Using FIPS 140-2 Cryptographic Modules in a Mobile App

About adding FIPS 140-2 Cryptographic Modules to a Mobile App

Adding FIPS 140-2 Cryptographic Modules is part of the Appdome Mobile Security Suite. You can find it under TOTALData^TM Encryption. Appdome uses the FIPS 140-2 certified versions of the commercially available encryption libraries. These libraries (OpenSSL’s libcrypto and libssl) have themselves undergone FIPS certification.

Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily implement FIPS 140-2 Compliant Cryptographic Modules to any mobile app – instantly, no code or coding required.

Prerequisites for using Appdome to Enhance Apps with FIPS 140-2

How to Enable FIPS 140-2 Compliance in Fused Applications

Follow these step-by-step instructions to enable FIPS 140-2 compliance.

 Upload a Mobile App to Your Account

Please follow these steps to add a mobile app to your Appdome account.
If you don’t have an Appdome account, click here to create an account.

1. Go to the Build tab.
2. Select the Security tab.
3. Expand TOTALData^TM Encryption.
4. Enable FIPS 140-2 Cryptographic Modules.
5. Click Build My App.

Note: the FIPS 140-2 Cryptographic Modules toggle, also appears under Secure Communication, when Trusted Session is enabled:

FIPS 140-2 and Fused Applications on Appdome

The following Appdome features make use of FIPS 140-2 compliant cryptography:

• Appdome’s TOTALData™Encryption makes use of FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.
• Appdome’s Trusted session inspection uses FIPS 140-2 compliant certificate and certificate-chain verification methods (X509_verify_cert). In addition, only FIPS 140-2 compliant encryption and hash algorithms will be used in the said handshake.
• Appdome’s Copy/Paste protection makes use of FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.
• ONEShield:
  • Appdome’s Checksum validation computes and verifies only using FIPS 140-2 approved checksum algorithms (SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224and SHA-512/256).
  • Appdome encrypts the strings and resources of the application using FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.
  • Appdome’s Non-native code obfuscation makes use of FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.
• MicroVPN:
  Appdome uses only FIPS 140-2 compliant cryptographic functions when establishing TLS connections. When used in Session Hardening mode, the outward facing connection will be established using FIPS 140-2 cryptographic functions, so in effect, this makes all outgoing TLS connections FIPS 140-2 compliant.
• Appdome’s Cross-App ID encrypts the shared state using FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.