Source Validation¶
FIPS 140-3 requires validated entropy sources for random number generation (SP 800-90B). CIQ's entropy sources have been independently validated by NIST:
| Certificate | Entropy Source | Availability | Validation Date |
|---|---|---|---|
| #E205 | Kernel CPU Time Jitter RNG | Rocky 8 & 9 | November 4, 2024 |
| #E208 | OpenSSL 3 CPU Time Jitter RNG | Rocky 9 | November 15, 2024 |
| #E210 | Userspace CPU Time Jitter RNG | Rocky 8 & 9 | November 18, 2024 |
| #E219 | OpenSSL 1 CPU Time Jitter RNG | Rocky 8 | December 13, 2024 |
All entropy sources are validated to SP 800-90B, provide 256-bit full entropy output, and are classified as non-physical noise sources using CPU timing jitter.
Certification Partner¶
CIQ partners with atsec information security, an accredited NIST Cryptographic Module Testing Laboratory, for FIPS validation. atsec develops custom security policies for CIQ's modules and provides technical expertise throughout the certification process.
ATO Support¶
For organizations preparing Authority to Operate (ATO) packages, CIQ provides:
- Security Policies: Official FIPS 140-3 security policy documents for each certified module
- Configuration Guidance: Documentation for properly enabling and operating FIPS mode
- Technical Expertise: Access to engineers with deep knowledge of FIPS 140-3 module requirements
Contact info@ciq.com for ATO support inquiries.
Terminology¶
Industry Standard Terms¶
| Term | Definition |
|---|---|
| FIPS | Federal Information Processing Standards - U.S. government computer security standards |
| CMVP | Cryptographic Module Validation Program - Joint program between NIST and the Canadian Centre for Cyber Security that validates cryptographic modules |
| FIPS 140-3 | Current FIPS standard for cryptographic modules, effective September 22, 2019. All CIQ certifications for Rocky Linux 8 and Rocky Linux 9 are validated against FIPS 140-3. |
| IUT | Implementation Under Test - The certification laboratory is actively testing the cryptographic module. This is the earliest stage of the validation process. |
| MIP | Modules In Process - The certification laboratory has approved the module and submitted it to NIST for final registration. This stage typically takes 12 or more months. |
| CMVP Validated | The module has completed validation and received an official NIST certificate number. This is the only status that constitutes full FIPS certification. |
CIQ-Specific Terms¶
Industry Variance
"FIPS Compliant" is an industry term with no standardized definition. Different vendors may use this term differently. CIQ's definition below describes our specific usage.
FIPS Certified
A package version that has successfully completed the CMVP process and received an official NIST certificate. To maintain certified status in deployment:
- All certified packages must remain at their exact certified versions
- Patching breaks certified status for the running system, even if the original version remains on the validated list
- CMVP validation is tied to a specific module version, platform, and configuration
FIPS Compliant (CIQ definition)
At CIQ, this indicates packages using the same cryptographic implementation as the certified version, with updates limited to non-security-relevant (NSR) changes:
- CVE patches outside the crypto module boundary
- Bug fixes to non-cryptographic code
- Changes that do not affect algorithms, key management, CSP handling, or OE security
Compliant packages are available in CIQ's FIPS repositories and receive ongoing security updates. CIQ is not claiming CMVP validation of the exact build—only equivalence of the cryptographic code.
Validation and Code Changes
CMVP validation is tied to a specific module version, platform, and configuration. When code changes (even for CVE fixes), the new binary is not automatically validated. Organizations must use their own risk management to decide whether to deploy patched builds that are not the validated configuration.
FIPS Available
The package includes a FIPS operating mode based on publicly released source code, but has not been submitted for laboratory approval. Base Rocky Linux offers available FIPS mode, but formal certification visibility is not provided.
