Certificate 2671 - Duo Security Cryptographic Module
intCertNum 2671
strVendorName Duo Security, Inc.
strURL http://https://duo.com
strAddress1 123 North Ashley Street
strAddress2 Suite 200
strAddress3
strCity Ann Arbor
strStateProv MI
strPostalCode 48104
strCountry 48104
strContact Duo Mobile Security
strEmail mobilesec@duosecurity.com
strPhone
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 2671
strModuleName Duo Security Cryptographic Module
strPartNumber Software Version: 1.0
memModuleNotes When operated in FIPS mode. This validation entry is a non-security relevant modification to Cert. #1938. The module generates cryptographic keys whose strengths are modified by available entropy.
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Software
strValidationDate 07/07/2016
intOverallLevel 1
memIndividualLevelNotes -Physical Security: N/A;-Design Assurance: Level 3;-Mitigation of Other Attacks: N/A;-Operational Environment: Tested as meeting Level 1 with Android 4.0 running on a Galaxy Nexus
strFIPSAlgorithms AES (Cert. #2125);
HMAC (Cert. #1296);
DSA (Cert. #666);
ECDSA (Cert. #319);
RSA (Cert. #1094);
SHS (Cert. #1849);
Triple-DES (Cert. #1351);
DRBG (Cert. #233);
CVL (Cert. #28)
strOtherAlgorithms RSA (key wrapping;
key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
RNG;
Dual EC DRBG
strConfiguration Multi-Chip Stand Alone
memModuleDescription The Duo Security Cryptographic Module is a cryptographic engine for mobile devices. The module delivers core cryptographic functions to Duo Security's Two-Factor Authentication mobile application.
intModuleCount 1
memAdditionalNotes
strFirstValidtionDate 07/07/16 00:00:00
strLabName Acumen
strValidationYear 2016