diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index de91ab07af..74ab14397b 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -231,7 +231,7 @@ The App-V Client can be configured to change the default behavior of streaming.
 |PackageSourceRoot|The root override where packages should be streamed from|
 |SharedContentStoreMode|Enables the use of Shared Content Store for VDI scenarios|
 
-These settings affect the behavior of streaming App-V package assets to the client. By default, App-V only downloads the assets required after downloading the initial publishing and primary feature blocks. There are three specific behaviors in streaming packages that is important to understand:
+These settings affect the behavior of streaming App-V package assets to the client. By default, App-V only downloads the assets required after downloading the initial publishing and primary feature blocks. There are three specific behaviors in streaming packages that are important to understand:
 
 - Background Streaming
 - Optimized Streaming
@@ -344,7 +344,7 @@ This process will recreate both the local and network locations for AppData and
 
 In an App-V Full Infrastructure, after applications are sequenced, they're managed and published to users or computers through the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are input as PowerShell commands on the computer running the App-V Client.
 
-This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Microsoft Endpoint Configuration Manager, see [Deploy App-V virtual applications with Configuration Manager](/mem/configmgr/apps/get-started/deploying-app-v-virtual-applications).
+This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Microsoft Configuration Manager, see [Deploy App-V virtual applications with Configuration Manager](/mem/configmgr/apps/get-started/deploying-app-v-virtual-applications).
 
 The App-V application lifecycle tasks are triggered at user sign in (default), machine startup, or as background timed operations. The settings for the App-V Client operations, including Publishing Servers, refresh intervals, package script enablement, and others, are configured (after the client is enabled) with Windows PowerShell commands. See [App-V Client Configuration Settings: Windows PowerShell](appv-client-configuration-settings.md#app-v-client-configuration-settings-windows-powershell).
 
diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2010-wth-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2010-wth-appv.md
index e2024178c1..c1a212d4a9 100644
--- a/windows/application-management/app-v/appv-deploying-microsoft-office-2010-wth-appv.md
+++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2010-wth-appv.md
@@ -38,7 +38,7 @@ Sequencing Office 2010 is one of the main methods for creating an Office 2010 pa
 
 You can deploy Office 2010 packages by using any of the following App-V deployment methods:
 
-* Microsoft Endpoint Configuration Manager
+* Microsoft Configuration Manager
 * App-V server
 * Stand-alone through Windows PowerShell commands
 
diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
index 73f9db7e31..2361c92d00 100644
--- a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
+++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
@@ -245,7 +245,7 @@ Use the following information to publish an Office package.
 
 Deploy the App-V package for Office 2013 by using the same methods you use for any other package:
 
-* Microsoft Endpoint Configuration Manager
+* Microsoft Configuration Manager
 * App-V Server
 * Stand-alone through Windows PowerShell commands
 
@@ -283,7 +283,7 @@ Use the steps in this section to enable Office plug-ins with your Office package
 
 #### To enable plug-ins for Office App-V packages
 
-1. Add a Connection Group through App-V Server, Microsoft Endpoint Configuration Manager, or a Windows PowerShell cmdlet.
+1. Add a Connection Group through App-V Server, Microsoft Configuration Manager, or a Windows PowerShell cmdlet.
 2. Sequence your plug-ins using the App-V Sequencer. Ensure that Office 2013 is installed on the computer being used to sequence the plug-in. It's a good idea to use Microsoft 365 Apps for enterprise (non-virtual) on the sequencing computer when you sequence Office 2013 plug-ins.
 3. Create an App-V package that includes the desired plug-ins.
 4. Add a Connection Group through App-V Server, Configuration Manager, or a Windows PowerShell cmdlet.
diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md
index 745d79c291..871ad80c8d 100644
--- a/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md
+++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md
@@ -229,7 +229,7 @@ Use the following information to publish an Office package.
 
 Deploy the App-V package for Office 2016 by using the same methods as the other packages that you've already deployed:
 
-* Microsoft Endpoint Configuration Manager
+* Microsoft Configuration Manager
 * App-V Server
 * Stand-alone through Windows PowerShell commands
 
@@ -266,7 +266,7 @@ The following steps will tell you how to enable Office plug-ins with your Office
 
 #### Enable plug-ins for Office App-V packages
 
-1. Add a Connection Group through App-V Server, Microsoft Endpoint Configuration Manager, or a Windows PowerShell cmdlet.
+1. Add a Connection Group through App-V Server, Microsoft Configuration Manager, or a Windows PowerShell cmdlet.
 2. Sequence your plug-ins using the App-V Sequencer. Ensure that Office 2016 is installed on the computer that will be used to sequence the plug-in. We recommend that you use Microsoft 365 Apps for enterprise (non-virtual) on the sequencing computer when sequencing Office 2016 plug-ins.
 3. Create an App-V package that includes the plug-ins you want.
 4. Add a Connection Group through the App-V Server, Configuration Manager, or a Windows PowerShell cmdlet.
diff --git a/windows/application-management/app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md b/windows/application-management/app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md
index 0058f4790c..a7be17a6f3 100644
--- a/windows/application-management/app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md
+++ b/windows/application-management/app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md
@@ -14,7 +14,7 @@ ms.topic: article
 
 [!INCLUDE [Applies to Windows client versions](../includes/applies-to-windows-client-versions.md)]
 
-If you're using an electronic software distribution (ESD) system to deploy App-V packages, review the following planning considerations. For information about deploying App-V with Microsoft Endpoint Configuration Manager, see [Introduction to application management in Configuration Manager](/previous-versions/system-center/system-center-2012-R2/gg682125(v=technet.10)#BKMK_Appv).
+If you're using an electronic software distribution (ESD) system to deploy App-V packages, review the following planning considerations. For information about deploying App-V with Microsoft Configuration Manager, see [Introduction to application management in Configuration Manager](/previous-versions/system-center/system-center-2012-R2/gg682125(v=technet.10)#BKMK_Appv).
 
 Review the following component and architecture requirements options that apply when you use an ESD to deploy App-V packages:
 
diff --git a/windows/application-management/app-v/appv-supported-configurations.md b/windows/application-management/app-v/appv-supported-configurations.md
index 2522c24732..097a07c1ed 100644
--- a/windows/application-management/app-v/appv-supported-configurations.md
+++ b/windows/application-management/app-v/appv-supported-configurations.md
@@ -72,7 +72,7 @@ The App-V Publishing server can be installed on a server that runs Windows Serve
 
 ### Publishing server hardware requirements
 
-App-V adds requires nothing beyond the requirements of Windows Server.
+App-V adds require nothing beyond the requirements of Windows Server.
 
 * A 64-bit (x64) processor that runs at 1.4 GHz or faster.
 * 2-GB RAM (64-bit).
@@ -117,7 +117,7 @@ Sequencer is now part of the Windows Assessment and Deployment Kit (Windows ADK)
 
 See the Windows or Windows Server documentation for the hardware requirements.
 
-## Supported versions of Microsoft Endpoint Configuration Manager
+## Supported versions of Microsoft Configuration Manager
 
 The App-V client works with Configuration Manager versions starting with Technical Preview for Configuration Manager, version 1606.
 
diff --git a/windows/client-management/azure-active-directory-integration-with-mdm.md b/windows/client-management/azure-active-directory-integration-with-mdm.md
index 928db9a0cb..d02f1b1f53 100644
--- a/windows/client-management/azure-active-directory-integration-with-mdm.md
+++ b/windows/client-management/azure-active-directory-integration-with-mdm.md
@@ -36,7 +36,7 @@ For personal devices (BYOD):
 
 ### Azure AD Join
 
-Company owned devices are traditionally joined to the on-premises Active Directory domain of the organization. These devices can be managed using Group Policy or computer management software such as Microsoft Endpoint Configuration Manager. In Windows 10, it’s also possible to manage domain joined devices with an MDM.
+Company owned devices are traditionally joined to the on-premises Active Directory domain of the organization. These devices can be managed using Group Policy or computer management software such as Microsoft Configuration Manager. In Windows 10, it’s also possible to manage domain joined devices with an MDM.
 
 Windows 10 introduces a new way to configure and deploy organization owned Windows devices. This mechanism is called Azure AD Join. Like traditional domain join, Azure AD Join allows devices to become known and managed by an organization. However, with Azure AD Join, Windows authenticates to Azure AD instead of authenticating to a domain controller.
 
diff --git a/windows/client-management/azure-ad-and-microsoft-intune-automatic-mdm-enrollment-in-the-new-portal.md b/windows/client-management/azure-ad-and-microsoft-intune-automatic-mdm-enrollment-in-the-new-portal.md
index 4770e2515b..af610cec3c 100644
--- a/windows/client-management/azure-ad-and-microsoft-intune-automatic-mdm-enrollment-in-the-new-portal.md
+++ b/windows/client-management/azure-ad-and-microsoft-intune-automatic-mdm-enrollment-in-the-new-portal.md
@@ -11,10 +11,14 @@ ms.reviewer:
 manager: aaroncz
 ---
 
-# Azure AD and Microsoft Intune: Automatic MDM enrollment in the new Portal 
+# Azure AD and Microsoft Intune: Automatic MDM enrollment in the Endpoint Manager admin center
 
-> [!NOTE]
-> Microsoft Intune portal can be accessed at the following link: [https://endpoint.microsoft.com](https://endpoint.microsoft.com).   
+Microsoft Intune can be accessed directly using its own admin center. For more information, go to:
+
+- [Tutorial: Walkthrough Intune in Microsoft Endpoint Manager admin center](/mem/intune/fundamentals/tutorial-walkthrough-endpoint-manager)
+- Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+
+If you use the Azure portal, then you can access Intune using the following steps:
 
 1. Go to your Azure AD Blade.
 2. Select **Mobility (MDM and MAM)**, and find the Microsoft Intune app.
diff --git a/windows/client-management/manage-corporate-devices.md b/windows/client-management/manage-corporate-devices.md
index 24fe54f2cf..a89553916f 100644
--- a/windows/client-management/manage-corporate-devices.md
+++ b/windows/client-management/manage-corporate-devices.md
@@ -37,7 +37,7 @@ You can use the same management tools to manage all device types running Windows
 
 ## Learn more
 
-[How to bulk-enroll devices with On-premises Mobile Device Management in Microsoft Endpoint Configuration Manager](/mem/configmgr/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm)
+[How to bulk-enroll devices with On-premises Mobile Device Management in Microsoft Configuration Manager](/mem/configmgr/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm)
 
 [Azure AD, Microsoft Intune and Windows 10 - Using the cloud to modernize enterprise mobility](https://blogs.technet.microsoft.com/enterprisemobility/2015/06/12/azure-ad-microsoft-intune-and-windows-10-using-the-cloud-to-modernize-enterprise-mobility/)
 
diff --git a/windows/client-management/manage-windows-10-in-your-organization-modern-management.md b/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
index 99a1cc804d..19461ff803 100644
--- a/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
+++ b/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
@@ -17,7 +17,7 @@ Use of personal devices for work, and employees working outside the office, may
 
 Your organization might have considered bringing in Windows 10 devices and downgrading them to an earlier version of Windows until everything is in place for a formal upgrade process. This downgrade may appear to save costs due to standardization. But, you typically save more if you don't downgrade, and immediately taking advantage of the cost reductions Windows 10 can provide. Because Windows 10 devices can be managed using the same processes and technology as other previous Windows versions, it's easy for versions to coexist.
 
-Your organization can support various operating systems across a wide range of device types, and manage them through a common set of tools such as Microsoft Endpoint Configuration Manager, Microsoft Intune, or other third-party products. This "managed diversity" enables you to empower your users to benefit from the productivity enhancements available on their new Windows 10 devices (including rich touch and ink support), while still maintaining your standards for security and manageability. It can help you and your organization benefit from Windows 10 much faster.
+Your organization can support various operating systems across a wide range of device types, and manage them through a common set of tools such as Microsoft Configuration Manager, Microsoft Intune, or other third-party products. This "managed diversity" enables you to empower your users to benefit from the productivity enhancements available on their new Windows 10 devices (including rich touch and ink support), while still maintaining your standards for security and manageability. It can help you and your organization benefit from Windows 10 much faster.
 
 This six-minute video demonstrates how users can bring in a new retail device and be up and working with their personalized settings and a managed experience in a few minutes, without being on the corporate network. It also demonstrates how IT can apply policies and configurations to ensure device compliance.
 
diff --git a/windows/client-management/mdm-enrollment-of-windows-devices.md b/windows/client-management/mdm-enrollment-of-windows-devices.md
index d8748f2ee6..65c0df509a 100644
--- a/windows/client-management/mdm-enrollment-of-windows-devices.md
+++ b/windows/client-management/mdm-enrollment-of-windows-devices.md
@@ -255,7 +255,7 @@ There are a few instances where your device may not be able to connect to work.
 |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
 | Your device is already connected to your organization’s cloud.                                                                                                                             | Your device is already connected to either Azure AD, a work or school account, or an AD domain.     |
 | We couldn't find your identity in your organization’s cloud.                                                                                                                              | The username you entered wasn't found on your Azure AD tenant.                                     |
-| Your device is already being managed by an organization.                                                                                                                                   | Your device is either already managed by MDM or Microsoft Endpoint Configuration Manager.                |
+| Your device is already being managed by an organization.                                                                                                                                   | Your device is either already managed by MDM or Microsoft Configuration Manager.                |
 | You don’t have the right privileges to perform this operation. Talk to your admin.                                                                                                  | You can't enroll your device into MDM as a standard user. You must be on an administrator account. |
 | We couldn’t auto-discover a management endpoint matching the username entered. Check your username and try again. If you know the URL to your management endpoint, enter it. | You need to provide the server URL for your MDM or check the spelling of the username you entered.  |
 
diff --git a/windows/client-management/quick-assist.md b/windows/client-management/quick-assist.md
index 90c733a3d0..3e5468167e 100644
--- a/windows/client-management/quick-assist.md
+++ b/windows/client-management/quick-assist.md
@@ -30,30 +30,27 @@ The helper can authenticate when they sign in by using a Microsoft account (MSA)
 
 ### Network considerations
 
-Quick Assist communicates over port 443 (https) and connects to the Remote Assistance Service at `https://remoteassistance.support.services.microsoft.com` by using the Remote Desktop Protocol (RDP). The traffic is encrypted with TLS 1.2.
-
-Both the helper and sharer must be able to reach these endpoints over port 443:
+Quick Assist communicates over port 443 (https) and connects to the Remote Assistance Service at `https://remoteassistance.support.services.microsoft.com` by using the Remote Desktop Protocol (RDP). The traffic is encrypted with TLS 1.2. Both the helper and sharer must be able to reach these endpoints over port 443:
 
 | Domain/Name | Description |
 |--|--|
-| `*.api.support.microsoft.com` | API access for Quick Assist |
-| `*.aria.microsoft.com` | Used for accessibility features within the app |
-| `*.cc.skype.com` | Azure Communication Service for chat and connection between parties |
-| `*.channelservices.microsoft.com` | Required for chat services within Quick Assist |
-| `*.channelwebsdks.azureedge.net` | Used for chat services within Quick Assist |
-| `*.edgeassetservice.azureedge.net` | Used for diagnostic data |
-| `*.flightproxy.skype.com` | Azure Communication Service for chat and connection between parties |
-| `*.login.microsoftonline.com` | Required for logging in to the application (Microsoft account) |
-| `*.monitor.azure.com` | Service Performance Monitoring |
-| `*.registrar.skype.com` | Azure Communication Service for chat and connection between parties. |
-| `*.remoteassistanceprodacs.communication.azure.com` | Azure Communication Services (ACS) technology the Quick Assist app uses. |
+| `*.aria.microsoft.com` | Accessible Rich Internet Applications (ARIA) service for providing accessible experiences to users. |
+| `*.cc.skype.com` | Required for Azure Communication Service. |
+| `*.events.data.microsoft.com` | Required diagnostic data for client and services used by Quick Assist. |
+| `*.flightproxy.skype.com` | Required for Azure Communication Service. |
+| `*.live.com` | Required for logging in to the application (MSA). |
+| `*.monitor.azure.com` | Required for telemetry and remote service initialization. |
+| `*.registrar.skype.com` | Required for Azure Communication Service. |
 | `*.support.services.microsoft.com` | Primary endpoint used for Quick Assist application |
-| `*.trouter.skype.com` | Azure Communication Service for chat and connection between parties. |
-| `*.turn.azure.com` | Protocol used to help endpoint. |
-| `*.vortex.data.microsoft.com` | Used for diagnostic data |
-| `browser.pipe.aria.microsoft.com` | Required diagnostic data for client and services used by Quick Assist. |
-| `edge.skype.com` | Azure Communication Service for chat and connection between parties. |
-| `events.data.microsoft.com` | Required diagnostic data for client and services used by Quick Assist. |
+| `*.trouter.skype.com` | Used for Azure Communication Service for chat and connection between parties. |
+| `aadcdn.msauth.net` | Required for logging in to the application (AAD). |
+| `edge.skype.com` | Used for Azure Communication Service for chat and connection between parties. |
+| `login.microsoftonline.com` | Required for Microsoft login service. |
+| `remoteassistanceprodacs.communication.azure.com` | Used for Azure Communication Service for chat and connection between parties. |
+| `turn.azure.com` | Required for Azure Communication Service. |
+
+> [!IMPORTANT]
+> Quick Assist uses Edge WebView2 browser control. For a list of domain URLs that you need to add to the allow list to ensure that the Edge WebView2 browser control can be installed and updated, see [Allow list for Microsoft Edge endpoints](/deployedge/microsoft-edge-security-endpoints).
 
 ## How it works
 
diff --git a/windows/configuration/TOC.yml b/windows/configuration/TOC.yml
index 177b63d3e2..ff2dba8be7 100644
--- a/windows/configuration/TOC.yml
+++ b/windows/configuration/TOC.yml
@@ -327,7 +327,7 @@
                   href: ue-v/uev-manage-configurations.md
                 - name: Configuring UE-V with Group Policy Objects
                   href: ue-v/uev-configuring-uev-with-group-policy-objects.md
-                - name: Configuring UE-V with Microsoft Endpoint Configuration Manager
+                - name: Configuring UE-V with Microsoft Configuration Manager
                   href: ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
                 - name: Administering UE-V with Windows PowerShell and WMI
                   href: ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md
diff --git a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
index a1ac8234e6..a350813090 100644
--- a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
+++ b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
@@ -31,7 +31,7 @@ CSPs are behind many of the management tasks and policies for Windows client, bo
 
 :::image type="content" source="../images/policytocsp.png" alt-text="How intune maps to CSP":::
 
-CSPs receive configuration policies in the XML-based Synchronization Markup Language (SyncML) format, pushed from an MDM-compliant management server, such as Microsoft Intune. Traditional enterprise management systems, such as Microsoft Endpoint Configuration Manager, can also target CSPs, by using a client-side Windows Management Instrumentation (WMI)-to-CSP Bridge.
+CSPs receive configuration policies in the XML-based Synchronization Markup Language (SyncML) format, pushed from an MDM-compliant management server, such as Microsoft Intune. Traditional enterprise management systems, such as Microsoft Configuration Manager, can also target CSPs, by using a client-side Windows Management Instrumentation (WMI)-to-CSP Bridge.
 
 ### Synchronization Markup Language (SyncML)
 
@@ -55,7 +55,7 @@ You can use Windows Configuration Designer to create [provisioning packages](./p
 
 Many settings in Windows Configuration Designer will display documentation for that setting in the center pane, and will include a reference to the CSP if the setting uses one, as shown in the following image.
 
-:::image type="content" source="../images/cspinicd.png" alt-text="In Windows Configuration Designer, how help content appears in icd.":::
+:::image type="content" source="../images/cspinicd.png" alt-text="In Windows Configuration Designer, how help content appears in ICD.":::
 
 [Provisioning packages in Windows client](provisioning-packages.md) explains how to use the Windows Configuration Designer tool to create a runtime provisioning package.
 
@@ -81,7 +81,7 @@ The full path to a specific configuration setting is represented by its Open Mob
 
 The following example shows the diagram for the [AssignedAccess CSP](/windows/client-management/mdm/assignedaccess-csp). The diagram maps to the XML for that CSP. Notice the different shapes in the diagram: rounded elements are nodes, and rectangular elements are settings or policies for which a value must be supplied.
 
-:::image type="content" source="../images/provisioning-csp-assignedaccess.png" alt-text="The CSP reference shows the assigned access csp tree.":::
+:::image type="content" source="../images/provisioning-csp-assignedaccess.png" alt-text="The CSP reference shows the assigned access CSP tree.":::
 
 The element in the tree diagram after the root node tells you the name of the CSP. Knowing this structure, you would recognize in XML the parts of the URI path for that CSP and, if you saw it in XML, you would know which CSP reference to look up. For example, in the following OMS-URI path for the kiosk mode app settings, you can see that it uses the [AssignedAccess CSP](/windows/client-management/mdm/assignedaccess-csp).
 
diff --git a/windows/configuration/provisioning-packages/provisioning-create-package.md b/windows/configuration/provisioning-packages/provisioning-create-package.md
index 780fc8c764..eeba5e2a63 100644
--- a/windows/configuration/provisioning-packages/provisioning-create-package.md
+++ b/windows/configuration/provisioning-packages/provisioning-create-package.md
@@ -148,7 +148,7 @@ For details on each specific setting, see [Windows Provisioning settings referen
 
 ## Learn more
 
-- [How to bulk-enroll devices with On-premises Mobile Device Management in Microsoft Endpoint Configuration Manager](/configmgr/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm)
+- [How to bulk-enroll devices with On-premises Mobile Device Management in Microsoft Configuration Manager](/configmgr/mdm/deploy-use/bulk-enroll-devices-on-premises-mdm)
 
 ## Related articles
 
diff --git a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
index dc2ca16f4d..2f4dadd57a 100644
--- a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
+++ b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md
@@ -1,6 +1,6 @@
 ---
-title: Configuring UE-V with Microsoft Endpoint Configuration Manager
-description: Learn how to configure User Experience Virtualization (UE-V) with Microsoft Endpoint Configuration Manager.
+title: Configuring UE-V with Microsoft Configuration Manager
+description: Learn how to configure User Experience Virtualization (UE-V) with Microsoft Configuration Manager.
 author: aczechowski
 ms.prod: windows-client
 ms.date: 04/19/2017
diff --git a/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md b/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md
index 79d36471a0..901c9451d1 100644
--- a/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md
+++ b/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md
@@ -220,7 +220,7 @@ After you create a settings location template with the UE-V template generator,
 
 You can deploy settings location templates using of these methods:
 
--   An electronic software distribution (ESD) system such as Microsoft Endpoint Configuration Manager
+-   An electronic software distribution (ESD) system such as Microsoft Configuration Manager
 
 -   Group Policy preferences
 
diff --git a/windows/configuration/ue-v/uev-manage-configurations.md b/windows/configuration/ue-v/uev-manage-configurations.md
index 7bc1cfe1cd..6f44c3f7ea 100644
--- a/windows/configuration/ue-v/uev-manage-configurations.md
+++ b/windows/configuration/ue-v/uev-manage-configurations.md
@@ -24,11 +24,11 @@ You can use Group Policy Objects to modify the settings that define how UE-V syn
 
 [Configuring UE-V with Group Policy Objects](uev-configuring-uev-with-group-policy-objects.md)
 
-## Configuring UE-V with Microsoft Endpoint Configuration Manager
+## Configuring UE-V with Microsoft Configuration Manager
 
 You can use Microsoft Endpoint Configuration Manager to manage the UE-V service by using the UE-V Configuration Pack.
 
-[Configuring UE-V with Microsoft Endpoint Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md)
+[Configuring UE-V with Microsoft Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md)
 
 ## Administering UE-V with PowerShell and WMI
 
diff --git a/windows/configuration/ue-v/uev-prepare-for-deployment.md b/windows/configuration/ue-v/uev-prepare-for-deployment.md
index 9d16048ab9..39acddadd3 100644
--- a/windows/configuration/ue-v/uev-prepare-for-deployment.md
+++ b/windows/configuration/ue-v/uev-prepare-for-deployment.md
@@ -265,9 +265,9 @@ For more information, see the [Windows Application List](uev-managing-settings-l
 
 If you're deploying UE-V to synchronize settings for custom applications, you’ll use the UE-V template generator to create custom settings location templates for those desktop applications. After you create and test a custom settings location template in a test environment, you can deploy the settings location templates to user devices.
 
-Custom settings location templates must be deployed with an existing deployment infrastructure, such as an enterprise software distribution method, including Microsoft Endpoint Configuration Manager, with preferences, or by configuring a UE-V settings template catalog. Templates that are deployed with Configuration Manager or Group Policy must be registered using UE-V WMI or Windows PowerShell.
+Custom settings location templates must be deployed with an existing deployment infrastructure, such as an enterprise software distribution method, including Microsoft Configuration Manager, with preferences, or by configuring a UE-V settings template catalog. Templates that are deployed with Configuration Manager or Group Policy must be registered using UE-V WMI or Windows PowerShell.
 
-For more information about custom settings location templates, see [Deploy UE-V with custom applications](uev-deploy-uev-for-custom-applications.md). For more information about using UE-V with Configuration Manager, see [Configuring UE-V with Microsoft Endpoint Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md).
+For more information about custom settings location templates, see [Deploy UE-V with custom applications](uev-deploy-uev-for-custom-applications.md). For more information about using UE-V with Configuration Manager, see [Configuring UE-V with Microsoft Configuration Manager](uev-configuring-uev-with-system-center-configuration-manager.md).
 
 ### Prevent unintentional user settings configuration
 
diff --git a/windows/deployment/deploy-m365.md b/windows/deployment/deploy-m365.md
index b70ac634d6..b235598be3 100644
--- a/windows/deployment/deploy-m365.md
+++ b/windows/deployment/deploy-m365.md
@@ -28,8 +28,8 @@ For Windows 10 deployment, Microsoft 365 includes a fantastic deployment advisor
 - Windows Autopilot
 - In-place upgrade
 - Deploying Windows 10 upgrade with Intune
-- Deploying Windows 10 upgrade with Microsoft Endpoint Configuration Manager
-- Deploying a computer refresh with Microsoft Endpoint Configuration Manager
+- Deploying Windows 10 upgrade with Microsoft Configuration Manager
+- Deploying a computer refresh with Microsoft Configuration Manager
 
 ## Free trial account
 
diff --git a/windows/deployment/deploy-whats-new.md b/windows/deployment/deploy-whats-new.md
index e1a4f5b77f..cec1220c0b 100644
--- a/windows/deployment/deploy-whats-new.md
+++ b/windows/deployment/deploy-whats-new.md
@@ -40,7 +40,7 @@ The [Windows ADK for Windows 11](/windows-hardware/get-started/adk-install) is a
 [SetupDiag](#setupdiag) is included with Windows 10, version 2004 and later, and Windows 11.<br>
 New capabilities are available for [Delivery Optimization](#delivery-optimization) and [Windows Update for Business](#windows-update-for-business).<br>
 VPN support is added to [Windows Autopilot](#windows-autopilot)<br>
-An in-place upgrade wizard is available in [Configuration Manager](#microsoft-endpoint-configuration-manager).<br>
+An in-place upgrade wizard is available in [Configuration Manager](#microsoft-configuration-manager).<br>
 The Windows 10 deployment and update [landing page](index.yml) has been redesigned, with more content added and more content coming soon.<br>
 
 ## The Modern Desktop Deployment Center
@@ -124,7 +124,7 @@ The following Windows Autopilot features are available in Windows 10, version 19
 - Windows Autopilot is self-updating during OOBE. From Windows 10 onward, version 1903 Autopilot functional and critical updates will begin downloading automatically during OOBE.
 - Windows Autopilot will set the [diagnostics data](/windows/privacy/windows-diagnostic-data) level to Full on Windows 10 version 1903 and later during OOBE.
 
-### Microsoft Endpoint Configuration Manager
+### Microsoft Configuration Manager
 
 An in-place upgrade wizard is available in Configuration Manager. For more information, see [Simplifying Windows 10 deployment with Configuration Manager](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/simplifying-windows-10-deployment-with-configuration-manager/ba-p/1214364).
 
@@ -201,7 +201,7 @@ For more information, see the following guides:
 
 - [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md)
 - [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md)
-- [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md)
+- [Deploy Windows 10 in a test lab using Microsoft Configuration Manager](windows-10-poc-sc-config-mgr.md)
 
 ## Troubleshooting guidance
 
diff --git a/windows/deployment/deploy-windows-cm/TOC.yml b/windows/deployment/deploy-windows-cm/TOC.yml
index f47a156a14..13d898e1b5 100644
--- a/windows/deployment/deploy-windows-cm/TOC.yml
+++ b/windows/deployment/deploy-windows-cm/TOC.yml
@@ -1,4 +1,4 @@
-- name: Deploy Windows 10 with Microsoft Endpoint Configuration Manager
+- name: Deploy Windows 10 with Microsoft Configuration Manager
   items: 
     - name: Prepare for Windows 10 deployment with Configuration Manager
       items: 
diff --git a/windows/deployment/deploy-windows-cm/add-a-windows-10-operating-system-image-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/add-a-windows-10-operating-system-image-using-configuration-manager.md
index b894e49a68..c723dc30ae 100644
--- a/windows/deployment/deploy-windows-cm/add-a-windows-10-operating-system-image-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-cm/add-a-windows-10-operating-system-image-using-configuration-manager.md
@@ -19,7 +19,7 @@ ms.date: 10/27/2022
 
 -   Windows 10
 
-Operating system images are typically the production image used for deployment throughout the organization. This article shows you how to add a Windows 10 operating system image created with Microsoft Endpoint Configuration Manager, and how to distribute the image to a distribution point.
+Operating system images are typically the production image used for deployment throughout the organization. This article shows you how to add a Windows 10 operating system image created with Microsoft Configuration Manager, and how to distribute the image to a distribution point.
 
 ## Infrastructure
 
diff --git a/windows/deployment/deploy-windows-cm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md b/windows/deployment/deploy-windows-cm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md
index 3096ca315b..25f8bd58cf 100644
--- a/windows/deployment/deploy-windows-cm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-cm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md
@@ -1,6 +1,6 @@
 ---
 title: Create a custom Windows PE boot image with Configuration Manager (Windows 10)
-description: Learn how to create custom Windows Preinstallation Environment (Windows PE) boot images in Microsoft Endpoint Configuration Manager.
+description: Learn how to create custom Windows Preinstallation Environment (Windows PE) boot images in Microsoft Configuration Manager.
 ms.reviewer: 
 manager: aaroncz
 ms.author: frankroj
@@ -19,7 +19,7 @@ ms.date: 10/27/2022
 
 - Windows 10
 
-In Microsoft Endpoint Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This article shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process.
+In Microsoft Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This article shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process.
 - The boot image that is created is based on the version of ADK that is installed.
 
 For the purposes of this guide, we'll use one server computer: CM01.
diff --git a/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md b/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
index c7ef3fcf77..ce164ba563 100644
--- a/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
+++ b/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
@@ -18,7 +18,7 @@ ms.date: 10/27/2022
 
 - Windows 10
 
-This article walks you through the Zero Touch Installation (ZTI) process of Windows 10 OS deployment using Microsoft Endpoint Configuration Manager [integrated](#why-integrate-mdt-with-configuration-manager) with Microsoft Deployment Toolkit (MDT).
+This article walks you through the Zero Touch Installation (ZTI) process of Windows 10 OS deployment using Microsoft Configuration Manager [integrated](#why-integrate-mdt-with-configuration-manager) with Microsoft Deployment Toolkit (MDT).
 
 ## Prerequisites
 
diff --git a/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
index 5e089a9ae6..45a35d3282 100644
--- a/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
@@ -1,6 +1,6 @@
 ---
 title: Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager
-description: In this article, you'll learn how to replace a Windows 7 SP1 computer using Microsoft Endpoint Configuration Manager.
+description: In this article, you'll learn how to replace a Windows 7 SP1 computer using Microsoft Configuration Manager.
 ms.assetid: 3c8a2d53-8f08-475f-923a-bca79ca8ac36
 ms.reviewer: 
 manager: aaroncz
@@ -20,7 +20,7 @@ ms.date: 10/27/2022
 
 - Windows 10
 
-In this article, you'll learn how to replace a Windows 7 SP1 computer using Microsoft Endpoint Configuration Manager. This process is similar to refreshing a computer, but since you're replacing the device, you have to run the backup job separately from the deployment of Windows 10.
+In this article, you'll learn how to replace a Windows 7 SP1 computer using Microsoft Configuration Manager. This process is similar to refreshing a computer, but since you're replacing the device, you have to run the backup job separately from the deployment of Windows 10.
 
 In this article, you'll create a backup-only task sequence that you run on PC0004 (the device you're replacing), deploy the PC0006 computer running Windows 10, and then restore this backup of PC0004 onto PC006. This process is similar to the MDT replace process: [Replace a Windows 7 computer with a Windows 10 computer](../deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md).
 
diff --git a/windows/deployment/deploy-windows-mdt/get-started-with-the-microsoft-deployment-toolkit.md b/windows/deployment/deploy-windows-mdt/get-started-with-the-microsoft-deployment-toolkit.md
index 9c8464bb68..701f10efc1 100644
--- a/windows/deployment/deploy-windows-mdt/get-started-with-the-microsoft-deployment-toolkit.md
+++ b/windows/deployment/deploy-windows-mdt/get-started-with-the-microsoft-deployment-toolkit.md
@@ -27,7 +27,7 @@ MDT is a unified collection of tools, processes, and guidance for automating des
 
 In addition to reducing deployment time and standardizing desktop and server images, MDT enables you to more easily manage security and ongoing configurations. MDT builds on top of the core deployment tools in the [Windows Assessment and Deployment Kit](/windows-hardware/get-started/adk-install) (Windows ADK) with more guidance and features designed to reduce the complexity and time required for deployment in an enterprise environment.
 
