Cryptographic Module Validation Program CMVP

Certificate #3388

Details

Module Name
Octopus Authentication Server Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
186-2 transition
Validation Dates
03/04/2019
Overall Level
1
Caveat
When operated in FIPS mode. When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #1747.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Octopus Authentication Server manages the authentication requests coming from the service provider and the connection to the application on the mobile device to get the user approval.
Tested Configuration(s)
  • Ubuntu 13.04 running on AM335x Cortex-A8 (ARMv7) with PAA (gcc Compiler Version 4.7.3)
  • Ubuntu 13.04 running on AM335x Cortex-A8 (ARMv7) without PAA (gcc Compiler Version 4.7.3) (single-user mode)
FIPS Algorithms
AES Cert. #2484
CVL Cert. #85
DRBG Cert. #342
DSA Cert. #764
ECDSA Cert. #413
HMAC Cert. #1526
RSA Cert. #1273
SHS Cert. #2102
Triple-DES Cert. #1522
Allowed Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 270 bits of encryption strength)
Software Versions
2.0.5

Vendor

Secret Double Octopus Ltd.
Mixer House, 97 Rokach Blvd.
P.O. Box 53169
Tel Aviv 6153101
Isreal

Shimrit Tzur-David
shimritd@doubleoctopus.com
Phone: 972-50-8994958
Fax: N/A
Chen Tetelman
chent@doubleoctopus.com
Phone: 972-54-5604219
Fax: N/A

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0