U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3900

Details

Module Name
Samsung BoringSSL Android
Standard
FIPS 140-2
Status
Active
Sunset Date
12/1/2025
Validation Dates
04/19/2021
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.
Tested Configuration(s)
  • Android 11 running on Galaxy A52 with Snapdragon 750 with PAA
  • Android 11 running on Galaxy A52 with Snapdragon 750 without PAA (single-user mode)
  • Android 11 running on Galaxy Note10+ with Exynos 9825 with PAA
  • Android 11 running on Galaxy Note10+ with Exynos 9825 without PAA
  • Android 11 running on Galaxy S10+ with Exynos 9820 with PAA
  • Android 11 running on Galaxy S10+ with Exynos 9820 without PAA
  • Android 11 running on Galaxy S10+ with Snapdragon 855 with PAA
  • Android 11 running on Galaxy S10+ with Snapdragon 855 without PAA
  • Android 11 running on Galaxy S20+ 5G with Exynos 990 with PAA
  • Android 11 running on Galaxy S20+ 5G with Exynos 990 without PAA
  • Android 11 running on Galaxy S20+ 5G with Snapdragon 865 with PAA
  • Android 11 running on Galaxy S20+ 5G with Snapdragon 865 without PAA
  • Android 11 running on Galaxy S21+ with Exynos 2100 with PAA
  • Android 11 running on Galaxy S21+ with Exynos 2100 without PAA
  • Android 11 running on Galaxy S21+ with Snapdragon 888 with PAA
  • Android 11 running on Galaxy S21+ with Snapdragon 888 without PAA
  • Android 11 running on Galaxy Xcover Pro with Exynos 9611 with PAA
  • Android 11 running on Galaxy Xcover Pro with Exynos 9611 without PAA
FIPS Algorithms
AES Cert. #A907
CVL Cert. #A907
DRBG Cert. #A907
ECDSA Cert. #A907
HMAC Cert. #A907
KAS-SSC vendor affirmed
KTS AES Cert. #A907; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Cert. #A907
SHS Cert. #A907
Triple-DES Cert. #A907
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
1.5

Vendor

Samsung Electronic Co. Ltd.
416 Maetan-3dong, Yeongtong-gu
Suwon-si, Geyeonggi-do 443-742
South Korea

Brian Wood
be.wood@samsung.com
Phone: +1-973-440-9125
Jung Ha Paik
jungha.paik@samsung.com
Phone: +82-10-8861-0858

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0