-MDT supports the deployment of Windows 10, and Windows 7, Windows 8.1, and Windows Server. It also includes support for zero-touch installation (ZTI) with [Microsoft Endpoint Configuration Manager](/configmgr/).
+MDT supports the deployment of Windows 10, and Windows 7, Windows 8.1, and Windows Server. It also includes support for zero-touch installation (ZTI) with [Microsoft Configuration Manager](/configmgr/).
 
 > [!IMPORTANT]
 > For more information about MDT supported platforms, see [MDT Release Notes](/mem/configmgr/mdt/release-notes#supported-platforms) and [MDT FAQ](/mem/configmgr/mdt/faq#is-this-release-only-supported-with-version--x--of-windows-client--windows-adk--or-configuration-manager-).
diff --git a/windows/deployment/deploy.md b/windows/deployment/deploy.md
index a4ddd7deff..81b14bb1e6 100644
--- a/windows/deployment/deploy.md
+++ b/windows/deployment/deploy.md
@@ -23,7 +23,7 @@ Windows 10 upgrade options are discussed and information is provided about plann
 |[Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) |This article provides information about support for upgrading from one edition of Windows 10 to another. |
 |[Windows 10 volume license media](windows-10-media.md) |This article provides information about updates to volume licensing media in the current version of Windows 10. |
 |[Manage Windows upgrades with Upgrade Readiness](/mem/configmgr/desktop-analytics/overview) |With Upgrade Readiness, enterprises now have the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With Windows diagnostic data enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they're known to Microsoft. The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded. | 
-|[Windows 10 deployment test lab](windows-10-poc.md) |This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After you complete this guide, more guides are provided to  deploy Windows 10 in the test lab using [Microsoft Deployment Toolkit](windows-10-poc-mdt.md) or [Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md). |
+|[Windows 10 deployment test lab](windows-10-poc.md) |This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After you complete this guide, more guides are provided to  deploy Windows 10 in the test lab using [Microsoft Deployment Toolkit](windows-10-poc-mdt.md) or [Microsoft Configuration Manager](windows-10-poc-sc-config-mgr.md). |
 |[Plan for Windows 10 deployment](planning/index.md) | This section describes Windows 10 deployment considerations and provides information to help Windows 10 deployment planning. |
 |[Deploy Windows 10 with the Microsoft Deployment Toolkit](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md) |This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT). |
 |[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) |If you have Microsoft Configuration Manager in your environment, you'll most likely want to use it to deploy Windows 10. This article will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT). |
diff --git a/windows/deployment/do/delivery-optimization-endpoints.md b/windows/deployment/do/delivery-optimization-endpoints.md
index 98615239e4..8de2e95ad4 100644
--- a/windows/deployment/do/delivery-optimization-endpoints.md
+++ b/windows/deployment/do/delivery-optimization-endpoints.md
@@ -26,12 +26,12 @@ This article lists the endpoints that need to be allowed through the firewall to
 
 |Domain Name  |Protocol/Port(s)  | Content Type | Additional Information | Version |
 |---------|---------|---------------|-------------------|-----------------|
-| *.b1.download.windowsupdate.com, *.dl.delivery.mp.microsoft.com, *.download.windowsupdate.com, *.au.download.windowsupdate.com, *.au.b1.download.windowsupdate.com, *.tlu.dl.delivery.mp.microsoft.com, *.emdl.ws.microsoft.com, *.ctldl.windowsupdate.com   |  HTTP / 80  | Windows Update </br> Windows Defender </br> Windows Drivers | [Complete list](/windows/privacy/manage-windows-2004-endpoints) of endpoints for Windows Update services and payload. | Microsoft Endpoint Configuration Manager Distribution Point |
-| *.delivery.mp.microsoft.com  |  HTTP / 80  | Edge Browser | [Complete list](/deployedge/microsoft-edge-security-endpoints) of endpoints for Edge Browser. | Microsoft Endpoint Configuration Manager Distribution Point |
-| *.officecdn.microsoft.com.edgesuite.net, *.officecdn.microsoft.com, *.cdn.office.net |  HTTP / 80  | Office CDN updates | [Complete list](/office365/enterprise/office-365-endpoints) of endpoints for Office CDN updates. | Microsoft Endpoint Configuration Manager Distribution Point |
-| *.manage.microsoft.com, *.swda01.manage.microsoft.com, *.swda02.manage.microsoft.com, *.swdb01.manage.microsoft.com, *.swdb02.manage.microsoft.com, *.swdc01.manage.microsoft.com, *.swdc02.manage.microsoft.com, *.swdd01.manage.microsoft.com, *.swdd02.manage.microsoft.com, *.swda01-mscdn.manage.microsoft.com, *.swda02-mscdn.manage.microsoft.com, *.swdb01-mscdn.manage.microsoft.com, *.swdb02-mscdn.manage.microsoft.com, *.swdc01-mscdn.manage.microsoft.com, *.swdc02-mscdn.manage.microsoft.com, *.swdd01-mscdn.manage.microsoft.com, *.swdd02-mscdn.manage.microsoft.com |  HTTP / 80 </br> HTTPs / 443  | Intune Win32 Apps | [Complete list](/mem/intune/fundamentals/intune-endpoints) of endpoints for Intune Win32 Apps updates. | Microsoft Endpoint Configuration Manager Distribution Point |
-| *.statics.teams.cdn.office.net |  HTTP / 80 </br> HTTPs / 443  | Teams | | Microsoft Endpoint Configuration Manager Distribution Point |
-| *.assets1.xboxlive.com, *.assets2.xboxlive.com, *.dlassets.xboxlive.com, *.dlassets2.xboxlive.com, *.d1.xboxlive.com, *.d2.xboxlive.com, *.assets.xbox.com, *.xbl-dlassets-origin.xboxlive.com, *.assets-origin.xboxlive.com, *.xvcb1.xboxlive.com, *.xvcb2.xboxlive.com, *.xvcf1.xboxlive.com, *.xvcf2.xboxlive.com |  HTTP / 80 | Xbox | | Microsoft Endpoint Configuration Manager Distribution Point |
-| *.tlu.dl.adu.microsoft.com, *.nlu.dl.adu.microsoft.com, *.dcsfe.prod.adu.microsoft.com |  HTTP / 80 | Device Update | [Complete list](/azure/iot-hub-device-update/) of endpoints for Device Update updates.  | Microsoft Endpoint Configuration Manager Distribution Point |
+| *.b1.download.windowsupdate.com, *.dl.delivery.mp.microsoft.com, *.download.windowsupdate.com, *.au.download.windowsupdate.com, *.au.b1.download.windowsupdate.com, *.tlu.dl.delivery.mp.microsoft.com, *.emdl.ws.microsoft.com, *.ctldl.windowsupdate.com   |  HTTP / 80  | Windows Update </br> Windows Defender </br> Windows Drivers | [Complete list](/windows/privacy/manage-windows-2004-endpoints) of endpoints for Windows Update services and payload. | Microsoft Configuration Manager Distribution Point |
+| *.delivery.mp.microsoft.com  |  HTTP / 80  | Edge Browser | [Complete list](/deployedge/microsoft-edge-security-endpoints) of endpoints for Edge Browser. | Microsoft Configuration Manager Distribution Point |
+| *.officecdn.microsoft.com.edgesuite.net, *.officecdn.microsoft.com, *.cdn.office.net |  HTTP / 80  | Office CDN updates | [Complete list](/office365/enterprise/office-365-endpoints) of endpoints for Office CDN updates. | Microsoft Configuration Manager Distribution Point |
+| *.manage.microsoft.com, *.swda01.manage.microsoft.com, *.swda02.manage.microsoft.com, *.swdb01.manage.microsoft.com, *.swdb02.manage.microsoft.com, *.swdc01.manage.microsoft.com, *.swdc02.manage.microsoft.com, *.swdd01.manage.microsoft.com, *.swdd02.manage.microsoft.com, *.swda01-mscdn.manage.microsoft.com, *.swda02-mscdn.manage.microsoft.com, *.swdb01-mscdn.manage.microsoft.com, *.swdb02-mscdn.manage.microsoft.com, *.swdc01-mscdn.manage.microsoft.com, *.swdc02-mscdn.manage.microsoft.com, *.swdd01-mscdn.manage.microsoft.com, *.swdd02-mscdn.manage.microsoft.com |  HTTP / 80 </br> HTTPs / 443  | Intune Win32 Apps | [Complete list](/mem/intune/fundamentals/intune-endpoints) of endpoints for Intune Win32 Apps updates. | Microsoft Configuration Manager Distribution Point |
+| *.statics.teams.cdn.office.net |  HTTP / 80 </br> HTTPs / 443  | Teams | | Microsoft Configuration Manager Distribution Point |
+| *.assets1.xboxlive.com, *.assets2.xboxlive.com, *.dlassets.xboxlive.com, *.dlassets2.xboxlive.com, *.d1.xboxlive.com, *.d2.xboxlive.com, *.assets.xbox.com, *.xbl-dlassets-origin.xboxlive.com, *.assets-origin.xboxlive.com, *.xvcb1.xboxlive.com, *.xvcb2.xboxlive.com, *.xvcf1.xboxlive.com, *.xvcf2.xboxlive.com |  HTTP / 80 | Xbox | | Microsoft Configuration Manager Distribution Point |
+| *.tlu.dl.adu.microsoft.com, *.nlu.dl.adu.microsoft.com, *.dcsfe.prod.adu.microsoft.com |  HTTP / 80 | Device Update | [Complete list](/azure/iot-hub-device-update/) of endpoints for Device Update updates.  | Microsoft Configuration Manager Distribution Point |
 | *.do.dsp.mp.microsoft.com |  HTTP / 80 </br> HTTPs / 443 | Microsoft Connected Cache -> Delivery Optimization Services communication | [Complete list](../do/waas-delivery-optimization-faq.yml) of endpoints for Delivery Optimization only.  | Microsoft Connected Cache Managed in Azure |
 | *.azure-devices.net, *.global.azure-devices-provisioning.net, *.azurecr.io, *.blob.core.windows.net, *.mcr.microsoft.com |  AMQP / 5671 </br>  MQTT / 8883 </br> HTTPs / 443 | IoT Edge / IoT Hub communication| [Complete list](/azure/iot-hub/iot-hub-devguide-protocols) of Azure IoT Hub communication protocols and ports. [Azure IoT Guide](/azure/iot-hub/iot-hub-devguide-endpoints) to understanding Azure IoT Hub endpoints. | Microsoft Connected Cache Managed in Azure |
diff --git a/windows/deployment/do/waas-optimize-windows-10-updates.md b/windows/deployment/do/waas-optimize-windows-10-updates.md
index ff8fd19bfa..75f5fb76b3 100644
--- a/windows/deployment/do/waas-optimize-windows-10-updates.md
+++ b/windows/deployment/do/waas-optimize-windows-10-updates.md
@@ -46,7 +46,7 @@ Two methods of peer-to-peer content distribution are available.
 > [!NOTE]
 > Microsoft Configuration Manager has an additional feature called Client Peer Cache that allows peer-to-peer content sharing between clients you use Configuration Manager to manage, in the same Configuration Manager boundary Group. For more information, see [Client Peer Cache](/configmgr/core/plan-design/hierarchy/client-peer-cache).
 >
-> In addition to Client Peer Cache, similar functionality is available in the Windows Preinstallation Environment (Windows PE) for imaging-related content. Using this technology, clients imaging with Configuration Manager task sequences can source operating system images, driver packages, boot images, packages, and programs from peers instead of distribution points. For detailed information about how Windows PE Peer Cache works and how to configure it, see [Prepare Windows PE peer cache to reduce WAN traffic in Microsoft Endpoint Configuration Manager](/configmgr/osd/get-started/prepare-windows-pe-peer-cache-to-reduce-wan-traffic).
+> In addition to Client Peer Cache, similar functionality is available in the Windows Preinstallation Environment (Windows PE) for imaging-related content. Using this technology, clients imaging with Configuration Manager task sequences can source operating system images, driver packages, boot images, packages, and programs from peers instead of distribution points. For detailed information about how Windows PE Peer Cache works and how to configure it, see [Prepare Windows PE peer cache to reduce WAN traffic in Microsoft Configuration Manager](/configmgr/osd/get-started/prepare-windows-pe-peer-cache-to-reduce-wan-traffic).
 
 ## Express update delivery
 
@@ -56,7 +56,7 @@ Windows client quality update downloads can be large because every package conta
 > Express update delivery applies to quality update downloads. Starting with Windows 10, version 1709, Express update delivery also applies to feature update downloads for clients connected to Windows Update and Windows Update for Business.
 
 ### How Microsoft supports Express
-- **Express on Microsoft Endpoint Configuration Manager** starting with version 1702 of Configuration Manager and Windows 10, version 1703 or later, or Windows 10, version 1607 with the April 2017 cumulative update.
+- **Express on Microsoft Configuration Manager** starting with version 1702 of Configuration Manager and Windows 10, version 1703 or later, or Windows 10, version 1607 with the April 2017 cumulative update.
 - **Express on WSUS Standalone**
 
   Express update delivery is available on [all support versions of WSUS](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc708456(v=ws.10)).
@@ -94,4 +94,4 @@ At this point, the download is complete and the update is ready to be installed.
 | ![done.](images/checklistdone.png) | [Build deployment rings for Windows client updates](../update/waas-deployment-rings-windows-10-updates.md) |
 | ![done.](images/checklistdone.png) | [Assign devices to servicing channels for Windows client updates](../update/waas-servicing-channels-windows-10-updates.md) |
 | ![done.](images/checklistdone.png) | Optimize update delivery for Windows 10 updates (this article) |
-| ![to do.](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](../update/waas-manage-updates-wufb.md)<br/>or [Deploy Windows client updates using Windows Server Update Services](../update/waas-manage-updates-wsus.md)<br/>or [Deploy Windows client updates using Microsoft Endpoint Configuration Manager](/mem/configmgr/osd/deploy-use/manage-windows-as-a-service) |
+| ![to do.](images/checklistbox.gif) | [Deploy updates using Windows Update for Business](../update/waas-manage-updates-wufb.md)<br/>or [Deploy Windows client updates using Windows Server Update Services](../update/waas-manage-updates-wsus.md)<br/>or [Deploy Windows client updates using Microsoft Configuration Manager](/mem/configmgr/osd/deploy-use/manage-windows-as-a-service) |
diff --git a/windows/deployment/planning/act-technical-reference.md b/windows/deployment/planning/act-technical-reference.md
index e1614b011b..4a758fcbc4 100644
--- a/windows/deployment/planning/act-technical-reference.md
+++ b/windows/deployment/planning/act-technical-reference.md
@@ -31,7 +31,7 @@ Use Windows Analytics to get:
 - Guidance and insights into application and driver compatibility issues, with suggested fixes 
 - Data driven application rationalization tools
 - Application usage information, allowing targeted validation; workflow to track validation progress and decisions
-- Data export to commonly used software deployment tools, including Microsoft Endpoint Configuration Manager
+- Data export to commonly used software deployment tools, including Microsoft Configuration Manager
 
 The Windows Analytics workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
 
diff --git a/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml b/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
index 12e891c82f..bf3c38f95e 100644
--- a/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
+++ b/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
@@ -49,7 +49,7 @@ sections:
           For many devices, drivers will be automatically installed in Windows 10 and there will be no need for further action.
           - For some devices, Windows 10 may be unable to install drivers that are required for operation. If your device drivers aren't automatically installed, visit the manufacturer's support website for your device to download and manually install the drivers. If Windows 10 drivers aren't available, the most up-to-date drivers for Windows 8.1 will often work in Windows 10.
           - For some devices, the manufacturer may provide more up-to-date drivers or drivers that enable more functionality than the drivers installed by Windows 10. Always follow the recommendations of the device manufacturer for optimal performance and stability.
-          - Some computer manufacturers provide packs of drivers for easy implementation in management and deployment solutions like the Microsoft Deployment Toolkit (MDT) or Microsoft Endpoint Configuration Manager. These driver packs contain all of the drivers needed for each device and can greatly simplify the process of deploying Windows to a new make or model of computer. Driver packs for some common manufacturers include:
+          - Some computer manufacturers provide packs of drivers for easy implementation in management and deployment solutions like the Microsoft Deployment Toolkit (MDT) or Microsoft Configuration Manager. These driver packs contain all of the drivers needed for each device and can greatly simplify the process of deploying Windows to a new make or model of computer. Driver packs for some common manufacturers include:
               - [HP driver pack](https://www.hp.com/us-en/solutions/client-management-solutions/drivers-pack.html)
               - [Dell driver packs for enterprise client OS deployment](https://www.dell.com/support/kbdoc/en-us/000124139/dell-command-deploy-driver-packs-for-enterprise-client-os-deployment)
               - [Lenovo Configuration Manager and MDT package index](https://support.lenovo.com/us/en/solutions/ht074984)
@@ -70,9 +70,9 @@ sections:
       - question: |
           Which deployment tools support Windows 10?
         answer: |
-          Updated versions of Microsoft deployment tools, including Microsoft Endpoint Configuration Manager, MDT, and the Windows Assessment and Deployment Kit (Windows ADK) support Windows 10.
+          Updated versions of Microsoft deployment tools, including Microsoft Configuration Manager, MDT, and the Windows Assessment and Deployment Kit (Windows ADK) support Windows 10.
 
-          - [Microsoft Endpoint Configuration Manager](/mem/configmgr) simplifies the deployment and management of Windows 10. If you aren't currently using it, download a free 180-day trial of [Microsoft Endpoint Configuration Manager (current branch)](https://www.microsoft.com/evalcenter/evaluate-microsoft-endpoint-configuration-manager).
+          - [Microsoft Configuration Manager](/mem/configmgr) simplifies the deployment and management of Windows 10. If you aren't currently using it, download a free 180-day trial of [Microsoft Configuration Manager (current branch)](https://www.microsoft.com/evalcenter/evaluate-microsoft-endpoint-configuration-manager).
 
           - [MDT](/mem/configmgr/mdt) is a collection of tools, processes, and guidance for automating desktop and server deployment.
 
@@ -81,7 +81,7 @@ sections:
       - question: |
           Can I upgrade computers from Windows 7 or Windows 8.1 without deploying a new image?
         answer: |
-          Computers running Windows 7 or Windows 8.1 can be upgraded directly to Windows 10 through the in-place upgrade process without a need to reimage the device using MDT and/or Configuration Manager. For more information, see [Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager](../deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md) or [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md).
+          Computers running Windows 7 or Windows 8.1 can be upgraded directly to Windows 10 through the in-place upgrade process without a need to reimage the device using MDT and/or Configuration Manager. For more information, see [Upgrade to Windows 10 with Microsoft Configuration Manager](../deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md) or [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md).
           
       - question: |
           Can I upgrade from Windows 7 Enterprise or Windows 8.1 Enterprise to Windows 10 Enterprise for free?
@@ -114,7 +114,7 @@ sections:
           - Windows Update
           - Windows Update for Business
           - Windows Server Update Services
-          - Microsoft Endpoint Configuration Manager
+          - Microsoft Configuration Manager
           
           For more information, see [Servicing Tools](../update/waas-overview.md#servicing-tools).
           
diff --git a/windows/deployment/planning/windows-10-infrastructure-requirements.md b/windows/deployment/planning/windows-10-infrastructure-requirements.md
index 1a3c1e8061..26aff43d39 100644
--- a/windows/deployment/planning/windows-10-infrastructure-requirements.md
+++ b/windows/deployment/planning/windows-10-infrastructure-requirements.md
@@ -40,7 +40,7 @@ For more information about Microsoft Configuration Manager support for Windows 1
 
 ## Management tools
 
-In addition to Microsoft Endpoint Configuration Manager, Windows 10 also uses other tools for management. For Windows Server and Active Directory, existing supported versions are fully supported for Windows 10. New Group Policy templates will be needed to configure new settings available in Windows 10; these templates are available in the Windows 10 media images, and are available as a separate download [here](https://go.microsoft.com/fwlink/p/?LinkId=625081). See [Group Policy settings reference](https://go.microsoft.com/fwlink/p/?LinkId=625082) for a list of the new and modified policy settings. If you're using a central policy store, follow the steps outlined [here](/troubleshoot/windows-server/group-policy/create-central-store-domain-controller) to update the ADMX files stored in that central store.
+In addition to Microsoft Configuration Manager, Windows 10 also uses other tools for management. For Windows Server and Active Directory, existing supported versions are fully supported for Windows 10. New Group Policy templates will be needed to configure new settings available in Windows 10; these templates are available in the Windows 10 media images, and are available as a separate download [here](https://go.microsoft.com/fwlink/p/?LinkId=625081). See [Group Policy settings reference](https://go.microsoft.com/fwlink/p/?LinkId=625082) for a list of the new and modified policy settings. If you're using a central policy store, follow the steps outlined [here](/troubleshoot/windows-server/group-policy/create-central-store-domain-controller) to update the ADMX files stored in that central store.
 
 No new Active Directory schema updates or specific functional levels are currently required for core Windows 10 product functionality, although subsequent upgrades could require these schema updates to support new features.
 
diff --git a/windows/deployment/planning/windows-to-go-frequently-asked-questions.yml b/windows/deployment/planning/windows-to-go-frequently-asked-questions.yml
index f992798862..848e407d94 100644
--- a/windows/deployment/planning/windows-to-go-frequently-asked-questions.yml
+++ b/windows/deployment/planning/windows-to-go-frequently-asked-questions.yml
@@ -168,7 +168,7 @@ sections:
       - question: |
           How can Windows To Go be managed in an organization?
         answer: |
-          Windows To Go can be deployed and managed like a traditional desktop PC using standard Windows enterprise software distribution tools like Microsoft Endpoint Configuration Manager. Computer and user settings for Windows To Go workspaces can be managed using Group Policy setting also in the same manner that you manage Group Policy settings for other PCs in your organization. Windows To Go workspaces can be configured to connect to the organizational resources remotely using DirectAccess or a virtual private network connection so that they can connect securely to your network.
+          Windows To Go can be deployed and managed like a traditional desktop PC using standard Windows enterprise software distribution tools like Microsoft Configuration Manager. Computer and user settings for Windows To Go workspaces can be managed using Group Policy setting also in the same manner that you manage Group Policy settings for other PCs in your organization. Windows To Go workspaces can be configured to connect to the organizational resources remotely using DirectAccess or a virtual private network connection so that they can connect securely to your network.
 
       - question: |
           How do I make my computer boot from USB?
diff --git a/windows/deployment/planning/windows-to-go-overview.md b/windows/deployment/planning/windows-to-go-overview.md
index dd1b570035..5465e73df5 100644
--- a/windows/deployment/planning/windows-to-go-overview.md
+++ b/windows/deployment/planning/windows-to-go-overview.md
@@ -56,7 +56,7 @@ The applications that you want to use from the Windows To Go workspace should be
 
 ## <a href="" id="wtg-prep-intro"></a>Prepare for Windows To Go
 
-Enterprises install Windows on a large group of computers either by using configuration management software (such as Microsoft Endpoint Configuration Manager), or by using standard Windows deployment tools such as DiskPart and the Deployment Image Servicing and Management (DISM) tool.
+Enterprises install Windows on a large group of computers either by using configuration management software (such as Microsoft Configuration Manager), or by using standard Windows deployment tools such as DiskPart and the Deployment Image Servicing and Management (DISM) tool.
 
 These same tools can be used to provision Windows To Go drive, just as you would if you were planning for provisioning a new class of mobile PCs. You can use the [Windows Assessment and Deployment Kit](/windows-hardware/get-started/adk-install) to review deployment tools available.
 
diff --git a/windows/deployment/update/PSFxWhitepaper.md b/windows/deployment/update/PSFxWhitepaper.md
index 5c1d53cd63..7d41b154fe 100644
--- a/windows/deployment/update/PSFxWhitepaper.md
+++ b/windows/deployment/update/PSFxWhitepaper.md
@@ -68,7 +68,7 @@ numerous advantages:
 
 Historically, download sizes of Windows 10 quality updates (Windows 10, version 1803 and older supported versions of Windows 10) are optimized by using express download. Express download is optimized such that updating Windows 10 systems will download the minimum number of bytes. This is achieved by generating differentials for every updated file based on selected historical base revisions of the same file + its base or RTM version.
 
-For example, if the October monthly quality update has updated Notepad.exe, differentials for Notepad.exe file changes from September to October, August to October, July to October, June to October, and from the original feature release to October are generated. All these differentials are stored in a Patch Storage File (PSF, also referred to as “express download files”) and hosted or cached on Windows Update or other update management or distribution servers (for example, Windows Server Update Services (WSUS), Microsoft Endpoint Configuration Manager, or a non-Microsoft update management or distribution server that supports express updates). A device leveraging express updates uses network protocol to determine optimal differentials, then downloads only what is needed from the update distribution endpoints.
+For example, if the October monthly quality update has updated Notepad.exe, differentials for Notepad.exe file changes from September to October, August to October, July to October, June to October, and from the original feature release to October are generated. All these differentials are stored in a Patch Storage File (PSF, also referred to as “express download files”) and hosted or cached on Windows Update or other update management or distribution servers (for example, Windows Server Update Services (WSUS), Microsoft Configuration Manager, or a non-Microsoft update management or distribution server that supports express updates). A device leveraging express updates uses network protocol to determine optimal differentials, then downloads only what is needed from the update distribution endpoints.
 
 The flip side of express download is that the size of PSF files can be very large depending on the number of historical baselines against which differentials were calculated. Downloading and caching large PSF files to on-premises or remote update distribution servers is problematic for most organizations, hence they are unable to leverage express updates to keep their fleet of devices running Windows 10 up to date. Secondly, due to the complexity of generating differentials and size of the express files that need to be cached on update distribution servers, it is only feasible to generate express download files for the most common baselines, thus express updates are only applicable to selected baselines. Finally, calculation of optimal differentials is expensive in terms of system memory utilization, especially for low-cost systems, impacting their ability to download and apply an update seamlessly.
 
diff --git a/windows/deployment/update/get-started-updates-channels-tools.md b/windows/deployment/update/get-started-updates-channels-tools.md
index d5467cc27c..d53be32342 100644
--- a/windows/deployment/update/get-started-updates-channels-tools.md
+++ b/windows/deployment/update/get-started-updates-channels-tools.md
@@ -44,7 +44,7 @@ We include information here about many different update types you'll hear about,
 
 There are three servicing channels, each of which offers you a different level of flexibility with how and when updates are delivered to devices. Using the different servicing channels allows you to deploy Windows "as a service," which conceives of deployment as a continual process of updates that roll out across the organization in waves. In this approach, an update is plugged into this process and while it runs, you monitor for anomalies, errors, or user impact and respond as issues arise--without interrupting the entire process.
 
-The first step of controlling when and how devices install updates is assigning them to the appropriate servicing channel. You can assign devices to a particular channel with any of several tools, including Microsoft Endpoint Configuration Manager, Windows Server Update Services (WSUS), and Group Policy settings applied by any of several means. By dividing devices into different populations ("deployment groups" or "rings") you can use servicing channel assignment, followed by other management features such as update deferral policies, to create a phased deployment of any update that allows you to start with a limited pilot deployment for testing before moving to a broad deployment throughout your organization.
+The first step of controlling when and how devices install updates is assigning them to the appropriate servicing channel. You can assign devices to a particular channel with any of several tools, including Microsoft Configuration Manager, Windows Server Update Services (WSUS), and Group Policy settings applied by any of several means. By dividing devices into different populations ("deployment groups" or "rings") you can use servicing channel assignment, followed by other management features such as update deferral policies, to create a phased deployment of any update that allows you to start with a limited pilot deployment for testing before moving to a broad deployment throughout your organization.
 
 
 ### General Availability Channel
diff --git a/windows/deployment/update/index.md b/windows/deployment/update/index.md
index 9a3ff8f9c3..352013a1ea 100644
--- a/windows/deployment/update/index.md
+++ b/windows/deployment/update/index.md
@@ -37,7 +37,7 @@ Windows as a service provides a new way to think about building, deploying, and
 | [Optimize update delivery](../do/waas-optimize-windows-10-updates.md) | Explains the benefits of using Delivery Optimization or BranchCache for update distribution.  |
 | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md) | Explains how to use Windows Update for Business to manage when devices receive updates directly from Windows Update. Includes walkthroughs for configuring Windows Update for Business using Group Policy and Microsoft Intune.  |
 | [Deploy Windows client updates using Windows Server Update Services (WSUS)](waas-manage-updates-wsus.md) | Explains how to use WSUS to manage Windows client updates. |
-| [Deploy Windows client updates using Microsoft Endpoint Configuration Manager](/mem/configmgr/osd/deploy-use/manage-windows-as-a-service) | Explains how to use Configuration Manager to manage Windows client updates.  |
+| [Deploy Windows client updates using Microsoft Configuration Manager](/mem/configmgr/osd/deploy-use/manage-windows-as-a-service) | Explains how to use Configuration Manager to manage Windows client updates.  |
 | [Manage device restarts after updates](waas-restart.md) | Explains how to manage update related device restarts. |
 | [Manage more Windows Update settings](waas-wu-settings.md) | Provides details about settings available to control and configure Windows Update |
 | [Windows Insider Program for Business](/windows-insider/business/register) | Explains how the Windows Insider Program for Business works and how to become an insider. |
diff --git a/windows/deployment/update/waas-branchcache.md b/windows/deployment/update/waas-branchcache.md
index 235adb34ea..9ab24e12bd 100644
--- a/windows/deployment/update/waas-branchcache.md
+++ b/windows/deployment/update/waas-branchcache.md
@@ -41,7 +41,7 @@ In Windows 10, version 1607, the Windows Update Agent uses Delivery Optimization
 
 ## Configure servers for BranchCache
 
-You can use WSUS and Configuration Manager with BranchCache in Distributed Cache mode. BranchCache in Distributed Cache mode is easy to configure for both WSUS and Microsoft Endpoint Configuration Manager. 
+You can use WSUS and Configuration Manager with BranchCache in Distributed Cache mode. BranchCache in Distributed Cache mode is easy to configure for both WSUS and Microsoft Configuration Manager. 
 
 For a step-by-step guide to configuring BranchCache on Windows Server devices, see the [BranchCache Deployment Guide (Windows Server 2012)](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj572990(v=ws.11)) or [BranchCache Deployment Guide (Windows Server 2016)](/windows-server/networking/branchcache/deploy/branchcache-deployment-guide).
 
diff --git a/windows/deployment/update/waas-configure-wufb.md b/windows/deployment/update/waas-configure-wufb.md
index af886bbfe3..0565315cf2 100644
--- a/windows/deployment/update/waas-configure-wufb.md
+++ b/windows/deployment/update/waas-configure-wufb.md
@@ -189,7 +189,7 @@ Starting with Windows 10, version 1709, you can set policies to manage preview b
 The **Manage preview builds** setting gives administrators control over enabling or disabling preview build installation on a device. You can also decide to stop preview builds once the release is public.
 * Group Policy: **Computer Configuration/Administrative Templates/Windows Components/Windows Update/Windows Update for Business** - *Manage preview builds*
 * MDM: **Update/ManagePreviewBuilds**
-* Microsoft Endpoint Configuration Manager: **Enable dual scan, manage through Windows Update for Business policy**
+* Microsoft Configuration Manager: **Enable dual scan, manage through Windows Update for Business policy**
 
 >[!IMPORTANT]
 >This policy replaces the "Toggle user control over Insider builds" policy under that is only supported up to Windows 10, version 1703. You can find the older policy here:
diff --git a/windows/deployment/update/waas-integrate-wufb.md b/windows/deployment/update/waas-integrate-wufb.md
index b7708a85de..1018e89ac2 100644
--- a/windows/deployment/update/waas-integrate-wufb.md
+++ b/windows/deployment/update/waas-integrate-wufb.md
@@ -1,6 +1,6 @@
 ---
 title: Integrate Windows Update for Business
-description: Use Windows Update for Business deployments with management tools such as Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager.
+description: Use Windows Update for Business deployments with management tools such as Windows Server Update Services (WSUS) and Microsoft Configuration Manager.
 ms.prod: windows-client
 author: aczechowski
 ms.localizationpriority: medium
@@ -21,7 +21,7 @@ ms.technology: itpro-updates
 
 > **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq) 
 
-You can integrate Windows Update for Business deployments with existing management tools such as Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager.
+You can integrate Windows Update for Business deployments with existing management tools such as Windows Server Update Services (WSUS) and Microsoft Configuration Manager.
 
 ## Integrate Windows Update for Business with Windows Server Update Services
 
@@ -88,7 +88,7 @@ In this example, the deferral behavior for updates to Office and other non-Windo
 >[!NOTE]
 > Because the admin enabled **Update/AllowMUUpdateService**, placing the content on WSUS was not needed for the particular device, as the device will always receive Microsoft Update content from Microsoft when configured in this manner.
 
