Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2407

Details

Module Name
Apple iOS CoreCrypto Kernel Module v5.0
Standard
FIPS 140-2
Status
Active
Sunset Date
7/21/2020
Validation Dates
7/22/2015
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-chip standalone
Description
The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
  • iOS 8.0 running on iPad (3rd generation) with Apple A5X CPU
  • iOS 8.0 running on iPad (4th generation) with Apple A6X CPU
  • iOS 8.0 running on iPad Air 2 with Apple A8X CPU (single-user mode)
  • iOS 8.0 running on iPhone4S with Apple A5 CPU
  • iOS 8.0 running on iPhone5 with Apple A6 CPU
  • iOS 8.0 running on iPhone5S with Apple A7 CPU
  • iOS 8.0 running on iPhone6 (iPhone6 and iPhone6 Plus) with Apple A8 CPU
FIPS Algorithms
AES Certs. #3096, #3097, #3098, #3099, #3100, #3101, #3317, #3318, #3319, #3320, #3321, #3322, #3371 and #3380
DRBG Certs. #763, #764, #765, #766, #767, #768 and #803
ECDSA Certs. #646, #647, #648, #649, #650, #651 and #671
HMAC Certs. #1939, #1940, #1941, #1942, #1943, #1968, #2108, #2109, #2110, #2111, #2112, #2113, #2150 and #2153
PBKDF vendor affirmed
RSA Certs. #1698, #1699, #1700, #1701, #1702, #1703 and #1735
SHS Certs. #2558, #2559, #2560, #2561, #2562, #2587, #2749, #2750, #2751, #2752, #2753, #2754, #2795 and #2798
Triple-DES Certs. #1889, #1890, #1891, #1892, #1893, #1894 and #1919
Other Algorithms
AES (non-compliant); ECDSA (non-compliant); RSA (key wrapping; key establishment methodology provides between 128 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; Triple-DES (non-compliant); MD2; MD4; MD5; RIPEMD; Ed25519; CAST5; ANSI X9.63 KDF; RFC6637 KDF; KBKDF (non-compliant); SP800-56C KDF; Blowfish; RC2; RC4; CMAC AES 128; OMAC; HMAC DRBG (non-compliant); Hash DRBG (non-compliant); Integrated Encryption Scheme on elliptic curves
Software Versions
5.0

Vendor

Apple Inc.
1 Infinite Loop
Cupertino, CA 95041
USA

Shawn Geddis
geddis@apple.com
Phone: (669)227-3579
Fax: (866)315-1954

Lab

atsec
NVLAP Code: 200658-0