Quick-reference card
| Field | Value |
|---|---|
| Control ID | IA-07 |
| Control Name | Cryptographic Module Authentication |
| Framework | NIST SP 800-53 Revision 5 |
| Control Family | Identification and Authentication |
| Baselines | LOW MODERATE HIGH |
| Relevance | System (First Party and Third Party) |
| Risk Severity | Medium |
What this control requires
IA-07 requires organizations to authenticate every cryptographic module operator and verify they are authorized for the role they request. Most teams focus authentication efforts on applications and endpoints while overlooking the hardware security modules (HSMs), trusted platform modules (TPMs), and cryptographic accelerators that underpin their entire trust architecture. These modules store and process the most sensitive cryptographic material in your environment, yet their operator access controls often receive less scrutiny than a standard user account.
Without operator-level authentication on these modules, anyone with system access can reconfigure key material, extract private keys, or modify cryptographic policies. FIPS 140-2 and its successor, FIPS 140-3, establish the validation requirements for cryptographic modules, and IA-07 builds on that foundation by mandating that the modules themselves enforce identity verification before granting role-based access.
In practice, this means you need mechanisms inside the cryptographic module that confirm an operator’s identity, match that identity to an authorized role, and restrict services to only those the role permits. The control applies across all three baselines (low, moderate, and high), reflecting how foundational cryptographic module integrity is to the broader NIST SP 800-53 control catalog.
Why it matters
Cryptographic modules are the root of trust for encryption, digital signatures, and key management across your environment. When operator authentication on these modules fails, attackers don’t just compromise one system; they compromise the cryptographic foundation that every other security control depends on.
Specifically, when organizations deploy HSMs, TPMs, or cryptographic accelerators with default operator credentials, they expose their entire crypto infrastructure to compromise. An attacker who gains system-level access can try default PINs on an HSM, and if those credentials were never changed, they can extract private keys, sign malicious code, or reconfigure cryptographic policies without triggering any authentication failure.
The firmware attack surface compounds this risk significantly. Bootkits that target pre-OS firmware (T1542.003) can intercept cryptographic operations before the operating system loads. System image modifications (T1601) allow attackers to alter the firmware running on network devices, embedding persistent access to cryptographic functions. Supply-chain compromises (T1195.003) introduce vendor backdoors or pre-configured weak authentication into cryptographic hardware before it reaches your data center.
What attackers exploit
- Default operator credentials on HSMs and TPMs. Attackers with system access attempt factory-default PINs and passwords against cryptographic modules, gaining unrestricted access to key material and configuration functions.
- Pre-boot firmware tampering (T1542, T1542.001, T1542.003). Bootkits and firmware-level implants execute before the OS initializes, bypassing operating-system-level authentication entirely and manipulating cryptographic operations at the hardware layer.
- System image modification (T1601). Attackers modify the firmware or operating image on network devices, embedding persistent backdoors that grant ongoing access to cryptographic module functions.
- Supply-chain insertion of weak authentication (T1195.003). Compromised vendors ship hardware with pre-configured weak credentials or backdoored firmware, creating brute-force attack opportunities that bypass all downstream security controls.
- Firmware integrity bypass (T1495). Destructive firmware attacks can wipe or corrupt cryptographic module firmware, degrading the module’s ability to enforce authentication and potentially rendering stored keys unrecoverable.
FIPS 140-3 addresses many of these risks by requiring validated cryptographic modules to enforce operator authentication at specific assurance levels. At Security Level 2 and above, modules must authenticate individual operators and maintain role separation between crypto officers and standard users.
Organizations that skip validation or delay credential rotation on deployed modules leave a gap that attackers actively target. The risk compounds over time because cryptographic modules typically have long deployment lifecycles, meaning a default credential left in place during initial deployment may persist for years before anyone reviews it.
How to implement
The most common failure mode is deploying cryptographic modules with factory-default credentials and never establishing a formal operator authentication lifecycle. This gap persists because HSM and TPM administration often falls between security and infrastructure teams, with neither owning the credential management process.
For your organization
Establish a cryptographic module inventory. Document every HSM, TPM, cryptographic accelerator, and software-based cryptographic module in your environment. Record make, model, firmware version, FIPS validation certificate number, and the team responsible for administration.
Require FIPS 140-2 or FIPS 140-3 validated modules. Procurement policies should mandate that all cryptographic modules carry current FIPS validation. Validation confirms that the module has been tested for operator authentication enforcement at the appropriate security level.
Implement role-based operator authentication. Configure each module to require unique operator credentials before granting access. Define roles (for example, crypto officer, user, and auditor) and restrict each role to the minimum set of services required. Never share operator credentials across individuals.
Rotate operator credentials on a defined schedule. Treat cryptographic module credentials with the same rigor as privileged account passwords. Establish rotation intervals, enforce complexity requirements, and revoke credentials immediately when an operator changes roles or leaves the organization.
Verify firmware integrity. Implement processes to validate firmware signatures before applying updates. Monitor for unauthorized firmware modifications using integrity-checking tools. Subscribe to vendor advisories for cryptographic module vulnerabilities.
Audit module access attempts. Configure logging on all cryptographic modules to capture successful and failed authentication attempts, role changes, and key management operations. Forward logs to your SIEM for correlation with broader security events. Where operators use hardware security tokens for module authentication, log token-based access attempts alongside password-based ones.
