FileVault 2 on Mavericks is now FIPS 140-2 Compliant
Apple officially announced on Monday, November 11th that the FIPS 140-2 validations for the cryptographic modules used by iOS 7 and OS X 10.9.x have now been completed. This is significant news for folks who want to use FileVault 2 in government and regulated industries (such as financial and health-care institutions.)
For folks who haven’t heard of it before, FIPS 140-2 is an information technology security accreditation program run jointly by the US and Canadian governments. This program is used by private sector vendors to have their cryptographic modules certified for use in US and Canadian government departments and private industries with regulatory requirements for security.
As part of today’s announcement, Apple has released KBase articles and guidance for security offices who deal with encryption:
OS X Mavericks: Apple FIPS Cryptographic Modules v4.0 – http://support.apple.com/kb/HT6051
Crypto Officer Role Guide for FIPS 140-2 Compliance OS X Mavericks v10.9 – http://km.support.apple.com/library/APPLE/APPLECARE_ALLGEOS/HT6051/APPLEFIPS_GUIDE_CO_OSX10.9.pdf
According to Apple, the OS X Mavericks Cryptographic Modules, Apple OS X CoreCrypto Module v4.0 and Apple OS X CoreCrypto Kernel Module v4.0, require no setup or configuration to be in “FIPS Mode” for FIPS 140-2 compliance on devices running OS X Mavericks v10.9.
FileVault 2 is listed as being FIPS 140-2 Compliant as part of the Crypto Officer Role Guide for FIPS 140-2 Compliance OS X Mavericks v10.9 documentation, in the Compliant Applications and Services section.