Non-Security Relevant (NSR) Changes¶
NSR changes are updates that do not affect the security-relevant portions of a cryptographic module. Specifically, NSR changes do not modify:
- Cryptographic algorithms or implementations
- Key generation, storage, use, or zeroization
- Critical security parameter (CSP) handling
- Module security policy, roles, services, or authentication
- Physical or non-invasive security mechanisms
Typical NSR examples:
- Vendor or product metadata changes
- Platform/OS housekeeping outside the crypto boundary
- Non-crypto bug fixes (logging, config parsing, CLI)
- Performance optimizations or refactoring that does not touch crypto code
- Documentation updates
Frequently Asked Questions¶
General Questions¶
What's the difference between FIPS Certified and FIPS Compliant?
FIPS Certified means the exact package version has been validated by NIST and received a certificate. To maintain certified status, packages must be pinned to the exact certified versions listed in the certification status tables above.
FIPS Compliant (as CIQ defines it) means the package uses identical cryptographic code to the certified version but includes non-security-relevant updates like CVE patches outside the crypto boundary. Compliant packages are available in CIQ's FIPS repositories and allow customers to receive security updates while maintaining the certified cryptographic implementation.
Does Rocky Linux include FIPS mode?
Rocky Linux inherits FIPS-capable code from RHEL sources and includes a FIPS mode with the correct algorithms. However, neither the Rocky Enterprise Software Foundation (RESF) nor CIQ has formally submitted base Rocky Linux packages for NIST validation. To claim FIPS certification, RLC LTS with CIQ's validated packages is required.
Can CIQ's FIPS certificates be used with upstream Rocky Linux?
No. FIPS 140 certificates are issued for specific binary modules. CIQ's certificates apply only to the exact packages distributed through RLC LTS repositories. Using CIQ's certificate numbers with packages from other sources would be non-compliant.
How long does FIPS certification take?
From initial lab submission to NIST certificate issuance typically takes 12 or more months. The MIP (Modules In Process) stage alone—after lab approval—takes at least 12 months in NIST's queue. CIQ cannot accelerate NIST's validation timeline.
Is CIQ using FIPS 140-2 or FIPS 140-3?
All CIQ certifications—for both Rocky Linux 8 and Rocky Linux 9—are validated against FIPS 140-3.
What is the difference between FIPS 140-2 and FIPS 140-3?
FIPS 140-3 is the current standard, replacing FIPS 140-2 which will expire in Q3 2026. Key differences include:
- Stricter self-testing: Enhanced pre-operational and conditional self-test requirements (SP 800-140F, SP 800-140C)
- Entropy validation: New Entropy Source Validation (ESV) requirements for random number generation (SP 800-90C)
- Mode separation: Clearer guidance on approved vs. non-approved cryptographic services (SP 800-140E)
- Error handling: More robust requirements for error states and failure modes (FIPS 140-3 Section 9)
What is the FIPS 140-3 Interim Validation Program?
The Interim Validation Program allows vendors to claim conditional FIPS validation while modules complete the full certification process. Interim validations have limited validity periods and are subject to expiration.
Important: CIQ does not use interim validation. CIQ's modules are in the standard FIPS 140-3 Modules In Process (MIP) queue for full certification, meaning they will remain valid past interim expiration deadlines. All modules have been reviewed and approved by atsec, an accredited NIST testing laboratory, and are awaiting NIST's final certificate issuance.
Product Questions¶
Which CIQ products support FIPS?
| Product | FIPS Support | Notes |
|---|---|---|
| Rocky Linux | Available | FIPS mode works but no certification |
| RLC Latest | Not Available | Use LTS releases for FIPS |
| RLC LTS | Certified/Compliant | Certification on .2, .6, .10 releases |
| RLC-Hardened LTS | Certified/Compliant | Uses same certified modules as RLC LTS; FIPS enabled by default |
Can I use FIPS mode while receiving security updates?
Yes. CIQ provides FIPS Compliant packages in a separate repository. These packages use the same certified cryptographic code but receive CVE patches for non-cryptographic components. This is CIQ's recommended approach for most customers, as it balances compliance requirements with ongoing security maintenance.
