Module Name
Samsung BoringSSL Android
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Provides general purpose cryptographic services to user-space applications on the mobile platform for the protection of data.
Tested Configuration(s)
- Android 11 running on Galaxy A52 with Snapdragon 750 with PAA
- Android 11 running on Galaxy A52 with Snapdragon 750 without PAA
- Android 11 running on Galaxy A71 5G with Snapdragon 765 without PAA
- Android 11 running on Galaxy A71 5G with Snapdragon 765 with PAA
- Android 11 running on Galaxy Note10+ with Exynos 9825 with PAA
- Android 11 running on Galaxy Note10+ with Exynos 9825 without PAA
- Android 11 running on Galaxy S10+ with Exynos 9820 with PAA
- Android 11 running on Galaxy S10+ with Exynos 9820 without PAA
- Android 11 running on Galaxy S10+ with Snapdragon 855 with PAA
- Android 11 running on Galaxy S10+ with Snapdragon 855 without PAA
- Android 11 running on Galaxy S20+ 5G with Exynos 990 with PAA
- Android 11 running on Galaxy S20+ 5G with Exynos 990 without PAA
- Android 11 running on Galaxy S20+ 5G with Snapdragon 865 with PAA
- Android 11 running on Galaxy S20+ 5G with Snapdragon 865 without PAA
- Android 11 running on Galaxy S21+ with Exynos 2100 with PAA
- Android 11 running on Galaxy S21+ with Exynos 2100 without PAA
- Android 11 running on Galaxy S21+ with Snapdragon 888 with PAA
- Android 11 running on Galaxy S21+ with Snapdragon 888 without PAA
- Android 11 running on Galaxy Tab Active3 with Exynos 9810 with PAA
- Android 11 running on Galaxy Tab Active3 with Exynos 9810 without PAA
- Android 11 running on Galaxy Xcover Pro with Exynos 9611 with PAA
- Android 11 running on Galaxy Xcover Pro with Exynos 9611 without PAA
- Wear OS 3 running on Galaxy Watch 4 with Exynos 5515 with PAA
- Wear OS 3 running on Galaxy Watch 4 with Exynos 5515 without PAA (single-user mode)
Approved Algorithms
AES |
Cert. #A907 |
CVL |
Cert. #A907 |
DRBG |
Cert. #A907 |
ECDSA |
Cert. #A907 |
HMAC |
Cert. #A907 |
KAS-SSC |
vendor affirmed |
KTS |
AES Cert. #A907; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Cert. #A907 |
SHS |
Cert. #A907 |
Triple-DES |
Cert. #A907 |
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)