-## Integrate Windows Update for Business with Microsoft Endpoint Configuration Manager
+## Integrate Windows Update for Business with Microsoft Configuration Manager
 
 For Windows 10, version 1607, organizations already managing their systems with a Configuration Manager solution can also have their devices configured for Windows Update for Business (that is, setting deferral policies on those devices). Such devices will be visible in the Configuration Manager console, however they will appear with a detection state of **Unknown**.
 
diff --git a/windows/deployment/update/waas-manage-updates-wsus.md b/windows/deployment/update/waas-manage-updates-wsus.md
index 57b7d86ab1..3fbea85a1b 100644
--- a/windows/deployment/update/waas-manage-updates-wsus.md
+++ b/windows/deployment/update/waas-manage-updates-wsus.md
@@ -337,7 +337,7 @@ Now that you have the **All Windows 10 Upgrades** view, complete the following s
 | ![done.](images/checklistdone.png) | [Build deployment rings for Windows client updates](waas-deployment-rings-windows-10-updates.md) |
 | ![done.](images/checklistdone.png) | [Assign devices to servicing channels for Windows client updates](waas-servicing-channels-windows-10-updates.md) |
 | ![done.](images/checklistdone.png) | [Optimize update delivery for Windows client updates](../do/waas-optimize-windows-10-updates.md) |
-| ![done.](images/checklistdone.png) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or Deploy Windows client updates using Windows Server Update Services (this topic)</br>or [Deploy Windows client updates using Microsoft Endpoint Configuration Manager](/mem/configmgr/osd/deploy-use/manage-windows-as-a-service) |
+| ![done.](images/checklistdone.png) | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md)</br>or Deploy Windows client updates using Windows Server Update Services (this topic)</br>or [Deploy Windows client updates using Microsoft Configuration Manager](/mem/configmgr/osd/deploy-use/manage-windows-as-a-service) |
 
 
 
diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md
index a8c8b81afd..f2ed2acdde 100644
--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@@ -91,7 +91,7 @@ There are three servicing channels. The [Windows Insider Program](#windows-insid
 
 In the General Availability Channel, feature updates are available annually. This servicing model is ideal for pilot deployments and testing of feature updates and for users such as developers who need to work with the latest features. Once the latest release has gone through pilot deployment and testing, you will be able to choose the timing at which it goes into broad deployment.
 
-When Microsoft officially releases a feature update, we make it available to any device not configured to defer feature updates so that those devices can immediately install it. Organizations that use Windows Server Update Services (WSUS), Microsoft Endpoint Configuration Manager, or Windows Update for Business, however, can defer feature updates to selective devices by withholding their approval and deployment. In this scenario, the content available for the General Availability Channel will be available but not necessarily immediately mandatory, depending on the policy of the management system. For more details about servicing tools, see [Servicing tools](#servicing-tools).
+When Microsoft officially releases a feature update, we make it available to any device not configured to defer feature updates so that those devices can immediately install it. Organizations that use Windows Server Update Services (WSUS), Microsoft Configuration Manager, or Windows Update for Business, however, can defer feature updates to selective devices by withholding their approval and deployment. In this scenario, the content available for the General Availability Channel will be available but not necessarily immediately mandatory, depending on the policy of the management system. For more details about servicing tools, see [Servicing tools](#servicing-tools).
 
 
 > [!NOTE]
@@ -132,7 +132,7 @@ There are many tools you can use to service Windows as a service. Each option ha
 - **Windows Update (stand-alone)** provides limited control over feature updates, with IT pros manually configuring the device to be in the General Availability Channel. Organizations can target which devices defer updates by selecting the **Defer upgrades** check box in **Start\Settings\Update & Security\Advanced Options** on a Windows client device.
 - **Windows Update for Business** includes control over update deferment and provides centralized management using Group Policy or MDM. Windows Update for Business can be used to defer updates by up to 365 days, depending on the version. These deployment options are available to clients in the General Availability Channel. In addition to being able to use Group Policy to manage Windows Update for Business, either option can be configured without requiring any on-premises infrastructure by using Microsoft Intune.
 - **Windows Server Update Services (WSUS)** provides extensive control over updates and is natively available in the Windows Server operating system. In addition to the ability to defer updates, organizations can add an approval layer for updates and choose to deploy them to specific computers or groups of computers whenever ready. 
-- **Microsoft Endpoint Configuration Manager** provides the greatest control over servicing Windows as a service. IT pros can defer updates, approve them, and have multiple options for targeting deployments and managing bandwidth usage and deployment times. 
+- **Microsoft Configuration Manager** provides the greatest control over servicing Windows as a service. IT pros can defer updates, approve them, and have multiple options for targeting deployments and managing bandwidth usage and deployment times. 
 
 **Servicing tools comparison**
 
diff --git a/windows/deployment/update/waas-quick-start.md b/windows/deployment/update/waas-quick-start.md
index e96a0fe78c..baa37b5307 100644
--- a/windows/deployment/update/waas-quick-start.md
+++ b/windows/deployment/update/waas-quick-start.md
@@ -46,7 +46,7 @@ For more information, see [Assign devices to servicing channels for Windows clie
 
 ## Staying up to date
 
-To stay up to date, deploy feature updates at an appropriate time after their release. You can use various management and update tools such as Windows Update, Windows Update for Business, Windows Server Update Services, Microsoft Endpoint Configuration Manager, and non-Microsoft products) to help with this process. [Upgrade Readiness](/windows/deployment/upgrade/upgrade-readiness-get-started), a free tool to streamline Windows upgrade projects, is another important tool to help.
+To stay up to date, deploy feature updates at an appropriate time after their release. You can use various management and update tools such as Windows Update, Windows Update for Business, Windows Server Update Services, Microsoft Configuration Manager, and non-Microsoft products) to help with this process. [Upgrade Readiness](/windows/deployment/upgrade/upgrade-readiness-get-started), a free tool to streamline Windows upgrade projects, is another important tool to help.
 
 Extensive advanced testing isn’t required. Instead, only business-critical apps need to be tested, with the remaining apps validated through a series of pilot deployment rings. Once these pilot deployments have validated most apps, broad deployment can begin.
 
diff --git a/windows/deployment/upgrade/windows-10-edition-upgrades.md b/windows/deployment/upgrade/windows-10-edition-upgrades.md
index ab46ab1414..2fdbd0beea 100644
--- a/windows/deployment/upgrade/windows-10-edition-upgrades.md
+++ b/windows/deployment/upgrade/windows-10-edition-upgrades.md
@@ -28,7 +28,7 @@ The following table shows the methods and paths available to change the edition
 > The reboot requirement for upgrading from Pro to Enterprise was removed in version 1607.
 
 > [!TIP]
-> Although it isn't displayed yet in the table, edition upgrade is also possible using [edition upgrade policy](/configmgr/compliance/deploy-use/upgrade-windows-version) in Microsoft Endpoint Configuration Manager.
+> Although it isn't displayed yet in the table, edition upgrade is also possible using [edition upgrade policy](/configmgr/compliance/deploy-use/upgrade-windows-version) in Microsoft Configuration Manager.
 
 ![not supported.](../images/x_blk.png) (X) = not supported</br>
 ![supported, reboot required.](../images/check_grn.png) (green checkmark) = supported, reboot required</br>
diff --git a/windows/deployment/usmt/usmt-common-migration-scenarios.md b/windows/deployment/usmt/usmt-common-migration-scenarios.md
index a7c5b2d143..2a26886c73 100644
--- a/windows/deployment/usmt/usmt-common-migration-scenarios.md
+++ b/windows/deployment/usmt/usmt-common-migration-scenarios.md
@@ -127,11 +127,11 @@ A company receives 50 new laptops for their managers and needs to reallocate 50
 
 A company is allocating 20 new computers to users in the accounting department. The users each have a source computer that contains their files and settings. An administrator uses a management technology such as a logon script or a batch file to run ScanState on each source computer to collect the user states and save them to a server in a compressed migration store.
 
-1.  On each source computer, the administrator runs the ScanState tool using Microsoft Endpoint Configuration Manager, Microsoft Deployment Toolkit (MDT), a logon script, a batch file, or a non-Microsoft management technology. ScanState collects the user state from each source computer and then saves it to a server.
+1.  On each source computer, the administrator runs the ScanState tool using Microsoft Configuration Manager, Microsoft Deployment Toolkit (MDT), a logon script, a batch file, or a non-Microsoft management technology. ScanState collects the user state from each source computer and then saves it to a server.
 
 2.  On each new computer, the administrator installs the company's SOE, which includes Windows 10 and other company applications.
 
-3.  On each of the new computers, the administrator runs the LoadState tool using Microsoft Endpoint Configuration Manager, a logon script, a batch file, or a non-Microsoft management technology. LoadState migrates each user state from the migration store to one of the new computers.
+3.  On each of the new computers, the administrator runs the LoadState tool using Microsoft Configuration Manager, a logon script, a batch file, or a non-Microsoft management technology. LoadState migrates each user state from the migration store to one of the new computers.
 
 ## Related topics
 
diff --git a/windows/deployment/usmt/usmt-test-your-migration.md b/windows/deployment/usmt/usmt-test-your-migration.md
index 6406cfc2c4..de59c64bd1 100644
--- a/windows/deployment/usmt/usmt-test-your-migration.md
+++ b/windows/deployment/usmt/usmt-test-your-migration.md
@@ -27,7 +27,7 @@ Running the ScanState and LoadState tools with the **/v**<em>:5</em> option crea
 
  
 
-After you have determined that the pilot migration successfully migrated the specified files and settings, you are ready to add USMT to the server that is running Microsoft Endpoint Configuration Manager, or a non-Microsoft management technology. For more information, see [Manage user state in Configuration Manager](/configmgr/osd/get-started/manage-user-state).
+After you have determined that the pilot migration successfully migrated the specified files and settings, you are ready to add USMT to the server that is running Microsoft Configuration Manager, or a non-Microsoft management technology. For more information, see [Manage user state in Configuration Manager](/configmgr/osd/get-started/manage-user-state).
 
 **Note**  
 For testing purposes, you can create an uncompressed store using the **/hardlink /nocompress** option. When compression is disabled, the ScanState tool saves the files and settings to a hidden folder named "File" at *StorePath*\\USMT. You can use the uncompressed store to view what USMT has stored or to troubleshoot a problem, or you can run an antivirus utility against the files. Additionally, you can also use the **/listfiles** command-line option and the diagnostic log to list the files that were gathered and to troubleshoot problems with your migration.
diff --git a/windows/deployment/volume-activation/configure-client-computers-vamt.md b/windows/deployment/volume-activation/configure-client-computers-vamt.md
index a1335da901..ec8b2ffdba 100644
--- a/windows/deployment/volume-activation/configure-client-computers-vamt.md
+++ b/windows/deployment/volume-activation/configure-client-computers-vamt.md
@@ -86,7 +86,7 @@ There are several options for organizations to configure the WMI firewall except
 
 - **Image.** Add the configurations to the master Windows image deployed to all clients.
 - **Group Policy.** If the clients are part of a domain, then all clients can be configured using Group Policy. The Group Policy setting for the WMI firewall exception is found in GPMC.MSC at: **Computer Configuration\\Windows Settings\\Security Settings\\Windows Firewall with Advanced Security\\Windows Firewall with Advanced Security\\Inbound Rules**.
-- **Script.** Execute a script using Microsoft Endpoint Configuration Manager or a third-party remote script execution facility.
+- **Script.** Execute a script using Microsoft Configuration Manager or a third-party remote script execution facility.
 - **Manual.** Configure the WMI firewall exception individually on each client.
 
 The above configurations will open an additional port through the Windows Firewall on target computers and should be performed on computers that are protected by a network firewall. In order to allow VAMT to query the up-to-date licensing status, the WMI exception must be maintained. We recommend administrators consult their network security policies and make clear decisions when creating the WMI exception.
diff --git a/windows/deployment/wds-boot-support.md b/windows/deployment/wds-boot-support.md
index 2b11e32b23..c4d6a505ac 100644
--- a/windows/deployment/wds-boot-support.md
+++ b/windows/deployment/wds-boot-support.md
@@ -37,7 +37,7 @@ The table below provides support details for specific deployment scenarios (Boot
 
 ## Reason for the change
 
-Alternatives to WDS, such as [Microsoft Endpoint Configuration Manager](/mem/configmgr/) and [Microsoft Deployment Toolkit](/mem/configmgr/mdt/) (MDT) provide a better, more flexible, and feature-rich experience for deploying Windows images. 
+Alternatives to WDS, such as [Microsoft Configuration Manager](/mem/configmgr/) and [Microsoft Deployment Toolkit](/mem/configmgr/mdt/) (MDT) provide a better, more flexible, and feature-rich experience for deploying Windows images. 
 
 ## Not affected
 
diff --git a/windows/deployment/windows-10-deployment-scenarios.md b/windows/deployment/windows-10-deployment-scenarios.md
index fdf36b188b..e952e8d4f6 100644
--- a/windows/deployment/windows-10-deployment-scenarios.md
+++ b/windows/deployment/windows-10-deployment-scenarios.md
@@ -22,7 +22,7 @@ To successfully deploy the Windows 10 operating system in your organization, it'
 
 The following tables summarize various Windows 10 deployment scenarios. The scenarios are each assigned to one of three categories.
 
-- Modern deployment methods are recommended unless you have a specific need to use a different procedure. These methods are supported with existing tools such as Microsoft Deployment Toolkit (MDT) and Microsoft Endpoint Configuration Manager. These methods are discussed in detail on the [Modern Desktop Deployment Center](/microsoft-365/enterprise/desktop-deployment-center-home).
+- Modern deployment methods are recommended unless you have a specific need to use a different procedure. These methods are supported with existing tools such as Microsoft Deployment Toolkit (MDT) and Microsoft Configuration Manager. These methods are discussed in detail on the [Modern Desktop Deployment Center](/microsoft-365/enterprise/desktop-deployment-center-home).
 
    > [!NOTE]
    > Once you have deployed Windows 10 in your organization, it is important to stay up to date by [creating a deployment plan](update/create-deployment-plan.md) for Windows 10 feature updates.
@@ -123,7 +123,7 @@ While the initial Windows 10 release includes various provisioning settings and
 
 ## Traditional deployment: 
 
-New versions of Windows have typically been deployed by organizations using an image-based process built on top of tools provided in the [Windows Assessment and Deployment Kit](windows-adk-scenarios-for-it-pros.md), Windows Deployment Services, the [Deploy Windows 10 with the Microsoft Deployment Toolkit](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md), and [Microsoft Endpoint Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md).
+New versions of Windows have typically been deployed by organizations using an image-based process built on top of tools provided in the [Windows Assessment and Deployment Kit](windows-adk-scenarios-for-it-pros.md), Windows Deployment Services, the [Deploy Windows 10 with the Microsoft Deployment Toolkit](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md), and [Microsoft Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md).
 
 With the release of Windows 10, all of these tools are being updated to fully support Windows 10. Although newer scenarios such as in-place upgrade and dynamic provisioning may reduce the need for traditional deployment capabilities in some organizations, these traditional methods remain important, and will continue to be available to organizations that need them.
 
@@ -185,7 +185,7 @@ The deployment process for the replace scenario is as follows:
 ## Related articles
 
 - [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
-- [Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager](./deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md)
+- [Upgrade to Windows 10 with Microsoft Configuration Manager](./deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md)
 - [Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md)
 - [Deploy Windows 10 with the Microsoft Deployment Toolkit](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md)
 - [Windows setup technical reference](/windows-hardware/manufacture/desktop/windows-setup-technical-reference)
diff --git a/windows/deployment/windows-10-enterprise-e3-overview.md b/windows/deployment/windows-10-enterprise-e3-overview.md
index 2f28c2a5c4..7c6eb866b0 100644
--- a/windows/deployment/windows-10-enterprise-e3-overview.md
+++ b/windows/deployment/windows-10-enterprise-e3-overview.md
@@ -95,7 +95,7 @@ You can implement Credential Guard on Windows 10 Enterprise devices by turning o
 
     -   Configure Credential Guard registry settings by using the Registry Editor or the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
 
-    You can automate these manual steps by using a management tool such as Microsoft Endpoint Configuration Manager.
+    You can automate these manual steps by using a management tool such as Microsoft Configuration Manager.
 
 For more information about implementing Credential Guard, see the following resources:
 
diff --git a/windows/deployment/windows-10-poc-mdt.md b/windows/deployment/windows-10-poc-mdt.md
index adb1f9b19a..9c638be5d1 100644
--- a/windows/deployment/windows-10-poc-mdt.md
+++ b/windows/deployment/windows-10-poc-mdt.md
@@ -22,7 +22,7 @@ ms.topic: how-to
 - [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md)
 
 Complete all steps in the prerequisite guide before starting this guide. This guide requires about 5 hours to complete, but can require less time or more time depending on the speed of the Hyper-V host. After completing the current guide, also see the companion guide:
-- [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md)
+- [Deploy Windows 10 in a test lab using Microsoft Configuration Manager](windows-10-poc-sc-config-mgr.md)
 
 The PoC environment is a virtual network running on Hyper-V with three virtual machines (VMs):
 - **DC1**: A contoso.com domain controller, DNS server, and DHCP server.
@@ -51,8 +51,8 @@ Topics and procedures in this guide are summarized in the following table. An es
 
 MDT performs deployments by using the Lite Touch Installation (LTI), Zero Touch Installation (ZTI), and User-Driven Installation (UDI) deployment methods. 
 - LTI is the deployment method used in the current guide, requiring only MDT and performed with a minimum amount of user interaction.
-- ZTI is fully automated, requiring no user interaction and is performed using MDT and Microsoft Endpoint Configuration Manager. After completing the steps in the current guide, see [Step by step: Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md) to use the ZTI deployment method in the PoC environment.
-- UDI requires manual intervention to respond to installation prompts such as machine name, password and language settings. UDI requires MDT and Microsoft Endpoint Configuration Manager. 
+- ZTI is fully automated, requiring no user interaction and is performed using MDT and Microsoft Configuration Manager. After completing the steps in the current guide, see [Step by step: Deploy Windows 10 in a test lab using Microsoft Configuration Manager](windows-10-poc-sc-config-mgr.md) to use the ZTI deployment method in the PoC environment.
+- UDI requires manual intervention to respond to installation prompts such as machine name, password and language settings. UDI requires MDT and Microsoft Configuration Manager. 
 
 ## Install MDT
 
diff --git a/windows/deployment/windows-10-poc-sc-config-mgr.md b/windows/deployment/windows-10-poc-sc-config-mgr.md
index d3a85cecee..f7ecaa8853 100644
--- a/windows/deployment/windows-10-poc-sc-config-mgr.md
+++ b/windows/deployment/windows-10-poc-sc-config-mgr.md
@@ -1,6 +1,6 @@
 ---
 title: Steps to deploy Windows 10 with Configuration Manager
-description: Learn how to deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager.
+description: Learn how to deploy Windows 10 in a test lab using Microsoft Configuration Manager.
 ms.prod: windows-client
 ms.technology: itpro-deploy
 ms.localizationpriority: medium
@@ -38,14 +38,14 @@ Multiple features and services are installed on SRV1 in this guide. This configu
 
 ## In this guide
 
-This guide provides end-to-end instructions to install and configure Microsoft Endpoint Configuration Manager, and use it to deploy a Windows 10 image. Depending on the speed of your Hyper-V host, the procedures in this guide will require 6-10 hours to complete.
+This guide provides end-to-end instructions to install and configure Microsoft Configuration Manager, and use it to deploy a Windows 10 image. Depending on the speed of your Hyper-V host, the procedures in this guide will require 6-10 hours to complete.
 
 The procedures in this guide are summarized in the following table. An estimate of the time required to complete each procedure is also provided. Time required to complete procedures will vary depending on the resources available to the Hyper-V host and assigned to VMs, such as processor speed, memory allocation, disk speed, and network speed.
 
 |Procedure|Description|Time|
 |--- |--- |--- |
 |[Install prerequisites](#install-prerequisites)|Install prerequisite Windows Server roles and features, download, install and configure SQL Server, configure firewall rules, and install the Windows ADK.|60 minutes|
-|[Install Microsoft Endpoint Configuration Manager](#install-microsoft-endpoint-configuration-manager)|Download Microsoft Endpoint Configuration Manager, configure prerequisites, and install the package.|45 minutes|
+|[Install Microsoft Configuration Manager](#install-microsoft-configuration-manager)|Download Microsoft Configuration Manager, configure prerequisites, and install the package.|45 minutes|
 |[Download MDOP and install DaRT](#download-mdop-and-install-dart)|Download the Microsoft Desktop Optimization Pack 2015 and install DaRT 10.|15 minutes|
 |[Prepare for Zero Touch installation](#prepare-for-zero-touch-installation)|Prerequisite procedures to support Zero Touch installation.|60 minutes|
 |[Create a boot image for Configuration Manager](#create-a-boot-image-for-configuration-manager)|Use the MDT wizard to create the boot image in Configuration Manager.|20 minutes|
@@ -59,7 +59,7 @@ The procedures in this guide are summarized in the following table. An estimate
 
 ## Install prerequisites
 
-1. Before installing Microsoft Endpoint Configuration Manager, we must install prerequisite services and features. Type the following command at an elevated Windows PowerShell prompt on SRV1:
+1. Before installing Microsoft Configuration Manager, we must install prerequisite services and features. Type the following command at an elevated Windows PowerShell prompt on SRV1:
 
     ```powershell
     Install-WindowsFeature Web-Windows-Auth,Web-ISAPI-Ext,Web-Metabase,Web-WMI,BITS,RDC,NET-Framework-Features,Web-Asp-Net,Web-Asp-Net45,NET-HTTP-Activation,NET-Non-HTTP-Activ
@@ -114,7 +114,7 @@ The procedures in this guide are summarized in the following table. An estimate
 
 6. Download and install the latest [Windows Assessment and Deployment Kit (ADK)](/windows-hardware/get-started/adk-install) on SRV1 using the default installation settings. The current version is the ADK for Windows 10, version 2004. Installation might require several minutes to acquire all components.
 
-## Install Microsoft Endpoint Configuration Manager
+## Install Microsoft Configuration Manager
 
 1. On SRV1, temporarily disable IE Enhanced Security Configuration for Administrators by typing the following commands at an elevated Windows PowerShell prompt:
 
@@ -124,7 +124,7 @@ The procedures in this guide are summarized in the following table. An estimate
     Stop-Process -Name Explorer
     ```
 
-1. Download [Microsoft Endpoint Configuration Manager (current branch)](https://www.microsoft.com/evalcenter/evaluate-microsoft-endpoint-configuration-manager) and extract the contents on SRV1.
+1. Download [Microsoft Configuration Manager (current branch)](https://www.microsoft.com/evalcenter/evaluate-microsoft-endpoint-configuration-manager) and extract the contents on SRV1.
 
 1. Open the file, enter **C:\configmgr** for **Unzip to folder**, and select **Unzip**. The `C:\configmgr` directory will be automatically created. Select **OK** and then close the **WinZip Self-Extractor** dialog box when finished.
 
@@ -243,7 +243,7 @@ The procedures in this guide are summarized in the following table. An estimate
 
 ## Prepare for Zero Touch installation
 
-This section contains several procedures to support Zero Touch installation with Microsoft Endpoint Configuration Manager.
+This section contains several procedures to support Zero Touch installation with Microsoft Configuration Manager.
 
 ### Create a folder structure
 
diff --git a/windows/deployment/windows-10-poc.md b/windows/deployment/windows-10-poc.md
index 98b5881e0d..376a7ff9c4 100644
--- a/windows/deployment/windows-10-poc.md
+++ b/windows/deployment/windows-10-poc.md
@@ -25,7 +25,7 @@ This guide contains instructions to configure a proof of concept (PoC) environme
 
 This lab guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, see the following Windows 10 PoC deployment guides:
 
-- [Step by step: Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md)
+- [Step by step: Deploy Windows 10 in a test lab using Microsoft Configuration Manager](windows-10-poc-sc-config-mgr.md)
 - [Step by step: Deploy Windows 10 in a test lab using MDT](windows-10-poc-mdt.md)
 
 The proof of concept (PoC) deployment guides are intended to provide a demonstration of Windows 10 deployment tools and processes for IT professionals that aren't familiar with these tools, and you want to set up a PoC environment. Don't use the instructions in this guide in a production setting. They aren't meant to replace the instructions found in production deployment guidance.
@@ -80,7 +80,7 @@ Hardware requirements are displayed below:
 |**OS**|Windows 8.1/10 or Windows Server 2012/2012 R2/2016|Windows 8.1 or a later|
 |**Edition**|Enterprise, Professional, or Education|Any|
 |**Architecture**|64-bit|Any <br/><br/> Retaining applications and settings requires that architecture (32-bit or 64-bit) is the same before and after the upgrade.|
-|**RAM**|8-GB RAM (16 GB recommended) to test Windows 10 deployment with MDT.<br>16-GB RAM to test Windows 10 deployment with Microsoft Endpoint Configuration Manager.|Any|
+|**RAM**|8-GB RAM (16 GB recommended) to test Windows 10 deployment with MDT.<br>16-GB RAM to test Windows 10 deployment with Microsoft Configuration Manager.|Any|
 |**Disk**|200-GB available hard disk space, any format.|Any size, MBR formatted.|
 |**CPU**|SLAT-Capable CPU|Any|
 |**Network**|Internet connection|Any|
diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-enroll-tenant.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-enroll-tenant.md
index 2616f22559..b8ca6a476a 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-enroll-tenant.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-enroll-tenant.md
@@ -19,7 +19,7 @@ Before you enroll in Windows Autopatch, there are settings, and other parameters
 > [!IMPORTANT]
 > You must be a Global Administrator to enroll your tenant.
 
-The Readiness assessment tool, accessed through the [Windows Autopatch admin center](https://endpoint.microsoft.com/), checks management or configuration-related settings. This tool allows you to check the relevant settings, and details steps to fix any settings that aren't configured properly for Windows Autopatch.  
+The Readiness assessment tool, accessed in the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), checks management or configuration-related settings. This tool allows you to check the relevant settings, and details steps to fix any settings that aren't configured properly for Windows Autopatch.  
 
 ## Step 1: Review all prerequisites
 
@@ -109,7 +109,7 @@ Windows Autopatch retains the data associated with these checks for 12 months af
 
 **To delete the data we collect:**
 
-1. Go to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com/).
+1. Go to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 2. Navigate to Windows Autopatch > **Tenant enrollment**.
 3. Select **Delete all data**.
 
diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md b/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md
index 1b883ebe0b..b2ac14cb00 100644
--- a/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md
+++ b/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant.md
@@ -1,7 +1,7 @@
 ---
 title: Changes made at tenant enrollment
 description: This reference article details the changes made to your tenant when enrolling into Windows Autopatch
-ms.date: 08/08/2022
+ms.date: 11/02/2022
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: reference
@@ -17,9 +17,22 @@ msreviewer: hathind
 The following configuration details are provided as information to help you understand the changes made to your tenant when enrolling into the Windows Autopatch service.
 
 > [!IMPORTANT]
-> The service manages and maintains the following configuration items. Don't change, edit, add to, or remove any of the configurations. Doing so might cause unintended configuration conflicts and impact the Windows Autopatch service.  
+> The service manages and maintains the following configuration items. Don't change, edit, add to, or remove any of the configurations. Doing so might cause unintended configuration conflicts and impact the Windows Autopatch service.
 
-## Service principal
+## Windows Autopatch enterprise applications
+
+Enterprise applications are applications (software) that a business uses to do its work.
+
+Windows Autopatch creates an enterprise application in your tenant. This enterprise application is a first party application used to run the Windows Autopatch service.
+
+| Enterprise application name | Usage | Permissions |
+| ----- | ------ | ----- |
+| Modern Workplace Management | This enterprise application is a limited first party enterprise application with elevated privileges. This application is used to manage the service, publish baseline configuration updates, and maintain overall service health. | <ul><li>DeviceManagementApps.ReadWrite.All</li><li>DeviceManagementConfiguration.ReadWrite.All</li><li>DeviceManagementManagedDevices.PriviligedOperation.All</li><li>DeviceManagementManagedDevices.ReadWrite.All</li><li>DeviceManagementRBAC.ReadWrite.All</li><li>DeviceManagementServiceConfig.ReadWrite.All</li><li>Directory.Read.All</li><li>Group.Create</li><li>Policy.Read.All</li><li>WindowsUpdates.Read.Write.All</li></ul> |
+
+> [!NOTE]
+> Enterprise application authentication is only available on tenants enrolled after July 9th, 2022. For tenants enrolled before this date, Enterprise Application authentication will be made available for enrollment soon.
+
+### Service principal
 
 Windows Autopatch will create a service principal in your tenant allowing the service to establish an identity and restrict access to what resources the service has access to within the tenant. For more information, see [Application and service principal objects in Azure Active Directory](/azure/active-directory/develop/app-objects-and-service-principals#service-principal-object). The service principal created by Windows Autopatch is:  
 
@@ -38,40 +51,21 @@ Windows Autopatch will create Azure Active Directory groups that are required to
 | Modern Workplace Devices-Windows Autopatch-First | First production deployment ring for early adopters |
 | Modern Workplace Devices-Windows Autopatch-Fast | Fast deployment ring for quick rollout and adoption |
 | Modern Workplace Devices-Windows Autopatch-Broad | Final deployment ring for broad rollout into the organization |
-| Modern Workplace Devices Dynamic - Windows 10 | Microsoft Managed Desktop Devices with Windows 10<p>Group Rule:<ul><li>`(device.devicePhysicalIds -any _ -startsWith \"[OrderID]:Microsoft365Managed_\")`</li><li>`(device.deviceOSVersion -notStartsWith \"10.0.22000\")`</li></ul><br>Exclusions:<ul><li>Modern Workplace - Telemetry Settings for Windows 11</li></ul>  |
-| Modern Workplace Devices Dynamic - Windows 11 | Microsoft Managed Desktop Devices with Windows 11<p>Group Rule:<ul><li>`(device.devicePhysicalIds -any _ -startsWith \"[OrderID]:Microsoft365Managed_\")`</li><li>`(device.deviceOSVersion -startsWith \"10.0.22000\")`</li></ul><br>Exclusions:<ul><li>Modern Workplace - Telemetry Settings for Windows 10</li></ul> |
 | Modern Workplace Roles - Service Administrator | All users granted access to Modern Workplace Service Administrator Role |
 | Modern Workplace Roles - Service Reader | All users granted access to Modern Workplace Service Reader Role |
 | Windows Autopatch Device Registration | Group for automatic device registration for Windows Autopatch |
 
-## Windows Autopatch enterprise applications
-
-Enterprise applications are applications (software) that a business uses to do its work.
-
-Windows Autopatch creates an enterprise application in your tenant. This enterprise application is a first party application used to run the Windows Autopatch service.
-
-| Enterprise application name | Usage | Permissions |
-| ----- | ------ | ----- |
-| Modern Workplace Management | This enterprise application is a limited first party enterprise application with elevated privileges. This application is used to manage the service, publish baseline configuration updates, and maintain overall service health. | <ul><li>DeviceManagementApps.ReadWrite.All</li><li>DeviceManagementConfiguration.ReadWrite.All</li><li>DeviceManagementManagedDevices.PriviligedOperation.All</li><li>DeviceManagementManagedDevices.ReadWrite.All</li><li>DeviceManagementRBAC.ReadWrite.All</li><li>DeviceManagementServiceConfig.ReadWrite.All</li><li>Directory.Read.All</li><li>Group.Create</li><li>Policy.Read.All</li><li>WindowsUpdates.Read.Write.All</li></ul> |
-
-> [!NOTE]
-> Enterprise application authentication is only available on tenants enrolled after July 9th, 2022. For tenants enrolled before this date, Enterprise Application authentication will be made available for enrollment soon.
-
 ## Device configuration policies
 
-- Modern Workplace - Set MDM to Win Over GPO
-- Modern Workplace - Telemetry Settings for Windows 10
-- Modern Workplace - Telemetry Settings for Windows 11
-- Modern Workplace-Window Update Detection Frequency
-- Modern Workplace - Data Collection
+- Windows Autopatch - Set MDM to Win Over GPO
+- Windows Autopatch - Data Collection
+- Windows Autopatch-Window Update Detection Frequency
 
