Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3284

Details

Module Name
Cryptographic Module for Fognigma
Standard
FIPS 140-2
Status
Active
Sunset Date
1/29/2022
Validation Dates
9/12/2018
10/5/2018
Overall Level
1
Caveat
When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Module for Fognigma is a general purpose cryptographic module integrated in the Fognigma platform to provide FIPS 140-2 validated cryptography for the protection of sensitive information. This module provides the cryptographic services that are used by the Fognigma platform to generate its Virtual Private Network (VPN).
Tested Configuration(s)
  • Android 5.0 32-bit running on Qualcomm APQ8084 (ARMv7) with PAA (gcc Compiler Version 4.9)
  • Android 5.0 32-bit running on Qualcomm APQ8084 (ARMv7) without PAA (gcc Compiler Version 4.9)
  • Android 5.0 64-bit running on SAMSUNG Exynos7420 (ARMv8) with PAA (gcc Compiler Version 4.9)
  • Android 5.0 64-bit running on SAMSUNG Exynos7420 (ARMv8) without PAA (gcc Compiler Version 4.9)
  • Debian 9 running on Intel Atom E3845 (x86) with PAA (gcc Compiler Version 6.3.0)
  • Debian 9 running on Intel Atom E3845 (x86) without PAA (gcc Compiler Version 6.3.0)
  • iOS 8.1 32-bit running on Apple A7 (ARMv8) with PAA (clang Compiler Version 600.0.56)
  • iOS 8.1 32-bit running on Apple A7 (ARMv8) without PAA (clang Compiler Version 600.0.56)
  • iOS 8.1 64-bit running on Apple A7 (ARMv8) with PAA (clang Compiler Version 600.0.56)
  • iOS 8.1 64-bit running on Apple A7 (ARMv8) without PAA (clang Compiler Version 600.0.56)
  • Linux 3.10 32-bit running on Intel Atom E3845 (x86) with PAA (gcc Compiler Version 4.8.1)
  • Linux 3.10 32-bit running on Intel Atom E3845 (x86) without PAA (gcc Compiler Version 4.8.1)
  • Linux 3.12 running on NXP T2080 (PPC) (gcc Compiler Version 4.9.2)
  • Raspbian 9 (Stretch) running on ARMv7 with PAA (gcc Compiler Version 6.3.0)
  • Raspbian 9 (Stretch) running on ARMv7 without PAA (gcc Compiler Version 6.3.0)
  • Ubuntu 16.04 LTS (Xenial) running on Intel® Xeon® E5 (family) with PAA (gcc Compiler Version 5.4.0) (single-user mode)
  • Ubuntu 16.04 LTS (Xenial) running on Intel® Xeon® E5 (family) without PAA (gcc Compiler Version 5.4.0)
FIPS Algorithms
AES Certs. #3264, #3451, #3751, #4469 and #5687
CVL Certs. #472, #534, #699, #1181 and #2078
DRBG Certs. #723, #845, #1027, #1451 and #2301
DSA Certs. #933, #970, #1040, #1195 and #1463
ECDSA Certs. #620, #698, #801, #1091 and #1541
HMAC Certs. #2063, #2197, #2452, #2966 and #3788
RSA Certs. #1664, #1766, #1928, #2444 and #3060
SHS Certs. #2702, #2847, #3121, #3681 and #4559
Triple-DES Certs. #1853, #1942, #2086, #2399 and #2850
Allowed Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15 or 2.0.16

Vendor

Berryville Holdings, LLC
2465 Centerville Road #J17-812
Herndon, VA 20171
USA

Cael Jacobs
cael@bvhllc.com
Phone: (703) 782-9840
Chava Jurado
chava@bvhllc.com
Phone: (703) 782-9840

Lab

CYGNACOM SOLUTIONS INC
NVLAP Code: 200002-0