What hardware platforms are certified?
CIQ certifies FIPS on x86_64 platforms. The exact operational environment is documented in each module's Security Policy on the NIST CMVP website. Links to Security Policy documents are available in the certification status tables above.
How do I access CIQ's FIPS packages?
FIPS packages are available in a separate repository for RLC LTS subscribers. Contact info@ciq.com for access and implementation guidance.
Where can I find CIQ's FIPS source code?
CIQ's FIPS module source code is available at github.com/ciq-rocky-fips. This enables engineers to review the cryptographic implementation, debug issues, and verify code integrity.
Does CIQ provide security policies for ATO packages?
Yes. CIQ provides official FIPS 140-3 security policy documents, configuration guidance, and technical support for organizations preparing Authority to Operate (ATO) packages. Security policies are developed by atsec, an accredited NIST Cryptographic Module Testing Laboratory. Contact info@ciq.com for ATO support.
Compliance Questions¶
Does FIPS certification mean my system is secure?
No. FIPS validates cryptographic implementation correctness—that AES, SHA, RSA, and other algorithms are implemented according to specification. FIPS does not validate overall system security, vulnerability management, access controls, or application security. A FIPS-certified system still requires comprehensive security hardening.
Does FIPS certification cover applications I deploy?
No. FIPS certifies the operating system's cryptographic modules. Applications that implement their own cryptography (e.g., Java applications with bundled crypto, statically-linked binaries) require separate evaluation. Applications that properly use the OS's certified modules (e.g., via OpenSSL) can leverage the certification.
We need FedRAMP/CMMC compliance. Is FIPS enough?
FIPS 140 is one requirement within FedRAMP and CMMC frameworks. These frameworks include many additional requirements: access control, audit logging, incident response, configuration management, and more. RLC-Hardened LTS with DISA STIG profiles addresses many of these requirements together.
Supported Algorithms¶
The following tables document the FIPS-approved cryptographic algorithms supported by CIQ's validated modules.
Kernel Crypto API (Rocky Linux 8)¶
| Category | Algorithms |
|---|---|
| Block Ciphers | AES-CBC, AES-CTR, AES-ECB, AES-GCM, AES-XTS |
| Hash Functions | SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512 |
| Message Authentication | HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, AES-CMAC, AES-GMAC |
| Key Derivation | KDF (SP 800-108) |
| Random Number Generation | DRBG (CTR_DRBG, Hash_DRBG, HMAC_DRBG) |
Kernel Crypto API (Rocky Linux 9)¶
| Category | Algorithms |
|---|---|
| Block Ciphers | AES-CBC, AES-CTR, AES-ECB, AES-GCM, AES-XTS |
| Hash Functions | SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512 |
| Message Authentication | HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA3-224, HMAC-SHA3-256, HMAC-SHA3-384, HMAC-SHA3-512, AES-CMAC, AES-GMAC |
| Key Derivation | KDF (SP 800-108), KBKDF |
| Random Number Generation | DRBG (CTR_DRBG, Hash_DRBG, HMAC_DRBG) |
OpenSSL (Rocky Linux 8)¶
| Category | Algorithms |
|---|---|
| Block Ciphers | AES-CBC, AES-CCM, AES-CTR, AES-ECB, AES-GCM, AES-XTS, Triple-DES-CBC, Triple-DES-ECB |
| Hash Functions | SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 |
