Cryptographic Module Validation Program CMVP

Certificate #3655

Details

Module Name
RapidIdentity FIPS Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
11/13/2021
Validation Dates
05/20/2020;07/13/2020
Overall Level
1
Caveat
When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #2792.
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The RapidIdentity FIPS Cryptographic Module for Windows is a cryptographic engine for Windows Server. The module delivers core cryptographic functions to Identity Automation’s RapidIdentity MFA server, providing a multitude of authentication methods. The RapidIdentity FIPS Cryptographic Module leverages industry leading, FIPS approved cryptographic algorithms provided by the Bouncy Castle FIPS .NET and Java APIs.
Tested Configuration(s)
  • Android 10 on .NET framework 4.5.2 running on a Google Pixel 3 with Qualcomm Snapdragon 845 Chipset
  • iOS 13 on Xamarin.iOS 13 running on an iPhone 11 with the Apple A13 Bionic processor
  • Windows Server 2016 Standard on Vmware ESXi 6.5 on .NET framework 4.5.2 running on a Dell PowerEdge T630 with Intel Xeon E5-2630 (single user mode)
FIPS Algorithms
ECDSA (Certs. #C1580 and #C1581
AES Certs. #C1580 and #C1581
CVL Certs. #C1580 and #C1581
DRBG Certs. #C1580 and #C1581
DSA Certs. #C1580 and #C1581
HMAC Certs. #C1580 and #C1581
KAS Certs. #C1580 and #C1581
KAS SP 800-56Arev2 with CVL Certs.#C1580 and #C1581, vendor affirmed
KTS AES Certs. #C1580 and #C1581; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Certs. #C1580 and #C1581; key establishment methodology provides 112 bits of encryption strength
KTS vendor affirmed
PBKDF vendor affirmed
RSA Certs. #C1580 and #C1581
SHA-3 Certs. #C1580 and #C1581
SHS Certs. #C1580 and #C1581
Triple-DES Certs. #C1580 and #C1581
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #C1580 and #C1581, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength);
Software Versions
1.0

Vendor

Identity Automation
7102 N Sam Houston Pkwy W
Suite 300
Houston, TX 77064
USA

Security & Certifications Team
SecurityCertifications@identityautomation.com
Phone: 281-220-0021
Fax: N/A

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0