Update: FIPS 140 Validation Certificates for Acrobat, Reader, and LiveCycle

Version 9.0 of Adobe Acrobat and Adobe Reader include the RSA BSAFE Crypto-C ME 2.1.0.3 encryption module with FIPS 140-2 validation certificate #828. Instructions here will also enable FIPS mode in Acrobat and Reader 9.0 to restrict document encryption and digital signatures to FIPS approved algorithms (AES/RSA/SHA) in this library.

Adobe LiveCycle ES still includes the RSA BSAFE Crypto-J 3.5.04 encryption module with FIPS 140-2 validation certificate #590. FIPS mode is configured in the product installer.

3 Responses to Update: FIPS 140 Validation Certificates for Acrobat, Reader, and LiveCycle

  1. Michael Wilsher says:

    I have two questions;
    I want to confirm that Adobe acrobat 9 Standard, specifically 9.4 is FIPS 140-2 compliant under certificate #828. Is it also compliant when run without a digital certificate but with a properly constructed passphrase/password?
    Also you instructions for enabling FIPS mode looks to be dated and talks about Acrobat and Reader 8.1, Given that I have version 9.4 I assume I would use;

    HKEY_CURRENT_USER/SOFTWARE/Adobe/Adobe Acrobat/9.0/AVGeneral

    Instead of;

    HKEY_CURRENT_USER/SOFTWARE/Adobe/Adobe Acrobat/8.0/AVGeneral

    As indicated in the instructions?

    Thanks – Mike W

    • John B Harris says:

      Correct…the updates include the same FIPS-certified crypto.

      In terms of registry entries, you can also always refer to our security documentation, found here:

  2. Pingback: Update: FIPS Validation Certificates for Acrobat and Reader X « Security Matters