-| Policy name | Policy description | OMA | Value |
+| Policy name | Policy description | Properties | Value |
 | ----- | ----- | ----- | ----- |
-| Modern Workplace - Set MDM to Win Over GPO | Sets mobile device management (MDM) to win over GPO<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| | |
-| Modern Workplace - Telemetry Settings for Windows 10 | Telemetry settings for Windows 10<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>|[./Device/Vendor/MSFT/Policy/Config/System/AllowTelemetry](/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | 2 |
-| Modern Workplace - Telemetry Settings for Windows 11 | Telemetry settings for Windows 11<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>|<ul><li>[./Device/Vendor/MSFT/Policy/Config/System/AllowTelemetry ](/windows/client-management/mdm/policy-csp-system#system-allowtelemetry)</li><li>[./Device/Vendor/MSFT/Policy/Config/System/LimitEnhancedDiagnosticDataWindowsAnalytics](/windows/client-management/mdm/policy-csp-system#system-limitenhanceddiagnosticdatawindowsanalytics)</li><li>[./Device/Vendor/MSFT/Policy/Config/System/LimitDumpCollection](/windows/client-management/mdm/policy-csp-system#system-limitdumpcollection)</li><li>[./Device/Vendor/MSFT/Policy/Config/System/LimitDiagnosticLogCollection](/windows/client-management/mdm/policy-csp-system#system-limitdiagnosticlogcollection)</li></ul>|<ul><li>3</li><li>1</li><li>1</li><li>1</li> |
-| Modern Workplace - Windows Update Detection Frequency | Sets Windows update detection frequency<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| [./Vendor/MSFT/Policy/Config/Update/DetectionFrequency](/windows/client-management/mdm/policy-csp-update#update-detectionfrequency)| 4 |
-| Modern Workplace - Data Collection | Allows diagnostic data from this device to be processed by Microsoft Managed Desktop.<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul> | | |
+| Windows Autopatch - Set MDM to Win Over GPO | Sets mobile device management (MDM) to win over GPO<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| | |
+| Windows Autopatch - Data Collection | Allows diagnostic data from this device to be processed by Microsoft Managed Desktop and Telemetry settings for Windows devices. <p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>|<ul><li>[./Device/Vendor/MSFT/Policy/Config/System/AllowTelemetry ](/windows/client-management/mdm/policy-csp-system#system-allowtelemetry)</li><li>[./Device/Vendor/MSFT/Policy/Config/System/LimitEnhancedDiagnosticDataWindowsAnalytics](/windows/client-management/mdm/policy-csp-system#system-limitenhanceddiagnosticdatawindowsanalytics)</li><li>[./Device/Vendor/MSFT/Policy/Config/System/LimitDumpCollection](/windows/client-management/mdm/policy-csp-system#system-limitdumpcollection)</li><li>[./Device/Vendor/MSFT/Policy/Config/System/LimitDiagnosticLogCollection](/windows/client-management/mdm/policy-csp-system#system-limitdiagnosticlogcollection)</li></ul>|<ul><li>Full</li><li>1</li><li>1</li><li>1</li> |
+| Windows Autopatch - Windows Update Detection Frequency | Sets Windows update detection frequency<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| [./Vendor/MSFT/Policy/Config/Update/DetectionFrequency](/windows/client-management/mdm/policy-csp-update#update-detectionfrequency)| 4 |
 
 ## Update rings for Windows 10 and later
 
@@ -105,33 +99,29 @@ Windows Autopatch creates an enterprise application in your tenant. This enterpr
 
 ## Microsoft Office update policies
 
-- Modern Workplace - Office ADMX Deployment
-- Modern Workplace - Office Configuration v5
-- Modern Workplace - Office Update Configuration [Test]
-- Modern Workplace - Office Update Configuration [First]
-- Modern Workplace - Office Update Configuration [Fast]
-- Modern Workplace - Office Update Configuration [Broad]
+- Windows Autopatch - Office Configuration v5
+- Windows Autopatch - Office Update Configuration [Test]
+- Windows Autopatch - Office Update Configuration [First]
+- Windows Autopatch - Office Update Configuration [Fast]
+- Windows Autopatch - Office Update Configuration [Broad]
 
-| Policy name | Policy description | OMA | Value |
+| Policy name | Policy description | Properties | Value |
 | ----- | ----- | ----- | ----- |
-| Modern Workplace - Office ADMX Deployment | ADMX file for Office<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul> | | |
-| Modern Workplace - Office Configuration v5 | Sets Office Update Channel to the Monthly Enterprise servicing branch.<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| | |
-| Modern Workplace - Office Update Configuration [Test] | Sets the Office update deadline<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li></ul> |<ul><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_UpdateDeadline`</li><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_DeferUpdateDays`</li></ul>|<li>Enabled; L_UpdateDeadlineID == 7</li><li>Enabled; L_DeferUpdateDaysID == 0</li>|
-| Modern Workplace - Office Update Configuration [First] | Sets the Office update deadline<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-First</li></ul> |<ul><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_UpdateDeadline`</li><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_DeferUpdateDays`</li></ul> | <li>Enabled; L_UpdateDeadlineID == 7</li><li>Enabled; L_DeferUpdateDaysID == 0</li>|
-| Modern Workplace - Office Update Configuration [Fast] | Sets the Office update deadline<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Fast</li></ul>|<ul><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_UpdateDeadline`</li><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_DeferUpdateDays`</li></ul>| <li>Enabled; L_UpdateDeadlineID == 7</li><li>Enabled; L_DeferUpdateDaysID == 3</li>|
-| Modern Workplace - Office Update Configuration [Broad] | Sets the Office update deadline<br>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Broad</li>|<ul><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_UpdateDeadline`</li><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_DeferUpdateDays`</li></ul>|<li>Enabled; L_UpdateDeadlineID == 7</li><li>Enabled; L_DeferUpdateDaysID == 7</li> |
+| Windows Autopatch - Office Configuration v5 | Sets Office Update Channel to the Monthly Enterprise servicing branch.<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| | |
+| Windows Autopatch - Office Update Configuration [Test] | Sets the Office update deadline<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li></ul> |<ul><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_UpdateDeadline`</li><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_DeferUpdateDays`</li></ul>|<li>Enabled; L_UpdateDeadlineID == 7</li><li>Enabled; L_DeferUpdateDaysID == 0</li>|
+| Windows Autopatch - Office Update Configuration [First] | Sets the Office update deadline<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-First</li></ul> |<ul><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_UpdateDeadline`</li><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_DeferUpdateDays`</li></ul> | <li>Enabled; L_UpdateDeadlineID == 7</li><li>Enabled; L_DeferUpdateDaysID == 0</li>|
+| Windows Autopatch - Office Update Configuration [Fast] | Sets the Office update deadline<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Fast</li></ul>|<ul><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_UpdateDeadline`</li><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_DeferUpdateDays`</li></ul>| <li>Enabled; L_UpdateDeadlineID == 7</li><li>Enabled; L_DeferUpdateDaysID == 3</li>|
+| Windows Autopatch - Office Update Configuration [Broad] | Sets the Office update deadline<br>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Broad</li>|<ul><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_UpdateDeadline`</li><li>`./Device/Vendor/MSFT/Policy/Config/Office365ProPlus~Policy~L_MicrosoftOfficemachine~L_Updates/L_DeferUpdateDays`</li></ul>|<li>Enabled; L_UpdateDeadlineID == 7</li><li>Enabled; L_DeferUpdateDaysID == 7</li> |
 
 ## Microsoft Edge update policies
 
-- Modern Workplace - Edge Update ADMX Deployment
-- Modern Workplace - Edge Update Channel Stable
-- Modern Workplace - Edge Update Channel Beta
+- Windows Autopatch - Edge Update Channel Stable
+- Windows Autopatch - Edge Update Channel Beta
 
-| Policy name | Policy description | OMA | Value |
+| Policy name | Policy description | Properties | Value |
 | ----- | ----- | ----- | ----- |
-| Modern Workplace - Edge Update ADMX Deployment | Deploys ADMX update policy for Edge<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test</li><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| | |
-| Modern Workplace - Edge Update Channel Stable | Deploys updates via the Edge Stable Channel<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| `./Device/Vendor/MSFT/Policy/Config/MicrosoftEdgeUpdate~Policy~Cat_EdgeUpdate~Cat_Applications~Cat_MicrosoftEdge/Pol_TargetChannelMicrosoftEdge` | Enabled |
-| Modern Workplace - Edge Update Channel Beta | Deploys updates via the Edge Beta Channel<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test </li></ul>| `./Device/Vendor/MSFT/Policy/Config/MicrosoftEdgeUpdate~Policy~Cat_EdgeUpdate~Cat_Applications~Cat_MicrosoftEdge/Pol_TargetChannelMicrosoftEdge` | Enabled |
+| Windows Autopatch - Edge Update Channel Stable | Deploys updates via the Edge Stable Channel<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-First</li><li>Modern Workplace Devices-Windows Autopatch-Fast</li><li>Modern Workplace Devices-Windows Autopatch-Broad</li></ul>| `./Device/Vendor/MSFT/Policy/Config/MicrosoftEdgeUpdate~Policy~Cat_EdgeUpdate~Cat_Applications~Cat_MicrosoftEdge/Pol_TargetChannelMicrosoftEdge` | Enabled |
+| Windows Autopatch - Edge Update Channel Beta | Deploys updates via the Edge Beta Channel<p>Assigned to:<ul><li>Modern Workplace Devices-Windows Autopatch-Test </li></ul>| `./Device/Vendor/MSFT/Policy/Config/MicrosoftEdgeUpdate~Policy~Cat_EdgeUpdate~Cat_Applications~Cat_MicrosoftEdge/Pol_TargetChannelMicrosoftEdge` | Enabled |
 
 ## PowerShell scripts
 
diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
index c5163c949a..0001b7976c 100644
--- a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
+++ b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md
@@ -27,7 +27,7 @@ The sources include Azure Active Directory (Azure AD), Microsoft Intune, and Mic
 | [Microsoft Windows 10/11 Enterprise](/windows/windows-10/) | Management of device setup experience, managing connections to other services, and operational support for IT pros. |
 | [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb) | Uses Windows 10 Enterprise diagnostic data to provide additional information on Windows 10/11 update. |
 | [Microsoft Intune](/mem/intune/fundamentals/what-is-intune) | Device management and to keep your data secure. The following endpoint management data sources are used:<br><ul><li>[Microsoft Azure Active Directory](/azure/active-directory/): Authentication and identification of all user accounts.</li><li>[Microsoft Intune](/mem/intune/): Distributing device configurations, device management and application management.</li></ul>
-| [Windows Autopatch](https://endpoint.microsoft.com/#home) | Data provided by the customer or generated by the service during running of the service. |
+| [Windows Autopatch](https://go.microsoft.com/fwlink/?linkid=2109431) | Data provided by the customer or generated by the service during running of the service. |
 | [Microsoft 365 Apps for enterprise](https://www.microsoft.com/microsoft-365/enterprise/compare-office-365-plans)| Management of Microsoft 365 Apps. |
 
 ## Windows Autopatch data process and storage
diff --git a/windows/security/TOC.yml b/windows/security/TOC.yml
index 63ab9a4a86..c364767760 100644
--- a/windows/security/TOC.yml
+++ b/windows/security/TOC.yml
@@ -244,7 +244,7 @@
               href: information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md
             - name: Determine the enterprise context of an app running in WIP
               href: information-protection/windows-information-protection/wip-app-enterprise-context.md
-         - name: Create a WIP policy using Microsoft Endpoint Configuration Manager
+         - name: Create a WIP policy using Microsoft Configuration Manager
            href: information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md
            items:
             - name: Create and deploy a WIP policy in Configuration Manager
diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md
index 62b4f01d0c..45e7c18037 100644
--- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md
+++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md
@@ -34,7 +34,7 @@ The Create command sets up new virtual smart cards on the user’s system. It re
 | /AdminKey | Indicates the desired administrator key that can be used to reset the PIN of the card if the user forgets the PIN.<br>**DEFAULT** Specifies the default value of 010203040506070801020304050607080102030405060708.<br>**PROMPT**&nbsp;&nbsp;Prompts the user to enter a value for the administrator key.<br>**RANDOM**&nbsp;&nbsp;Results in a random setting for the administrator key for a card that is not returned to the user. This creates a card that might not be manageable by using smart card management tools. When generated with RANDOM, the administrator key is set as 48 hexadecimal characters. |
 | /PIN | Indicates desired user PIN value.<br>**DEFAULT**&nbsp;&nbsp;Specifies the default PIN of 12345678.<br>**PROMPT**&nbsp;&nbsp;Prompts the user to enter a PIN at the command line. The PIN must be a minimum of eight characters, and it can contain numerals, characters, and special characters. |
 | /PUK | Indicates the desired PIN Unlock Key (PUK) value. The PUK value must be a minimum of eight characters, and it can contain numerals, characters, and special characters. If the parameter is omitted, the card is created without a PUK.<br>**DEFAULT**&nbsp;&nbsp;Specifies the default PUK of 12345678.<br>**PROMPT**&nbsp;&nbsp;Prompts the user to enter a PUK at the command line. |
-| /generate | Generates the files in storage that are necessary for the virtual smart card to function. If the /generate parameter is omitted, it is equivalent to creating a card without this file system. A card without a file system can be managed only by a smart card management system such as Microsoft Endpoint Configuration Manager. |
+| /generate | Generates the files in storage that are necessary for the virtual smart card to function. If the /generate parameter is omitted, it is equivalent to creating a card without this file system. A card without a file system can be managed only by a smart card management system such as Microsoft Configuration Manager. |
 | /machine | Allows you to specify the name of a remote computer on which the virtual smart card can be created. This can be used in a domain environment only, and it relies on DCOM. For the command to succeed in creating a virtual smart card on a different computer, the user running this command must be a member in the local administrators group on the remote computer. |
 | /pinpolicy | If **/pin prompt** is used, **/pinpolicy** allows you to specify the following PIN policy options:<br>**minlen** &lt;minimum PIN length&gt;<br>&nbsp;&nbsp;&nbsp;If not specified, defaults to 8. The lower bound is 4.<br>**maxlen** &lt;maximum PIN length&gt;<br>&nbsp;&nbsp;&nbsp;If not specified, defaults to 127. The upper bound is 127.<br>**uppercase**&nbsp;&nbsp;Can be **ALLOWED**, **DISALLOWED**, or **REQUIRED.** Default is **ALLOWED.**<br>**lowercase**&nbsp;&nbsp;Can be **ALLOWED**, **DISALLOWED**, or **REQUIRED.** Default is **ALLOWED.**<br>**digits**&nbsp;&nbsp;Can be **ALLOWED**, **DISALLOWED**, or **REQUIRED.** Default is **ALLOWED.**<br>**specialchars**&nbsp;&nbsp;Can be **ALLOWED**, **DISALLOWED**, or **REQUIRED.** Default is **ALLOWED.**<br><br>When using **/pinpolicy**, PIN characters must be printable ASCII characters. |
 | /attestation | Configures attestation (subject only). This attestation uses an [Attestation Identity Key (AIK) certificate](/openspecs/windows_protocols/ms-dha/a4a71926-3639-4d62-b915-760c2483f489#gt_89a2ba3c-80af-4d1f-88b3-06ec3489fd5a) as a trust anchor to vouch that the virtual smart card keys and certificates are truly hardware bound. The attestation methods are:<br>**AIK_AND_CERT**&nbsp;&nbsp;Creates an AIK and obtains an AIK certificate from the Microsoft cloud certification authority (CA). This requires the device to have a TPM with an [EK certificate](/openspecs/windows_protocols/ms-wcce/719b890d-62e6-4322-b9b1-1f34d11535b4#gt_6aaaff7f-d380-44fb-91d3-b985e458eb6d). If this option is specified and there is no network connectivity, it is possible that creation of the virtual smart card will fail.<br>**AIK_ONLY**&nbsp;&nbsp;Creates an AIK but does not obtain an AIK certificate. |
diff --git a/windows/security/identity-protection/vpn/vpn-profile-options.md b/windows/security/identity-protection/vpn/vpn-profile-options.md
index 07f0f4e317..ca5caf8f25 100644
--- a/windows/security/identity-protection/vpn/vpn-profile-options.md
+++ b/windows/security/identity-protection/vpn/vpn-profile-options.md
@@ -15,7 +15,7 @@ appliesto:
 
 # VPN profile options
 
-Most of the VPN settings in Windows 10 and Windows 11 can be configured in VPN profiles using Microsoft Intune or Microsoft Endpoint Configuration Manager. All VPN settings in Windows 10 and Windows 11 can be configured using the **ProfileXML** node in the [VPNv2 configuration service provider (CSP)](/windows/client-management/mdm/vpnv2-csp). 
+Most of the VPN settings in Windows 10 and Windows 11 can be configured in VPN profiles using Microsoft Intune or Microsoft Configuration Manager. All VPN settings in Windows 10 and Windows 11 can be configured using the **ProfileXML** node in the [VPNv2 configuration service provider (CSP)](/windows/client-management/mdm/vpnv2-csp). 
 
 >[!NOTE]
 >If you're not familiar with CSPs, read [Introduction to configuration service providers (CSPs)](/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers) first.
diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md
index 3811e7cb94..58f168e9a7 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md
@@ -24,7 +24,7 @@ This article depicts the BitLocker deployment comparison chart.
 
 ## BitLocker deployment comparison chart
 
-| Requirements |Microsoft Intune  |Microsoft Endpoint Configuration Manager  |Microsoft BitLocker Administration and Monitoring (MBAM) |
+| Requirements |Microsoft Intune  |Microsoft Configuration Manager  |Microsoft BitLocker Administration and Monitoring (MBAM) |
 |---------|---------|---------|---------|
 |Minimum client operating system version     |Windows 11 and Windows 10    | Windows 11, Windows 10, and Windows 8.1  | Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 10 IoT, and Windows 11      |
 |Supported Windows SKUs     |    Enterprise, Pro, Education     |    Enterprise, Pro, Education     |     Enterprise    |
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index 065f2b928d..9ee83c9b95 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -129,13 +129,13 @@ Part of the Microsoft Desktop Optimization Pack, Microsoft BitLocker Administrat
 
 * Enables administrators to automate the process of encrypting volumes on client computers across the enterprise.
 * Enables security officers to quickly determine the compliance state of individual computers or even of the enterprise itself.
-* Provides centralized reporting and hardware management with Microsoft Endpoint Configuration Manager.
+* Provides centralized reporting and hardware management with Microsoft Configuration Manager.
 * Reduces the workload on the help desk to assist end users with BitLocker recovery requests.
 * Enables end users to recover encrypted devices independently by using the Self-Service Portal.
 * Enables security officers to easily audit access to recovery key information.
 * Empowers Windows Enterprise users to continue working anywhere with the assurance that their corporate data is protected.
 * Enforces the BitLocker encryption policy options that you set for your enterprise.
-* Integrates with existing management tools, such as Microsoft Endpoint Configuration Manager.
+* Integrates with existing management tools, such as Microsoft Configuration Manager.
 * Offers an IT-customizable recovery user experience.
 * Supports Windows 11 and Windows 10.
 
diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md
index 235e4aca66..1ba88008b1 100644
--- a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md
+++ b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md
@@ -110,9 +110,9 @@ list volume
 
 ![Output of the list volume command in the Diskpart app.](./images/4509195-en-1.png)
 
-If the status of any of the volumes is not healthy or if the recovery partition is missing, you may have to reinstall Windows. Before you do this, check the configuration of the Windows image that you are using for provisioning. Make sure that the image uses the correct disk configuration. The image configuration should resemble the following (this example is from Microsoft Endpoint Configuration Manager):
+If the status of any of the volumes is not healthy or if the recovery partition is missing, you may have to reinstall Windows. Before you do this, check the configuration of the Windows image that you are using for provisioning. Make sure that the image uses the correct disk configuration. The image configuration should resemble the following (this example is from Microsoft Configuration Manager):
 
-![Windows image configuration in Microsoft Endpoint Configuration Manager.](./images/configmgr-imageconfig.jpg)
+![Windows image configuration in Microsoft Configuration Manager.](./images/configmgr-imageconfig.jpg)
 
 #### Step 2: Verify the status of WinRE
 
diff --git a/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md b/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md
index 29c21fd58f..452dcc0cac 100644
--- a/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md
+++ b/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md
@@ -46,7 +46,7 @@ If you don't already have an EFS DRA certificate, you'll need to create and extr
     >[!Important]
     >Because the private keys in your DRA .pfx files can be used to decrypt any WIP file, you must protect them accordingly. We highly recommend storing these files offline, keeping copies on a smart card with strong protection for normal use and master copies in a secured physical location.
 
-4. Add your EFS DRA certificate to your WIP policy using a deployment tool, such as [Microsoft Intune](create-wip-policy-using-intune-azure.md) or [Microsoft Endpoint Configuration Manager](create-wip-policy-using-configmgr.md).
+4. Add your EFS DRA certificate to your WIP policy using a deployment tool, such as [Microsoft Intune](create-wip-policy-using-intune-azure.md) or [Microsoft Configuration Manager](create-wip-policy-using-configmgr.md).
 
 	> [!NOTE]
 	> This certificate can be used in Intune for policies both _with_ device enrollment (MDM) and _without_ device enrollment (MAM).
@@ -160,6 +160,6 @@ After signing in, the necessary WIP key info is automatically downloaded and emp
 
 - [Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune-azure.md)
 
-- [Create a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager](create-wip-policy-using-configmgr.md)
+- [Create a Windows Information Protection (WIP) policy using Microsoft Configuration Manager](create-wip-policy-using-configmgr.md)
 
 - [Creating a Domain-Based Recovery Agent](/previous-versions/tn-archive/cc875821(v=technet.10)#EJAA)
diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md
index b423f124f8..a5f4831ea5 100644
--- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md
+++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md
@@ -1,6 +1,6 @@
 ---
 title: Create and deploy a WIP policy in Configuration Manager
-description: Use Microsoft Endpoint Configuration Manager to create and deploy a Windows Information Protection (WIP) policy. Choose protected apps, WIP-protection level, and find enterprise data.
+description: Use Microsoft Configuration Manager to create and deploy a Windows Information Protection (WIP) policy. Choose protected apps, WIP-protection level, and find enterprise data.
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: aczechowski
@@ -22,7 +22,7 @@ _Applies to:_
 - Windows 10
 - Windows 11
 
-Microsoft Endpoint Configuration Manager helps you create and deploy your Windows Information Protection (WIP) policy. You can choose your protected apps, your WIP-protection mode, and how to find enterprise data on the network.
+Microsoft Configuration Manager helps you create and deploy your Windows Information Protection (WIP) policy. You can choose your protected apps, your WIP-protection mode, and how to find enterprise data on the network.
 
 ## Add a WIP policy
 After you've installed and set up Configuration Manager for your organization, you must create a configuration item for WIP, which in turn becomes your WIP policy.
diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
index d17eea7d73..7960ef2c04 100644
--- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
+++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
@@ -83,7 +83,7 @@ Microsoft still has apps that are unenlightened, but which have been tested and
 > [!NOTE]
 > As of January 2019 it is no longer necessary to add Intune Company Portal as an exempt app since it is now included in the default list of protected apps.
 
-You can add any or all of the enlightened Microsoft apps to your allowed apps list. Included here is the **Publisher name**, **Product or File name**, and **App Type** info for both Microsoft Intune and Microsoft Endpoint Configuration Manager.
+You can add any or all of the enlightened Microsoft apps to your allowed apps list. Included here is the **Publisher name**, **Product or File name**, and **App Type** info for both Microsoft Intune and Microsoft Configuration Manager.
 
 
 |                     Product name                     |                                                                                                                                                                                                                        App info                                                                                                                                                                                                                        |
diff --git a/windows/security/information-protection/windows-information-protection/how-to-disable-wip.md b/windows/security/information-protection/windows-information-protection/how-to-disable-wip.md
index 2fd658bac3..a37766ca18 100644
--- a/windows/security/information-protection/windows-information-protection/how-to-disable-wip.md
+++ b/windows/security/information-protection/windows-information-protection/how-to-disable-wip.md
@@ -1,6 +1,6 @@
 ---
 title: How to disable Windows Information Protection (WIP)
-description: How to disable Windows Information Protection (WIP) in Microsoft Intune or Microsoft Endpoint Configuration Manager.
+description: How to disable Windows Information Protection (WIP) in Microsoft Intune or Microsoft Configuration Manager.
 ms.date: 07/21/2022
 ms.prod: windows-client
 ms.topic: how-to
@@ -83,7 +83,7 @@ To disable WIP for your organization, first create a configuration item.
 The **Configure Windows Information Protection settings** page appears, where you'll configure your policy for your organization. The following sections provide details on the required settings on this page.
 
 > [!TIP]
-> For more information on filling out the required fields, see [Create and deploy a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager](/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr).
+> For more information on filling out the required fields, see [Create and deploy a Windows Information Protection (WIP) policy using Microsoft Configuration Manager](/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr).
 
 #### Turn off WIP
 
diff --git a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
index 130cbea2c2..1679964f76 100644
--- a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
+++ b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
@@ -116,7 +116,7 @@ This following list provides info about the most common problems you might encou
 
   <br/>
 
-  - **How it appears**: Windows Information Protection isn't turned on for employees in your organization. Error code 0x807c0008 will result if Windows Information Protection is deployed by using Microsoft Endpoint Configuration Manager.
+  - **How it appears**: Windows Information Protection isn't turned on for employees in your organization. Error code 0x807c0008 will result if Windows Information Protection is deployed by using Microsoft Configuration Manager.
   - **Workaround**: Don't set the **MakeFolderAvailableOfflineDisabled** option to **False** for any of the specified folders.  You can configure this parameter, as described [Disable Offline Files on individual redirected folders](/windows-server/storage/folder-redirection/disable-offline-files-on-folders).
 
     If you currently use redirected folders, we recommend that you migrate to a file synchronization solution that supports Windows Information Protection, such as Work Folders or OneDrive for Business. Additionally, if you apply redirected folders after Windows Information Protection is already in place, you might be unable to open your files offline.
diff --git a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md
index 8482363678..e2f1e9a416 100644
--- a/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md
+++ b/windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md
@@ -12,7 +12,7 @@ ms.topic: conceptual
 ms.date: 02/26/2019
 ---
 
-# Create a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager
+# Create a Windows Information Protection (WIP) policy using Microsoft Configuration Manager
 **Applies to:**
 
 - Windows 10, version 1607 and later
@@ -23,6 +23,6 @@ Microsoft Configuration Manager helps you create and deploy your enterprise data
 
 |Article |Description |
 |------|------------|
-|[Create and deploy a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager](create-wip-policy-using-configmgr.md) |Microsoft Configuration Manager helps you create and deploy your WIP policy. And, lets you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network. |
+|[Create and deploy a Windows Information Protection (WIP) policy using Microsoft Configuration Manager](create-wip-policy-using-configmgr.md) |Microsoft Configuration Manager helps you create and deploy your WIP policy. And, lets you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network. |
 |[Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md) |Steps to create, verify, and perform a quick recovery using an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate. |
 |[Determine the Enterprise Context of an app running in Windows Information Protection (WIP)](wip-app-enterprise-context.md) |Use the Task Manager to determine whether an app is considered work, personal or exempt by Windows Information Protection (WIP). |
diff --git a/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md b/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
index 41e3437c26..f73f212820 100644
--- a/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
+++ b/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
@@ -39,7 +39,7 @@ You'll need this software to run Windows Information Protection in your enterpri
 
 |Operating system | Management solution |
 |-----------------|---------------------|
-|Windows 10, version 1607 or later | Microsoft Intune<br><br>-OR-<br><br>Microsoft Endpoint Configuration Manager<br><br>-OR-<br><br>Your current company-wide third party mobile device management (MDM) solution. For info about third party MDM solutions, see the documentation that came with your product. If your third party MDM doesn't have UI support for the policies, refer to the [EnterpriseDataProtection CSP](/windows/client-management/mdm/enterprisedataprotection-csp) documentation.|
+|Windows 10, version 1607 or later | Microsoft Intune<br><br>-OR-<br><br>Microsoft Configuration Manager<br><br>-OR-<br><br>Your current company-wide third party mobile device management (MDM) solution. For info about third party MDM solutions, see the documentation that came with your product. If your third party MDM doesn't have UI support for the policies, refer to the [EnterpriseDataProtection CSP](/windows/client-management/mdm/enterprisedataprotection-csp) documentation.|
 
 ## What is enterprise data control?
 Effective collaboration means that you need to share data with others in your enterprise. This sharing can be from one extreme where everyone has access to everything without any security. Another extreme is when people can't share anything and it's all highly secured. Most enterprises fall somewhere in between the two extremes, where success is balanced between providing the necessary access with the potential for improper data disclosure.
@@ -107,7 +107,7 @@ Windows Information Protection is the mobile application management (MAM) mechan
 -   **Remove access to enterprise data from enterprise-protected devices.** Windows Information Protection gives admins the ability to revoke enterprise data from one or many MDM-enrolled devices, while leaving personal data alone. This is a benefit when an employee leaves your company, or if a device is stolen. After determining that the data access needs to be removed, you can use Microsoft Intune to unenroll the device so when it connects to the network, the user's encryption key for the device is revoked and the enterprise data becomes unreadable.
 
     >[!NOTE]
-    >For management of Surface devices it is recommended that you use the Current Branch of Microsoft Endpoint Configuration Manager.<br>Configuration Manager also allows you to revoke enterprise data. However, it does it by performing a factory reset of the device.
+    >For management of Surface devices it is recommended that you use the Current Branch of Microsoft Configuration Manager.<br>Configuration Manager also allows you to revoke enterprise data. However, it does it by performing a factory reset of the device.
 
 ## How WIP works
 Windows Information Protection helps address your everyday challenges in the enterprise. Including:
diff --git a/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md b/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
index 9fa0815843..7115c88cc2 100644
--- a/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
@@ -42,7 +42,7 @@ You can try any of the processes included in these scenarios, but you should foc
   > [!IMPORTANT]
   > Certain file types like `.exe` and `.dll`, along with certain file paths, such as `%windir%` and `%programfiles%` are excluded from automatic encryption.
 
-  For more info about your Enterprise Identity and adding apps to your allowed apps list, see either [Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune-azure.md) or [Create a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager](create-wip-policy-using-configmgr.md), based on your deployment system.
+  For more info about your Enterprise Identity and adding apps to your allowed apps list, see either [Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune-azure.md) or [Create a Windows Information Protection (WIP) policy using Microsoft Configuration Manager](create-wip-policy-using-configmgr.md), based on your deployment system.
 
 - **Block enterprise data from non-enterprise apps**:
 
diff --git a/windows/security/threat-protection/auditing/audit-authorization-policy-change.md b/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
index 1f29e4c03c..e8c3a7d588 100644
--- a/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
@@ -21,9 +21,9 @@ Audit Authorization Policy Change allows you to audit assignment and removal of
 
 | Computer Type     | General Success | General Failure | Stronger Success | Stronger Failure | Comments                                                                                                                                                                                                                                                                                                                                                                                                                                            |
 |-------------------|-----------------|-----------------|------------------|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Domain Controller | IF             | No              | IF              | No               | IF – With Success auditing for this subcategory, you can get information related to changes in user rights policies, or changes of resource attributes or Central Access Policy applied to file system objects.<br>However, if you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Endpoint Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Member Server     | IF             | No              | IF              | No               | IF – With Success auditing for this subcategory, you can get information related to changes in user rights policies, or changes of resource attributes or Central Access Policy applied to file system objects.<br>However, if you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Endpoint Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Workstation       | IF             | No              | IF              | No               | IF – With Success auditing for this subcategory, you can get information related to changes in user rights policies, or changes of resource attributes or Central Access Policy applied to file system objects.<br>However, if you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Endpoint Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Domain Controller | IF             | No              | IF              | No               | IF – With Success auditing for this subcategory, you can get information related to changes in user rights policies, or changes of resource attributes or Central Access Policy applied to file system objects.<br>However, if you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Member Server     | IF             | No              | IF              | No               | IF – With Success auditing for this subcategory, you can get information related to changes in user rights policies, or changes of resource attributes or Central Access Policy applied to file system objects.<br>However, if you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Workstation       | IF             | No              | IF              | No               | IF – With Success auditing for this subcategory, you can get information related to changes in user rights policies, or changes of resource attributes or Central Access Policy applied to file system objects.<br>However, if you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
 
 **Events List:**
 
diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
index df3e720b31..533703cb10 100644
--- a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
+++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
@@ -18,9 +18,9 @@ For more information, see [Security Monitoring: A Possible New Way to Detect Pri
 
 | Computer Type     | General Success | General Failure | Stronger Success | Stronger Failure | Comments                                                                                                                                                                                                                                                                                                                                                                                                                                            |
 |-------------------|-----------------|-----------------|------------------|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Domain Controller | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.<br>However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Endpoint Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Member Server     | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.<br>However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Endpoint Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Workstation       | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.<br>However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Endpoint Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Domain Controller | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.<br>However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Member Server     | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.<br>However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Workstation       | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.<br>However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).<br>If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
 
 **Events List:**
 
diff --git a/windows/security/threat-protection/auditing/event-4703.md b/windows/security/threat-protection/auditing/event-4703.md
index a4200af9ea..b4571317fc 100644
--- a/windows/security/threat-protection/auditing/event-4703.md
+++ b/windows/security/threat-protection/auditing/event-4703.md
@@ -23,7 +23,7 @@ ms.technology: itpro-security
 
 ***Event Description:***
 
-This event generates when [token privileges](/windows/win32/secauthz/enabling-and-disabling-privileges-in-c--) were enabled or disabled for a specific account’s token.  As of Windows 10, event 4703 is also logged by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Endpoint Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from svchost.exe). If you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, you might need to disable Success auditing for this subcategory (Audit Authorization Policy Change), or work with a very high volume of event 4703.
+This event generates when [token privileges](/windows/win32/secauthz/enabling-and-disabling-privileges-in-c--) were enabled or disabled for a specific account’s token.  As of Windows 10, event 4703 is also logged by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from svchost.exe). If you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, you might need to disable Success auditing for this subcategory (Audit Authorization Policy Change), or work with a very high volume of event 4703.
 
 > **Note**&nbsp;&nbsp;For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event.
 
@@ -182,7 +182,7 @@ Token privileges provide the ability to take certain system-level actions that y
 
 For 4703(S): A user right was adjusted.
 
-As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Endpoint Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from svchost.exe). If you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, you might need to disable Success auditing for this subcategory, [Audit Authorization Policy Change](audit-authorization-policy-change.md), or work with a very high volume of event 4703.
+As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is Microsoft Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from svchost.exe). If you are using an application or system service that makes changes to system privileges through the AdjustPrivilegesToken API, you might need to disable Success auditing for this subcategory, [Audit Authorization Policy Change](audit-authorization-policy-change.md), or work with a very high volume of event 4703.
 
