Corsec would like to congratulate our partner, Cradlepoint, Inc., on completing the Federal Information Processing Standard Publication 140-3 (FIPS 140-3) validation process on their Kernel Cryptographic Module.

To achieve this milestone, Cradlepoint partnered with Corsec, completing the validation at a Level 1 as seen in certificate #4863. For more information on the validation and to find additional details on the module’s security policy, visit NIST’s validated modules site.

To learn more about engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS 140 is mandated by law in the U.S. and very strictly enforced in Canada. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

The Cradlepoint Kernel Cryptographic Module (versions 1.0 and 2.0) is a software module with a multi-chip standalone embodiment. The module is designed to operate within a modifiable operational environment. The module comprises kernel loadable components, a static kernel binary, an integrity test utility, and digest files for testing integrity.

The cryptographic module maintains validation compliance when operating on any general-purpose computer (GPC) provided that the GPC uses any single-user operating system/mode specified on the validation certificate, or another compatible single-user operating system.

For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC), CSfC, and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###

Corsec would like to congratulate our partner, Masimo Corporation, on completing the Federal Information Processing Standard Publication 140-3 (FIPS 140-3) validation process on their Masimo Cryptographic Module.

To achieve this milestone, Masimo partnered with Corsec, completing the validation at a Level 1 as seen in certificate #4788. For more information on the validation and to find additional details on the module’s security policy, visit NIST’s validated modules site.

To learn more about engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS 140 is mandated by law in the U.S. and very strictly enforced in Canada. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

Masimo Corporation is a global medical technology company that develops and produces a wide array of industry leading monitoring technologies, including innovative measurements, sensors, patient monitors, and automation and connectivity solutions.

The Masimo Cryptographic Module v1.0 is a software library providing a C language API1 for use by Masimo products requiring cryptographic functionality. The Masimo Cryptographic Module v1.0 includes symmetric encryption/decryption, digital signature generation/verification, hashing, cryptographic key generation, random number generation, message authentication, and SSP establishment functions to secure data-at-rest/data-inflight and offers cryptographic support for secure communications protocols (including TLS2 1.2/1.3).

For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC), CSfC, and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###

###