Common mistakes to avoid:
- Deploying HSMs with default PINs and deferring credential changes to “after production stabilization”
- Sharing a single operator credential among multiple administrators
- Failing to revoke access when an operator leaves the cryptographic module administration team
- Skipping firmware integrity verification during update cycles
- Treating FIPS validation as a one-time procurement checkbox rather than an ongoing compliance requirement
For your vendors
Include cryptographic module authentication in vendor questionnaires. Ask vendors to confirm whether they use FIPS 140-2 or FIPS 140-3 validated modules, how they authenticate operators to those modules, and what role-based access controls they enforce.
Request specific evidence. Vendors should provide current FIPS validation certificates for all cryptographic modules handling your data. Ask for documentation of their operator authentication procedures, including credential rotation schedules and role definitions.
Verify separation of duties. Confirm that the vendor separates cryptographic module administration from general system administration. A vendor whose database administrator also holds the HSM crypto officer credential has a segregation-of-duties gap that increases your risk.
Assess firmware management practices. Ask how the vendor validates firmware updates before applying them to cryptographic modules. Request evidence of firmware integrity-checking procedures and vendor advisory monitoring.
Watch for red flags:
- Vendor cannot produce current FIPS validation certificates for their cryptographic modules
- Single shared credential for all cryptographic module operators
- No documented procedure for credential rotation or revocation
- Firmware updates applied without signature verification
- No logging or monitoring of cryptographic module access attempts
Verification approach. Request periodic attestation letters or SOC 2 reports that specifically address cryptographic module authentication controls. Where possible, review the vendor’s cryptographic module access logs during onsite assessments or through a secure evidence-sharing platform. Ask the vendor to demonstrate that their modules enforce operator authentication at the FIPS 140 security level appropriate for the data classification they handle on your behalf.
Evidence examples
The following artifacts demonstrate IA-07 compliance during an audit of your cryptographic module authentication controls. Modules validated under FIPS 140-3 produce many of these artifacts as part of their certification process.
| Evidence Type | Example Artifact |
|---|---|
| Identification and authentication policy | Policy document defining cryptographic module operator authentication requirements, role definitions, and credential management procedures |
| System security plan | SSP sections describing cryptographic module inventory, FIPS validation status, and operator authentication mechanisms |
| Cryptographic module authentication procedures | Documented procedures for operator credential issuance, rotation, revocation, and role-based access provisioning for HSMs and TPMs |
| System design documentation | Architecture diagrams showing cryptographic module placement, operator authentication flows, and role-based access control enforcement points |
| Configuration settings | Exported HSM or TPM configuration files demonstrating enabled operator authentication, role assignments, and credential complexity requirements |
| Audit records | Logs of cryptographic module access attempts, including operator identification, role assumed, timestamp, and success or failure status |
Cross-framework mapping
No applicable content for this control.
Related controls
The Identification and Authentication control family includes several controls that intersect directly with cryptographic module authentication requirements.
- AC-03 — Access Enforcement. Governs who can access what across the system. IA-07 ensures the cryptographic module itself enforces operator identity before granting access to cryptographic functions and key material.
- IA-05 — Authenticator Management. Manages the lifecycle of credentials, including issuance, rotation, and revocation. IA-07 applies those same lifecycle principles specifically to cryptographic module operator credentials.
- SA-04 — Acquisition Process. Requires organizations to include security requirements in procurement specifications. IA-07 compliance depends on acquiring modules that support operator authentication, making SA-04 the procurement enforcement point.
- SC-12 — Cryptographic Key Establishment and Management. Governs the creation, distribution, storage, and destruction of cryptographic keys. IA-07 protects access to the modules that store and process those keys.
- SC-13 — Cryptographic Protection. Defines the cryptographic standards an organization must meet. IA-07 ensures only authenticated operators can configure and manage the modules that enforce those standards.
Frequently asked questions
What is NIST SP 800-53 IA-07?
IA-07 requires cryptographic modules to authenticate operators and verify they are authorized for the specific role and services they request. The control applies to all hardware and software modules that perform cryptographic functions, including HSMs, TPMs, and cryptographic accelerators. It builds on FIPS 140 validation by mandating that operator identity verification occurs within the module itself, not just at the operating system or application layer.
What happens if IA-07 is not implemented?
Without IA-07, any user with system-level access can interact with cryptographic modules without proving their identity or authorization level. This means an attacker who compromises a server can attempt default credentials on an HSM, extract private signing keys, or reconfigure encryption policies. The downstream impact extends beyond the module itself because compromised key material undermines every system that depends on those keys for encryption, authentication, or digital signatures.
How do you audit IA-07?
Auditing IA-07 starts with reviewing cryptographic module authentication procedures to confirm that operator identity verification and role-based access controls are documented and enforced. Verify that FIPS 140 validation certificates are current for all deployed modules. Examine operator role assignments to confirm separation of duties between crypto officers, users, and auditors. Review audit logs of module access attempts for evidence that failed authentication events are captured and investigated.
What is FIPS 140 validation and how does it relate to IA-07?
FIPS 140 is a federal standard that defines security requirements for cryptographic modules, including requirements for operator authentication at each of its four assurance levels. IA-07 depends on FIPS 140 validation because a validated module has been independently tested to confirm it enforces operator authentication before granting access to cryptographic services. Organizations deploying modules without current FIPS 140-2 or FIPS 140-3 validation cannot verify that the module itself enforces the authentication mechanisms IA-07 requires.