FIPS 140-2 Certified Modules for Ubuntu 16.04 LTS

Chris Johnston

on 13 December 2017

We are pleased to announce that officially certified FIPS 140-2 level 1 cryptographic packages are now available for Ubuntu 16.04 LTS for Ubuntu Advantage Advanced customers and as a separate, stand-alone product.

In 2016 Canonical began the process of completing the Cryptographic Module Validation Program to obtain FIPS 140-2 validation for Ubuntu 16.04 LTS. This has been successfully completed and Canonical now offers key components of Ubuntu 16.04 LTS compliant with the FIPS 140-2 level 1 standard. The FIPS compliant modules are available to Ubuntu Advantage Advanced subscribers in the Ubuntu Advantage private archive.

We currently use Ubuntu Linux because of its superior development environment and frequent LTS releases. As a business that develops software, one of our customer’s requirements is to utilize FIPS 140-2 validated software. We have been able to start rolling out the Ubuntu FIPS modules without needing to reinstall the operating system. This keeps our developers happy and productive as Ubuntu is their preferred environment and minimizes transition cost. The FIPS modules also include a VPN solution which we look forward to implementing to allow our developers to work remotely but still meet our customer’s requirements.

-Alex Stuart, North Point Defense

 

Users interested in FIPS 140-2 compliant modules on Ubuntu 16.04 can purchase Ubuntu Advantage at https://buy.ubuntu.com/ or by contacting the Canonical Sales Team.

For further information please visit https://www.ubuntu.com/security.

 

FAQ

What is FIPS?

FIPS stands for Federal Information Processing Standards which is a set of publications developed and maintained by the National Institute of Standards and Technology (NIST), a United States federal agency. These publications define the security criteria required for government computers and telecommunication systems.

What is the FIPS 140-2 standard?

According to NIST, FIPS 140-2 “specifies the security requirements that will be satisfied by a cryptographic module used within a security system protecting sensitive but unclassified information.”

Why should I use the FIPS 140-2 modules?

Government, defence, healthcare, and finance organizations worldwide operate in highly regulated industries and are required to meet the security requirements defined in the FIPS 140-2 standard. This includes the United States, Canadian, and United Kingdom governments as well as government contractors.

Where can I find out more about FIPS?

General information about the Federal Information Processing Standards can be found on the NIST website. More detailed information about FIPS 140-2 itself can be found in the Federal Information Processing Standards Publication 140-2 document.

Which modules are included?

What versions of Ubuntu have FIPS certified modules?

Currently only Ubuntu 16.04 LTS has FIPS certified modules.

How Can I Find Out More?

Click here to make an inquiry, and somebody from our team will get back to you!

Talk to us today

Interested in running Ubuntu Desktop in your organisation?

Newsletter signup

Select topics you’re
interested in

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Related posts

Ubuntu updates for TCP SACK Panic vulnerabilities

Issues have been identified in the way the Linux kernel’s TCP implementation processes Selective Acknowledgement (SACK) options and handles low Maximum Segment Size (MSS) values. These TCP SACK Panic vulnerabilities could expose servers to a denial …

Introducing the Ubuntu security podcast

The Ubuntu Security Podcast is a weekly podcast covering all the latest news and developments from the Ubuntu Security team. Each week the team discuss the various security updates that have been published across the Ubuntu …

Ubuntu updates to mitigate new Microarchitectural Data Sampling (MDS) vulnerabilities

Microarchitectural Data Sampling (MDS) describes a group of vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) in various Intel microprocessors, which allow a malicious process to read various information from another process which is executing on the same …