Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4574

Details

Module Name
Titan Security Key, Chip Boundary
Standard
FIPS 140-2
Status
Active
Sunset Date
3/17/2026
Overall Level
1
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Physical Security: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Single Chip
Description
Implemented with Google's "Titan" secure microcontroller and custom firmware, the Titan Security Key is a FIPS-compliant Universal 2nd Factor (U2F) authenticator and hardware root of trust.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Cert. #C1621
CKG vendor affirmed
CVL Cert. #C1621
DRBG Cert. #C1621
ECDSA Cert. #C1621
HMAC Cert. #C1621
SHS Cert. #C1621
Allowed Algorithms
NDRNG
Hardware Versions
H1B2
Firmware Versions
1.2

Vendor

Google, LLC.
1600 Amphitheatre Parkway
n/a
n/a
Mountain View, CA 94043
USA

FIPS Crypto Officer
FIPS-crypto-officer@google.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
8/31/2023 Initial Lightship Security, Inc.