 Otherwise, see the recommendations in the following table.
 
diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
index b12afae0ea..314595bed9 100644
--- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
@@ -43,7 +43,7 @@ To enable HVCI on Windows 10 and Windows 11 devices with supporting hardware thr
 - [Windows Security app](#windows-security-app)
 - [Microsoft Intune (or another MDM provider)](#enable-hvci-using-intune)
 - [Group Policy](#enable-hvci-using-group-policy)
-- [Microsoft Endpoint Configuration Manager](https://cloudblogs.microsoft.com/enterprisemobility/2015/10/30/managing-windows-10-device-guard-with-configuration-manager/)
+- [Microsoft Configuration Manager](https://cloudblogs.microsoft.com/enterprisemobility/2015/10/30/managing-windows-10-device-guard-with-configuration-manager/)
 - [Registry](#use-registry-keys-to-enable-virtualization-based-protection-of-code-integrity)
 
 ### Windows Security app
diff --git a/windows/security/threat-protection/fips-140-validation.md b/windows/security/threat-protection/fips-140-validation.md
index 68986caf3c..1af5ea34bd 100644
--- a/windows/security/threat-protection/fips-140-validation.md
+++ b/windows/security/threat-protection/fips-140-validation.md
@@ -2,6 +2,7 @@
 title: Federal Information Processing Standard (FIPS) 140 Validation
 description: Learn how Microsoft products and cryptographic modules follow the U.S. Federal government standard FIPS 140.
 ms.prod: m365-security
+ms.date: 11/03/2022
 manager: aaroncz
 ms.author: paoloma
 author: paolomatarazzo
@@ -20,17 +21,17 @@ ms.technology: windows-sec
 
 The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. government standard. FIPS is based on Section 5131 of the Information Technology Management Reform Act of 1996. It defines the minimum security requirements for cryptographic modules in IT products.
 
-The [Cryptographic Module Validation Program (CMVP)](https://csrc.nist.gov/Projects/cryptographic-module-validation-program) is a joint effort of the U.S. National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS). It validates cryptographic modules against the Security Requirements for Cryptographic Modules (part of FIPS 140-2) and related FIPS cryptography standards. The FIPS 140-2 security requirements cover 11 areas related to the design and implementation of a cryptographic module. The NIST Information Technology Laboratory operates a related program that validates the FIPS approved cryptographic algorithms in the module.
+The [Cryptographic Module Validation Program (CMVP)][HTTP-1]) is a joint effort of the U.S. National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS). It validates cryptographic modules against the Security Requirements for Cryptographic Modules (part of FIPS 140-2) and related FIPS cryptography standards. The FIPS 140-2 security requirements cover 11 areas related to the design and implementation of a cryptographic module. The NIST Information Technology Laboratory operates a related program that validates the FIPS approved cryptographic algorithms in the module.
 
-## Microsoft’s approach to FIPS 140-2 validation
+## Microsoft's approach to FIPS 140-2 validation
 
 Microsoft maintains an active commitment to meeting the requirements of the FIPS 140-2 standard, having validated cryptographic modules against it since it was first established in 2001.  Microsoft validates its cryptographic modules under the NIST CMVP, as described above.  Multiple Microsoft products, including Windows 10, Windows Server, and many cloud services, use these cryptographic modules.
 
 ## Using Windows in a FIPS 140-2 approved mode of operation
 
-Windows 10 and Windows Server may be configured to run in a FIPS 140-2 approved mode of operation, commonly referred to as "FIPS mode."  If you turn on FIPS mode, the Cryptographic Primitives Library (bcryptprimitives.dll) and Kernel Mode Cryptographic Primitives Library (CNG.sys) modules will run self-tests before Windows runs cryptographic operations. These self-tests are run according to FIPS 140-2 Section 4.9. They ensure that the modules are functioning properly.
+Windows 10 and Windows Server may be configured to run in a FIPS 140-2 approved mode of operation, commonly referred to as "FIPS mode."  If you turn on FIPS mode, the Cryptographic Primitives Library (bcryptprimitives.dll) and Kernel Mode Cryptographic Primitives Library (CNG.sys) modules will run self-tests before Windows runs cryptographic operations. These self-tests are run according to FIPS 140-2 Section 4.9. They ensure that the modules are functioning properly.
 
-The Cryptographic Primitives Library and the Kernel Mode Cryptographic Primitives Library are the only modules affected by FIPS mode. FIPS mode won't prevent Windows and its subsystems from using non-FIPS validated cryptographic algorithms. FIPS mode is merely advisory for applications or components other than the Cryptographic Primitives Library and the Kernel Mode Cryptographic Primitives Library.
+The Cryptographic Primitives Library and the Kernel Mode Cryptographic Primitives Library are the only modules affected by FIPS mode. FIPS mode won't prevent Windows and its subsystems from using non-FIPS validated cryptographic algorithms. FIPS mode is merely advisory for applications or components other than the Cryptographic Primitives Library and the Kernel Mode Cryptographic Primitives Library.
 
 US government regulations continue to mandate FIPS mode for government devices running Windows. Other customers should decide for themselves if FIPS mode is right for them. There are many applications and protocols that use FIPS mode policy to determine which cryptographic functionality to run. Customers seeking to follow the FIPS 140-2 standard should research the configuration settings of their applications and protocols. This research will help ensure that they can be configured to use FIPS 140-2 validated cryptography.
 
@@ -42,7 +43,7 @@ Administrators must ensure that all cryptographic modules installed are FIPS 140
 
 ### Step 2: Ensure all security policies for all cryptographic modules are followed
 
-Each of the cryptographic modules has a defined security policy that must be met for the module to operate in its FIPS 140-2 approved mode.  The security policy may be found in each module’s published Security Policy Document (SPD).  The SPDs for each module may be found in the table of validated modules at the end of this article.  Select the module version number to view the published SPD for the module. 
+Each of the cryptographic modules has a defined security policy that must be met for the module to operate in its FIPS 140-2 approved mode.  The security policy may be found in each module's published Security Policy Document (SPD).  The SPDs for each module may be found in the table of validated modules at the end of this article.  Select the module version number to view the published SPD for the module. 
 
 ### Step 3: Enable the FIPS security policy
 
@@ -57,6 +58,1027 @@ In short, an application or service is running in FIPS mode if it:
 * Checks for the policy flag
 * Enforces security policies of validated modules
 
