Security certifications for iPadOS
iPadOS cryptographic module validation background
Apple actively engages in the validation of Apple embedded software and hardware modules for each major release of an operating system. Validation of conformance can only be performed against a final module release version; the validation is formally submitted upon the public release of the operating system.
Note: In 2019, the operating system for iPad devices was rebranded as iPadOS.
iPadOS cryptographic module validation status
The Cryptographic Module Validation Program (CMVP) maintains the validation status of cryptographic modules under four separate lists depending on their current status:
To be listed on the CMVP Implementation Under Test List, the laboratory must be contracted with Apple to provide testing.
After the testing has been completed by the laboratory, the lab has recommended validation by the CMVP, and the CMVP fees have been paid, the module is then added to the Modules in Process List. The MIP List tracks the progress of the CMVP validation efforts in four phases:
Review Pending: Waiting for CMVP resource to be assigned.
In Review: CMVP resources are performing their validation activities.
Coordination: The lab and the CMVP are resolving any issues found.
Finalization: The activities and formalities related to issuing the certificate.
After validation by the CMVP, the modules are awarded a certificate of conformance and added to the validated cryptographic modules list.
After 5 years or if the module certificate is revoked for some reason, the modules are moved to the “historical” list.
In 2020, the CMVP adopted the international standard ISO/IEC 19790 as the basis for FIPS 140-3.
FIPS 140-3 certifications
The table below shows the 2020 cryptographic modules for iPadOS that are currently being tested by the laboratory for conformance with FIPS 140-3.
Dates | Certificates / Documents | Operating systems / Module info |
|---|---|---|
OS release date: 2020 Validation dates: — | Certificates: — Documents: — | Operating system: iPadOS 14 Name: Apple Corecrypto Module v11.1 Environment: Apple silicon, User, Software Type: Software Security level: 1 |
OS release date: 2020 Validation dates: — | Certificates: — Documents: — | Operating system: iPadOS 14 Name: Apple Corecrypto Module v11.1 Environment: Apple silicon, Kernel, Software Type: Software Security level: 1 |
OS release date: 2020 Validation dates: — | Certificates: — Documents: — | Operating systems: iOS 14, iPadOS 14, macOS 11 Big Sur, tvOS 14, watchOS 7 Name: Apple Corecrypto Module v11.1 Environment: Apple silicon, Secure key store, Hardware, Overall Security Level 2 Type: Hardware Security level: 2 |
See a complete list of cryptographic modules at the NIST Computer Security Resource Center. You can see a list of modules currently being tested at the same website.
FIPS 140-2 certifications
The table below shows the cryptographic modules that are currently being tested and have been tested by the laboratory for conformance with FIPS 140-2.
iPadOS 13 (2019) user space, kernel space, and secure key store have completed laboratory testing and have been recommended by the laboratory to the CMVP for validation. They are listed on the Modules in Process List.
Dates | Certificates / Documents | Operating systems / Module info |
|---|---|---|
OS release date: 2019 Validation dates: — | Certificates: — Documents: — | Operating system: iPadOS 13 Name: Apple Corecrypto User Module v10.0 for ARM Type: Software Security level: 1 |
OS release date: 2019 Validation dates: — | Certificates: — Documents: — | Operating system: iPadOS 13 Name: Apple Corecrypto Kernel Module v10.0 for ARM Type: Software Security level: 1 |
OS release date: 2019 Validation dates: — | Certificates: — Documents: — | Operating systems: iOS 13, iPadOS 13, macOS 10.15 Catalina, tvOS 13, watchOS 6 Name: Apple Secure Key Store Cryptographic Module v10.0 Type: Hardware Security level: 2 |
OS release date: 2018 Validation dates: 2019-04-23 | Certificates: 3438 Documents: Certificate, Security Policy, Crypto Officer Guidance | Operating system: iOS 12 Name: Apple Corecrypto Kernel Module v9.0 for ARM Type: Software Security level: 1 |
OS release date: 2018 Validation dates: 2019-04-11 | Certificates: 3433 Documents: Certificate, Security Policy, Crypto Officer Guidance | Operating system: iOS 12 Name: Apple Corecrypto User Module v9.0 for ARM Type: Software Security level: 1 |
