Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3204

Details

Module Name
YubiKey 4 Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
6/20/2023
Validation Dates
6/21/2018
Overall Level
2
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Single Chip
Description
The Yubikey 4 cryptographic module is a secure element that supports multiple protocols designed to be embedded in USB security tokens. The module can generate, store, and perform cryptographic operations for sensitive data and can be utilized via an external touch-button for Test of User Presence in addition to PIN for smart card authentication.The module implements five major functions - Yubico One Time Password (OTP), FIDO Universal 2nd Factor (U2F), PIV-compatible smart card, OpenPGP smart card and OATH OTP authentication.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #4712, #4713 and #4714
CKG vendor affirmed
CVL Certs. #1356, #1358, #1360 and #1395
DRBG Cert. #1604
ECDSA Cert. #1165
HMAC Certs. #3133 and #3134
KTS AES Cert. #4714
RSA Cert. #2569
SHS Certs. #3861 and #3862
Triple-DES Cert. #2498
Allowed Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG
Hardware Versions
SLE78CLUFX3000PH
Firmware Versions
4.4.2

Vendor

Yubico, Inc.
530 Lytton Avenue
Suite 301
Palo Alto, CA 94301
USA

Jakob Ehrensvärd
jakob@yubico.com
Phone: (650) 283-1537
Jerrod Chong
jerrod@yubico.com
Phone: (650) 283-2200

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0