We are happy to announce that the cryptographic module in the Qualcomm® Snapdragon™ 805 processor has passed FIPS 140-2 security certification. This is significant in that it demonstrates Qualcomm cryptographic compliance and helps qualify our customers to enter government departments and other regulated industries with FIPS 140-2 requirements. The cryptographic module is unique in the industry in that almost all the capabilities are based in hardware, as compared with most software-based alternative solutions.

Cryptographic modules

A cryptographic module is "the set of hardware, software, firmware, or some combination thereof that implements cryptographic logic or cryptographic processes, including cryptographic algorithms, and is contained within the cryptographic boundary of the module”[1]. Protection of a cryptographic module within a security system is important for maintaining the confidentiality and integrity of the information protected by the module. Applications of cryptography include password protection, electronic commerce, software verification, and secure communication.

FIPS 140-2 certification

FIPS (Federal Information Processing Standard) publication 140-2 is a U.S. government computer security standard for accrediting cryptographic modules. More specifically, it is an information technology security accreditation program that enables private sector vendors like us to have our products “certified for use in government departments and regulated industries (such as financial and healthcare institutions) that collect, store, transfer, share and disseminate sensitive but unclassified information” [2]. In the enterprise space, it also enables IT managers to deploy a more secure device fleet.

Benefits of FIPS certification

The following cryptographic use cases most directly benefit from FIPS certification of the Qualcomm hardware cryptographic engine in the Snapdragon 805 processor: