NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Trivalent Android Data Protection SDK v2.0

Certificate Date:  2017.04.13

Validation Report Number:  CCEVS-VR-VID10786-2017

Product Type:    Application Software

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Extended Package for Software File Encryption Version 1.0
  Protection Profile for Application Software Version 1.2

CC Testing Lab:  Gossamer Security Solutions

Maintenance Release:
CC Certificate [PDF] Security Target [PDF] * Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Product Description

Trivalent’s Android Data Protection SDK provides file level encryption through an APK and a library implementation.  The library contains both Java and native (c/c++) interfaces in order to support the majority of android application storage requirements. The same implementation and functionality for both java and c/c++ are provided by the TOE.  The library offers two groups of API: one set to manipulate files and one set to manipulate SQLite databases.  While the API groups provide different abstractions for the read and write operations, they both are ultimately simply reading and writing a single file.  The library is providing file level encryption. 

The Management Service Application is a straight Java Data Protection SDK APK, while the library is intended to be included into one’s mobile application (and then the mobile application can use the library’s APIs). The Management Service Application runs in the background and uses both Android and BouncyCastle keystores to provide the File Encryption Key Encryption Key (FEKEK) to each of the applications. The Data Protection SDK also uses the Android keystore to store an RSA key pair used by the Management Service, and a per application Android keystore to store each application’s RSA keypair to wrap the AES-wrapped FEKEK. The Management Service handles necessary authentication and key management. The file level encryption suite is an API designed to support the use of specialized file level encryption for Android applications. Encryption is provided by the SPX Core (Security First, Secure Parser Library).

Evaluated Configuration

The Target of Evaluation (TOE) is Trivalent’s Android Data Protection SDK Version 2.13 software application package residing on evaluated mobile devices running Android 5.1 and Android 6.0.  The TOE is a software solution providing the capability to handle file encryption on mobile devices.  Below are the current evaluated platforms:

·         Samsung Galaxy S7 & S7 Edge

·         Samsung Galaxy S6 & S6 Edge

·         Galaxy Note 5


Device Name



Android Version

Samsung Galaxy S7 & S7 Edge

Exynos 8890



Samsung Galaxy S7 & S7 Edge

Qualcomm MSM 8996



Galaxy S6 & S6 Edge

Exynos 7420



Galaxy Note 5

Exynos 7420



Any of the above products utilize the Snapdragon 800 family processor and are appropriate for use with the TOE. 

Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target.  The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4, September 2012. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 4, July 2012.  Gossamer Security Solutions determined that the evaluation assurance level (EAL) for the TOE is EAL 1.  The product, when delivered and configured as identified in the Trivalent Android Data Protection SDK Operations & Maintenance Manual, Version 2.13, December 2016 document, satisfies all of the security functional requirements stated in the Trivalent Android Data Protection SDK (ASPP12/ASFEEP10) Security Target, Version 1.0, April 10, 2017.  The project underwent CCEVS Validator review.  The evaluation was completed in April 2017.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID10786-2017) prepared by CCEVS.

Environmental Strengths

The logical boundaries of the Trivalent Android Data Protection SDK are realized in the security functions that it implements. Each of these security functions is summarized below.

Cryptographic support:

The evaluated platform runs Android 5.1 or Android 6.0 operating system. Android’s APIs allow generation of keys through KeyGenerator, and random numbers are generated using SecureRandom. Keys are used to protect data belonging to the applications that use the TOE.

The TOE uses Security First’s SPX Core (Security First, Secure Parser Library) for cryptographic algorithms. The SPX Core supports encryption via AES and random number generation via an SP 800-90 AES-256 CTR DRBG. The TOE uses the platform’s cryptographic API to perform AES key wrapping and keyed hashing via HMAC.

User data protection:

The TOE protects user data by providing encryption services for applications to encrypt their data. The TOE allows encryption of data using AES-256 bit keys.

Identification and authentication:

The TOE authenticates applications by requiring a PIN/passphrase to unlock the application’s file encryption key. A wrong password results in the unsuccessful loading of the application’s BouncyCastle keystore. Without the correct keystore, the application cannot load the keys necessary for file encryption/decryption.

Security management:

The TOE’s services/options are inaccessible until a configuration has been created. The TOE does not allow invocation of its services without configuration of the TOE’s settings upon first start up. The TOE allows the changing of passwords for management purposes.


The TOE does not transmit Personally Identifiable Information over any network interfaces.

Protection of the TSF:

The TOE relies on the physical boundary of the evaluated platform as well as the Android operating system for the protection of the TOE’s application components.

The TOE checks for updates by selecting the check current version option on its menu.  If an update is needed, Trivalent shall deliver, via email or other agreed upon method, an updated application. The TOE’s software is digitally signed by Trivalent. Each update is accompanied by documentation outlining changes to the overall service, as well as compatible versions of the Trivalent API.

The native Android cryptographic library, which provides the TOE’s cryptographic services, have built-in self-tests that are run at power-up to ensure that the algorithms are correct. If any self-tests fail, the TOE will not be able to perform its cryptographic services.

Trusted path/channels:

The TOE does not transmit any data between itself and another product. All of the data managed by the TOE resides on the evaluated platform (Android 5.1 or Android 6.0).

Vendor Information

Young An
Site Map              Contact Us              Home