Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3154

Details

Module Name
Zscaler Mobile Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
3/8/2026
Overall Level
1
Caveat
When operated in FIPS mode. The module makes no assurance of the minimum strength of random strings and generated keys. This validation entry is a non-security-relevant modification to Cert. #1938.
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Zscaler Mobile Cryptographic Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.
Tested Configuration(s)
  • Android 4.0 running on a Galaxy Nexus
  • iOS 5.1 running on a iPad 3
  • iOS 6 running on a iPad 3
  • iOS 7 running on a iPad 3 (single-user mode)
Approved Algorithms
AES Certs. #2125 and #2126
CKG vendor affirmed
DRBG Certs. #233 and #234
DSA Certs. #666 and #667
ECDSA Certs. #319 and #320
HMAC Certs. #1296 and #1297
RSA Certs. #1094 and #1095
SHS Certs. #1849 and #1850
Triple-DES Certs. #1351 and #1352
Allowed Algorithms
N/A
Software Versions
2.1

Vendor

Zscaler Inc.
110 Rose Orchard Way
San Jose, CA 95134
USA

Stephen R. Kovac
kovac@zscaler.com
Phone: 727-288-7144
Manoj Apte
manoj@zscaler.com
Phone: +1 (408) 679-4108

Validation History

Date Type Lab
3/19/2018 Initial ACUMEN SECURITY, LLC
3/9/2022 Update ÆGISOLVE