This page was not yet optimized for use on mobile
devices.
RapidIdentity FIPS Cryptographic Module
Certificate #3655
Webpage information
Security policy
Symmetric Algorithms
AES, Serpent, RC4, DES, Triple-DES, TDEA, TDES, ChaCha, Poly1305, Camellia, SEED, HMAC, CMAC, CBC-MACAsymmetric Algorithms
ECDSA, ECC, Diffie-Hellman, DSAPost-quantum Algorithms
NewHopeHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-2, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256, MD5, RIPEMD, PBKDFSchemes
MAC, Key agreement, Key AgreementProtocols
TLS, TLS 1.2, TLS 1.0Randomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, K-233, K-283, K-409, K-571, B-283, B-409, B-571Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCMVendor
QualcommSecurity level
Level 1Side-channel analysis
timing attacks, timing attackStandards
FIPS 140-2, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 186-2, FIPS 180-4, FIPS 202, FIPS 186-3, FIPS PUB 140-2, SP 800-38A, SP 800-38C, SP 800-38B, SP 800-90A, SP 800-38D, SP 800-56A, SP 800-135, SP 800-38F, NIST SP 800-38D, SP 800-67, SP 800-132, SP 800-56B, SP 800-56C, SP 800-89, PKCS #1, PKCS1, PKCS#12, PKCS#1, PKCS#5File metadata
| Subject | FIPS 140-2 Security Policy Template |
|---|---|
| Author | webex |
| Creation date | D:20200706202444-07'00' |
| Modification date | D:20200706202444-07'00' |
| Pages | 26 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics
No heuristics are available for this certificate.
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3655,
"dgst": "a2c2bc574f117170",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"Triple-DES#C1580",
"CVL#C1580",
"CVL#C1581",
"HMAC#C1580",
"DSA#C1581",
"HMAC#C1581",
"DRBG#C1581",
"AES#C1581",
"KAS#C1580",
"AES#C1580",
"SHS#C1581",
"DRBG#C1580",
"SHA-3#C1580",
"RSA#C1581",
"Triple-DES#C1581",
"DSA#C1580",
"SHS#C1580",
"RSA#C1580",
"SHA-3#C1581",
"KAS#C1581"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"2792"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"2792"
]
}
},
"module_prunned_references": {
"_type": "Set",
"elements": [
"2792"
]
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDSA": {
"ECDSA": 9
}
},
"FF": {
"DH": {
"Diffie-Hellman": 5
},
"DSA": {
"DSA": 12
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CCM": {
"CCM": 4
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 6
},
"ECB": {
"ECB": 3
},
"GCM": {
"GCM": 9
},
"OFB": {
"OFB": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 1
}
},
"crypto_protocol": {
"TLS": {
"TLS": {
"TLS": 8,
"TLS 1.0": 1,
"TLS 1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 3,
"Key agreement": 1
},
"MAC": {
"MAC": 4
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-283": 1,
"B-409": 1,
"B-571": 1,
"K-233": 1,
"K-283": 1,
"K-409": 1,
"K-571": 1,
"P-224": 2,
"P-256": 6,
"P-384": 2
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 1
}
},
"fips_certlike": {
"Certlike": {
"Cert # AES": 1,
"Cert # RSA": 1,
"DSA3": 1,
"HMAC SHA-512/224": 2,
"HMAC-SHA512": 2,
"PKCS #1": 2,
"PKCS#1": 2,
"PKCS#12": 2,
"PKCS#5": 2,
"PKCS1": 2,
"RSA13": 1,
"SHA-1": 8,
"SHA-2": 2,
"SHA-224": 5,
"SHA-256": 5,
"SHA-3": 3,
"SHA-384": 5,
"SHA-512": 5,
"SHA3-224": 2,
"SHA3-256": 2,
"SHA3-384": 2,
"SHA3-512": 2
}
},
"fips_security_level": {
"Level": {
"Level 1": 4
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 5
}
},
"PBKDF": {
"PBKDF": 10
},
"RIPEMD": {
"RIPEMD": 1
},
"SHA": {
"SHA1": {
"SHA-1": 8
},
"SHA2": {
"SHA-2": 2,
"SHA-224": 5,
"SHA-256": 5,
"SHA-384": 5,