| Message Authentication | HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, AES-CMAC, AES-GMAC |
| Digital Signatures | RSA (PKCS#1 v1.5, PSS), ECDSA (P-224, P-256, P-384, P-521), ED25519, ED448 |
| Key Agreement | DH, ECDH (P-224, P-256, P-384, P-521), X25519, X448 |
| Key Derivation | KDF (SP 800-108), HKDF, PBKDF2, SSHKDF, TLS 1.2 KDF, TLS 1.3 KDF |
| Key Transport | RSA (OAEP, PKCS#1 v1.5) |
| Random Number Generation | DRBG (CTR_DRBG, Hash_DRBG, HMAC_DRBG) |
OpenSSL FIPS Provider (Rocky Linux 9)¶
| Category | Algorithms |
|---|---|
| Block Ciphers | AES-CBC, AES-CCM, AES-CTR, AES-ECB, AES-GCM, AES-GMAC, AES-KW, AES-KWP, AES-XTS |
| Hash Functions | SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256 |
| Message Authentication | HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA3-224, HMAC-SHA3-256, HMAC-SHA3-384, HMAC-SHA3-512, AES-CMAC, AES-GMAC |
| Digital Signatures | RSA (PKCS#1 v1.5, PSS), ECDSA (P-224, P-256, P-384, P-521, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571), ED25519, ED448 |
| Key Agreement | DH (Safe Primes), ECDH (P-224, P-256, P-384, P-521), X25519, X448 |
| Key Derivation | KDF (SP 800-108), HKDF, PBKDF2, SSHKDF, TLS 1.2 KDF, TLS 1.3 KDF, X9.63 KDF |
| Key Transport | RSA (OAEP, PKCS#1 v1.5), AES-KW, AES-KWP |
| Random Number Generation | DRBG (CTR_DRBG, Hash_DRBG, HMAC_DRBG) |
libgcrypt¶
| Category | Algorithms |
|---|---|
| Block Ciphers | AES-CBC, AES-CCM, AES-CFB, AES-CTR, AES-ECB, AES-GCM, AES-XTS |
| Hash Functions | SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256, SHA3-224, SHA3-256, SHA3-384, SHA3-512 |
| Message Authentication | HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, AES-CMAC, AES-GMAC |
| Digital Signatures | RSA (PKCS#1 v1.5, PSS), ECDSA (P-256, P-384, P-521), ED25519, ED448 |
| Key Agreement | ECDH (P-256, P-384, P-521), X25519, X448 |
| Key Derivation | KDF (SP 800-108), HKDF, PBKDF2 |
| Random Number Generation | DRBG (CTR_DRBG, HMAC_DRBG) |
GnuTLS¶
| Category | Algorithms |
|---|---|
| Block Ciphers | AES-CBC, AES-CCM, AES-GCM |
| Hash Functions | SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-256, SHA3-384, SHA3-512 |
| Message Authentication | HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, AES-GMAC |
| Digital Signatures | RSA (PKCS#1 v1.5, PSS), ECDSA (P-256, P-384, P-521), ED25519, ED448 |
| Key Agreement | DH, ECDH (P-256, P-384, P-521), X25519, X448 |
| Key Derivation | TLS 1.2 KDF, TLS 1.3 KDF, HKDF |
| Random Number Generation | DRBG (AES-CTR, HMAC_DRBG) |
NSS (Network Security Services)¶
| Category | Algorithms |
|---|---|
| Block Ciphers | AES-CBC, AES-CCM, AES-CTR, AES-ECB, AES-GCM, AES-KW |
| Hash Functions | SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 |
| Message Authentication | HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, AES-CMAC, AES-GMAC |
| Digital Signatures | RSA (PKCS#1 v1.5, PSS), DSA, ECDSA (P-256, P-384, P-521) |
| Key Agreement | DH, ECDH (P-256, P-384, P-521) |
| Key Derivation | KDF (SP 800-108), TLS 1.2 KDF, PBKDF2 |
| Key Transport | RSA (OAEP, PKCS#1 v1.5), AES-KW |
| Random Number Generation | DRBG (HMAC_DRBG) |
Algorithm Availability
Specific algorithm availability may vary by module version. Consult the official Security Policy document for each module (linked in the Certification Status tables) for the authoritative list of approved algorithms and their operational requirements.
Contact¶
For FIPS-related inquiries, contact CIQ:
- Email: info@ciq.com
- Website: ciq.com