TCG FIPS 140-2 Guidance for TPM 2.0


The TPM 2.0 FIPS guidance is provided as a supporting document for FIPS 140-2 evaluation of a TPM 2.0 product compliant with TPM 2.0 library level 0 version 1.16. The intendedæaudience for this document includes TPM manufacturers, FIPS Cryptographic Module Validation Program Laboratories and FIPS Evaluators.

This document describes additional development constraints or library interpretation necessary for a successful FIPS evaluation. The intent is to highlight areas of the specification that may require specific attention when the device is in a FIPS approved mode. If the general specification is in compliance with FIPS no guidance is provided on the topic. The organization of the document starting with Section 5 follows the FIPS 140-2 convention and language. Each section contains a FIPS 140-2 Summary section which contains the text from the FIPS 140-2 Security Requirements Summary table for the specific requirement and security level.

This specification targets FIPS 140-2 level 1 or level 2.