CryptoComply

 CryptoComply for Mobile and CryptoComply for Server are standards-based “Drop-in Compliance” cryptographic engines designed for use in servers, workstations, appliances, and mobile devices.  SafeLogic’s containers deliver core cryptographic functions to these platforms and feature robust algorithm support, including Suite B algorithms.  CryptoComply modules offload secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation. 

Cross-Platform API

CryptoComply delivers a single code library to support cross-operating system platforms.  The same library can be used in applications across a variety of operating system platforms with the same programmatic interface while maintaining the FIPS 140-2 certification.  CryptoComply accomplishes this by maintaining the same code base across multiple FIPS 140-2 validations.

Reduce Validation Time

CryptoComply can reduce time of FIPS 140 standalone validation by as much as 90% by plugging in the module and replacing non-validated software.  Customers can enjoy instant compliance with the FIPS 140-2 requirements by replacing non-compliant cryptographic libraries with CryptoComply.  FIPS 140-2 validations can take 9 to 12 months but with CryptoComply, time-to-compliance can be dramatically reduced.

Suite B in a Box

CryptoComply provides robust cryptographic algorithm support by meeting the FIPS 140-2 requirements and supporting the Suite B algorithms.  CryptoComply also meets the latest key length requirements defined by FIPS 140-2.

Tested on Multiple Mobile and Enterprise Server Platforms

SafeLogic has developed an aggressive maintenance and testing roadmap to continually maintain certification on the latest operating systems and operating system versions.  As part of our standard package, CryptoComply licenses for Mobile and for Server maintain compliance for product upgrades.

Manage Costs and Time

FIPS 140-2 validations can take up to one year and cost over $75,000 per module. These costs can increase as the number of supported platforms increases. In the dynamic IT security business, these delays and costs can magnify competitive and customer demand pressures. CryptoComply for Mobile and CryptoComply for Server provide instant FIPS 140-2 compliance because the modules have already undergone the validation process.

Licensing other third-party modules can cost hundreds of thousands of dollars per year. With SafeLogic, customers will enjoy greatly reduced licensing and maintenance costs.

Eliminate Wasted Effort

Validations on a per product basis wastes time, money and effort.  Save valuable resources by incorporating CryptoComply into multiple products or multiple product lines.  Moreover, because CryptoComply is centrally maintained by SafeLogic, on-going support costs are greatly reduced and duplication of effort is eliminated.

FIPS 140 validations are valid for a particular version of software running in a specific set of platforms. CryptoComply validations support a wide variety of operating system platforms. SafeLogic’s aggressive validation roadmap ensures that as new operating system versions are made available, CryptoComply FIPS 140-2 validations will be kept up-to-date.

Maintain Validation Status

With FIPS 140-2 validations, any changes to a traditional module may force re-validation. Additional platform support may also require a re-validation. Discovered vulnerabilities in the module code could force a re-validation. CryptoComply contains only the core cryptographic functions, ensuring that only the most critical, security-relevant changes will necessitate re-validation.

While CryptoComply has been designed to isolate the validation to only the key functions, SafeLogic will continue to aggressively maintain validations to support technology changes and new security threats.

Drop-In Compliance

CryptoComply for Mobile and CryptoComply for Server are drop-in replacements for the low-level cryptographic library underlying TLS/SSL functions.  Developers merely have to build their code to point to the CryptoComply APIs, so that the calls made by the TLS/SSL stack code are handled by CryptoComply.  Because CryptoComply has already completed FIPS 140-2 validation, products that deploy CryptoComply can accurately claim FIPS 140-2 compliance immediately.

CryptoComply for Mobile has been FIPS 140-2 tested and validated on the following platforms:

iOS

Android

 
Note that compliance is maintained for other operating system versions where the module binary does not change.

Don’t know what that means? Don’t worry… contact us and we’ll teach you.

CryptoComply for Server has been FIPS 140-2 tested and validated on the following platforms:

Apple Mac OS X Server
Microsoft Windows Server

Red Hat Enterprise Linux

SUSE Enterprise
CentOS

Note that compliance is maintained for other operating system versions where the module binary does not change.

Don’t know what that means? Don’t worry… contact us and we’ll teach you.

CryptoComply provides robust algorithm support with a variety of Suite B and FIPS-approved algorithms which have been certified by NIST’s Cryptographic Algorithm Validation Program (CAVP). These algorithms include:

 AES (all modes and key sizes)
 TDES (all modes)
 
SHA (all variants)
 HMAC-SHA (all variants)

DH, ECDH
 
DSA, DSA2, RSA
 
ECDSA, ECDSA2
 RNG: ANSI X9.31, SP 800-90 DRBG