+
+
+## Microsoft FIPS 140-2 validated cryptographic modules
+
+The following tables identify the cryptographic modules used in an operating system, organized by release.
+
+### Modules used by Windows clients
+
+For more details, expand each operating system section.
+
+<br>
+<details>
+<summary><b>Windows 10, version 1809</b></summary>
+
+Validated Editions: Home, Pro, Enterprise, Education
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library|[10.0.17763][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
+|Kernel Mode Cryptographic Primitives Library|[10.0.17763][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
+|Code Integrity|[10.0.17763][sp-3644]|[#3644][certificate-3644]|See Security Policy and Certificate page for algorithm information|
+|Windows OS Loader|[10.0.17763][sp-3615]|[#3615][certificate-3615]|See Security Policy and Certificate page for algorithm information|
+|Secure Kernel Code Integrity|[10.0.17763][sp-3651]|[#3651][certificate-3651]|See Security Policy and Certificate page for algorithm information|
+|BitLocker Dump Filter|[10.0.17763][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
+|Boot Manager|[10.0.17763][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
+|Virtual TPM|[10.0.17763][sp-3690]|[#3690][certificate-3690]|See Security Policy and Certificate page for algorithm information|
+
+</details>
+
+<details>
+<summary><b>Windows 10, version 1803</b></summary>
+
+Validated Editions: Home, Pro, Enterprise, Education
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library|[10.0.17134][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
+|Kernel Mode Cryptographic Primitives Library|[10.0.17134][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
+|Code Integrity|[10.0.17134][sp-3195]|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
+|Windows OS Loader|[10.0.17134][sp-3480]|[#3480][certificate-3480]|See Security Policy and Certificate page for algorithm information|
+|Secure Kernel Code Integrity|[10.0.17134][sp-3096]|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
+|BitLocker Dump Filter|[10.0.17134][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
+|Boot Manager|[10.0.17134][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
+
+</details>
+
+<details>
+<summary><b>Windows 10, version 1709</b></summary>
+
+Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library|[10.0.16299][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
+|Kernel Mode Cryptographic Primitives Library|[10.0.16299][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
+|Code Integrity|[10.0.16299][sp-3195]|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
+|Windows OS Loader|[10.0.16299][sp-3194]|[#3194][certificate-3194]|See Security Policy and Certificate page for algorithm information|
+|Secure Kernel Code Integrity|[10.0.16299][sp-3096]|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
+|BitLocker Dump Filter|[10.0.16299][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
+|Windows Resume|[10.0.16299][sp-3091]|[#3091][certificate-3091]|See Security Policy and Certificate page for algorithm information|
+|Boot Manager|[10.0.16299][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
+
+</details>
+
+<details>
+<summary><b>Windows 10, version 1703</b></summary>
+
+Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.15063][sp-3095]|[#3095][certificate-3095]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); CKG (vendor affirmed); CVL (Certs<p>[#1278][component-1278] and [#1281][component-1281]); DRBG (Cert. [#1555][drbg-1555]); DSA (Cert. [#1223][dsa-1223]); ECDSA (Cert. [#1133][ecdsa-1133]); HMAC (Cert. [#3061][hmac-3061]); KAS (Cert. [#127][kas-127]); KBKDF (Cert. [#140][kdf-140]); KTS (AES Cert. [#4626][aes-4626]; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2521][rsa-2521] and [#2522][rsa-2522]); SHS (Cert. [#3790][shs-3790]); Triple-DES (Cert. [#2459][tdes-2459]<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#1133][component-1133]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#2521][component-2521]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#1281][component-1281]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#1278][component-1278])|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.15063][sp-3094]|[#3094][certificate-3094]|[#3094][certificate-3094]<p>FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4626][aes-4626]); CKG (vendor affirmed); CVL (Certs. [#1278][component-1278] and [#1281][component-1281]); DRBG (Cert. [#1555][drbg-1555]); DSA (Cert. [#1223][dsa-1223]); ECDSA (Cert. [#1133][ecdsa-1133]); HMAC (Cert. [#3061][hmac-3061]); KAS (Cert. [#127][kas-127]); KBKDF (Cert. [#140][kdf-140]); KTS (AES Cert. [#4626][aes-4626]; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2521][rsa-2521] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]); Triple-DES (Cert. [#2459][tdes-2459]<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>[Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages ([Cert. [#3094]][certificate-3094])<p>[#1133][component-1133][); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert.][certificate-3094][#2521][component-2521][); FIPS186-4 RSA; RSADP - RSADP Primitive [Cert.][certificate-3094]<p>[#1281][component-1281][Cert. #3094][certificate-3094]|
+|Boot Manager|[10.0.15063][sp-3089]|[#3089][certificate-3089]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); CKG (vendor affirmed); HMAC (Cert. [#3061][hmac-3061]); PBKDF (vendor affirmed); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Other algorithms: PBKDF (vendor affirmed); VMK KDF (vendor affirmed)|
+|Windows OS Loader|[10.0.15063][sp-3090]|[#3090][certificate-3090]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>[Other algorithms: NDRNG][certificate-3090]|
+|Windows Resume <sup>[1]</sup>|[10.0.15063][sp-3091]|[#3091][certificate-3091]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790])|
+|BitLocker® Dump Filter <sup>[2]</sup>|[10.0.15063][sp-3092]|[#3092][certificate-3092]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2522][rsa-2522]); SHS (Cert. [#3790][shs-3790])|
+|Code Integrity (ci.dll)|[10.0.15063][sp-3093]|[#3093][certificate-3093]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); RSA (Certs. [#2522][rsa-2522] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282][component-1282])|
+|Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.15063][sp-3096]|[#3096][certificate-3096]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); RSA (Certs. [#2522][rsa-2522] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282][component-1282])|
+
+
+<sup>\[1\]</sup> Applies only to Home, Pro, Enterprise, Education, and S.
+
+<sup>\[2\]</sup> Applies only to Pro, Enterprise, Education, S, Mobile, and Surface Hub
+
+<sup>\[3\]</sup> Applies only to Pro, Enterprise, Education, and S
+
+</details>
+
+<details>
+<summary><b>Windows 10, version 1607</b></summary>
+
+Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393][sp-2937]|[#2937][certificate-2937]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922][component-922]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887][component-887]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#886][component-886])|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393][sp-2936]|[#2936][certificate-2936]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922][component-922]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887][component-887])|
+|Boot Manager|[10.0.14393][sp-2931]|[#2931][certificate-2931]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); HMAC (Cert. [#2651][hmac-2651]); PBKDF (vendor affirmed); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
+|BitLocker® Windows OS Loader (winload)|[10.0.14393][sp-2932]|[#2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
+|BitLocker® Windows Resume (winresume)<sup>[1]</sup>|[10.0.14393][sp-2933]|[#2933][certificate-2933]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
+|BitLocker® Dump Filter (dumpfve.sys)<sup>[2]</sup>|[10.0.14393][sp-2934]|[#2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
+|Code Integrity (ci.dll)|[10.0.14393][sp-2935]|[#2935][certificate-2935]|FIPS approved algorithms: RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888])|
+|Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.14393][sp-2938]|[#2938][certificate-2938]|FIPS approved algorithms: RSA (Certs. [#2193][rsa-2193]); SHS (Certs. [#3347][shs-3347])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888])|
+
+<sup>\[1\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
+
+<sup>\[2\]</sup> Applies only to Pro, Enterprise, Enterprise LTSB, and Mobile
+
+<sup>\[3\]</sup> Applies only to Pro, Enterprise, and Enterprise LTSB
+
+</details>
+
+<details>
+<summary><b>Windows 10, version 1511</b></summary>
+
+Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10586][sp-2605]|[#2606][certificate-2606]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629]); DRBG (Certs. [#955][drbg-955]); DSA (Certs. [#1024][dsa-1024]); ECDSA (Certs. [#760][ecdsa-760]); HMAC (Certs. [#2381][hmac-2381]); KAS (Certs. [#72][kas-72]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72][kdf-72]); KTS (AES Certs. [#3653][aes-3653]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887][rsa-1887], [#1888, and #1889][rsa-1888]); SHS (Certs. [#3047][shs-3047]); Triple-DES (Certs. [#2024][tdes-2024])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666][component-666]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663][component-663]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#664][component-664])|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10586][sp-2605]|[#2605][certificate-2605]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629]); DRBG (Certs. [#955][drbg-955]); DSA (Certs.  [#1024][dsa-1024]); ECDSA (Certs. [#760][ecdsa-760]); HMAC (Certs. [#2381][hmac-2381]); KAS (Certs. [#72][kas-72]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72][kdf-72]); KTS (AES Certs. [#3653][aes-3653]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887][rsa-1887], [#1888, and #1889][rsa-1888]); SHS (Certs. [#3047][shs-3047]); Triple-DES (Certs. [#2024][tdes-2024])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666][component-666]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663][component-663])|
+|Boot Manager <sup>[4]</sup>|[10.0.10586][sp-2700]|[#2700][certificate-2700]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); HMAC (Cert. [#2381][hmac-2381]); PBKDF (vendor affirmed); RSA (Cert. [#1871][rsa-1871]); SHS (Certs. [#3047][shs-3047] and [#3048][shs-3048])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
+|BitLocker® Windows OS Loader (winload)<sup>[5]</sup>|[10.0.10586][sp-2701]|[#2701][certificate-2701]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629] and [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5; NDRNG|
+|BitLocker® Windows Resume (winresume)<sup>[6]</sup>|[10.0.10586][sp-2702]|[#2702][certificate-2702]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5|
+|BitLocker® Dump Filter (dumpfve.sys)<sup>[7]</sup>|[10.0.10586][sp-2703]|[#2703][certificate-2703]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653])|
+|Code Integrity (ci.dll)|[10.0.10586][sp-2604]|[#2604][certificate-2604]|FIPS approved algorithms: RSA (Certs. [#1871][rsa-1871]); SHS (Certs. [#3048][shs-3048])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665])|
+|Secure Kernel Code Integrity (skci.dll)<sup>[8]</sup>|[10.0.10586][sp-2607]|[#2607][certificate-2607]|FIPS approved algorithms: RSA (Certs. [#1871][rsa-1871]); SHS (Certs. [#3048][shs-3048])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665])|
+
+<sup>\[4\]</sup> Applies only to Home, Pro, Enterprise, Mobile, and Surface Hub
+
+<sup>\[5\]</sup> Applies only to Home, Pro, Enterprise, Mobile, and Surface Hub
+
+<sup>\[6\]</sup> Applies only to Home, Pro, and Enterprise
+
+<sup>\[7\]</sup> Applies only to Pro, Enterprise, Mobile, and Surface Hub
+
+<sup>\[8\]</sup> Applies only to Enterprise and Enterprise LTSB
+
+</details>
+
+<details>
+<summary><b>Windows 10, version 1507</b></summary>
+
+Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, and Surface Hub
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10240][sp-2605]|#[2606][certificate-2606]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497]); DRBG (Certs. [#868][drbg-868]); DSA (Certs. [#983][dsa-983]); ECDSA (Certs. [#706][ecdsa-706]); HMAC (Certs. [#2233][hmac-2233]); KAS (Certs. [#64][kas-64]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66][kdf-66]); KTS (AES Certs. [#3507][aes-3507]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783][rsa-1783], [#1798][rsa-1798], and [#1802][rsa-1802]); SHS (Certs. [#2886][shs-2886]); Triple-DES (Certs. [#1969][tdes-1969])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576][component-576]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#575][component-575])|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10240][sp-2605]|[#2605][certificate-2605]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497]); DRBG (Certs. [#868][drbg-868]); DSA (Certs. [#983][dsa-983]); ECDSA (Certs. [#706][ecdsa-706]); HMAC (Certs. [#2233][hmac-2233]); KAS (Certs. [#64][kas-64]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66][kdf-66]); KTS (AES Certs. [#3507][aes-3507]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783][rsa-1783], [#1798][rsa-1798], and [#1802][rsa-1802]); SHS (Certs. [#2886][shs-2886]); Triple-DES (Certs. [#1969][tdes-1969])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576][component-576])|
+|Boot Manager<sup>[9]</sup>|[10.0.10240][sp-2600]|[#2600][certificate-2600]|FIPS approved algorithms: AES (Cert. [#3497][aes-3497]); HMAC (Cert. [#2233][hmac-2233]); KTS (AES Cert. [#3498][aes-3498]); PBKDF (vendor affirmed); RSA (Cert. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871] and [#2886][shs-2886])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
+|BitLocker® Windows OS Loader (winload)<sup>[10]</sup>|[10.0.10240][sp-2601]|[#2601][certificate-2601]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5; NDRNG|
+|BitLocker® Windows Resume (winresume)<sup>[11]</sup>|[10.0.10240][sp-2602]|[#2602][certificate-2602]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5|
+|BitLocker® Dump Filter (dumpfve.sys)<sup>[12]</sup>|[10.0.10240][sp-2603]|[#2603][certificate-2603]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498])|
+|Code Integrity (ci.dll)|[10.0.10240][sp-2604]|[#2604][certificate-2604]|FIPS approved algorithms: RSA (Certs. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572])|
+|Secure Kernel Code Integrity (skci.dll)<sup>[13]</sup>|[10.0.10240][sp-2607]|[#2607][certificate-2607]|FIPS approved algorithms: RSA (Certs. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572])|
+
+
+<sup>\[9\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
+
+<sup>\[10\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
+
+<sup>\[11\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
+
+<sup>\[12\]</sup> Applies only to Pro, Enterprise, and Enterprise LTSB
+
+<sup>\[13\]</sup> Applies only to Enterprise and Enterprise LTSB
+
+</details>
+
+<details>
+<summary><b>Windows 8.1</b></summary>
+
+Validated Editions: RT, Pro, Enterprise, Phone, Embedded
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031][sp-2357]|[#2357][certificate-2357]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); DSA (Cert. [#855][dsa-855]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [#2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)#2832, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288][component-288]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#323][component-323])|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042][sp-2356]|[#2356][certificate-2356]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [# 2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288][component-288]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289])|
+|Boot Manager|[6.3.9600 6.3.9600.17031][sp-2351]|[#2351][certificate-2351]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); HMAC (Cert. [#1773][hmac-1773]); PBKDF (vendor affirmed); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
+|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[#2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
+|BitLocker® Windows Resume (winresume)<sup>[14]</sup>|[6.3.9600 6.3.9600.17031][sp-2353]|[#2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
+|BitLocker® Dump Filter (dumpfve.sys)|[6.3.9600 6.3.9600.17031][sp-2354]|[#2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
+|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031][sp-2355]|[#2355][certificate-2355]|FIPS approved algorithms: RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [# 2373][shs-2373])<p>Other algorithms: MD5<p>Validated Component Implementations: PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289])|
+
+<sup>\[14\]</sup> Applies only to Pro, Enterprise, and Embedded 8.
+
+</details>
+
+<details>
+<summary><b>Windows 8</b></summary>
+
+Validated Editions: RT, Home, Pro, Enterprise, Phone
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200][sp-1892]|[#1892][sp-1892]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258]); DSA (Cert. [#687][dsa-687]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3][kdf-3]); PBKDF (vendor affirmed); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258); DSA (Cert.); ECDSA (Cert.); HMAC (Cert.); KAS (Cert); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200][sp-1891]|[#1891][certificate-1891]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258] and [#259][drbg-259]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3][kdf-3]); PBKDF (vendor affirmed); RNG (Cert. [#1110][rng-1110]); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258 and); ECDSA (Cert.); HMAC (Cert.); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RNG (Cert.); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
+|Boot Manager|[6.2.9200][sp-1895]|[#1895][sp-1895]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); HMAC (Cert. #[1347][hmac-1347]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
+|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[#1896][sp-1896]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
+|BitLocker® Windows Resume (WINRESUME)<sup>[15]</sup>|[6.2.9200][sp-1898]|[#1898][sp-1898]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
+|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[#1899][sp-1899]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
+|Code Integrity (CI.DLL)|[6.2.9200][sp-1897]|[#1897][sp-1897]|FIPS approved algorithms: RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200][sp-1893]|[#1893][sp-1893]|FIPS approved algorithms: DSA (Cert. [#686][dsa-686]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386]); Triple-DES MAC (Triple-DES Cert. [#1386][tdes-1386], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#1902); Triple-DES (Cert.); Triple-DES MAC (Triple-DES Certificate, vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Certificate, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200][sp-1894]|[#1894][sp-1894]|FIPS approved algorithms: AES (Cert. [#2196][aes-2196]); HMAC (Cert. #1346); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386])<p>Other algorithms: AES (Cert. [#2196][aes-2196], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+
+<sup>\[15\]</sup> Applies only to Home and Pro
+
+</details>
+
+<details>
+<summary><b>Windows 7</b></summary>
+
+Validated Editions: Windows 7, Windows 7 SP1
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.1.7600.16385][sp-1329]<p>[6.1.7601.17514][sp-1329]|[1329][certificate-1329]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1178][aes-1178]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#24][drbg-24]); DSA (Cert. [#386][dsa-386]); ECDSA (Cert. [#141][ecdsa-141]); HMAC (Cert. [#677][hmac-677]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649][rng-649]); RSA (Certs. [#559][rsa-559] and [#560][rsa-560]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4#559 and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385][sp-1328]<p>[6.1.7600.16915][sp-1328]<p>[6.1.7600.21092][sp-1328]<p>[6.1.7601.17514][sp-1328]<p>[6.1.7601.17725][sp-1328]<p>[6.1.7601.17919][sp-1328]<p>[6.1.7601.21861][sp-1328]<p>[6.1.7601.22076][sp-1328]|[1328][certificate-1328]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1178][aes-1178]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#24][drbg-24]); ECDSA (Cert. [#141][ecdsa-141]); HMAC (Cert. [#677][hmac-677]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649][rng-649]); RSA (Certs. [#559][rsa-559] and [#560][rsa-560]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
+|Boot Manager|[6.1.7600.16385][sp-1319]<p>[6.1.7601.17514][sp-1319]|[1319][certificate-1319]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5#1168 and); HMAC (Cert.); RSA (Cert.); SHS (Cert.)<p>Other algorithms: MD5|
+|Winload OS Loader (winload.exe)|[6.1.7600.16385][sp-1326]<p>[6.1.7600.16757][sp-1326]<p>[6.1.7600.20897][sp-1326]<p>[6.1.7600.20916][sp-1326]<p>[6.1.7601.17514][sp-1326]<p>[6.1.7601.17556][sp-1326]<p>[6.1.7601.21655][sp-1326]<p>[6.1.7601.21675][sp-1326]|[1326][certificate-1326]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
+|BitLocker™ Drive Encryption|[6.1.7600.16385][sp-1332]<p>[6.1.7600.16429][sp-1332]<p>[6.1.7600.16757][sp-1332]<p>[6.1.7600.20536][sp-1332]<p>[6.1.7600.20873][sp-1332]<p>[6.1.7600.20897][sp-1332]<p>[6.1.7600.20916][sp-1332]<p>[6.1.7601.17514][sp-1332]<p>[6.1.7601.17556][sp-1332]<p>[6.1.7601.21634][sp-1332]<p>[6.1.7601.21655][sp-1332]<p>[6.1.7601.21675][sp-1332]|[1332][certificate-1332]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
+|Code Integrity (CI.DLL)|[6.1.7600.16385][sp-1327]<p>[6.1.7600.17122][sp-1327]v[6.1.7600.21320][sp-1327]<p>[6.1.7601.17514][sp-1327]<p>[6.1.7601.17950][sp-1327]v[6.1.7601.22108][sp-1327]|[1327][certificate-1327]|FIPS approved algorithms: RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.1.7600.16385][sp-1331]<p>(no change in SP1)|[1331][certificate-1331]|FIPS approved algorithms: DSA (Cert. [#385][dsa-385]); RNG (Cert. [#649][rng-649]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846]); Triple-DES MAC (Triple-DES Cert. [#846][tdes-846], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
+|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.1.7600.16385][sp-1330]<p>(no change in SP1)|[1330][certificate-1330]|FIPS approved algorithms: AES (Cert. [#1168][aes-1168]); DRBG (Cert. [#23][drbg-23]); HMAC (Cert. [#673][hmac-673]); SHS (Cert. [#1081][shs-1081]); RSA (Certs. [#557][rsa-557] and [#559][rsa-559]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+
+</details>
+
+<details>
+<summary><b>Windows Vista SP1</b></summary>
+
+Validated Editions: Ultimate Edition
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Boot Manager (bootmgr)|[6.0.6001.18000 and 6.0.6002.18005][sp-978]|[978][certificate-978]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); HMAC (Cert. [#415][hmac-415]); RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])|
+|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18027, 6.0.6001.18606, 6.0.6001.22125, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411 and 6.0.6002.22596][sp-979]|[979][certificate-979]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
+|Code Integrity (ci.dll)|[6.0.6001.18000, 6.0.6001.18023, 6.0.6001.22120, and 6.0.6002.18005][sp-980]|[980][certificate-980]|FIPS approved algorithms: RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
+|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869][sp-1000]|[1000][certificate-1000]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#756][aes-756]); ECDSA (Cert. [#82][ecdsa-82]); HMAC (Cert. [#412][hmac-412]); RNG (Cert. [#435][rng-435] and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs. [#353][rsa-353] and [#357][rsa-357]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])#739 and); ECDSA (Cert.); HMAC (Cert.); RNG (Cert.  and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872][sp-1002]|[1001][certificate-1001]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#756][aes-756]); DSA (Cert. [#283][dsa-283]); ECDSA (Cert. [#82][ecdsa-82]); HMAC (Cert. [#412][hmac-412]); RNG (Cert. [#435][rng-435] and SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#357][rsa-357]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)|
+|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005][sp-1002]|[1002][certificate-1002]|FIPS approved algorithms: AES (Cert. [#739][aes-739]); HMAC (Cert. [#407][hmac-407]); RNG (SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#354][rsa-354]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005][sp-1003]|[1003][certificate-1003]|FIPS approved algorithms: DSA (Cert. [#281][dsa-281]); RNG (Cert. [#435][rng-435]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656]); Triple-DES MAC (Triple-DES Cert. [#656][tdes-656], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
+
+</details>
+
+<details>
+<summary><b>Windows Vista</b></summary>
+
+Validated Editions: Ultimate Edition
+
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Enhanced Cryptographic Provider (RSAENH) | [6.0.6000.16386][sp-893] | [893][certificate-893] | FIPS approved algorithms: AES (Cert. [#553][aes-553]); HMAC (Cert. [#297][hmac-297]); RNG (Cert. [#321][rng-321]); RSA (Certs. [#255][rsa-255] and [#258][rsa-258]); SHS (Cert. [#618][shs-618]); Triple-DES (Cert. [#549][tdes-549])<br/><br/>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6000.16386][sp-894]|[894][certificate-894]|FIPS approved algorithms: DSA (Cert. [#226][dsa-226]); RNG (Cert. [#321][rng-321]); SHS (Cert. [#618][shs-618]); Triple-DES (Cert. [#549][tdes-549]); Triple-DES MAC (Triple-DES Cert. [#549][tdes-549], vendor affirmed)<br/><br/>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
+|BitLocker™ Drive Encryption|[6.0.6000.16386][sp-947]|[947][certificate-947]|FIPS approved algorithms: AES (Cert. [#715][aes-715]); HMAC (Cert. [#386][hmac-386]); SHS (Cert. [#737][shs-737])<br/><br/>Other algorithms: Elephant Diffuser|
+|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067][sp-891]|[891][certificate-891]|FIPS approved algorithms: AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549)<br/><br/>Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5|
+
+</details>
+
+<details>
+<summary><b>Windows XP SP3</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.1.2600.5512][sp-997]|[997][certificate-997]|FIPS approved algorithms: HMAC (Cert. [#429][shs-429]); RNG (Cert. [#449][rng-449]); SHS (Cert. [#785][shs-785]); Triple-DES (Cert. [#677][tdes-677]); Triple-DES MAC (Triple-DES Cert. [#677][tdes-677], vendor affirmed)<p>Other algorithms: DES; MD5; HMAC MD5|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.1.2600.5507][sp-990]|[990][certificate-990]|FIPS approved algorithms: DSA (Cert. [#292][dsa-292]); RNG (Cert. [#448][rng-448]); SHS (Cert. [#784][shs-784]); Triple-DES (Cert. [#676][tdes-676]); Triple-DES MAC (Triple-DES Cert. [#676][tdes-676], vendor affirmed)<p>Other algorithms: DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits); MD5; RC2; RC4|
+|Enhanced Cryptographic Provider (RSAENH)|[5.1.2600.5507][sp-989]|[989][certificate-989]|FIPS approved algorithms: AES (Cert. [#781][aes-781]); HMAC (Cert. [#428][shs-428]); RNG (Cert. [#447][rng-447]); RSA (Cert. [#371][rsa-371]); SHS (Cert. [#783][shs-783]); Triple-DES (Cert. [#675][tdes-675]); Triple-DES MAC (Triple-DES Cert. [#675][tdes-675], vendor affirmed)<p>Other algorithms: DES; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits)|
+
+</details>
+
+<details>
+<summary><b>Windows XP SP2</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|DSS/Diffie-Hellman Enhanced Cryptographic Provider|[5.1.2600.2133][sp-240]|[240][certificate-240]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Cert. [#29][dsa-29])<p>Other algorithms: DES (Cert. [#66][des-66]); RC2; RC4; MD5; DES40; Diffie-Hellman (key agreement)|
+|Microsoft Enhanced Cryptographic Provider|[5.1.2600.2161][sp-238]|[238][certificate-238]|FIPS approved algorithms: Triple-DES (Cert. [#81][tdes-81]); AES (Cert. [#33][aes-33]); SHA-1 (Cert. [#83][shs-83]); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. [#83][shs-83], vendor affirmed)<p>Other algorithms: DES (Cert. [#156][des-156]); RC2; RC4; MD5|
+
+
+</details>
+
+<details>
+<summary><b>Windows XP SP1</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Microsoft Enhanced Cryptographic Provider|[5.1.2600.1029][sp-238]|[238][certificate-238]|FIPS approved algorithms: Triple-DES (Cert. [#81][tdes-81]); AES (Cert. [#33][aes-33]); SHA-1 (Cert. [#83][shs-83]); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. [#83][shs-83], vendor affirmed)<p>Other algorithms: DES (Cert. [#156][des-156]); RC2; RC4; MD5|
+
+</details>
+
+<details>
+<summary><b>Windows XP</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Kernel Mode Cryptographic Module|[5.1.2600.0][sp-241]|[241][certificate-241]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Cert. [#35][dsa-35]); HMAC-SHA-1 (Cert. [#35][shs-35], vendor affirmed)<p>Other algorithms: DES (Cert. [#89][des-89])|
+
+</details>
+
+<details>
+<summary><b>Windows 2000 SP3</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569][sp-106]|[106][certificate-106]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); SHA-1 (Certs. [#35][shs-35])<p>Other algorithms: DES (Certs. [#89][des-89])|
+|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[(Base DSS: 5.0.2195.3665 [SP3])][sp-103]<p>[(Base: 5.0.2195.3839 [SP3])][sp-103]<p>[(DSS/DH Enh: 5.0.2195.3665 [SP3])][sp-103]<p>[(Enh: 5.0.2195.3839 [SP3]][sp-103]|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65][des-65], [66][des-66], [67][des-67] and [68][des-68]); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
+
+</details>
+
+<details>
+<summary><b>Windows 2000 SP2</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569][sp-106]|[106][certificate-106]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); SHA-1 (Certs. [#35][shs-35])<p>Other algorithms: DES (Certs. [#89][des-89])|
+|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[(Base DSS:][sp-103]<p>[5.0.2195.2228 [SP2])][sp-103]<p>[(Base:][sp-103]<p>[5.0.2195.2228 [SP2])][sp-103]<p>[(DSS/DH Enh:][sp-103]<p>[5.0.2195.2228 [SP2])][sp-103]<p>[(Enh:][sp-103]<p>[5.0.2195.2228 [SP2])][sp-103]|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65][des-65], [66][des-66], [67][des-67] and [68][des-68]); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
+
+</details>
+
+<details>
+<summary><b>Windows 2000 SP1</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|([Base DSS: 5.0.2150.1391 [SP1])][sp-103]<p>[(Base: 5.0.2150.1391 [SP1])][sp-103]<p>[(DSS/DH Enh: 5.0.2150.1391 [SP1])][sp-103]<p>[(Enh: 5.0.2150.1391 [SP1])][sp-103]|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65][des-65], [66][des-66], [67][des-67] and [68][des-68]); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
+
+</details>
+
+<details>
+<summary><b>Windows 2000</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.2150.1][sp-76]|[76][certificate-76]|FIPS approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Certs. [#28][dsa-28] and [29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65][des-65], [66][des-66], [67][des-67] and [68][des-68]); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
+
+</details>
+
+<details>
+<summary><b>Windows 95 and Windows 98</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7][sp-75]|[75][certificate-75]|FIPS approved algorithms: Triple-DES (vendor affirmed); SHA-1 (Certs. [#20][shs-20] and [21][shs-21]); DSA/SHA-1 (Certs. [#25][dsa-25] and [26][dsa-26]); RSA (vendor- affirmed)<p>Other algorithms: DES (Certs. [#61][des-61], [62][des-62], [63][des-63] and [64][des-64]); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
+
+</details>
+
+<details>
+<summary><b>Windows NT 4.0</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Base Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7][sp-68]|[68][certificate-68]|FIPS approved algorithms: SHA-1 (Certs. [#20][shs-20] and [21][shs-21]); DSA/SHA- 1 (Certs. [#25][dsa-25] and [26][dsa-26]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#61][des-61], [62][des-62], [63][des-63] and [64][des-64]); Triple-DES (allowed for US and Canadian Government use); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
+
+</details>
+
+### Modules used by Windows Server
+
+For more details, expand each operating system section.
+
+<br>
+<details>
+<summary><b>Windows Server 2019, version 1809</b></summary>
+
+Validated Editions: Standard, Datacenter
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library|[10.0.17763][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
+|Kernel Mode Cryptographic Primitives Library|[10.0.17763][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
+|Code Integrity|[10.0.17763][sp-3644]|[#3644][certificate-3644]|See Security Policy and Certificate page for algorithm information|
+|Windows OS Loader|[10.0.17763][sp-3615]|[#3615][certificate-3615]|See Security Policy and Certificate page for algorithm information|
+|Secure Kernel Code Integrity|[10.0.17763][sp-3651]|[#3651][certificate-3651]|See Security Policy and Certificate page for algorithm information|
+|BitLocker Dump Filter|[10.0.17763][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
+|Boot Manager|[10.0.17763][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
+|Virtual TPM|[10.0.17763][sp-3690]|[#3690][certificate-3690]|See Security Policy and Certificate page for algorithm information|
+
+</details>
+
+<details>
+<summary><b>Windows Server, version 1803</b></summary>
+
+Validated Editions: Standard, Datacenter
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library|[10.0.17134][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
+|Kernel Mode Cryptographic Primitives Library|[10.0.17134][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
+|Code Integrity|[10.0.17134][sp-3195]|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
+|Windows OS Loader|[10.0.17134][sp-3480]|[#3480][certificate-3480]|See Security Policy and Certificate page for algorithm information|
+|Secure Kernel Code Integrity|[10.0.17134][sp-3096]|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
+|BitLocker Dump Filter|[10.0.17134][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
+|Boot Manager|[10.0.17134][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
+
+</details>
+
+<details>
+<summary><b>Windows Server, version 1709</b></summary>
+
+Validated Editions: Standard, Datacenter
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library|[10.0.16299][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
+|Kernel Mode Cryptographic Primitives Library|[10.0.16299][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
+|Code Integrity|[10.0.16299][sp-3195]|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
+|Windows OS Loader|[10.0.16299][sp-3194]|[#3194][certificate-3194]|See Security Policy and Certificate page for algorithm information|
+|Secure Kernel Code Integrity|[10.0.16299][sp-3096]|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
+|BitLocker Dump Filter|[10.0.16299][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
+|Windows Resume|[10.0.16299][sp-3091]|[#3091][certificate-3091]|See Security Policy and Certificate page for algorithm information|
+|Boot Manager|[10.0.16299][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
+
+</details>
+
+<details>
+<summary><b>Windows Server 2016</b></summary>
+
+Validated Editions: Standard, Datacenter, Storage Server
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393][sp-2937]|[2937][certificate-2937]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393][sp-2936]|[2936][certificate-2936]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
+|Boot Manager|[10.0.14393][sp-2931]|[2931][certificate-2931]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); HMAC (Cert. [#2651][hmac-2651]); PBKDF (vendor affirmed); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
+|BitLocker® Windows OS Loader (winload)|[10.0.14393][sp-2932]|[2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
+|BitLocker® Windows Resume (winresume)|[10.0.14393][sp-2933]|[2933][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
+|BitLocker® Dump Filter (dumpfve.sys)|[10.0.14393][sp-2934]|[2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
+|Code Integrity (ci.dll)|[10.0.14393][sp-2935]|[2935][certificate-2935]|FIPS approved algorithms: RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: AES (non-compliant); MD5|
+|Secure Kernel Code Integrity (skci.dll)|[10.0.14393][sp-2938]|[2938][certificate-2938]|FIPS approved algorithms: RSA (Certs. [#2193][rsa-2193]); SHS (Certs. [#3347][shs-3347])<p>Other algorithms: MD5|
+
+</details>
+
+<details>
+<summary><b>Windows Server 2012 R2</b></summary>
+
+Validated Editions: Server, Storage Server,
+
+**StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2**
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031][sp-2357]|[2357][certificate-2357]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); DSA (Cert. [#855][dsa-855]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [#2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042][sp-2356]|[2356][certificate-2356]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [# 2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
+|Boot Manager|[6.3.9600 6.3.9600.17031][sp-2351]|[2351][certificate-2351]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); HMAC (Cert. [#1773][hmac-1773]); PBKDF (vendor affirmed); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
+|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
+|BitLocker® Windows Resume (winresume)<sup>[16]</sup>|[6.3.9600 6.3.9600.17031][sp-2353]|[2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
+|BitLocker® Dump Filter (dumpfve.sys)<sup>[17]</sup>|[6.3.9600 6.3.9600.17031][sp-2354]|[2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
+|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031][sp-2355]|[2355][certificate-2355]|FIPS approved algorithms: RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [# 2373][shs-2373])<p>Other algorithms: MD5|
+
+<sup>\[16\]</sup> Doesn't apply to **Azure StorSimple Virtual Array Windows Server 2012 R2**
+
+<sup>\[17\]</sup> Doesn't apply to **Azure StorSimple Virtual Array Windows Server 2012 R2**
+
+</details>
+
+<details>
+<summary><b>Windows Server 2012</b></summary>
+
+Validated Editions: Server, Storage Server
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200][sp-1892]|[1892]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258]); DSA (Cert. [#687][dsa-687]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. #[1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3][kdf-3]); PBKDF (vendor affirmed); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#687); ECDSA (Cert.); HMAC (Cert. #); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200][sp-1891]|[1891][certificate-1891]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258] and [#259][drbg-259]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3][kdf-3]); PBKDF (vendor affirmed); RNG (Cert. [#1110][rng-1110]); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#1110); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
+|Boot Manager|[6.2.9200][sp-1895]|[1895][sp-1895]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); HMAC (Cert. #[1347][hmac-1347]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
+|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[1896][sp-1896]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
+|BitLocker® Windows Resume (WINRESUME)|[6.2.9200][sp-1898]|[1898][sp-1898]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
+|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[1899][sp-1899]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
+|Code Integrity (CI.DLL)|[6.2.9200][sp-1897]|[1897][sp-1897]|FIPS approved algorithms: RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200][sp-1893]|[1893][sp-1893]|FIPS approved algorithms: DSA (Cert. [#686][dsa-686]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386]); Triple-DES MAC (Triple-DES Cert. [#1386][tdes-1386], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200][sp-1894]|[1894][sp-1894]|FIPS approved algorithms: AES (Cert. [#2196][aes-2196]); HMAC (Cert. [#1346][hmac-1346]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386])<p>Other algorithms: AES (Cert. [#2196][aes-2196], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+</details>
+
+<details>
+<summary><b>Windows Server 2008 R2</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Boot Manager (bootmgr)|[6.1.7600.16385 or 6.1.7601.17514][sp-1321]|[1321][certificate-1321]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
+|Winload OS Loader (winload.exe)|[6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675][sp-1333]|[1333][certificate-1333]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
+|Code Integrity (ci.dll)|[6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950 and 6.1.7601.22108][sp-1334]|[1334][certificate-1334]|FIPS approved algorithms: RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
+|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076][sp-1335]|[1335][certificate-1335]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#27][drbg-27]); ECDSA (Cert. [#142][ecdsa-142]); HMAC (Cert. [#686][hmac-686]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649][rng-649]); RSA (Certs. [#559][rsa-559] and [#567][rsa-567]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
+|Cryptographic Primitives Library (bcryptprimitives.dll)|[66.1.7600.16385 or 6.1.7601.17514][sp-1336]|[1336][certificate-1336]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#27][drbg-27]); DSA (Cert. [#391][dsa-391]); ECDSA (Cert. [#142][ecdsa-142]); HMAC (Cert. [#686][hmac-686]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649][rng-649]); RSA (Certs. [#559][rsa-559] and [#567][rsa-567]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; HMAC MD5; MD2; MD4; MD5; RC2; RC4|
+|Enhanced Cryptographic Provider (RSAENH)|[6.1.7600.16385][sp-1337]|[1337][certificate-1337]|FIPS approved algorithms: AES (Cert. [#1168][aes-1168]); DRBG (Cert. [#23][drbg-23]); HMAC (Cert. [#687][hmac-687]); SHS (Cert. [#1081][shs-1081]); RSA (Certs. [#559][rsa-559] and [#568][rsa-568]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.1.7600.16385][sp-1338]|[1338][certificate-1338]|FIPS approved algorithms: DSA (Cert. [#390][dsa-390]); RNG (Cert. [#649][rng-649]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846]); Triple-DES MAC (Triple-DES Cert. [#846][tdes-846], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
+|BitLocker™ Drive Encryption|[6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675][sp-1339]|[1339][certificate-1339]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
+
+</details>
+
+<details>
+<summary><b>Windows Server 2008</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Boot Manager (bootmgr)|[6.0.6001.18000, 6.0.6002.18005 and 6.0.6002.22497][sp-1004]|[1004][certificate-1004]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); HMAC (Cert. [#415][hmac-415]); RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: N/A|
+|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596][sp-1005]|[1005][certificate-1005]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
+|Code Integrity (ci.dll)|[6.0.6001.18000 and 6.0.6002.18005][sp-1006]|[1006][certificate-1006]|FIPS approved algorithms: RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
+|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869][sp-1007]|[1007][certificate-1007]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#757][aes-757]); ECDSA (Cert. [#83][ecdsa-83]); HMAC (Cert. [#413][hmac-413]); RNG (Cert. [#435][rng-435] and SP800-90 AES-CTR, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#358][rsa-358]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#83); HMAC (Cert.); RNG (Cert.  and SP800-90 AES-CTR, vendor affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872][sp-1008]|[1008][certificate-1008]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#757][aes-757]); DSA (Cert. [#284][dsa-284]); ECDSA (Cert. [#83][ecdsa-83]); HMAC (Cert. [#413][hmac-413]); RNG (Cert. [#435][rng-435] and SP800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#358][rsa-358]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005][sp-1009]|[1009][certificate-1009]|FIPS approved algorithms: DSA (Cert. [#282][dsa-282]); RNG (Cert. [#435][rng-435]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656]); Triple-DES MAC (Triple-DES Cert. [#656][tdes-656], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
+|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005][sp-1010]|[1010][certificate-1010]|FIPS approved algorithms: AES (Cert. [#739][aes-739]); HMAC (Cert. [#408][hmac-408]); RNG (SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#355][rsa-355]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+
+</details>
+
+<details>
+<summary><b>Windows Server 2003 SP2</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.3959][sp-875]|[875][certificate-875]|FIPS approved algorithms: DSA (Cert. [#221][dsa-221]); RNG (Cert. [#314][rng-314]); RSA (Cert. [#245][rsa-245]); SHS (Cert. [#611][shs-611]); Triple-DES (Cert. [#543][tdes-543])<p>Other algorithms: DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC4|
+|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.3959][sp-869]|[869][certificate-869]|FIPS approved algorithms: HMAC (Cert. [#287][hmac-287]); RNG (Cert. [#313][rng-313]); SHS (Cert. [#610][shs-610]); Triple-DES (Cert. [#542][tdes-542])<p>Other algorithms: DES; HMAC-MD5|
+|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.3959][sp-868]|[868][certificate-868]|FIPS approved algorithms: AES (Cert. [#548][aes-548]); HMAC (Cert. [#289][hmac-289]); RNG (Cert. [#316][rng-316]); RSA (Cert. [#245][rsa-245]); SHS (Cert. [#613][shs-613]); Triple-DES (Cert. [#544][tdes-544])<p>Other algorithms: DES; RC2; RC4; MD2; MD4; MD5; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
+
+</details>
+
+<details>
+<summary><b>Windows Server 2003 SP1</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.1830 [SP1]][sp-405]|[405][certificate-405]|FIPS approved algorithms: Triple-DES (Certs. [#201][tdes-201][1] and [#370][tdes-370][1]); SHS (Certs. [#177][shs-177][1] and [#371][shs-371][2])<p>Other algorithms: DES (Cert. [#230][des-230][1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)<p>[1] x86<p>[2] SP1 x86, x64, IA64|
+|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.1830 [Service Pack 1])][sp-382]|[382][certificate-382]|FIPS approved algorithms: Triple-DES (Cert. [#192][tdes-192][1] and [#365][tdes-365][2]); AES (Certs. [#80][aes-80][1] and [#290][aes-290][2]); SHS (Cert. [#176][shs-176][1] and [#364][shs-364][2]); HMAC (Cert. [#176][shs-176], vendor affirmed[1] and [#99][hmac-99][2]); RSA (PKCS#1, vendor affirmed[1] and [#81][rsa-81][2])<p>Other algorithms: DES (Cert. [#226][des-226][1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5<p>[1] x86<p>[2] SP1 x86, x64, IA64|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.1830 [Service Pack 1]][sp-381]|[381][certificate-381]|FIPS approved algorithms: Triple-DES (Certs. [#199][tdes-199][1] and [#381][tdes-381][2]); SHA-1 (Certs. [#181][shs-181][1] and [#385][shs-385][2]); DSA (Certs. [#95][dsa-95][1] and [#146][dsa-146][2]); RSA (Cert. [#81][rsa-81])<p>Other algorithms: DES (Cert. [#229][des-229][1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40<p>[1] x86<p>[2] SP1 x86, x64, IA64|
+
+</details>
+
+<details>
+<summary><b>Windows Server 2003</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.0][sp-405]|[405][certificate-405]|FIPS approved algorithms: Triple-DES (Certs. [#201][tdes-201][1] and [#370][tdes-370][1]); SHS (Certs. [#177][shs-177][1] and [#371][shs-371][2])<p>Other algorithms: DES (Cert. [#230][des-230] [1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)<p>[1] x86<p>[2] SP1 x86, x64, IA64|
+|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.0][sp-382]|[382][certificate-382]|FIPS approved algorithms: Triple-DES (Cert. [#192][tdes-192][1] and [#365][tdes-365][2]); AES (Certs. [#80][aes-80][1] and [#290][aes-290][2]); SHS (Cert. [#176][shs-176][1] and [#364][shs-364][2]); HMAC (Cert. [#176][shs-176], vendor affirmed[1] and [#99][hmac-99][2]); RSA (PKCS#1, vendor affirmed[1] and [#81][rsa-81][2])<p>Other algorithms: DES (Cert. [#226][des-226][1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5<p>[1] x86<p>[2] SP1 x86, x64, IA64|
+|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.0][sp-381]|[381][certificate-381]|FIPS approved algorithms: Triple-DES (Certs. [#199][tdes-199][1] and [#381][tdes-381][2]); SHA-1 (Certs. [#181][shs-181][1] and [#385][shs-385][2]); DSA (Certs. [#95][dsa-95][1] and [#146][dsa-146][2]); RSA (Cert. [#81][rsa-81])<p>Other algorithms: DES (Cert. [#229][des-229][1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40<p>[1] x86<p>[2] SP1 x86, x64, IA64|
+
+</details>
+
+## Other Products
+
+For more details, expand each product section.
+
+<br>
+<details>
+<summary><b>Windows Embedded Compact 7 and Windows Embedded Compact 8</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Enhanced Cryptographic Provider|[7.00.2872 [1] and 8.00.6246 [2]][sp-2957]|[2957][certificate-2957]|FIPS approved algorithms: AES (Certs.[#4433][aes-4433]and[#4434][aes-4434]); CKG (vendor affirmed); DRBG (Certs.[#1432][drbg-1432]and[#1433][drbg-1433]); HMAC (Certs.[#2946][hmac-2946]and[#2945][hmac-2945]); RSA (Certs.[#2414][rsa-2414]and[#2415][rsa-2415]); SHS (Certs.[#3651][shs-3651]and[#3652][shs-3652]); Triple-DES (Certs.[#2383][tdes-2383]and[#2384][tdes-2384])<p>Allowed algorithms: HMAC-MD5, MD5, NDRNG|
+|Cryptographic Primitives Library (bcrypt.dll)|[7.00.2872 [1] and 8.00.6246 [2]][sp-2956]|[2956][certificate-2956]|FIPS approved algorithms: AES (Certs.[#4430][aes-4430]and[#4431][aes-4431]); CKG (vendor affirmed); CVL (Certs.[#1139][component-1139]and[#1140][component-1140]); DRBG (Certs.[#1429][drbg-1429]and[#1430][drbg-1430]); DSA (Certs.[#1187][dsa-1187]and[#1188][dsa-1188]); ECDSA (Certs.[#1072][ecdsa-1072]and[#1073][ecdsa-1073]); HMAC (Certs.[#2942][hmac-2942]and[#2943][hmac-2943]); KAS (Certs.[#114][kas-114]and[#115][kas-115]); RSA (Certs.[#2411][rsa-2411]and[#2412][rsa-2412]); SHS (Certs.[#3648][shs-3648]and[#3649][shs-3649]); Triple-DES (Certs.[#2381][tdes-2381]and[#2382][tdes-2382])<p>Allowed algorithms: MD5, NDRNG, RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength|
