Encryption Module FIPS 140-2


I’m researching Duplicati to backup my linux servers. I’m running Ubuntu 18.04 LTS with the FIPS 140-2 certification.

Does Duplicati use the server’s cryptographic module (Ubuntu 18.04 Kernel Crypto API Cryptographic Module) or does it use its own? I believe is its using the servers module, then this would by extension mean Duplicati is also FIPS 140-2 certified, right?

Welcome to the forum @aolivas


are your options, and AFAIK its AES is its own:

There is also encryption for SSL/TLS, and this is done by underlying code. For Ubuntu that’s probably an instance of BoringSSL. FIPS Certification talks about lack of FIPS-140 in mono. Validated module search:

Cryptographic Module Validation Program

1 Like