1. Home
  2. /
  3. Resources
  4. /
  5. Bouncy Castle Java FIPS 2.1.0: Hardware Acceleration with Intel & FIPS 140-3 certification

Bouncy Castle Java FIPS 2.1.0: Hardware Acceleration with Intel & FIPS 140-3 certification

hero-sub-3
Keyfactor Release

2025-04-10

We're happy to announce Bouncy Castle Java FIPS 2.1.0 (BC-FJA 2.1.0), the latest release of our FIPS-certified cryptographic modules.

Hardware acceleration in collab with Intel

This update brings hardware acceleration for AES (including GCM) and SHA-256, developed in collaboration with Intel. By leveraging Intel’s AES-NI and SHA-256 instructions, as well as their expert guidance, this release delivers massive performance improvements, with throughput gains for AES ranging from 4x to 28x in bulk encryption.

In addition, BC-FJA 2.1.0 qualified for the Interim Certificate program at NIST, and we now have FIPS 140-3 certification (#4943), which is valid for two years while the full certification process is completed.

This achievement underscores the power of collaboration and #TECHSynergy in enhancing trust and performance for end users and customers. It highlights how industry-driven innovation is key to delivering high-performance, secure cryptographic solutions that address the evolving needs of modern security landscapes.

FIPS PUB 186-5 alignment

In addition to these optimizations, BC-FJA 2.1.0 aligns with FIPS PUB 186-5, now supporting EdDSA in approved mode and LMS signature verification, making it easier to adopt modern cryptographic standards. These updates are particularly relevant for organizations handling signature generation and verification, as well as those working with firmware signing.

Supported platforms

With support for Java 8, 11, 17, and 21, BC-FJA 2.1.0 is an important step forward, reinforcing our commitment to modern, high-performance cryptography on Intel hardware.

Bouncy Castle FIPS Java Roadmap

As part of the upcoming FIPS 140-3 certifications, including support for the newly standardized post-quantum algorithms, the BC-FJA 2.2 release will certify the pure Java implementation. Meanwhile, a separate branch incorporating hardware acceleration is planned for certification in BC-FJA 2.3. This approach ensures that both versions comply with FIPS requirements while optimizing performance for different deployment needs.

More Information

Related resources

Keyfactor Release
Implementing Cryptography
Installation & Deployment
Post-Quantum Cryptography
Release
Ejbca
Signserver
31 March, 2025

EJBCA 9.1 Community is Here!

EJBCA 9.1 Community edition brings the latest advancements in PKI and cryptog...
Read more
Keyfactor Release
Implementing Cryptography
Java
Post-Quantum Cryptography
Release
24 January, 2025

PQC and Lightweight Cryptography Updates – Bouncy Castle 1.80 Java

The release of Bouncy Castle 1.80 Java introduces several important updates f...
Read more
Close