Security Builder® FIPS Module

Certificate #3715

Webpage information

Status historical
Historical reason Moved to historical list due to sunsetting
Validation dates 28.09.2020
Standard FIPS 140-2
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #1729
Exceptions
  • Physical Security: N/A
Description The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API.
Tested configurations
  • Android 4.0.4 running on an Intel based PC with an Intel Atom Z2460 Processor [2]
  • Android 4.4.2 running on an ARM based PC with an ARMv7 Processor [2]
  • Android 5.0.1 running on an ARM based PC with an ARMv8 Processor [2]
  • CentOS Linux 7.1 64-bit running on an Intel based PC with an Intel Core 2 Duo T9400 Processor without AES-NI [2]
  • iOS 6.1.4 running on an Apple iPhone with an ARMv7 Processor [2]
  • iOS 6.1.4 running on an Apple iPhone with an ARMv7S Processor [2]
  • iOS 8.0 running on an Apple iPhone with an on ARMv8 Processor [2]
  • Mac OSX 10.10.4 running on an Apple GPC with an Intel Core i7-3615QM Processor [2]
  • Mac OSX 10.11.4 running on an Apple GPC with an Intel Core i7-3615QM Processor [3]
  • QNX 6.5 running on an Intel based PC with an Intel Pentium III Processor [1]
  • QNX 6.6 running on an ARM based PC with an ARM Cortex A9 MPCore Processor [1]
  • RedHat Linux 5.6 running on an Intel based PC with a 32-bit Intel Core i7 Processor [1]
  • RedHat Linux 5.6 running on an Intel based PC with a 32-bit Intel Core i7 Processor with AES-NI [1]
  • RedHat Linux 5.6 running on an Intel based PC with an Intel Core i5-2300 Processor [1]
  • RedHat Linux 5.6 running on an Intel based PC with an Intel Core i5-2300 Processor with AES-NI [1]
  • Windows 7 Enterprise 32-bit running on an Intel based PC with an Intel Core Duo Processor without AES-NI [2]
  • Windows 7 Enterprise 64-bit running on an Intel based PC with an Intel Core i7-2720QM Processor with AES-NI [2]
  • Windows Phone 8.0 running on an ARM based PC with an ARMv7 Processor [2] (single-user mode)
Vendor Certicom Corp.
References

This certificate's webpage directly references 1 certificates, transitively this expands into 1 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, DES, TDES, Triple-DES, HMAC, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, CMAC
Asymmetric Algorithms
ECDH, ECDSA, ECIES, ECC, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, MD4, MD5
Schemes
KEM, Key Agreement
Protocols
SSL
Randomness
DRBG, RNG
Block cipher modes
ECB, CBC, CTR, GCM, CCM, XTS

Security level
Level 1
Side-channel analysis
Timing Attack, Timing Attacks, Bleichenbacher attack

Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 46-3, FIPS 197, FIPS 180-4, FIPS 198, FIPS 186-4, FIPS 186-2, NIST SP 800-131A, NIST SP 800-90, NIST SP 800-56A, NIST SP 800-56B, SP 800-56A, PKCS1, PKCS #1, RFC 2268, RFC 1321, RFC 1320, RFC 1115, RFC 2104, RFC 3566

File metadata

Title Microsoft Word - SB_GSE_6_0_3_Security_Policy.doc
Creation date D:20200922123612Z00'00'
Modification date D:20200922123612Z00'00'
Pages 25
Creator Word
Producer macOS Version 10.15.6 (Build 19G2021) Quartz PDFContext

Heuristics

No heuristics are available for this certificate.

