Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3344

Details

Module Name
Okta Cryptographic Module for Mobile
Standard
FIPS 140-2
Status
Active
Sunset Date
2/9/2021
Validation Dates
12/17/2018
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #1938.
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Okta Cryptographic Module for JavaMobile manages functions for secure key management, data integrity, data at rest encryption, and secure communications for the Okta Multifactor Authentication solution.
Tested Configuration(s)
  • Android 4.0 running on a Galaxy Nexus
  • iOS 5.1 running on a iPad 3
  • iOS 6 running on a iPad 3 iOS 7 running on a iPad 3 (single-user mode)
FIPS Algorithms
AES Certs. #2125 and #2126
CVL Certs. #28 and #29
DRBG Certs. #233 and #234
DSA Certs. #666 and #667
ECDSA Certs. #319 and #320
HMAC Certs. #1296 and #1297
RSA Certs. #1094 and #1095
SHS Certs. #1849 and #1850
Triple-DES Certs. #1351 and #1352
Allowed Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
2.1

Vendor

Okta, Inc.
100 First St. 14th Floor
San Francisco, CA 94105
USA

Christopher Niggel
fedramp@okta.com
Okta Compliance Team
FIPS_validation@okta.com

Lab

ÆGISOLVE
NVLAP Code: 200802-0