OS release date: 2018 Validation dates: 2019-9-10 | Certificates: 3523 Documents: Certificate, Security Policy, Crypto Officer Guidance | Operating systems: iOS 12, macOS 10.14 Mojave, tvOS 12, watchOS 5 Name: Apple Secure Key Store Cryptographic Module v9.0 Type: Hardware Security level: 2 |
OS release date: 2017 Validation dates: 2018-03-09, 2018-05-22, 2018-07-06 | Certificates: 3148 Documents: Certificate, Security Policy, Crypto Officer Guidance | Operating system: iOS 11 Name: Apple Corecrypto User Module v8.0 for ARM Type: Software Security level: 1 |
OS release date: 2017 Validation dates: 2018-03-09, 2018-05-17, 2018-07-03 | Certificates: 3147 Documents: Certificate, Security Policy, Crypto Officer Guidance | Operating system: iOS 11 Name: Apple Corecrypto Kernel Module v8.0 for ARM Type: Software Security level: 1 |
OS release date: 2017 Validation dates: 2019-09-10 | Certificates: 3223 Documents: Certificate, Security Policy, Crypto Officer Guidance | Operating systems: iOS 11, macOS 10.13 High Sierra, tvOS 11, watchOS 4 Name: Apple Secure Key Store Cryptographic Module v1.0 Type: Hardware Security level: 2 |
OS release date: 2016 Validation dates: 2017-02-01 | Certificates: 2828 Documents: Certificate, Security Policy, Crypto Officer Guidance | Operating system: iOS 10 Name: Apple iOS Corecrypto Kernel Module v7.0 Type: Software Security level: 1 |
OS release date: 2016 Validation dates: 2017-02-01 | Certificates: 2827 Documents: Certificate, Security Policy, Crypto Officer Guidance | Operating system: iOS 10 Name: Apple iOS Corecrypto Kernel Module v7.0 Type: Software Security level: 1 |
Previous versions
These previous iOS versions had cryptographic module validations. Those greater than 5 years old are listed by the CMVP with historical status:
iOS 9 (corecrypto modules v6.0)
iOS 8 (corecrypto modules v5.0)
iOS 7 (corecrypto modules v4.0)
iOS 6 (corecrypto modules v3.0)
Common Criteria (CC) certification background
Apple actively engages in the evaluation of iOS for each major release of the operating system. Evaluation can only be performed against a final publicly released version of the operating system. Prior to iPadOS 13.1, iPadOS was named iOS.
Common Criteria (CC) certification status
The U.S. scheme, operated by NIAP, maintains a list of Products in Evaluation; this list includes products that are currently undergoing evaluation in the United States with a NIAP-approved Common Criteria Testing Laboratory (CCTL) and that have completed an Evaluation Kickoff Meeting (or equivalent) in which CCEVS management officially accepts the product into evaluation.
After products are certified, NIAP puts currently valid certifications on its Product Compliant list. After 2 years, these certifications are reviewed for conformance with the current assurance maintenance policy. After the assurance maintenance date has expired, NIAP moves the certification listing to its Archived Products list.
The Common Criteria Portal lists certifications that can be mutually recognized under the Common Criteria Recognition Arrangement (CCRA). The CC Portal may maintain products on the certified product list for 5 years; records are kept by the CC Portal for archived certifications.
The table below shows the certifications that are currently being evaluated by a laboratory, or that have been certified as conforming with Common Criteria.
Laboratory testing for evaluations with NIAP for iPadOS 14 (iPad mobile device/VPN/Wireless/MDM Agent) is under way. For more information, see Products in evaluation (NIAP).
Operating system / Certification date | Scheme ID / Documents | Title / Protection Profiles |
|---|---|---|
Operating system: iPadOS 13 Certification date: 2020-11-06 | Scheme ID: 11036 Documents: Certificate, Security Target, Guidance, Validation Report, Assurance Activity Report | Title: iPadOS 13 on iPad Mobile Devices Protection Profiles: Mobile Device Fundamentals, VPN Client module, Wireless LAN client EP, MDM Agent EP |
Operating system: iOS 12 Certification date: 2019-03-14 | Scheme ID: 10937 Documents: Certificate, Security Target, Guidance, Validation Report, Assurance Activity Report | Title: iPad with iOS 12 Protection Profiles: Mobile Device Fundamentals, VPN Client module, Wireless LAN client EP, MDM Agent EP |
Previous versions
These previous iOS versions had Common Criteria validations. They are archived by NIAP according to the NIAP policy:
iOS 11 (Scheme ID: 10851)
iOS 10 (Scheme ID: 107782, 10792)
iOS 9 (Scheme ID: 10725, 10714, 10695)
For questions about Apple Security and Privacy Certifications, contact security-certifications@apple.com.