2.4.14.9
| Req No | Requirement | Compliance Class And Applicability | Primary Keyword | Secondary Keyword |
|---|---|---|---|---|
| 2.4.14.9 | In manufacture, all encryption keys that are unique to each device are either securely and truly randomly internally generated or securely programmed into each device in accordance with industry standard FIPS140-2 [ref 5]1 or equivalent. Any secret key programmed into a product at manufacture is unique to that individual device, i.e. no global secret key is shared between multiple devices, unless this is required by a licensing authority. | Mandatory for Class 2 and above | Business | Process |
Footnotes
-
FIPS PUB 140-2, Security Requirements for Cryptographic Modules, May 2001. [http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf] ↩