Scope. The goal is to ground teams in how algorithms, primitives, and modules relate under FIPS 140-3, the Cryptographic Module Validation Program (CMVP), and the Cryptographic Algorithm Validation Program (CAVP). The paper is conceptual. It includes short, formal examples for AES, RSA, and SHA-256. No vendor-specific tooling.
If you are not familiar with the distinction between cryptographic modules and cryptographic algorithms, we recommend reading our short primer on Cryptographic Modules vs Cryptographic Algorithms first. It clarifies the terminology and scope used throughout this whitepaper.
This whitepaper defines the Automata FIPS (AFIPS) Model: a layered way to plan, implement, and assess FIPS 140 validated cryptography across modern platforms. It is the conceptual bridge between the CMVP and day-to-day engineering in federal systems and systems targeting federal authorizations.