3.13.11

  • Requirement

    Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.

  • Discussion

    Cryptography can be employed to support many security solutions including the protection of controlled unclassified information, the provision of digital signatures, and the enforcement of information separation when authorized individuals have the necessary clearances for such information but lack the necessary formal access approvals. Cryptography can also be used to support random number generation and hash generation. Cryptographic standards include FIPS-validated cryptography and/or NSA-approved cryptography. See [NIST CRYPTO]; [NIST CAVP]; and [NIST CMVP].

More Info

  • Family

    System and Communications Protection
  • DoD Scoring Methodology Points

    3/5
  • Related CMMC ID

  • Related NIST 800-53 ID

    SC-13
  • Reference Documents

    • N/A

NIST 800-171A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!