Apple T2 Security Chip security certifications
Cryptographic module validation background
Apple actively engages in the provision of security assurance for Apple-embedded software and hardware cryptographic modules for each major release of an operating system using FIPS 140-3 requirements.
Validation of conformance can be performed only against a final released version of a cryptographic module.
In 2020 the CMVP adopted the international standard ISO/IEC 19790 as the basis for US Federal Information Processing Standard (FIPS) 140-3.
In addition to having an Intel CPU, most Mac computers since 2017 also have a separate Apple T2 Security Chip, which is an ARM-based system on chip (SoC). These Mac computers with a T2 chip use all five cryptographic modules for various on-device services.
Corecrypto User Module for Intel (used by macOS on Intel-based Mac computers)
Corecrypto Kernel Module for Intel (used by macOS on Intel-based Mac computers)
Corecrypto User Module for ARM (used by the T2 chip)
Corecrypto Kernel Module for ARM (used by the T2 chip)
Secure Key Store Cryptographic Module (used by the embedded Secure Enclave coprocessor in the T2 chip)
Note: The ARM-based modules used on the T2 chip are the same as those used on other ARM SoCs, such as the Apple A series, S series and M series.
Cryptographic module validation status
The Cryptographic Module Validation Program (CMVP) maintains the validation status of cryptographic modules under three separate lists depending on their current status.
For more information, see Cryptographic module validation status information.
FIPS 140-3 certifications
The table below shows the Apple cryptographic modules that are currently being tested by a laboratory, that have been recommended by a laboratory for validation by the CMVP, or that have been validated and certified as conformant to FIPS 140-3 by the CMVP.
Dates | Certificates/Documents | Module info |
---|---|---|
Operating system release date: 2023 Validation dates: — | Certificates: Not yet certified | Title: Apple Corecrypto Module v14.0 Operating system: sepOS for macOS 14 Sonoma Environment: ARM, User, Software Type: Software Security Level: 1 |
Operating system release date: 2023 Validation dates: — | Certificates: Not yet certified | Title: Apple Corecrypto Module v14.0 Operating system: sepOS for macOS 14 Sonoma Environment: ARM, Kernel, Software Type: Software Security Level: 1 |
Operating system release date: 2023 Validation dates: — | Certificates: Not yet certified | Title: Apple Corecrypto Module v14.0 Operating system: sepOS for macOS 14 Sonoma Environment: ARM, Secure Key Store, Hardware Type: Hardware (T2) Security Level: 2 |
Operating system release date: 2022 Validation dates: — | Certificates: Not yet certified | Title: Apple Corecrypto Module v13.0 Operating system: sepOS for macOS 13 Ventura Environment: ARM, User, Software Type: Software Security Level: 1 |
Operating system release date: 2022 Validation dates: — | Certificates: Not yet certified | Title: Apple Corecrypto Module v13.0 Operating system: sepOS for macOS 13 Ventura Environment: ARM, Kernel, Software Type: Software Security Level: 1 |
Operating system release date: 2022 Validation dates: — | Certificates: Not yet certified | Title: Apple Corecrypto Module v13.0 Operating system: sepOS for macOS 13 Ventura Environment: ARM, Secure Key Store, Hardware Type: Hardware (T2) Security Level: 2 |
Operating system release date: 2021 Validation dates: 01-10-2024 | Certificates: 4817 | Title: Apple Corecrypto Module v12.0 Operating system: sepOS for macOS 12 Monterey Environment: ARM, User, Software Type: Software Security Level: 1 |
Operating system release date: 2021 Validation dates: — | Certificates: Not yet certified | Title: Apple Corecrypto Module v12.0 Operating system: sepOS for macOS 12 Monterey Environment: ARM, Kernel, Software Type: Software Security Level: 1 |
Operating system release date: 2021 Validation dates: — | Certificates: Not yet certified | Title: Apple Corecrypto Module v12.0 Operating system: sepOS for macOS 12 Monterey Environment: ARM, Secure Key Store, Hardware Type: Hardware (T2) Security Level: 2 |
Operating system release date: 2020 Validation dates: 07-12-2022 | Certificates: 4391 | Title: Apple Corecrypto Module v11.1 Operating system: sepOS for macOS 11 Big Sur Environment: ARM, User, Software Type: Software Security Level: 1 |
Operating system release date: 2020 Validation dates: 07-12-2022 | Certificates: 4392 | Title: Apple Corecrypto Module v11.1 Operating system: sepOS for macOS 11 Big Sur Environment: ARM, Kernel, Software Type: Software Security Level: 1 |
Operating system release date: 2020 Validation dates: 09-08-2024 | Certificates: 4756 | Title: Apple Corecrypto Module v11.1 Operating system: sepOS for macOS 11 Big Sur on Intel Environment: ARM, Secure Key Store, Hardware Type: Hardware (T2) Security Level: 2 |
FIPS 140-2 certifications
The table below shows the cryptographic modules that are certified by the CMVP as conformant with FIPS 140-2.
Dates | Certificates/Documents | Module info |
---|---|---|
Operating system release date: 2019 Validation dates: 23-03-2021 | Certificates: 3856 | Title: Apple Corecrypto User Module v10.0 for ARM Operating system: sepOS for macOS 10.15 Catalina Type: Software Security Level: 1 |
Operating system release date: 2019 Validation dates: 23-03-2021 | Certificates: 3855 | Title: Apple Corecrypto Kernel Module v10.0 for ARM Operating system: sepOS for macOS 10.15 Catalina Type: Software Security Level: 1 |
Operating system release date: 2019 Validation dates: 05-02-2021 | Certificates: 3811 | Title: Apple Corecrypto Secure Key Store Cryptographic Module v10.0 Operating system: sepOS for macOS 10.15 Catalina Type: Hardware Security Level: 2 |
Previous versions
These T2 processor versions previously had cryptographic module validations. Those more than five years old are listed by the CMVP with historical status:
2018 in corecrypto modules v9.0
For questions about Apple Security and Privacy Certifications, contact security-certifications@apple.com.