+
+</details>
+
+<details>
+<summary><b>Windows CE 6.0 and Windows Embedded Compact 7</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Enhanced Cryptographic Provider|[6.00.1937 [1] and 7.00.1687 [2]][sp-825]|[825][certificate-825]|FIPS approved algorithms: AES (Certs. [#516][aes-516] [1] and [#2024][aes-2024] [2]); HMAC (Certs. [#267][shs-267] [1] and [#1227][hmac-1227] [2]); RNG (Certs. [#292][rng-292] [1] and [#1060][rng-1060] [2]); RSA (Cert. [#230][rsa-230] [1] and [#1052][rsa-1052] [2]); SHS (Certs. [#589][shs-589] [1] and #1774 [2]); Triple-DES (Certs. [#526][tdes-526] [1] and [#1308][tdes-1308] [2])<p>Other algorithms: MD5; HMAC-MD5; RC2; RC4; DES|
+
+</details>
+
+<details>
+<summary><b>Outlook Cryptographic Provider</b></summary>
+
+|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
+|--- |--- |--- |--- |
+|Outlook Cryptographic Provider (EXCHCSP)|[SR-1A (3821)][sp-110]|[110][certificate-110]|FIPS approved algorithms: Triple-DES (Cert. [#18][tdes-18]); SHA-1 (Certs. [#32][shs-32]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#91][des-91]); DES MAC; RC2; MD2; MD5|
+
+</details>
+
+## Cryprtographic algorithms
+
+The following tables are organized by cryptographic algorithms with their modes, states, and key sizes. For each algorithm implementation (operating system / platform), there is a link to the Cryptographic Algorithm Validation Program (CAVP) issued certificate.\
+For more details, expand each algorithm section.
+
+<br>
+<details>
+<summary><b>Advanced Encryption Standard (AES)</b></summary>
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|<p>AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-OFB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)|Microsoft Surface Hub Virtual TPM Implementations [#4904][aes-4904]<p>Version 10.0.15063.674|
+|<p>AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-OFB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#4903][aes-4903]<p>Version 10.0.16299|
+|<p>AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CCM:<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB8:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CMAC:<li>Generation:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>Verification:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-ECB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-GCM:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)<li>Additional authenticated data lengths: 0, 8, 1016, 1024 (bits)<li>96 bit IV supported<p>AES-XTS:<li>Key Size: 128:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full<li>Key Size: 256:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#4902][aes-4902]<p>Version 10.0.15063.674|
+|<p>AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CCM:<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB8:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CMAC:<li>Generation:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<li>Verification:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-ECB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-GCM:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)<li>Additional authenticated data lengths: 0, 8, 1016, 1024 (bits),96 bit IV supported<p>AES-XTS:<li>Key Size: 128:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full<li>Key Size: 256:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#4901][aes-4901]<p>Version 10.0.15254|
+|AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CCM:<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB8:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CMAC:<li>Generation:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>Verification:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-ECB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-GCM:<li>Modes: Decrypt, Encrypt<li>IV Generation: External<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)<li>Additional authenticated data lengths: 0, 8, 1016, 1024 (bits)<li>96 bit IV supported<p>AES-XTS:<li>Key Size: 128:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full<li>Key Size: 256:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#4897][aes-4897]<p>Version 10.0.16299|
+|AES-KW:<li>Modes: Decrypt, Encrypt<li>CIPHK transformation direction: Forward<li>Key Lengths: 128, 192, 256 (bits)<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)<p>AES [validation number 4902][aes-4902]|Microsoft Surface Hub Cryptography Next Generation (CNG) Implementations [#4900][aes-4900]<p>Version 10.0.15063.674|
+|AES-KW:<li>Modes: Decrypt, Encrypt<li>CIPHK transformation direction: Forward<li>Key Lengths: 128, 192, 256 (bits)<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)<p>AES [validation number 4901][aes-4901]|Windows 10 Mobile (version 1709) Cryptography Next Generation (CNG) Implementations [#4899][aes-4899]<p>Version 10.0.15254|
+|AES-KW:<li>Modes: Decrypt, Encrypt<li>CIPHK transformation direction: Forward<li>Key Lengths: 128, 192, 256 (bits)<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)<p>AES [validation number 4897][aes-4897]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Cryptography Next Generation (CNG) Implementations [#4898][aes-4898]<p>Version 10.0.16299|
+|AES-CCM:<li>Key Lengths: 256 (bits)<li>Tag Lengths: 128 (bits)<li>IV Lengths: 96 (bits)<li>Plain<li>Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES [validation number 4902][aes-4902]|Microsoft Surface Hub BitLocker(R) Cryptographic Implementations [#4896][aes-4896]<p>Version 10.0.15063.674|
+|AES-CCM:<li>Key Lengths: 256 (bits)<li>Tag Lengths: 128 (bits)<li>IV Lengths: 96 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES [validation number 4901][aes-4901]|Windows 10 Mobile (version 1709) BitLocker(R) Cryptographic Implementations [#4895][aes-4895]<p>Version 10.0.15254|
+|AES-CCM:<li>Key Lengths: 256 (bits)<li>Tag Lengths: 128 (bits)<li>IV Lengths: 96 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES [validation number 4897][aes-4897]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); BitLocker(R) Cryptographic Implementations [#4894][aes-4894]<p>Version 10.0.16299|
+|**CBC** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**OFB** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#4627][aes-4627]<p>Version 10.0.15063|
+|**KW** (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 256, 192, 320, 2048)<p>AES [validation number 4624][aes-4624]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile Cryptography Next Generation (CNG) Implementations [#4626][aes-4626]<p>Version 10.0.15063|
+|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 4624][aes-4624]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile BitLocker(R) Cryptographic Implementations [#4625][aes-4625]<p>Version 10.0.15063|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC** (Generation/Verification) (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 16 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 16 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 16 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)<p>IV Generated: (External); PT Lengths Tested: (0, 1024, 8, 1016); Additional authenticated data lengths tested: (0, 1024, 8, 1016); 96 bit IV supported<p>GMAC supported<p>**XTS**((KS: XTS_128((e/d)(f)) KS: XTS_256((e/d)(f))|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#4624][aes-4624]<p>Version 10.0.15063|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#4434][aes-4434]<p>Version 7.00.2872|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#4433][aes-4433]<p>Version 8.00.6246|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#4431][aes-4431]<p>Version 7.00.2872|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#4430][aes-4430]<p>Version 8.00.6246|
+|**CBC** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**OFB** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#4074][aes-4074]<p>Version 10.0.14393|
+|**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested: (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d)(f)) **KS: XTS_256**((e/d)(f))|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#4064][aes-4064]<p>Version 10.0.14393|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations [#4063][aes-4063]<p>Version 10.0.14393|
+|**KW**  (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 192, 256, 320, 2048)<p>AES [validation number 4064][aes-4064]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#4062][aes-4062]<p>Version 10.0.14393|
+|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 4064][aes-4064]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BitLocker® Cryptographic Implementations [#4061][aes-4061]<p>Version 10.0.14393|
+|**KW**  (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 256, 192, 320, 2048)<p>AES [validation number 3629][aes-3629]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" Cryptography Next Generation (CNG) Implementations [#3652][aes-3652]<p>Version 10.0.10586|
+|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 3629][aes-3629]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" BitLocker® Cryptographic Implementations [#3653][aes-3653]<p>Version 10.0.10586|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" RSA32 Algorithm Implementations [#3630][aes-3630]<p>Version 10.0.10586|
+|**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)v**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested: (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d) (f)) **KS: XTS_256**((e/d) (f))|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" SymCrypt Cryptographic Implementations [#3629][aes-3629]<p>Version 10.0.10586|
+|**KW** (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 256, 192, 320, 2048)<p>AES [validation number 3497][aes-3497]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#3507][aes-3507]<p>Version 10.0.10240|
+|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 3497][aes-3497]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BitLocker® Cryptographic Implementations [#3498][aes-3498]<p>Version 10.0.10240|
+|**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC(Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested:  (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d)(f)) **KS: XTS_256**((e/d)(f))|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#3497][aes-3497]<p>Version 10.0.10240|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations [#3476][aes-3476]<p>Version 10.0.10240|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations [#2853][aes-2853]<p>Version 6.3.9600|
+|**CCM (KS: 256)** (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 2832][aes-2832]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 BitLocker Cryptographic Implementations [#2848][aes-2848]<p>Version 6.3.9600|
+|**CCM (KS: 128, 192, 256)** (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 0 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification) (KS: 128**; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM (KS: AES_128**(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>**(KS: AES_256**(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 128, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 128, 1024, 8, 1016); IV Lengths Tested:  (8, 1024); 96 bit IV supported;<p>**OtherIVLen_Supported<p>GMAC supported**|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations #[2832][aes-2832]<p>Version 6.3.9600|
+|**CCM (KS: 128, 192, 256**) **(Assoc. Data Len Range**: 0-0, 2^16) **(Payload Length Range**: 0 - 32 (**Nonce Length(s)**: 7 8 9 10 11 12 13 **(Tag Length(s)**: 4 6 8 10 12 14 16)<p>AES [validation number 2197][aes-2197]<p>**CMAC** (Generation/Verification) **(KS: 128;** Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16) **(KS: 192**; Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16) **(KS: 256**; Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16)<p>AES [validation number 2197][aes-2197]<p>**GCM(KS: AES_128**(e/d) Tag Length(s): 128 120 112 104 96) **(KS: AES_192**(e/d) Tag Length(s): 128 120 112 104 96)<p>**(KS: AES_256**(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:** (Externally); **PT Lengths Tested:** (0, 128, 1024, 8, 1016); **Additional authenticated data lengths tested:** (0, 128, 1024, 8, 1016); **IV Lengths Tested:** (8, 1024); **96 bit IV supported<p>GMAC supported**|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#2216][aes-2216]|
+|**CCM (KS: 256) (Assoc. Data Len Range: **0 - 0, 2^16**) (Payload Length Range:** 0 - 32 (**Nonce Length(s)**: 12 **(Tag Length(s)**: 16)<p>AES [validation number 2196][aes-2196]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations [#2198][aes-2198]|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#2197][aes-2197]|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) [#2196][aes-2196]|
+|**CCM (KS: 128, 192, 256) (Assoc. Data Len Range: **0 - 0, 2^16**) (Payload Length Range:** 0 - 32 **(Nonce Length(s):** 7 8 9 10 11 12 13 **(Tag Length(s): **4 6 8 10 12 14 16**)**<p>AES [validation number 1168][aes-1168]|Windows Server 2008 R2 and SP1 CNG algorithms [#1187][aes-1187]<p>Windows 7 Ultimate and SP1 CNG algorithms [#1178][aes-1178]|
+|**CCM (KS: 128, 256) (Assoc. Data Len Range: **0 - 8**) (Payload Length Range:** 4 - 32 **(Nonce Length(s):** 7 8 12 13 **(Tag Length(s): **4 6 8 14 16**)**<p>AES [validation number 1168][aes-1168]|Windows 7 Ultimate and SP1 and Windows Server 2008 R2 and SP1 BitLocker Algorithm Implementations [#1177][aes-1177]|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation [#1168][aes-1168]|
+|**GCM**<p>**GMAC**|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation [#1168][aes-1168], vendor-affirmed|
+|**CCM (KS: 128, 256) (Assoc. Data Len Range: **0 - 8**) (Payload Length Range:** 4 - 32 **(Nonce Length(s):** 7 8 12 13 **(Tag Length(s): **4 6 8 14 16**)**|Windows Vista Ultimate SP1 and Windows Server 2008 BitLocker Algorithm Implementations [#760][aes-760]|
+|**CCM (KS: 128, 192, 256) (Assoc. Data Len Range: **0 - 0, 2^16**) (Payload Length Range:** 1 - 32 **(Nonce Length(s):** 7 8 9 10 11 12 13 **(Tag Length(s):** 4 6 8 10 12 14 16**)**|Windows Server 2008 CNG algorithms [#757][aes-757]<p>Windows Vista Ultimate SP1 CNG algorithms [#756][aes-756]|
+|**CBC** (e/d; 128, 256);<p>**CCM** (**KS: 128, 256**) (**Assoc. Data Len Range**: 0 - 8) (**Payload Length Range**: 4 - 32 (**Nonce Length(s)**: 7 8 12 13 (**Tag Length(s)**: 4 6 8 14 16)|Windows Vista Ultimate BitLocker Drive Encryption [#715][aes-715]<p>Windows Vista Ultimate BitLocker Drive Encryption [#424][aes-424]|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Windows Vista Ultimate SP1 and Windows Server 2008 Symmetric Algorithm Implementation [#739][aes-739]<p>Windows Vista Symmetric Algorithm Implementation [#553][aes-553]|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#2023][aes-2023]|
+|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#2024][aes-2024]<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#818][aes-818]<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#781][aes-781]<p>Windows 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#548][aes-548]<p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#516][aes-516]<p>Windows CE and Windows Mobile 6, 6.1, and 6.5 Enhanced Cryptographic Provider (RSAENH) [#507][aes-507]<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#290][aes-290]<p>Windows CE 5.0 and 5.1 Enhanced Cryptographic Provider (RSAENH) [#224][aes-224]<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) [#80][aes-80]<p>Windows XP, SP1, and SP2 Enhanced Cryptographic Provider (RSAENH) [#33][aes-33]|
+
+</details>
+
+<details>
+<summary><b>Component</b></summary>
+
+|**Publication / Component Validated / Description**|**Implementation and Certificate #**|
+|--- |--- |
+|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#489][drbg-489]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#1540][component-1540]<p>Version 6.3.9600|
+|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Microsoft Surface Hub Virtual TPM Implementations [#1519][component-1519]<p>Version 10.0.15063.674|
+|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#1518][component-1518]<p>Version 10.0.16299|
+|RSADP:<p>Modulus Size: 2048 (bits)|Microsoft Surface Hub MsBignum Cryptographic Implementations [#1517][component-1517]<p>Version 10.0.15063.674|
+|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Microsoft Surface Hub MsBignum Cryptographic Implementations [#1516][component-1516]<p>Version 10.0.15063.674|
+|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1732][drbg-1732]|Microsoft Surface Hub MsBignum Cryptographic Implementations [#1515][component-1515]<p>Version 10.0.15063.674|
+|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1732][drbg-1732]|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1514][component-1514]<p>Version 10.0.15063.674|
+|RSADP:<p>Modulus Size: 2048 (bits)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1513][component-1513]<p>Version 10.0.15063.674|
+|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1512][component-1512]<p>Version 10.0.15063.674|
+|<p>IKEv1:<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption<li>Pre-shared Key Length: 64-2048<p>Diffie-Hellman shared secrets:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4011][shs-4011], HMAC [#3269][hmac-3269]<p>IKEv2:<li>Derived Keying Material length: 192-1792<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4011][shs-4011], HMAC [#3269][hmac-3269]<p>TLS:<li>Supports TLS 1.0/1.1<li>Supports TLS 1.2:<p>SHA Functions: SHA-256, SHA-384<p>Prerequisite: SHS [#4011][shs-4011], HMAC [#3269][hmac-3269]|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1511][component-1511]<p>Version 10.0.15063.674|
+|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1510][component-1510]<p>Version 10.0.15254|
+|RSADP:<p>Modulus Size: 2048 (bits)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1509][component-1509]<p>Version 10.0.15254|
+|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1508][component-1508]<p>Version 10.0.15254|
+|<p>IKEv1:<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption<li>Pre-shared Key Length: 64-2048<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4010][shs-4010], HMAC [#3268][hmac-3268]<p>IKEv2:<li>Derived Keying Material length: 192-1792<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4010][shs-4010], HMAC [#3268][hmac-3268]<p>TLS:<li>Supports TLS 1.0/1.1<li>Supports TLS 1.2:<p>SHA Functions: SHA-256, SHA-384<p>Prerequisite: SHS [#4010][shs-4010], HMAC [#3268][hmac-3268]|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1507][component-1507]<p>Version 10.0.15254|
+|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#1506][component-1506]<p>Version 10.0.15254|
+|RSADP:<p>Modulus Size: 2048 (bits)|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#1505][component-1505]<p>Version 10.0.15254|
+|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#1504][component-1504]<p>Version 10.0.15254|
+|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#1503][component-1503]<p>Version 10.0.16299|
+|RSADP:<p>Modulus Size: 2048 (bits)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#1502][component-1502]<p>Version 10.0.16299|
+|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#1501][component-1501]<p>Version 10.0.16299|
+|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1499][component-1499]<p>Version 10.0.16299|
+|RSADP:<p>Modulus Size: 2048 (bits)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1498][component-1498]<p>Version 10.0.16299|
+|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  [#1497][component-1497]<p>Version 10.0.16299|
+|<p>IKEv1:<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption<li>Pre-shared Key Length: 64-2048<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4009][shs-4009], HMAC [#3267][hmac-3267]<p>IKEv2:<li>Derived Keying Material length: 192-1792<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4009][shs-4009], HMAC [#3267][hmac-3267]<p>TLS:<li>Supports TLS 1.0/1.1<li>Supports TLS 1.2:<p>SHA Functions: SHA-256, SHA-384<p>Prerequisite: SHS [#4009][shs-4009], HMAC [#3267][hmac-3267]|Windows 10 Home, Pro, Enterprise, Education,Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  [#1496][component-1496]<p>Version 10.0.16299|
+|FIPS186-4 ECDSA<p>Signature Generation of hash sized messages<p>ECDSA SigGen Component: CURVES(P-256 P-384 P-521)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#1284][component-1284]<p>Version 10.0. 15063<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1279][component-1279]<p>Version 10.0. 15063<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#922][component-922]<p>Version 10.0.14393<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#894][component-894]<p>Version 10.0.14393icrosoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" MsBignum Cryptographic Implementations [#666][component-666]<p>Version 10.0.10586<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#288][component-288]<p>Version 6.3.9600|
+|FIPS186-4 RSA; PKCS#1 v2.1<p>RSASP1 Signature Primitive<p>RSASP1: (Mod2048: PKCS1.5 PKCSPSS)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#1285][component-1285]<p>Version 10.0.15063<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#1282][component-1282]<p>Version 10.0.15063<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1280][component-1280]<p>Version 10.0.15063<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#893][component-893]<p>Version 10.0.14393<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#888][component-888]<p>Version 10.0.14393<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" MsBignum Cryptographic Implementations [#665][component-665]<p>Version 10.0.10586<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations [#572][component-572]<p>Version  10.0.10240<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry MsBignum Cryptographic Implementations [#289][component-289]<p>Version 6.3.9600|
+|FIPS186-4 RSA; RSADP<p>RSADP Primitive<p>RSADP: (Mod2048)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#1283][component-1283]<p>Version 10.0.15063<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1281][component-1281]<p>Version 10.0.15063<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#895][component-895]<p>Version 10.0.14393<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#887][component-887]<p>Version 10.0.14393<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" Cryptography Next Generation (CNG) Implementations [#663][component-663]<p>Version 10.0.10586<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations [#576][component-576]<p>Version  10.0.10240|
+|SP800-135<p>Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  [#1496][component-1496]<p>Version 10.0.16299<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1278][component-1278]<p>Version 10.0.15063<p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1140][component-1140]<p>Version 7.00.2872<p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1139][component-1139]<p>Version 8.00.6246<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BcryptPrimitives and NCryptSSLp [#886][component-886]<p>Version 10.0.14393<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" BCryptPrimitives and NCryptSSLp [#664][component-664]<p>Version 10.0.10586<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BCryptPrimitives and NCryptSSLp [#575][component-575]<p>Version  10.0.10240<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 BCryptPrimitives and NCryptSSLp [#323][component-323]<p>Version 6.3.9600|
+
+</details>
+
+<details>
+<summary><b>Deterministic Random Bit Generator (DRBG)</b></summary>
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function not used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4904][aes-4904]|Microsoft Surface Hub Virtual TPM Implementations [#1734][drbg-1734]<p>Version 10.0.15063.674|
+|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function not used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4903][aes-4903]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#1733][drbg-1733]<p>Version 10.0.16299|
+|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4902][aes-4902]|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1732][drbg-1732]<p>Version 10.0.15063.674|
+|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4901][aes-4901]|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1731][drbg-1731]<p>Version 10.0.15254|
+|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4897][aes-4897]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1730][drbg-1730]<p>Version 10.0.16299|
+|**CTR_DRBG:** [Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256)<p>(AES [validation number 4627][aes-4627])]|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#1556][drbg-1556]<p>Version 10.0.15063|
+|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256 (AES [validation number 4624][aes-4624])]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1555][drbg-1555]<p>Version 10.0.15063|
+|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4434][aes-4434])]|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#1433][drbg-1433]<p>Version 7.00.2872|
+|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4433][aes-4433])]|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#1432][drbg-1432]<p>Version 8.00.6246|
+|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4431][aes-4431])]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1430][drbg-1430]<p>Version 7.00.2872|
+|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4430][aes-4430])]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1429][drbg-1429]<p>Version 8.00.6246|
+|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4074][aes-4074])]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#1222][drbg-1222]<p>Version 10.0.14393|
+|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 4064][aes-4064])]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#1217][drbg-1217]<p>Version 10.0.14393|
+|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 3629][aes-3629])]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations [#955][drbg-955]<p>Version 10.0.10586|
+|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 3497][aes-3497])]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#868][drbg-868]<p>Version 10.0.10240|
+|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 2832][aes-2832])]|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#489][drbg-489]<p>Version 6.3.9600|
+|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 2197][aes-2197])]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#258][drbg-258]|
+|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 2023][aes-2023])]|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#193][drbg-193]|
+|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 1168][aes-1168])]|Windows 7 Ultimate and SP1 and Windows Server 2008 R2 and SP1 RNG Library [#23][drbg-23]|
+|**DRBG** (SP 800-90)|Windows Vista Ultimate SP1, vendor-affirmed|
+
+</details>
+
+<details>
+<summary><b>Digital Signature Algorithm (DSA)</b></summary>
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|DSA:<li>186-4:<p>PQGGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>PQGVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>KeyPair:<li>L = 2048, N = 256<li>L = 3072, N = 256<p>Prerequisite: SHS [#4011][shs-4011], DRBG [#1732][drbg-1732]|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1303][dsa-1303]<p>Version 10.0.15063.674|
+|DSA:<li>186-4:<p>PQGGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>PQGVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>KeyPair:<li>L = 2048, N = 256<li>L = 3072, N = 256<p>Prerequisite: SHS [#4010][shs-4010], DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1302][dsa-1302]<p>Version 10.0.15254|
+|DSA:<li>186-4:<p>PQGGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>PQGVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>KeyPair:<li>L = 2048, N = 256<li>L = 3072, N = 256<p>Prerequisite: SHS [#4009][shs-4009], DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1301][dsa-1301]<p>Version 10.0.16299|
+|**FIPS186-4:**<br>**PQG(gen)** PARMS TESTED:   [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<br>**KeyPairGen**:   [(2048,256); (3072,256)]<p>**SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)** PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number 3790][shs-3790]<p>DRBG: [validation number  1555][drbg-1555]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1223][dsa-1223]<p>Version 10.0.15063|
+|**FIPS186-4:<br>PQG(ver)PARMS TESTED:**   [(1024,160) SHA(1)]<p>**SIG(ver)PARMS TESTED:**   [(1024,160) SHA(1)]<p>SHS: [validation number  3649][shs-3649]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1188][dsa-1188]<p>Version 7.00.2872|
+|**FIPS186-4:<br>PQG(ver)PARMS TESTED:**   [(1024,160) SHA(1)]<p>**SIG(ver)PARMS TESTED:**   [(1024,160) SHA(1)]<p>SHS: [validation number 3648][shs-3648]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1187][dsa-1187]<p>Version 8.00.6246|
+|**FIPS186-4:<br>PQG(gen)** PARMS TESTED: [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<br>KeyPairGen:    [(2048,256); (3072,256)]<p>**SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number  3347][shs-3347]<p>DRBG: [validation number  1217][drbg-1217]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#1098][dsa-1098]<p>Version 10.0.14393|
+|**FIPS186-4:<br>PQG(gen)** PARMS TESTED:   [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<br>KeyPairGen:    [(2048,256); (3072,256)] **SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number  3047][shs-3047]<p>DRBG: [validation number  955][drbg-955]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" MsBignum Cryptographic Implementations [#1024][dsa-1024]<p>Version 10.0.10586|
+|**FIPS186-4:<br>PQG(gen)** PARMS TESTED:   [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<br>KeyPairGen: [(2048,256); (3072,256)]<p>**SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)] **SIG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number  2886][shs-2886]<p>DRBG: [validation number  868][drbg-868]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations [#983][dsa-983]<p>Version 10.0.10240|
+|**FIPS186-4:<br>PQG(gen)** PARMS TESTED:   [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver**)PARMS TESTED:   [(2048,256), SHA(256); (3072,256) SHA(256)]<br>KeyPairGen:    [(2048,256); (3072,256)]<p>**SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number  2373][shs-2373]<p>DRBG: [validation number  489][drbg-489]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#855][dsa-855]<p>Version 6.3.9600|
+|**FIPS186-2**:<p>**PQG(ver)** MOD(1024);<p>**SIG(ver)** MOD(1024);<p>SHS: [#1903][shs-1903]<P>DRBG: [#258][drbg-258]<p>**FIPS186-4: PQG(gen)PARMS TESTED**: [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)PARMS TESTED**: [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(gen)PARMS TESTED**: [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)PARMS TESTED**: [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [#1903][shs-1903]<p>DRBG: [#258][drbg-258]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#687][dsa-687]|
+|**FIPS186-2:<br>PQG(ver)** MOD(1024);<p>**SIG(ver)** MOD(1024);<p>SHS: [#1902][shs-1902]<p>DRBG: [#258][drbg-258]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 DSS and Diffie-Hellman Enhanced Cryptographic Provider (DSSENH) [#686][dsa-686]|
+|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  1773][shs-1773]<p>DRBG: [validation number  193][drbg-193]|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#645][dsa-645]|
+|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  1081][shs-1081]<p>DRBG: [validation number  23][drbg-23]|Windows Server 2008 R2 and SP1 CNG algorithms [#391][dsa-391]<p>Windows 7 Ultimate and SP1 CNG algorithms [#386][dsa-386]|
+|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  1081][shs-1081]<p>RNG: [validation number  649][rng-649]|Windows Server 2008 R2 and SP1 Enhanced DSS (DSSENH) [#390][dsa-390]<p>Windows 7 Ultimate and SP1 Enhanced DSS (DSSENH) [#385][dsa-385]|
+|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  753][shs-753]|Windows Server 2008 CNG algorithms [#284][dsa-284]<p>Windows Vista Ultimate SP1 CNG algorithms [#283][dsa-283]|
+|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  753][shs-753]<p>RNG: [validation number  435][rng-435]|Windows Server 2008 Enhanced DSS (DSSENH) [#282][dsa-282]<p>Windows Vista Ultimate SP1 Enhanced DSS (DSSENH) [#281][dsa-281]|
+|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  618][shs-618]<p>RNG: [validation number  321][rng-321]|Windows Vista CNG algorithms [#227][dsa-227]<p>Windows Vista Enhanced DSS (DSSENH) [#226][dsa-226]|
+|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  784][shs-784]<p>RNG: [validation number  448][rng-448]|Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#292][dsa-292]|
+|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  783][shs-783]<p>RNG: [validation number  447][rng-447]|Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#291][dsa-291]|
+|**FIPS186-2:<br>PQG(gen)** MOD(1024);<p>**PQG(ver)** MOD(1024);<p>**KEYGEN(Y)** MOD(1024);<p>**SIG(gen)** MOD(1024);<P>**SIG(ver)** MOD(1024);<p>SHS: [validation number  611][shs-611]<p>RNG: [validation number  314][rng-314]|Windows 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider [#221][dsa-221]|
+|**FIPS186-2:<br>PQG(gen)** MOD(1024);<p>**PQG(ver)** MOD(1024);<p>**KEYGEN(Y)** MOD(1024);<p>**SIG(gen)** MOD(1024);v**SIG(ver)** MOD(1024);vSHS: [validation number  385][shs-385]|Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#146][dsa-146]|
+|**FIPS186-2:<br>PQG(ver)** MOD(1024);<p>**KEYGEN(Y)** MOD(1024);v**SIG(gen)** MOD(1024);<p>**SIG(ver)** MOD(1024);<p>SHS: [validation number  181][shs-181]|Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#95][dsa-95]|
+|**FIPS186-2:<br>PQG(gen)** MOD(1024);<p>**PQG(ver)** MOD(1024);<p>**KEYGEN(Y)** MOD(1024);<p>**SIG(gen)** MOD(1024); SHS: SHA-1 (BYTE)<p>**SIG(ver)** MOD(1024); SHS: SHA-1 (BYTE)|Windows 2000 DSSENH.DLL [#29][dsa-29]<p>Windows 2000 DSSBASE.DLL [#28][dsa-28]<p>Windows NT 4 SP6 DSSENH.DLL [#26][dsa-26]<p>Windows NT 4 SP6 DSSBASE.DLL [#25][dsa-25]|
+|**FIPS186-2: PRIME;<br>FIPS186-2:**<p>**KEYGEN(Y):**SHS: SHA-1 (BYTE)<p>**SIG(gen):SIG(ver)** MOD(1024);<p>SHS: SHA-1 (BYTE)|Windows NT 4.0 SP4 Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider [#17][dsa-17]|
+
+</details>
+
+<details>
+<summary><b>Elliptic Curve Digital Signature Algorithm (ECDSA)</b></summary>
+
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|<p>ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#2373][shs-2373], DRBG [#489][drbg-489]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#1263][ecdsa-1263]<p>Version 6.3.9600|
+|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384<li>Generation Methods: Testing Candidates<p>Prerequisite: SHS [#4011][shs-4011], DRBG [#1734][drbg-1734]|Microsoft Surface Hub Virtual TPM Implementations [#1253][ecdsa-1253]<p>Version 10.0.15063.674|
+|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384<li>Generation Methods: Testing Candidates<p>Prerequisite: SHS [#4009][shs-4009], DRBG [#1733][drbg-1733]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#1252][ecdsa-1252]<p>Version 10.0.16299|
+|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4011][shs-4011], DRBG [#1732][drbg-1732]|Microsoft Surface Hub MsBignum Cryptographic Implementations [#1251][ecdsa-1251]<p>Version 10.0.15063.674|
+|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4011][shs-4011], DRBG [#1732][drbg-1732]|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1250][ecdsa-1250]<p>Version 10.0.15063.674|
+|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4010][shs-4010], DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1249][ecdsa-1249]<p>Version 10.0.15254|
+|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4010][shs-4010], DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#1248][ecdsa-1248]<p>Version 10.0.15254|
+|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4009][shs-4009], DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#1247][ecdsa-1247]<p>Version 10.0.16299|
+|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4009][shs-4009], DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1246][ecdsa-1246]<p>Version 10.0.16299|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 TestingCandidates)<p>SHS: [validation number 3790][shs-3790]<p>DRBG: [validation number  1555][drbg-1555]|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#1136][ecdsa-1136]<p>Version 10.0.15063|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number 3790][shs-3790]<p>DRBG: [validation number  1555][drbg-1555]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#1135][ecdsa-1135]<p>Version 10.0.15063|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number 3790][shs-3790]<p>DRBG: [validation number  1555][drbg-1555]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1133][ecdsa-1133]<p>Version 10.0.15063|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SigVer: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512))<p>**SHS:**[validation number  3649][shs-3649]<p>**DRBG:**[validation number  1430][drbg-1430]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1073][ecdsa-1073]<p>Version 7.00.2872|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SigVer: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512))<p>**SHS:**[validation number 3648][shs-3648]<p>**DRBG:**[validation number  1429][drbg-1429]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1072][ecdsa-1072]<p>Version 8.00.6246|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 TestingCandidates)v**PKV: CURVES**(P-256 P-384)<p>**SigGen: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384) SIG(gen) with SHA-1 affirmed for use with protocols only.v**SigVer: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384))<p>SHS: [validation number  3347][shs-3347]<p>DRBG: [validation number  1222][drbg-1222]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#920][ecdsa-920]<p>Version 10.0.14393|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))vSHS: [validation number  3347][shs-3347]<p>DRBG: [validation number  1217][drbg-1217]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#911][ecdsa-911]<p>Version 10.0.14393|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number  3047][shs-3047]<p>DRBG: [validation number  955][drbg-955]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" MsBignum Cryptographic Implementations [#760][ecdsa-760]<p>Version 10.0.10586|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer**: CURVES(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number  2886][shs-2886]<p>DRBG: [validation number  868][drbg-868]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations [#706][ecdsa-706]<p>Version 10.0.10240|
+|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number 2373][shs-2373]<p>DRBG: [validation number  489][drbg-489]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#505][ecdsa-505]<p>Version 6.3.9600|
+|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [#1903][shs-1903]<p>**DRBG**: [#258][drbg-258]<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [#1903][shs-1903]<p>**DRBG**: [#258][drbg-258]<p>**FIPS186-4: <br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>**SHS**: [#1903][shs-1903]<p>**DRBG**: [#258][drbg-258].|Windows 8,<p>Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#341][ecdsa-341]|
+|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 1773][shs-1773]<p>**DRBG**: [validation number  193][drbg-193]<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 1773][shs-1773]<p>**DRBG**: [validation number  193][drbg-193]<p>**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>**SHS**: [validation number 1773][shs-1773]<p>**DRBG**: [validation number  193][drbg-193].|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#295][ecdsa-295]|
+|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 1081][shs-1081]<p>**DRBG**: [validation number  23][drbg-23]<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 1081][shs-1081]<p>**DRBG**: [validation number  23][drbg-23].|Windows Server 2008 R2 and SP1 CNG algorithms [#142][ecdsa-142]<p>Windows 7 Ultimate and SP1 CNG algorithms [#141][ecdsa-141]|
+|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 753][shs-753]<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 753][shs-753].|Windows Server 2008 CNG algorithms [#83][ecdsa-83]<p>Windows Vista Ultimate SP1 CNG algorithms [#82][ecdsa-82]|
+|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 618][shs-618]<p>**RNG**: [validation number  321][shs-618]<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 618][shs-618]<p>**RNG**: [validation number  321][rng-321].|Windows Vista CNG algorithms [#60][ecdsa-60]|
+
+</details>
+
+<details>
+<summary><b>Keyed-Hash Message Authentication Code (HMAC)</b></summary>
+
+|**Modes / States / <li>Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|<p>HMAC-SHA-1:<li><li>Key Sizes &lt; Block Size<li><li>Key Sizes &gt; Block Size<li><li>Key Sizes = Block Size<p><p>HMAC-SHA2-256:<li><li>Key Sizes &lt; Block Size<li><li>Key Sizes &gt; Block Size<li><li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4011][shs-4011]|Microsoft Surface Hub Virtual TPM Implementations [#3271][hmac-3271]<p>Version 10.0.15063.674|
+|<p>HMAC-SHA-1:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-256:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4009][shs-4009]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#3270][hmac-3270]<p>Version 10.0.16299|
+|<p>HMAC-SHA-1:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-256:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-512:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4011][shs-4011]|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#3269][hmac-3269]<p>Version 10.0.15063.674|
+|<p>HMAC-SHA-1:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-256:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-512:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4010][shs-4010]|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#3268][hmac-3268]<p>Version 10.0.15254|
+|<p>HMAC-SHA-1:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-256:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-512:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4009][shs-4009]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#3267][hmac-3267]<p>Version 10.0.16299|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number 3790][shs-3790]<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790][shs-3790]<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790][shs-3790]|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#3062][hmac-3062]<p>Version 10.0.15063|
+|<p> **HMAC-SHA1(Key Sizes Ranges Tested:** KSBS) SHS [validation number 3790][shs-3790]<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790][shs-3790]<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790][shs-3790]<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790][shs-3790]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#3061][hmac-3061]<p>Version 10.0.15063|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number 3652][shs-3652]<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3652][shs-3652]<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3652][shs-3652]<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS[validation number 3652][shs-3652]|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2946][hmac-2946]<p>Version 7.00.2872|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number 3651][shs-3651]<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3651][shs-3651]<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3651][shs-3651]<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS[validation number 3651][shs-3651]|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2945][hmac-2945]<p>Version 8.00.6246|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number  3649][shs-3649]<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number  3649][shs-3649]<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number  3649][shs-3649]<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS[validation number  3649][shs-3649]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2943][hmac-2943]<p>Version 7.00.2872|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number 3648][shs-3648]<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3648][shs-3648]<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3648][shs-3648]<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS[validation number 3648][shs-3648]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2942][hmac-2942]<p>Version 8.00.6246|
+|<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<p>SHS [validation number  3347][shs-3347]<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS) SHS [validation number  3347][shs-3347]<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS) SHS [validation number  3347][shs-3347]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#2661][hmac-2661]<p>Version 10.0.14393|
+|<p> **HMAC-SHA1** (Key Sizes Ranges Tested: KSBS) SHS [validation number  3347][shs-3347]<p> **HMAC-SHA256** (Key Size Ranges Tested: KSBS) SHS [validation number  3347][shs-3347]<p> **HMAC-SHA384** (Key Size Ranges Tested: KSBS) SHS [validation number  3347][shs-3347]<p> **HMAC-SHA512** (Key Size Ranges Tested: KSBS) SHS [validation number  3347][shs-3347]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#2651][hmac-2651]<p>Version 10.0.14393|
+|<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<br>SHS [validation number  3047][shs-3047]<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number  3047][shs-3047]<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number  3047][shs-3047]<p> **HMAC-SHA512** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number  3047][shs-3047]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" SymCrypt Cryptographic Implementations [#2381][hmac-2381]<p>Version 10.0.10586|
+|<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<br>SHS[validation number  2886][shs-2886]<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS)<br>SHS[validation number  2886][shs-2886]<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS)<br>[ SHSvalidation number  2886][shs-2886]<p> **HMAC-SHA512** (Key Size Ranges Tested:  KSBS)<br>SHS[validation number  2886][shs-2886]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#2233][hmac-2233]<p>Version 10.0.10240|
+|<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<br>SHS [validation number 2373][shs-2373]<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373][shs-2373]<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373][shs-2373]<p> **HMAC-SHA512** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373][shs-2373]|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#1773][hmac-1773]<p>Version 6.3.9600|
+|<p> **HMAC-SHA1** (Key Sizes Ranges Tested: KSBS) SHS [validation number 2764][shs-2764]<p> **HMAC-SHA256** (Key Size Ranges Tested: KSBS) SHS [validation number 2764][shs-2764]<p> **HMAC-SHA384** (Key Size Ranges Tested: KSBS) SHS [validation number 2764][shs-2764]<p> **HMAC-SHA512** (Key Size Ranges Tested: KSBS) SHS [validation number 2764][shs-2764]|Windows CE and Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH) [#2122][hmac-2122]<p>Version 5.2.29344|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[#1902][shs-1902]<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[#1902][shs-1902]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations #[1347][hmac-1347]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS**[#1902][shs-1902]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS**[#1902][shs-1902]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS**[#1902][shs-1902]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS**[#1902][shs-1902]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) #[1346][hmac-1346]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS)**<br>**SHS**[#1903][shs-1903]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903][shs-1903]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903][shs-1903]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903][shs-1903]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) #[1345][hmac-1345]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 1773][shs-1773]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773][shs-1773]<br>**Tinker HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773][shs-1773]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773][shs-1773]|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll), [#1364][hmac-1364]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 1774][shs-1774]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 1774][shs-1774]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 1774][shs-1774]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 1774][shs-1774]|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1227][hmac-1227]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 1081][shs-1081]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 1081][shs-1081]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 1081][shs-1081]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 1081][shs-1081]|Windows Server 2008 R2 and SP1 CNG algorithms [#686][hmac-686]<p>Windows 7 and SP1 CNG algorithms [#677][hmac-677]<p>Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) [#687][hmac-687]<p>Windows 7 Enhanced Cryptographic Provider (RSAENH) [#673][hmac-673]|
