Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4652

Details

Module Name
Cr50 U2F Cryptographic Library
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
  • Physical Security: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Firmware-Hybrid
Embodiment
Single Chip
Description
The Cr50 U2F Cryptographic Library is a firmware-hybrid module residing in the Google, LLC Google Security Chips (GSC) chip. The module is responsible for low-level cryptographic primitives on Google Security Chips (GSC) used in recent versions of Google Chromebooks, and includes functionality for key generation, signature generation, random bit generation, keyed-hashing and signature verification operations in support of U2F-related requests in the Cr50 Chrome OS.
Tested Configuration(s)
  • Google H1B2 with ARM V7-M with PAA
Approved Algorithms
CKG vendor affirmed
DRBG Cert. #A2353
ECDSA Cert. #A2353
ENT P
HMAC Certs. #A2352 and #A2353
SHS Certs. #A2352 and #A2353
Allowed Algorithms
N/A
Hardware Versions
H1B2P
Firmware Versions
1.0.1

Vendor

Google, LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043
USA

FIPS Crypto Officer
FIPS-crypto-officer@google.com

Validation History

Date Type Lab
11/6/2023 Initial ACUMEN SECURITY, LLC