Crypto4A selects Lightship Security to perform FIPS 140-2 Validation…

Crypto4A selects Lightship Security to perform FIPS 140-2 Validation…

Crypto4A Technologies Inc., an Ottawa, Canada based next generation cybersecurity solution provider, is proud to announce the selection of Lightship Security, another Ottawa based industry leading accredited Common Criteria and FIPS 140-2 laboratory, to perform FIPS 140-2 validation and supplemental Entropy Assessment for their upcoming Root of QAOS™ entropy appliance as well as future products based on their next generation cybersecurity platform.

FIPS (Federal Information Processing Standard) 140-2 is the benchmark for validating the effectiveness and security of cryptographic implementations in hardware and software solutions. If a product has a FIPS 140-2 certificate you know that it has been formally validated by the U.S. and Canadian Governments as part of the Cryptographic Module Validation Program (CMVP). Although FIPS 140-2 is a U.S./Canadian Federal standard, FIPS 140-2 compliance is also widely used as a de facto standard internationally for cryptographic testing in both governmental and non-governmental sectors as a practical security benchmark.

Entropy is the essential and fundamental ingredient for producing random numbers in all cryptographic key generation processes. Strong cryptographic keys are the backbone of today’s digital world, which is why it is critical that cryptographic technology meets the standards of FIPS 140-2. The generation and use of strong, quality entropy is a key area of focus for the CMVP.

Cryptographic random bit generators (RBGs), also known as random number generators (RNGs), require a noise source that produces digital outputs with some level of unpredictability, expressed as min-entropy. NIST SP 800-90B provides a standardized means of estimating the quality of a source of entropy.

Crypto4A’s Root of QAOS™ entropy solution is based on NIST’s Entropy-as-a-Service (EaaS) reference architecture and provides trusted, monitored, high-quality, and certified entropy to any number of internal and external systems and devices. The Root of QAOS™ is deployable as an appliance or as a managed service. It delivers certified and trusted entropy required for data centers, cloud providers, enterprise computing platforms, IoT and/or embedded devices such as mobile applications.

Jason Lawlor, President of Lightship Security states, “It’s great to engage with a Canadian company doing such innovative work on entropy solutions. The exploding use of cryptography to secure our communications and devices means we are going to need scalable entropy sources that provide the basis for building strong cryptographic algorithms today and moving forward. Crypto4A’s Root of QAOS™ provides that solution.”

Bruno Couillard, President, CTO, and Co-Founder of Crypto4A states, “We are very excited to work with the innovative team at Lightship Security. We believe that they are a company that is really pushing the boundaries and innovating to drive certification results for speed, thoroughness, and quality; something that previously hasn’t been possible. This enables us to bring our products to market faster without compromising on our security standards.”


Crypto4A’s “Root of QAOS™” entropy appliance will be available on June 18th. For further technical information or product-related inquiries, please contact John O’Connor at

About Lightship Security

Lightship is an accredited Common Criteria and FIPS 140-2 test laboratory that specializes in conformance automation and security certification services. They support their client’s entire validation and certification needs for CC, FIPS 140-2 and other internationally required standards.

Visit to find out how Lightship Security is helping organizations evaluate and certify their products at the speed of development.

About Crypto4A Inc.

Crypto4A was founded in 2017 by four Canadian experts in the field of information security and cryptography for commercial and military applications. Bruno Couillard, Jean-Pierre Fiset, Jim Goodman and Brad Ritchie collectively have over 100 years of direct experience in this field and were instrumental in the design of the first generation of commercial hardware security modules.

Visit to find out how Crypto4A is helping to ensure a more trustworthy digital world.

Share article on social media or email:

Published at Thu, 16 May 2019 00:00:00 +0000