by Joe White
May 8, 2013
According to the National Institute of Standards and Technology (NIST), the sixth iteration of Apple's mobile operating system, iOS 6, has achieved FIPS 140-2 certification (Level 1). As such, it is anticipated that the U.S. Government's use of iOS 6-powered iDevices could potentially increase in the coming months. The news reached us from TUAW, who reports that:
Apple iOS CoreCrypto Kernel Module v3.0, when operated in FIPS mode, "generates cryptographic keys whose strengths are modified by available entropy." CoreCrypto is described as "a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest." The module met Level 1 of FIPS (Federal Information Processing Standard) 140-2. Level 1 provides the lowest level of security, as no physical security mechanisms are required beyond the basic requirement for production-grade components. CoreCrypto uses FIPS-approved algorithms including Triple-DES, AES, SHS and an additional alphabet soup of acronyms.As a reminder, FIPS (Federal Information Processing Standard) is a computer security standard developed by the U.S. Government. Level 1 is the lowest security level of FIPS, since no external hardware mechanisms are required. According to the NIST's website, iOS 6 was cleared in single-user mode running on an iPhone 4, iPhone 4S, and iPad. It is not currently known whether the iPhone 5 or iPad mini can boast of the same certification. For further news, see: Hammer Falls In German Court Against Apple's Data Sharing Practices, Camera Wars: Apple's iPhone 5 Goes Head To Head Against The HTC One, and T-Mobile Sold 500,000 iPhone Handsets In Less Than One Month.