U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #2096


Module Name
WatchDox® CryptoModule
FIPS 140-2
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
Overall Level
When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Multi-chip standalone
The WatchDox Crypto Module provides the services necessary to support the cryptographic features and functions of the WatchDox Secure File Sharing services and products.
Tested Configuration(s)
  • Android 4.1 running on an ARM Cortex A9 with NEON on a Samsung Galaxy S3 Mini (gcc Compiler Version 4.6.3) (single-user mode)
  • Apple iOS 6.1 running on an ARMv7 with NEON on an iPhone 5 (gcc Compiler Version 4.2.1)
  • Red Hat Enterprise Linux 6 running on a Dell Poweredge SC1420 without PAA (gcc Compiler Version 4.4.4)
  • Windows 7 32-bit running on an Intel Core (x64) with PAA running on an Intel Client Desktop (gcc Compiler Version 4.7.3)
FIPS Algorithms
AES Cert. #2623
ECDSA Cert. #451
HMAC Cert. #1621
RNG Cert. #1239
RSA Cert. #1340
SHS Cert. #2199
Other Algorithms
CVL (non-compliant); DRBG (non-compliant); DSA (non-compliant); EC Diffie-Hellman; RSA (encrypt/decrypt); Triple-DES (non-compliant)
Software Versions


WatchDox, Inc.
299 S California Ave.
Palo Alto, CA 94306

Adi Ruppin
Phone: 800-209-1688


NVLAP Code: 200427-0