Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3154

Details

Module Name
Zscaler Mobile Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
2/9/2021
Validation Dates
3/19/2018
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #1938.
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Zscaler Mobile Cryptographic Module offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation.
Tested Configuration(s)
  • Android 4.0 running on a Galaxy Nexus
  • iOS 5.1 running on a iPad 3
  • iOS 6 running on a iPad 3
  • iOS 7 running on a iPad 3 (single-user mode)
FIPS Algorithms
AES Certs. #2125 and #2126
CVL Certs. #28 and #29
DRBG Certs. #233 and #234
DSA Certs. #666 and #667
ECDSA Certs. #319 and #320
HMAC Certs. #1296 and #1297
RSA Certs. #1094 and #1095
SHS Certs. #1849 and #1850
Triple-DES Certs. #1351 and #1352
Allowed Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
2.1

Vendor

Zscaler Inc.
110 Rose Orchard Way
San Jose, CA 95134
USA

Stephen R. Kovac
kovac@zscaler.com
Phone: 727-288-7144
Fax: N/A
Manoj Apte
manoj@zscaler.com
Phone: +1 (408) 679-4108
Fax: N/A

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0