iOS 6 obtains FIPS 140-2 certification, opening door to more government use
Close on the heels of last week's announcement that US Department of Defense approval of iOS 6 devices was imminent comes word from the National Institute of Standards and Technology (NIST) that a cryptographic module in iOS 6 has achieved FIPS 140-2 certification (Level 1). This has, to quote our tipster, "huge implications for government use of iOS (and eventually Macs)."
Apple iOS CoreCrypto Kernel Module v3.0, when operated in FIPS mode, "generates cryptographic keys whose strengths are modified by available entropy." CoreCrypto is described as "a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest."
The module met Level 1 of FIPS (Federal Information Processing Standard) 140-2. Level 1 provides the lowest level of security, as no physical security mechanisms are required beyond the basic requirement for production-grade components. CoreCrypto uses FIPS-approved algorithms including Triple-DES, AES, SHS and an additional alphabet soup of acronyms.
The module was tested on an iPhone 4, an iPhone 4S and an iPad (single-user mode) running iOS 6.0. It is unknown if the certification is specific to these devices or if it also extends to newer devices like the iPhone 5.
A tip of the hat to Allan for letting us know about the certification.
Subscribe to Newsletter
Software Updatesmore updates
- Spotify update adds equalizer, refreshed Artist page and more
- Fantastical 2.1 for iOS adds new snooze, search and notification features
- ExpanDrive 4, more services and faster sync
- Apple adds iTunes Extras to Apple TV
- Spotify updates with new iPhone controls in time for summer BBQs
- iTunes U update will bring course creation and student discussion to iPad app