U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3655

Details

Module Name
RapidIdentity FIPS Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
11/13/2021
Validation Dates
05/20/2020;07/13/2020
Overall Level
1
Caveat
When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #2792.
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The RapidIdentity FIPS Cryptographic Module for Windows is a cryptographic engine for Windows Server. The module delivers core cryptographic functions to Identity Automation’s RapidIdentity MFA server, providing a multitude of authentication methods. The RapidIdentity FIPS Cryptographic Module leverages industry leading, FIPS approved cryptographic algorithms provided by the Bouncy Castle FIPS .NET and Java APIs.
Tested Configuration(s)
  • Android 10 on .NET framework 4.5.2 running on a Google Pixel 3 with Qualcomm Snapdragon 845 Chipset
  • iOS 13 on Xamarin.iOS 13 running on an iPhone 11 with the Apple A13 Bionic processor
  • Windows Server 2016 Standard on Vmware ESXi 6.5 on .NET framework 4.5.2 running on a Dell PowerEdge T630 with Intel Xeon E5-2630 (single user mode)
FIPS Algorithms
ECDSA (Certs. #C1580 and #C1581
AES Certs. #C1580 and #C1581
CVL Certs. #C1580 and #C1581
DRBG Certs. #C1580 and #C1581
DSA Certs. #C1580 and #C1581
HMAC Certs. #C1580 and #C1581
KAS Certs. #C1580 and #C1581
KAS SP 800-56Arev2 with CVL Certs.#C1580 and #C1581, vendor affirmed
KTS AES Certs. #C1580 and #C1581; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Certs. #C1580 and #C1581; key establishment methodology provides 112 bits of encryption strength
KTS vendor affirmed
PBKDF vendor affirmed
RSA Certs. #C1580 and #C1581
SHA-3 Certs. #C1580 and #C1581
SHS Certs. #C1580 and #C1581
Triple-DES Certs. #C1580 and #C1581
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #C1580 and #C1581, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength);
Software Versions
1.0

Vendor

Identity Automation
7102 N Sam Houston Pkwy W
Suite 300
Houston, TX 77064
USA

Security & Certifications Team
SecurityCertifications@identityautomation.com
Phone: 281-220-0021
Fax: N/A

Related Files

Security Policy
Consolidated Certificate

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0