[Cryptography] FIPS 140 validated crypto module on Android?
Kevin W. Wall
kevin.w.wall at gmail.com
Tue Nov 17 01:57:28 EST 2020
On Mon, Nov 16, 2020 at 2:32 AM Sid Spry <sid at aeam.us> wrote:
> On Sun, Nov 15, 2020, at 7:06 PM, Michael Nelson via cryptography wrote:
> > We need a FIPS 140-2 validated crypto module on Android mobile devices
> > to do some simple encryption. Does anyone know of an available such
> > module?
> >
> > ...deleted...
>
> > Any pointers?
> >
>
>
> https://en.wikipedia.org/wiki/Bouncy_Castle_(cryptography)#Certified_releases
>
> Bouncy castle seems exactly what you want. FIPS 140-2 level 1 certified,
> Java or C#.
> Both languages see major use on Android.
>
I'm pretty sure that Bouncy Castle is the default Java Cryptography
Extension (JCE) used on Android platform. They certainly are not using
SunJCE. I've seen referenced in several Android code reviews that I've been
involved with.
-kevin
--
Blog: http://off-the-wall-security.blogspot.com/ | Twitter: @KevinWWall
NSA: All your crypto bit are belong to us.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20201117/779439d3/attachment.htm>
More information about the cryptography
mailing list