Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4575

Details

Module Name
Security Builder FIPS Java Module
Standard
FIPS 140-2
Status
Active
Sunset Date
3/5/2024
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Security Builder FIPS Java Module is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications. The Security Builder FIPS Java Module is intended for use by developers who want government level security and can also be used in conjunction with other Certicom developer toolkits including Security Builder PKI and Security Builder SSL.
Tested Configuration(s)
  • Android 6.0.1 with processor Qualcomm 8992 Snapdragon running on BlackBerry PRIV[1][2]
  • Android 8.1.2 with Processor ARMv8 running on Venturi K502 tablet[2]
  • Android OS API Level 17 with processor NXP ARM Cortex-A9 running on Ricoh MP C3004[1]
  • CentOS 7.0 with Java JRE 1.8.0 running on a Dell PowerEdge 2950 with an Intel Xeon 5300[1]
  • Red Hat Enterprise Linux 7 with IBM Java JRE 1.8 running on a Dell PowerEdge R430 with an Intel Xeon E5-2620 v3[2]
  • SUSE Linux Enterprise 11 on VMware ESX 4.1.5 with Oracle JRE 1.8 running on a Dell PowerEdge R430 with an Intel Xeon E5-2620 v3[2]
  • Ubuntu Linux 16.04 on VMware ESX 4.1.5 with Oracle JRE 1.8 running on a Dell PowerEdge R430 with an Intel Xeon E5-2620 v3[2] (single-user mode)
  • Windows Server 2016 on VMware ESX 6.5 with Oracle JRE 1.8 running on a Dell PowerEdge R430 with an Intel Xeon E5-2620 v3[2]
Approved Algorithms
AES Certs. #3988, #4299, #4300, #5539, #5608 and #5609
CKG vendor affirmed
DRBG Certs. #1180, #1359, #1360, #2194, #2250 and #2251
DSA Certs. #1084, #1142, #1143, #1421, #1443 and #1444
ECDSA Certs. #884, #1009, #1010, #1490, #1518 and #1519
HMAC Certs. #2603, #2835, #2836, #3690, #3741 and #3742
KTS vendor affirmed
RSA Certs. #2046, #2320, #2321, #2972, #3016 and #3017
SHS Certs. #3292, #3537, #3538, #4445, #4505 and #4506
Triple-DES Certs. #2188, #2320, #2321, #2788, #2822 and #2823
Allowed Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
2.9[1], 2.9.2[2]

Vendor

Certicom Corp.
4701 Tahoe Blvd
Mississauga, Ontario L4W 0B5
Canada

Jim Alfred
jalfred@blackberry.com
Phone: 2892614189
Suresh Ghelani
sghelani@blackberry.com
Phone: 2485133452

Validation History

Date Type Lab
8/31/2023 Initial Lightship Security, Inc.