References

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 3715,
  "dgst": "6c97aad35e1926d2",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "HMAC#1054",
        "DSA#563",
        "SHS#1571",
        "AES#3029",
        "DRBG#127",
        "KAS#25",
        "ECDSA#553",
        "Triple-DES#1773",
        "CVL#367",
        "RSA#2017",
        "CVL#789",
        "DSA#891",
        "ECDSA#242",
        "RSA#1574",
        "Triple-DES#2164",
        "RSA#894",
        "HMAC#2571",
        "CVL#7",
        "DRBG#1151",
        "HMAC#1914",
        "DSA#1076",
        "AES#1789",
        "KAS#79",
        "AES#3946",
        "Triple-DES#1159",
        "DRBG#579",
        "KAS#50",
        "SHS#3256",
        "ECDSA#866",
        "SHS#2530"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "1729"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "1729"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "1729"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDH": {
            "ECDH": 9
          },
          "ECDSA": {
            "ECDSA": 10
          },
          "ECIES": {
            "ECIES": 2
          }
        },
        "FF": {
          "DH": {
            "DH": 11,
            "Diffie-Hellman": 2
          },
          "DSA": {
            "DSA": 10
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 6
        },
        "CCM": {
          "CCM": 3
        },
        "CTR": {
          "CTR": 2
        },
        "ECB": {
          "ECB": 6
        },
        "GCM": {
          "GCM": 3
        },
        "XTS": {
          "XTS": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        },
        "KEM": {
          "KEM": 2
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 5,
          "#1054": 5,
          "#1076": 1,
          "#1151": 1,
          "#1159": 1,
          "#127": 1,
          "#1571": 5,
          "#1789": 1,
          "#2017": 1,
          "#2164": 1,
          "#242": 1,
          "#25": 3,
          "#2571": 5,
          "#3256": 5,
          "#3946": 1,
          "#50": 1,
          "#563": 1,
          "#789": 1,
          "#79": 2,
          "#866": 1,
          "#894": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "#2164 AES": 1,
          "#3946 DES": 1,
          "#866 RSA": 1,
          "DSA 11": 1,
          "HMAC-SHA- 1": 2,
          "HMAC-SHA-1": 4,
          "HMAC-SHA-224": 4,
          "HMAC-SHA-256": 2,
          "HMAC-SHA-384": 4,
          "HMAC-SHA-512": 4,
          "HMAC-SHA256": 2,
          "PKCS #1": 7,
          "PKCS1": 3,
          "RSA #1": 1,
          "RSA 2": 1,
          "RSA PKCS #1": 1,
          "RSA PKCS1": 3,
          "SHA-1": 3,
          "SHA-224": 2,
          "SHA-256": 2,
          "SHA-384": 2,
          "SHA-512": 2
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 4
        }
      },
      "hash_function": {
        "MD": {
          "MD4": {
            "MD4": 2
          },
          "MD5": {
            "MD5": 2
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 3
          },
          "SHA2": {
            "SHA-224": 2,
            "SHA-256": 2,
            "SHA-384": 2,
            "SHA-512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 7
        },
        "RNG": {
          "RNG": 9
        }
      },
      "side_channel_analysis": {
        "SCA": {
          "Timing Attack": 2,
          "Timing Attacks": 1
        },
        "other": {
          "Bleichenbacher attack": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 12,
          "FIPS 180-4": 5,
          "FIPS 186-2": 1,
          "FIPS 186-4": 4,
          "FIPS 197": 1,
          "FIPS 198": 5,
          "FIPS 46-3": 1,
          "FIPS PUB 140-2": 6
        },
        "NIST": {
          "NIST SP 800-131A": 2,
          "NIST SP 800-56A": 5,
          "NIST SP 800-56B": 1,
          "NIST SP 800-90": 2,
          "SP 800-56A": 1
        },
        "PKCS": {
          "PKCS #1": 4,
          "PKCS1": 3
        },
        "RFC": {
          "RFC 1115": 1,
          "RFC 1320": 1,
          "RFC 1321": 1,
          "RFC 2104": 1,
          "RFC 2268": 1,
          "RFC 3566": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 11
          }
        },
        "DES": {
          "3DES": {
            "TDES": 5,
            "Triple-DES": 2
          },
          "DES": {
            "DES": 2
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 2,
            "HMAC": 3,
            "HMAC-SHA-224": 2,
            "HMAC-SHA-256": 1,
            "HMAC-SHA-384": 2,
            "HMAC-SHA-512": 2
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/CreationDate": "D:20200922123612Z00\u002700\u0027",
      "/Creator": "Word",
      "/ModDate": "D:20200922123612Z00\u002700\u0027",
      "/Producer": "macOS Version 10.15.6 (Build 19G2021) Quartz PDFContext",
      "/Title": "Microsoft Word - SB_GSE_6_0_3_Security_Policy.doc",
      "pdf_file_size_bytes": 647271,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 25
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "7c24cbf9607ce4b9ac8017a39e5944c965845abcc8df57c87c2d8fd28ab608d4",
    "policy_txt_hash": "167faef39e2fa6bd9ca5e5caea6c8163d962a93659b1386eb0484750c66bb5bf"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. This validation entry is a non-security-relevant modification to Cert. #1729",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2020_011020_0703.pdf",
    "date_sunset": null,
    "description": "The Security Builder\u00ae FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A"
    ],
    "fw_versions": null,
    "historical_reason": "Moved to historical list due to sunsetting",
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {
      "1729": 1
    },
    "module_name": "Security Builder\u00ae FIPS Module",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": "6.0 [1], 6.0.2 [2] and 6.0.3 [3]",
    "tested_conf": [
      "Android 4.0.4 running on an Intel based PC with an Intel Atom Z2460 Processor [2]",
      "Android 4.4.2 running on an ARM based PC with an ARMv7 Processor [2]",
      "Android 5.0.1 running on an ARM based PC with an ARMv8 Processor [2]",
      "CentOS Linux 7.1 64-bit running on an Intel based PC with an Intel Core 2 Duo T9400 Processor without AES-NI [2]",
      "iOS 6.1.4 running on an Apple iPhone with an ARMv7 Processor [2]",
      "iOS 6.1.4 running on an Apple iPhone with an ARMv7S Processor [2]",
      "iOS 8.0 running on an Apple iPhone with an on ARMv8 Processor [2]",
      "Mac OSX 10.10.4 running on an Apple GPC with an Intel Core i7-3615QM Processor [2]",
      "Mac OSX 10.11.4 running on an Apple GPC with an Intel Core i7-3615QM Processor [3]",
      "QNX 6.5 running on an Intel based PC with an Intel Pentium III Processor [1]",
      "QNX 6.6 running on an ARM based PC with an ARM Cortex A9 MPCore Processor [1]",
      "RedHat Linux 5.6 running on an Intel based PC with a 32-bit Intel Core i7 Processor [1]",
      "RedHat Linux 5.6 running on an Intel based PC with a 32-bit Intel Core i7 Processor with AES-NI [1]",
      "RedHat Linux 5.6 running on an Intel based PC with an Intel Core i5-2300 Processor [1]",
      "RedHat Linux 5.6 running on an Intel based PC with an Intel Core i5-2300 Processor with AES-NI [1]",
      "Windows 7 Enterprise 32-bit running on an Intel based PC with an Intel Core Duo Processor without AES-NI [2]",
      "Windows 7 Enterprise 64-bit running on an Intel based PC with an Intel Core i7-2720QM Processor with AES-NI [2]",
      "Windows Phone 8.0 running on an ARM based PC with an ARMv7 Processor [2] (single-user mode)"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2020-09-28",
        "lab": "Lightship Security, Inc.",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Certicom Corp.",
    "vendor_url": "http://www.certicom.com"
  }
}