"SHA-512": 5
},
"SHA3": {
"SHA-3": 3,
"SHA3-224": 2,
"SHA3-256": 2,
"SHA3-384": 2,
"SHA3-512": 2
}
},
"SHAKE": {
"SHAKE128": 1,
"SHAKE256": 2
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {
"NewHope": {
"NewHope": 1
}
},
"randomness": {
"PRNG": {
"DRBG": 23
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {
"SCA": {
"timing attack": 1,
"timing attacks": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 14,
"FIPS 180-4": 2,
"FIPS 186-2": 1,
"FIPS 186-3": 1,
"FIPS 186-4": 10,
"FIPS 197": 2,
"FIPS 198-1": 3,
"FIPS 202": 2,
"FIPS PUB 140-2": 1
},
"NIST": {
"NIST SP 800-38D": 1,
"SP 800-132": 5,
"SP 800-135": 4,
"SP 800-38A": 3,
"SP 800-38B": 2,
"SP 800-38C": 2,
"SP 800-38D": 5,
"SP 800-38F": 5,
"SP 800-56A": 5,
"SP 800-56B": 6,
"SP 800-56C": 3,
"SP 800-67": 5,
"SP 800-89": 1,
"SP 800-90A": 3
},
"PKCS": {
"PKCS #1": 1,
"PKCS#1": 1,
"PKCS#12": 1,
"PKCS#5": 1,
"PKCS1": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 22
},
"RC": {
"RC4": 1
},
"Serpent": {
"Serpent": 1
}
},
"DES": {
"3DES": {
"TDEA": 6,
"TDES": 1,
"Triple-DES": 16
},
"DES": {
"DES": 6
}
},
"constructions": {
"MAC": {
"CBC-MAC": 1,
"CMAC": 6,
"HMAC": 11
}
},
"djb": {
"ChaCha": {
"ChaCha": 1
},
"Poly": {
"Poly1305": 1
}
},
"miscellaneous": {
"Camellia": {
"Camellia": 1
},
"SEED": {
"SEED": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Qualcomm": {
"Qualcomm": 1
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "webex",
"/CreationDate": "D:20200706202444-07\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20200706202444-07\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Subject": "FIPS 140-2 Security Policy Template",
"pdf_file_size_bytes": 772702,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 26
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "7d0f6e0a75a26fc2128eb5fca664f8c451ac89ee44e0a6dac96f165380af3b48",
"policy_txt_hash": "e2fe946dba9a1580e3766142faed4ee44bb0c909523ea3049294881773836365"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #2792.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2020_010620_1115.pdf",
"date_sunset": null,
"description": "The RapidIdentity FIPS Cryptographic Module for Windows is a cryptographic engine for Windows Server. The module delivers core cryptographic functions to Identity Automation\u2019s RapidIdentity MFA server, providing a multitude of authentication methods. The RapidIdentity FIPS Cryptographic Module leverages industry leading, FIPS approved cryptographic algorithms provided by the Bouncy Castle FIPS .NET and Java APIs.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A"
],
"fw_versions": null,
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": null,
"level": 1,
"mentioned_certs": {
"2792": 1
},
"module_name": "RapidIdentity FIPS Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": "1.0",
"tested_conf": [
"Android 10 on .NET framework 4.5.2 running on a Google Pixel 3 with Qualcomm Snapdragon 845 Chipset",
"iOS 13 on Xamarin.iOS 13 running on an iPhone 11 with the Apple A13 Bionic processor",
"Windows Server 2016 Standard on Vmware ESXi 6.5 on .NET framework 4.5.2 running on a Dell PowerEdge T630 with Intel Xeon E5-2630 (single user mode)"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2020-05-20",
"lab": "Acumen Security",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2020-07-13",
"lab": "Acumen Security",
"validation_type": "Update"
}
],
"vendor": "Identity Automation",
"vendor_url": "https://www.identityautomation.com/"
}
}