+|<p> **HMAC-SHA1(Key Sizes Ranges Tested: KS**[validation number 1081][shs-1081]<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[validation number 1081][shs-1081]|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 BitLocker Algorithm Implementations [#675][hmac-675]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 816][shs-816]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 816][shs-816]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 816][shs-816]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 816][shs-816]|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#452][hmac-452]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[validation number 753][shs-753]<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[validation number 753][shs-753]|Windows Vista Ultimate SP1 and Windows Server 2008 BitLocker Algorithm Implementations [#415][hmac-415]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 753][shs-753]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 753][shs-753]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 753][shs-753]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS)** SHS [validation number 753][shs-753]|Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) [#408][hmac-408]<p>Windows Vista Enhanced Cryptographic Provider (RSAENH) [#407][hmac-407]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS)SHS** [validation number 618][shs-618]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 618][shs-618]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 618][shs-618]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 618][shs-618]|Windows Vista Enhanced Cryptographic Provider (RSAENH) [#297][hmac-297]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 785][shs-785]|Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) [#429][hmac-429]<p>Windows XP, vendor-affirmed|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 783][shs-783]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 783][shs-783]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 783][shs-783]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 783][shs-783]|Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#428][hmac-428]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 613][shs-613]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 613][shs-613]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 613][shs-613]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 613][shs-613]|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#289][hmac-289]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 610][shs-610]|Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) [#287][hmac-287]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 753][shs-753]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 753][shs-753]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 753][shs-753]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 753][shs-753]|Windows Server 2008 CNG algorithms [#413][hmac-413]<p>Windows Vista Ultimate SP1 CNG algorithms [#412][hmac-412]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[validation number 737][shs-737]<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[validation number 737][shs-737]|Windows Vista Ultimate BitLocker Drive Encryption [#386][hmac-386]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 618][shs-618]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 618][shs-618]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 618][shs-618]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 618][shs-618]|Windows Vista CNG algorithms [#298][hmac-298]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 589][shs-589]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS)SHS** [validation number 589][shs-589]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 589][shs-589]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 589][shs-589]|Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#267][hmac-267]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 578][shs-578]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 578][shs-578]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 578][shs-578]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 578][shs-578]|Windows CE and Windows Mobile 6.0 and Windows Mobil 6.5 Enhanced Cryptographic Provider (RSAENH) [#260][hmac-260]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[validation number 495][shs-495]<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[validation number 495][shs-495]|Windows Vista BitLocker Drive Encryption [#199][hmac-199]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 364][shs-364]|Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#99][hmac-99]<p>Windows XP, vendor-affirmed|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 305][shs-305]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 305][shs-305]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 305][shs-305]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 305][shs-305]|Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) [#31][hmac-31]|
+
+</details>
+
+<details>
+<summary><b>Key Agreement Scheme (KAS)</b></summary>
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|KAS ECC: <br>Functions: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration<p>Schemes:<br><p>Full Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<br>Prerequisite: SHS [#4011][shs-4011], ECDSA [#1253][ecdsa-1253], DRBG [#1734][drbg-1734]|Microsoft Surface Hub Virtual TPM Implementations [#150][kas-150]<p>Version 10.0.15063.674|
+|KAS ECC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration<p>Schemes:<br><p>Full Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<br>Prerequisite: SHS [#4009][shs-4009], ECDSA [#1252][ecdsa-1252], DRBG [#1733][drbg-1733]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#149][kas-149]<p>Version 10.0.16299|
+|KAS ECC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration<p>Schemes:<p>Ephemeral Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>One-Pass DH:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>Static Unified:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<p><li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<br>Prerequisite: SHS [#4011][shs-4011], ECDSA [#1250][ecdsa-1250], DRBG [#1732][drbg-1732]<p>KAS FFC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation<p>Schemes:<p>dhEphem:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<p>dhOneFlow:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC<li>SHA: SHA-256<li>MAC: HMAC<p>dhStatic:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<br>Prerequisite: SHS [#4011][shs-4011], DSA [#1303][dsa-1303], DRBG [#1732][drbg-1732]|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#148][kas-148]<p>Version 10.0.15063.674|
+|KAS ECC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration<p>Schemes:<p>Ephemeral Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMA<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>One-Pass DH:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>Static Unified:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<br>Prerequisite: SHS [#4010][shs-4010], ECDSA [#1249][ecdsa-1249], DRBG [#1731][drbg-1731]<p>KAS FFC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation<p>Schemes:<p>dhEphem:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<p>dhOneFlow:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC<li>SHA: SHA-256<li>MAC: HMAC<p>dhStatic:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<br>Prerequisite: SHS [#4010][shs-4010], DSA [#1302][dsa-1302], DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#147][kas-147]<p>Version 10.0.15254|
+|KAS ECC:<p><br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration<p>Schemes:<p>Ephemeral Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>One-Pass DH:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>Static Unified:<p><li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<br>Prerequisite: SHS [#4009][shs-4009], ECDSA [#1246][ecdsa-1246], DRBG [#1730][drbg-1730]<p>KAS FFC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation<p>Schemes:<p>dhEphem:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<p>dhOneFlow:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<p>dhStatic:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<br>Prerequisite: SHS [#4009][shs-4009], DSA [#1301][dsa-1301], DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#146][kas-146]<p>Version 10.0.16299|
+|**ECC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration) **SCHEMES** [**FullUnified** (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC)]<P>SHS [validation number 3790][shs-3790]<P>DSA [validation number 1135][dsa-1135]<p>DRBG [validation number 1556][drbg-1556]|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#128][kas-128]<p>Version 10.0.15063|
+|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation)<p>**SCHEMES** [**dhEphem** (KARole(s): Initiator / Responder)(**FB:** SHA256) (**FC:** SHA256)]<p>[**dhOneFlow** (**FB:** SHA256) (**FC:** SHA256)]<p>[**dhStatic** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FB:** SHA256 HMAC) (**FC:** SHA256   HMAC)]<P>SHS [validation number 3790][shs-3790]<P>DSA [validation number 1223][dsa-1223]<p>DRBG [validation number 1555][drbg-1555]**ECC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation) **SCHEMES** [**EphemeralUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[**OnePassDH** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<p>[**StaticUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number 3790][shs-3790]<P>ECDSA [validation number 1133][ecdsa-1133]DRBG [validation number 1555][drbg-1555]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#127][kas-127]<p>Version 10.0.15063|
+|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation)<p>**SCHEMES** [**dhEphem** (KARole(s): Initiator / Responder)(**FB:** SHA256) (**FC:** SHA256)]<p>[**dhOneFlow** (KARole(s): Initiator / Responder) (**FB:** SHA256) (**FC:** SHA256)] [**dhStatic** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FB:** SHA256 HMAC) (**FC:** SHA256   HMAC)]<P>SHS [validation number  3649][shs-3649]<P>DSA [validation number 1188][dsa-1188]<p>DRBG [validation number 1430][drbg-1430]<p>**ECC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration)<p>**SCHEMES** [**EphemeralUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[**OnePassDH** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<p>[**StaticUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#115][kas-115]<p>Version 7.00.2872|
+|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation)<p>**SCHEMES** [**dhEphem** (KARole(s): Initiator / Responder)(**FB:** SHA256) (**FC:** SHA256)]<p>[**dhHybridOneFlow** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FB:**SHA256 HMAC) (**FC:** SHA256   HMAC)]<p>[**dhStatic** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FB:**SHA256 HMAC) (**FC:** SHA256   HMAC)]<P>SHS [validation number 3648][shs-3648]<P>DSA [validation number 1187][dsa-1187]<p>DRBG [validation number 1429][drbg-1429]<p>**ECC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration)<p>**SCHEMES** [**EphemeralUnified** (**No_KC**) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[**OnePassDH** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<p>[**StaticUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number 3648][shs-3648]<P>ECDSA [validation number 1072][ecdsa-1072]<p>DRBG [validation number 1429][drbg-1429]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#114][kas-114]<p>Version 8.00.6246|
+|**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration)<p>**SCHEMES  [FullUnified  (No_KC**  &lt; KARole(s): Initiator / Responder &gt; &lt; KDF: CONCAT &gt;) (**EC:**  P-256   SHA256   HMAC) (**ED:**  P-384   SHA384   HMAC)]<P>SHS [validation number  3347][shs-3347] ECDSA [validation number 920][ecdsa-920] DRBG [validation number 1222][drbg-1222]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#93][kas-93]<p>Version 10.0.14393|
+|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation)<p>**SCHEMES**  [dhEphem  (KARole(s): Initiator / Responder)(**FB:** SHA256) (**FC:** SHA256)]<p>[dhOneFlow (KARole(s): Initiator / Responder) (**FB:**  SHA256) (**FC:**  SHA256)] [**dhStatic (No_KC**  &lt; KARole(s): Initiator / Responder &gt;) (FB:  SHA256 HMAC) (FC:  SHA256   HMAC)]<P>SHS [validation number  3347][shs-3347] DSA [validation number 1098][dsa-1098] DRBG [validation number 1217][drbg-1217]<p>**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration) **SCHEMES**  [EphemeralUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[OnePassDH  (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<p>[StaticUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number  3347][shs-3347] DSA [validation number 1098][dsa-1098] ECDSA [validation number 911][ecdsa-911] DRBG [validation number 1217][drbg-1217] HMAC [validation number 2651][hmac-2651]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#92][kas-92]<p>Version 10.0.14393|
+|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation) SCHEMES  [dhEphem  (KARole(s): Initiator / Responder)(FB: SHA256) (FC: SHA256)]<p>[dhOneFlow (KARole(s): Initiator / Responder) (FB:  SHA256) (FC:  SHA256)] [dhStatic (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (FB:  SHA256 HMAC) (FC:  SHA256   HMAC)]<P>SHS [validation number  3047][shs-3047] DSA [validation number 1024][dsa-1024] DRBG [validation number 955][drbg-955]<p>**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration) SCHEMES  [EphemeralUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[OnePassDH  (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<p>[StaticUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number  3047][shs-3047] ECDSA [validation number 760][ecdsa-760] DRBG [validation number 955][drbg-955]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub Cryptography Next Generation (CNG) Implementations [#72][dsa-72]<p>Version 10.0.10586|
+|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation) SCHEMES  [dhEphem  (KARole(s): Initiator / Responder)(FB: SHA256) (FC: SHA256)]<p>[dhOneFlow (KARole(s): Initiator / Responder) (FB:  SHA256) (FC:  SHA256)] [dhStatic (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (FB:  SHA256 HMAC) (FC:  SHA256   HMAC)]<P>SHS [validation number  2886][shs-2886] DSA [validation number 983][dsa-983] DRBG [validation number 868][drbg-868]<p>**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration) SCHEMES  [EphemeralUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[OnePassDH  (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<p>[StaticUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number  2886][shs-2886] ECDSA [validation number 706][ecdsa-706] DRBG [validation number 868][drbg-868]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations [#64][kas-64]<p>Version 10.0.10240|
+|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation) SCHEMES  [dhEphem  (KARole(s): Initiator / Responder)(FB: SHA256) (FC: SHA256)]<p>[dhOneFlow (KARole(s): Initiator / Responder) (FB:  SHA256) (FC:  SHA256)] [dhStatic (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (FB:  SHA256 HMAC) (FC:  SHA256   HMAC)]<P>SHS [validation number 2373][shs-2373] DSA [validation number 855][dsa-855] DRBG [validation number 489][drbg-489]<p>**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration) SCHEMES  [EphemeralUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[OnePassDH  (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<p>[StaticUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number 2373][shs-2373] ECDSA [validation number 505][ecdsa-505] DRBG [validation number 489][drbg-489]|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations [#47][kas-47]<p>Version 6.3.9600|
+|**FFC**: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation) SCHEMES [**dhEphem** (KARole(s): Initiator / Responder)<p>(**FA**: SHA256) (**FB**: SHA256) (**FC**: SHA256)]<p>[**dhOneFlow** (KARole(s): Initiator / Responder) (**FA**: SHA256) (**FB**: SHA256) (**FC**: SHA256)]<p>[**dhStatic** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FA**: SHA256 HMAC) (**FB**: SHA256 HMAC) (**FC**: SHA256 HMAC)]<P>SHS [#1903][shs-1903] DSA [validation number 687][dsa-687] DRBG [#258][drbg-258]<p>**ECC**: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation Key Regeneration) **SCHEMES**<p>[**EphemeralUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (EC: P-256 SHA256 HMAC) (**ED**: P-384 SHA384 HMAC) (**EE**: P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[**OnePassDH(No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC**: P-256 SHA256) (**ED**: P-384 SHA384) (**EE**: P-521 (SHA512, HMAC_SHA512)))]<p>[**StaticUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC**: P-256 SHA256 HMAC) (**ED**: P-384 SHA384 HMAC) (**EE**: P-521 HMAC (SHA512, HMAC_SHA512))]<P>SHS [#1903][shs-1903] <P>ECDSA [validation number 341][ecdsa-341] DRBG [#258][drbg-258]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#36][kas-36]|
+|**KAS (SP 800-56A)**<li>Key Agreement: Key establishment methodology provides 80 bits to 256 bits of encryption strength|Windows 7 and SP1, vendor-affirmed<p>Windows Server 2008 R2 and SP1, vendor-affirmed|
+
+</details>
+
+<details>
+<summary><b>SP 800-108 Key-Based Key Derivation Functions (KBKDF)</b></summary>
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|Counter:<p>MACs: HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384<p>MAC prerequisite: HMAC [#3271][hmac-3271]<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: DRBG [#1734][drbg-1734], KAS [#150][kas-150]|Microsoft Surface Hub Virtual TPM Implementations [#161][kdf-161]<p>Version 10.0.15063.674|
+|Counter:<p>MACs: HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384<p>MAC prerequisite: HMAC [#3270][hmac-3270]<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: DRBG [#1733][drbg-1733], KAS [#149][kas-149]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#160][kdf-160]<p>Version 10.0.16299|
+|Counter:<p>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512<p>MAC prerequisite: AES [#4902][aes-4902], HMAC [#3269][hmac-3269]<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: KAS [#148][kas-148]|Microsoft Surface Hub Cryptography Next Generation (CNG) Implementations [#159][kdf-159]<p>Version 10.0.15063.674|
+|Counter:<p>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512<p>MAC prerequisite: AES [#4901][aes-4901], HMAC [#3268][hmac-3268]<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: KAS [#147][kas-147]|Windows 10 Mobile (version 1709) Cryptography Next Generation (CNG) Implementations [#158][kdf-158]<p>Version 10.0.15254|
+|Counter:<p>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512<p>MAC prerequisite: AES [#4897][aes-4897], HMAC [#3267][hmac-3267]<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: KAS [#146][kas-146]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Cryptography Next Generation (CNG) Implementations [#157][kdf-157]<p>Version 10.0.16299|
+|**CTR_Mode:** (Llength(Min0 Max0) MACSupported([HMACSHA1] [HMACSHA256][HMACSHA384]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 128][kas-128]<p>DRBG [validation number 1556][drbg-1556]<p>MAC [validation number 3062][hmac-3062]|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#141][kdf-141]<p>Version 10.0.15063|
+|**CTR_Mode:** (Llength(Min20 Max64) MACSupported([CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 127][kas-127]<p>AES [validation number 4624][aes-4624]<p>DRBG [validation number 1555][drbg-1555]<p>MAC [validation number 3061][hmac-3061]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile Cryptography Next Generation (CNG) Implementations [#140][kdf-140]<p>Version 10.0.15063|
+|**CTR_Mode:**  (Llength(Min20 Max64) MACSupported([HMACSHA1] [HMACSHA256] [HMACSHA384]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 93][kas-93] DRBG [validation number 1222][drbg-1222] MAC [validation number 2661][hmac-2661]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#102][kdf-102]<p>Version 10.0.14393|
+|**CTR_Mode:**  (Llength(Min20 Max64) MACSupported([CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 92][kas-92] AES [validation number 4064][aes-4064] DRBG [validation number 1217][drbg-1217] MAC [validation number 2651][hmac-2651]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#101][kdf-101]<p>Version 10.0.14393|
+|**CTR_Mode:**  (Llength(Min20 Max64) MACSupported([CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 72][kas-72] AES [validation number 3629][aes-3629] DRBG [validation number 955][drbg-955] MAC [validation number 2381][hmac-2381]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" Cryptography Next Generation (CNG) Implementations [#72][kdf-72]<p>Version 10.0.10586|
+|**CTR_Mode:**  (Llength(Min20 Max64) MACSupported([CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 64][kas-64] AES [validation number 3497][aes-3497] RBG [validation number 868][drbg-868] MAC [validation number 2233][hmac-2233]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations [#66][kdf-66]<p>Version 10.0.10240|
+|**CTR_Mode:**  (Llength(Min0 Max0) MACSupported([HMACSHA1] [HMACSHA256] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>DRBG [validation number 489][drbg-489] MAC [validation number 1773][hmac-1773]|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations [#30][kdf-30]<p>Version 6.3.9600|
+|**CTR_Mode**: (Llength(Min0 Max4) MACSupported([HMACSHA1] [HMACSHA256] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>DRBG [#258][drbg-258] HMAC [validation number 1345][hmac-1345]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#3][kdf-3]|
+
+</details>
+
+<details>
+<summary><b>Random Number Generator (RNG)</b></summary>
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|**FIPS 186-2 General Purpose**<br>**[(x-Original); (SHA-1)]**|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations #[1110][rng-1110]|
+|**FIPS 186-2<br>[(x-Original); (SHA-1)]**|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1060][rng-1060]<p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#292][rng-292]<p>Windows CE and Windows Mobile 6.0 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) [#286][rng-286]<p>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) [#66][rng-66]|
+|**FIPS 186-2<br>[(x-Change Notice); (SHA-1)]**; **FIPS 186-2 General Purpose<br>[(x-Change Notice); (SHA-1)]**|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 RNG Library [#649][rng-649]<p>Windows Vista Ultimate SP1 and Windows Server 2008 RNG Implementation [#435][rng-435]<p>Windows Vista RNG implementation [#321][rng-321]|
+|**FIPS 186-2 General Purpose<br>[(x-Change Notice); (SHA-1)]**|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#470][rng-470]<p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) [#449][rng-449]<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#447][rng-447]<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#316][rng-316]<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) [#313][rng-313]|
+|**FIPS 186-2<br>[(x-Change Notice); (SHA-1)]**|Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#448][rng-448]<p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider [#314][rng-314]|
+
+</details>
+
+<details>
+<summary><b>RSA</b></summary>
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|RSA:<p>186-4:<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: SHA-1, <li>SHA-256, <li>SHA-384<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: SHA-1, <li>SHA-256, <li>SHA-384<p>Mod 2048 SHA: SHA-1, <li>SHA-256, <li>SHA-384<br><p>Signature Verification PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<p>Prerequisite: SHS [#4011][shs-4011], DRBG [#1734][drbg-1734]|Microsoft Surface Hub Virtual TPM Implementations [#2677][rsa-2677]<p>Version 10.0.15063.674|
+|RSA:<p>186-4:<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 240 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384<br><p>Signature Verification PSS:<p>Mod 1024<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<p>Prerequisite: SHS [#4009][shs-4009], DRBG [#1733][drbg-1733]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (<p>Version 1709); Virtual TPM Implementations [#2676][rsa-2676]<p>Version 10.0.16299|
+|RSA:<p>186-4:<p>Key Generation:<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256<li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Prerequisite: SHS [#4011][shs-4011], DRBG [#1732][drbg-1732]|Microsoft Surface Hub RSA32 Algorithm Implementations [#2675][rsa-2675]<p>Version 10.0.15063.674|
+|RSA:<p>186-4:<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384,<li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Prerequisite: SHS [#4009][shs-4009], DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); RSA32 Algorithm Implementations [#2674][rsa-2674]<p>Version 10.0.16299|
+|RSA:<p>186-4:<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Prerequisite: SHS [#4010][shs-4010], DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) RSA32 Algorithm Implementations [#2673][rsa-2673]<p>Version 10.0.15254|
+|RSA:<p>186-4:<p>Key Generation:<li>Public Key Exponent: Fixed (10001)<li>Provable Primes with Conditions:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.3<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS<p>Mod 1024<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4011][shs-4011], DRBG [#1732][drbg-1732]|Microsoft Surface Hub MsBignum Cryptographic Implementations [#2672][rsa-2672]<p>Version 10.0.15063.674|
+|RSA:<p>186-4:<p>Key Generation:<p>Probable Random Primes:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C 2<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4011][shs-4011], DRBG [#1732][drbg-1732]|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#2671][rsa-2671]<p>Version 10.0.15063.674|
+|RSA:<p>186-4:<p>Key Generation:<p>Probable Random Primes:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.2<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits)<p>Mod 2048<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4010][shs-4010], DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#2670][rsa-2670]<p>Version 10.0.15254|
+|RSA:<p>186-4:<p>Key Generation:<p>Public Key Exponent: Fixed (10001)<p>Provable Primes with Conditions:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.3<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits)<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4010][shs-4010], DRBG [#1731][drbg-1731]|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#2669][rsa-2669]<p>Version 10.0.15254|
+|<p>186-4:<p>Key Generation:<p>Public Key Exponent: Fixed (10001)<p>Provable Primes with Conditions:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.3<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1,<li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits)<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4009][shs-4009], DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#2668][rsa-2668]<p><p>Version 10.0.16299|
+|<p>186-4:<p>Key Generation<p>Probable Random Primes:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.2<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-51<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits)<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4009][shs-4009], DRBG [#1730][drbg-1730]|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#2667][rsa-2667]<p>Version 10.0.16299|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384)) (2048 SHA(1, 256, 384))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48))) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48)))<p>SHA [validation number 3790][shs-3790]|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#2524][rsa-2524]<p>Version 10.0.15063|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3790][shs-3790]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile RSA32 Algorithm Implementations [#2523][rsa-2523]<p>Version 10.0.15063|
+|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001);<p>**PGM(ProbPrimeCondition):** 2048, 3072 **PPTT:**(C.3)**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))**SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64<p>SHA [validation number 3790][shs-3790]<p>DRBG: [validation number  1555][drbg-1555]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#2522][rsa-2522]<p>Version 10.0.15063|
+|<p>**FIPS186-4:<p>186-4KEY(gen):**PGM(ProbRandom:** (2048, 3072) **PPTT:**(C.2)**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number 3790][shs-3790]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#2521][rsa-2521]<p>Version 10.0.15063|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3652][shs-3652]**<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 4096, SHS: <li>SHA-256[validation number 3652][shs-3652], <li>SHA-384[validation number 3652][shs-3652], <li>SHA-512[validation number 3652][shs-3652], SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3652][shs-3652], <li>SHA-256[validation number 3652][shs-3652], <li>SHA-384[validation number 3652][shs-3652], <li>SHA-512[validation number 3652][shs-3652]<p>**FIPS186-4:<br>ALG[ANSIX9.31]** Sig(Gen): (2048 SHA(1)) (3072 SHA(1))**SIG(gen) with SHA-1 affirmed for use with protocols only.**SIG(ver): (1024 SHA(1)) (2048 SHA(1)) (3072 SHA(1))**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3652][shs-3652]|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2415][rsa-2415]<p>Version 7.00.2872|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3651][shs-3651]**<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 4096, SHS: <li>SHA-256[validation number 3651][shs-3651], <li>SHA-384[validation number 3651][shs-3651], <li>SHA-512[validation number 3651][shs-3651]SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3651][shs-3651], <li>SHA-256[validation number 3651][shs-3651], <li>SHA-384[validation number 3651][shs-3651], <li>SHA-512[validation number 3651][shs-3651]<p>**FIPS186-4:<br>ALG[ANSIX9.31]** Sig(Gen): (2048 SHA(1)) (3072 SHA(1))**SIG(gen) with SHA-1 affirmed for use with protocols only.** SIG(ver): (1024 SHA(1)) (2048 SHA(1)) (3072 SHA(1))**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3651][shs-3651]|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2414][rsa-2414]<p>Version 8.00.6246|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 4096, SHS: <li>SHA-256[validation number  3649][shs-3649], <li>SHA-384[validation number  3649][shs-3649], <li>SHA-512[validation number  3649][shs-3649]SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number  3649][shs-3649], <li>SHA-256[validation number  3649][shs-3649], <li>SHA-384[validation number  3649][shs-3649], <li>SHA-512[validation number  3649][shs-3649]<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001);<p>**PGM(ProbRandom:** (2048, 3072) **PPTT:**(C.2)<br>**ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number  3649][shs-3649]<p>DRBG: [validation number  1430][drbg-1430]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2412][rsa-2412]<p>Version 7.00.2872|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 4096, SHS: <li>SHA-256[validation number 3648][shs-3648], <li>SHA-384[validation number 3648][shs-3648], <li>SHA-512[validation number 3648][shs-3648], SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3648][shs-3648], <li>SHA-256[validation number 3648][shs-3648], <li>SHA-384[validation number 3648][shs-3648], <li>SHA-512[validation number 3648][shs-3648]<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001);<p>**PGM(ProbRandom:** (2048, 3072) **PPTT:**(C.2)**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3648][shs-3648]<p>DRBG: [validation number  1429][drbg-1429]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2411][rsa-2411]<p>Version 8.00.6246|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384)) SIG(gen) with SHA-1 affirmed for use with protocols only.SIG(Ver) (1024 SHA(1, 256, 384)) (2048 SHA(1, 256, 384))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48))) SIG(gen) with SHA-1 affirmed for use with protocols only.Sig(Ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48)))<p>SHA [validation number  3347][shs-3347]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#2206][rsa-2206]<p>Version 10.0.14393|
+|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001<p>**PGM(ProbPrimeCondition):** 2048, 3072 PPTT:(C.3)<p>SHA [validation number  3347][shs-3347] DRBG: [validation number  1217][drbg-1217]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA Key Generation Implementation [#2195][rsa-2195]<p>Version 10.0.14393|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3346][shs-3346]|soft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations [#2194][rsa-2194]<p>Version 10.0.14393|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(256, 384, 512)) (3072 SHA(256, 384, 512))<p>**SIG(Ver)** (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number  3347][shs-3347] DRBG: [validation number  1217][drbg-1217]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#2193][rsa-2193]<p>Version 10.0.14393|
+|<p>**FIPS186-4:<br>[RSASSA-PSS]: Sig(Gen):** (2048 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))<p>**Sig(Ver):** (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number  3347][shs-3347] DRBG: [validation number  1217][drbg-1217]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#2192][rsa-2192]<p>Version 10.0.14393|
+|<p>**FIPS186-4:<p>186-4KEY(gen)**:  FIPS186-4_Fixed_e (10001);<p>**PGM(ProbPrimeCondition**): 2048, 3072 PPTT:(C.3)<p>SHA [validation number  3047][shs-3047] DRBG: [validation number  955][drbg-955]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" RSA Key Generation Implementation [#1889][rsa-1889]<p>Version 10.0.10586|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3048][shs-3048]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub RSA32 Algorithm Implementations [#1871][rsa-1871]<p>Version 10.0.10586|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(256, 384, 512)) (3072 SHA(256, 384, 512))<p>**SIG(Ver)** (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number  3047][shs-3047]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub MsBignum Cryptographic Implementations [#1888][rsa-1888]<p>Version 10.0.10586|
+|<p>**FIPS186-4:<br>[RSASSA-PSS]: Sig(Gen)**: (2048 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>**Sig(Ver):** (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number  3047][shs-3047]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub Cryptography Next Generation (CNG) Implementations [#1887][rsa-1887]<p>Version 10.0.10586|
+|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001);PGM(ProbPrimeCondition): 2048, 3072 PPTT:(C.3)<p>SHA [validation number  2886][shs-2886] DRBG: [validation number  868][drbg-868]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA Key Generation Implementation [#1798][rsa-1798]<p>Version 10.0.10240|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 2871][shs-2871]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations [#1784][rsa-1784]<p>Version 10.0.10240|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 2871][shs-2871]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations [#1783][rsa-1783]<p>Version 10.0.10240|
+|<p>**FIPS186-4:<br>[RSASSA-PSS]:** Sig(Gen): (2048 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))), Sig(Ver): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number  2886][shs-2886]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations [#1802][rsa-1802]<p>Version 10.0.10240|
+|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e;<p>**PGM(ProbPrimeCondition):** 2048, 3072 PPTT:(C.3)<p>SHA [validation number 2373][shs-2373] DRBG: [validation number  489][drbg-489]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 RSA Key Generation Implementation [#1487][rsa-1487]<p>Version 6.3.9600|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 2373][shs-2373]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations [#1494][rsa-1494]<p>Version 6.3.9600|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(256, 384, 512)) (3072 SHA(256, 384, 512)), SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 2373][shs-2373]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#1493][rsa-1493]<p>Version 6.3.9600|
+|<p>**FIPS186-4:<br>[RSASSA-PSS]:** Sig(Gen): (2048 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))), Sig(Ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number 2373][shs-2373]|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations [#1519][rsa-1519]<p>Version 6.3.9600|
+|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(256, 384, 512-256)) (3072 SHA(256, 384, 512-256)), SIG(Ver) (1024 SHA(1, 256, 384, 512-256)) (2048 SHA(1, 256, 384, 512-256)) (3072 SHA(1, 256, 384, 512-256))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(256, 384, 512)) (3072 SHA(256, 384, 512)), Sig(Ver): (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512, 512)), SHA [#1903][shs-1903].|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#1134][rsa-1134]|
+|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e, FIPS186-4_Fixed_e_Value<p>**PGM(ProbPrimeCondition):** 2048, 3072 **PPTT:**(C.3)<p>SHA [#1903][shs-1903] DRBG: [#258][drbg-258]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 RSA Key Generation Implementation [#1133][rsa-1133]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537 DRBG: [#258][drbg-258]<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[#1902][shs-1902], <li>SHA-384[#1902][shs-1902], <li>SHA-512[#1902][shs-1902],, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[#1902][shs-1902], <li>SHA-256[#1902][shs-1902], SHA-[#1902][shs-1902], <li>SHA-512[#1902][shs-1902],.|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) [#1132][rsa-1132]|
+|<p>**FIPS186-2:ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1774][shs-1774]<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1774][shs-1774], <li>SHA-384[validation number 1774][shs-1774], <li>SHA-512[validation number 1774][shs-1774],SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1774][shs-1774], <li>SHA-256[validation number 1774][shs-1774], <li>SHA-384[validation number 1774][shs-1774], <li>SHA-512[validation number 1774][shs-1774],.|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1052][rsa-1052]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537 DRBG: [validation number  193][drbg-193]<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1773][shs-1773], <li>SHA-384[validation number 1773][shs-1773], <li>SHA-512[validation number 1773][shs-1773],SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1773][shs-1773], <li>SHA-256[validation number 1773][shs-1773], <li>SHA-384[validation number 1773][shs-1773], <li>SHA-512[validation number 1773][shs-1773],.|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1051][rsa-1051]|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1081][shs-1081], <li>SHA-384[validation number 1081][shs-1081], <li>SHA-512[validation number 1081][shs-1081],SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1081][shs-1081], <li>SHA-256[validation number 1081][shs-1081], <li>SHA-384[validation number 1081][shs-1081], <li>SHA-512[validation number 1081][shs-1081],.|Windows Server 2008 R2 and SP1 Enhanced Cryptographic Provider (RSAENH) [#568][rsa-568]|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1081][shs-1081], <li>SHA-384[validation number 1081][shs-1081], <li>SHA-512[validation number 1081][shs-1081], SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1081][shs-1081], <li>SHA-256[validation number 1081][shs-1081], <li>SHA-384[validation number 1081][shs-1081], <li>SHA-512[validation number 1081][shs-1081],<br>**ALG[RSASSA-PSS]:** SIG(gen); 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1081][shs-1081], <li>SHA-384[validation number 1081][shs-1081], <li>SHA-512[validation number 1081][shs-1081], SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1081][shs-1081], <li>SHA-256[validation number 1081][shs-1081], <li>SHA-384[validation number 1081][shs-1081], <li>SHA-512[validation number 1081][shs-1081].|Windows Server 2008 R2 and SP1 CNG algorithms [#567][rsa-567]<p>Windows 7 and SP1 CNG algorithms [#560][rsa-560]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537 DRBG: [validation number  23][drbg-23].|Windows 7 and SP1 and Server 2008 R2 and SP1 RSA Key Generation Implementation [#559][rsa-559]|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS:<li>SHA-256[validation number 1081][shs-1081], <li>SHA-384[validation number 1081][shs-1081], <li>SHA-512[validation number 1081][shs-1081], SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1081][shs-1081], <li>SHA-256[validation number 1081][shs-1081], <li>SHA-384[validation number 1081][shs-1081], <li>SHA-512[validation number 1081][shs-1081],.|Windows 7 and SP1 Enhanced Cryptographic Provider (RSAENH) [#557][rsa-557]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 816][shs-816], <li>SHA-384[validation number 816][shs-816], <li>SHA-512[validation number 816][shs-816],SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 816][shs-816], <li>SHA-256[validation number 816][shs-816], <li>SHA-384[validation number 816][shs-816], <li>SHA-512[validation number 816][shs-816],.|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#395][rsa-395]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 783][shs-783]**<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 783][shs-783], <li>SHA-384[validation number 783][shs-783], <li>SHA-512[validation number 783][shs-783],.|Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#371][rsa-371]|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 753][shs-753], <li>SHA-384[validation number 753][shs-753], <li>SHA-512[validation number 753][shs-753], SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 753][shs-753], <li>SHA-256[validation number 753][shs-753], <li>SHA-384[validation number 753][shs-753], <li>SHA-512[validation number 753][shs-753],<br>**ALG[RSASSA-PSS]:** SIG(gen); 2048, 3072, 4096, SHS: <li>SHA-256[validation number 753][shs-753], <li>SHA-384[validation number 753][shs-753], <li>SHA-512[validation number 753][shs-753], SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 753][shs-753], <li>SHA-256[validation number 753][shs-753], <li>SHA-384[validation number 753][shs-753], <li>SHA-512[validation number 753][shs-753].|Windows Server 2008 CNG algorithms [#358][rsa-358]<p>Windows Vista SP1 CNG algorithms [#357][rsa-357]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 753][shs-753]<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 753][shs-753], <li>SHA-384[validation number 753][shs-753], <li>SHA-512[validation number 753][shs-753], SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 753][shs-753], <li>SHA-256[validation number 753][shs-753], <li>SHA-384[validation number 753][shs-753], <li>SHA-512[validation number 753][shs-753].|Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) [#355][rsa-355]<p>Windows Vista SP1 Enhanced Cryptographic Provider (RSAENH) [#354][rsa-354]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537.|Windows Vista SP1 and Windows Server 2008 RSA Key Generation Implementation [#353][rsa-353]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537 RNG: [validation number  321][rng-321].|Windows Vista RSA key generation implementation [#258][rsa-258]|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 618][shs-618], <li>SHA-384[validation number 618][shs-618], <li>SHA-512[validation number 618][shs-618],SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 618][shs-618], <li>SHA-256[validation number 618][shs-618], <li>SHA-384[validation number 618][shs-618], <li>SHA-512[validation number 618][shs-618],<br>**ALG[RSASSA-PSS]:** SIG(gen); 2048, 3072, 4096, SHS: <li>SHA-256[validation number 618][shs-618], <li>SHA-384[validation number 618][shs-618], <li>SHA-512[validation number 618][shs-618], SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 618][shs-618], <li>SHA-256[validation number 618][shs-618], <li>SHA-384[validation number 618][shs-618], <li>SHA-512[validation number 618][shs-618].|Windows Vista CNG algorithms [#257][rsa-257]|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 618][shs-618], <li>SHA-384[validation number 618][shs-618], <li>SHA-512[validation number 618][shs-618],, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 618][shs-618], <li>SHA-256[validation number 618][shs-618], <li>SHA-384[validation number 618][shs-618], <li>SHA-512[validation number 618][shs-618],.|Windows Vista Enhanced Cryptographic Provider (RSAENH) [#255][rsa-255]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 613][shs-613]<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 613][shs-613], <li>SHA-384[validation number 613][shs-613], <li>SHA-512[validation number 613][shs-613], SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 613][shs-613], <li>SHA-256[validation number 613][shs-613], <li>SHA-384[validation number 613][shs-613], <li>SHA-512[validation number 613][shs-613],.|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#245][rsa-245]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 589][shs-589]<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 589][shs-589], <li>SHA-384[validation number 589][shs-589], <li>SHA-512[validation number 589][shs-589],, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 589][shs-589], <li>SHA-256[validation number 589][shs-589], <li>SHA-384[validation number 589][shs-589], <li>SHA-512[validation number 589][shs-589],.|Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#230][rsa-230]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 578][shs-578]<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 578][shs-578], <li>SHA-384[validation number 578][shs-578], <li>SHA-512[validation number 578][shs-578],, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 578][shs-578], <li>SHA-256[validation number 578][shs-578], <li>SHA-384[validation number 578][shs-578], <li>SHA-512[validation number 578][shs-578],.|Windows CE and Windows Mobile 6 and Windows Mobile 6.1 Enhanced Cryptographic Provider (RSAENH) [#222][rsa-222]|
+|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:**<p>SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 364][shs-364].|Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#81][rsa-81]|
+|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 305][shs-305]<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 305][shs-305], <li>SHA-384[validation number 305][shs-305], <li>SHA-512[validation number 305][shs-305],, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 305][shs-305], <li>SHA-256[validation number 305][shs-305], <li>SHA-384[validation number 305][shs-305], <li>SHA-512[validation number 305][shs-305],.|Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) [#52][rsa-52]|
+|<p>**FIPS186-2:**: <li>PKCS#1 v1.5, Signature generation, and verification<li>Mod sizes: 1024, 1536, 2048, 3072, 4096<li>SHS: SHA-1/256/384/512|Windows XP, vendor-affirmed<p>Windows 2000, vendor-affirmed|
+
+</details>
+
+<details>
+<summary><b>Secure Hash Standard (SHS)</b></summary>
+
+|Modes / States / Key Sizes|Algorithm Implementation and Certificate #|
+|--- |--- |
+|<p>SHA-1:<br>Supports Empty Message<p>SHA-256:<br>Supports Empty Message<p>SHA-384:<br>Supports Empty Message<p>SHA-512:<br>Supports Empty Message|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#4011][shs-4011]<p>Version 10.0.15063.674|
+|<p>SHA-1:<br>Supports Empty Message<p>SHA-256:<br>Supports Empty Message<p>SHA-384:<br>Supports Empty Message<p>SHA-512:<br>Supports Empty Message|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#4010][shs-4010]<p>Version 10.0.15254|
+|<p>SHA-1:<br>Supports Empty Message<p>SHA-256:<br>Supports Empty Message<p>SHA-384:<br>Supports Empty Message<p>SHA-512:<br>Supports Empty Message|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#4009][shs-4009]<p>Version 10.0.16299|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only)<li>**SHA-512**  (BYTE-only)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#3790][shs-3790]<p>Version 10.0.15063|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only)<li>**SHA-512**  (BYTE-only)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#3652][shs-3652]<p>Version 7.00.2872|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only<li>**SHA-512**  (BYTE-only)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#3651][shs-3651]<p>Version 8.00.6246|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only)<li>**SHA-512**  (BYTE-only)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#3649][shs-3649]<p>Version 7.00.2872|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only)<li>**SHA-512**  (BYTE-only)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#3648][shs-3648]<p>Version 8.00.6246|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#3347][shs-3347]<p>Version 10.0.14393|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations [#3346][shs-3346]<p>Version 10.0.14393|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub RSA32 Algorithm Implementations [#3048][shs-3048]<p>Version 10.0.10586|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations [#3047][shs-3047]<p>Version 10.0.10586|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#2886][shs-2886]<p>Version 10.0.10240|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations [#2871][shs-2871]<p>Version 10.0.10240|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations [#2396][shs-2396]<p>Version 6.3.9600|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#2373][shs-2373]<p>Version 6.3.9600|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)<p>Implementation does not support zero-length (null) messages.|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#1903][shs-1903]<p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) [#1902][shs-1902]|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1774][shs-1774]<p>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#1773][shs-1773]|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation [#1081][shs-1081]<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#816][shs-816]|
+|<li>**SHA-1** (BYTE-only)|Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) [#785][shs-785]<p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#784][shs-784]|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#783][shs-783]|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows Vista SP1 and Windows Server 2008 Symmetric Algorithm Implementation [#753][shs-753]<p>Windows Vista Symmetric Algorithm Implementation [#618][shs-618]|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)|Windows Vista BitLocker Drive Encryption [#737][shs-737]<p>Windows Vista Beta 2 BitLocker Drive Encryption [#495][shs-495]|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#613][shs-613]<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#364][shs-364]|
+|<li>**SHA-1** (BYTE-only)|Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider [#611][shs-611]<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) [#610][shs-610]<p>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#385][shs-385]<p>Windows Server 2003 SP1 Kernel Mode Cryptographic Module (fips.sys) [#371][shs-371]<p>Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#181][shs-181]<p>Windows Server 2003 Kernel Mode Cryptographic Module (fips.sys) [#177][shs-177]<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) [#176][shs-176]|
+|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#589][shs-589]<p>Windows CE and Windows Mobile 6 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) [#578][shs-578]<p>Windows CE 5.00 and Windows CE 5.01 Enhanced<p>Cryptographic Provider (RSAENH) [#305][shs-305]|
+|<li>**SHA-1** (BYTE-only)|Windows XP Microsoft Enhanced Cryptographic Provider [#83][shs-83]<p>Crypto Driver for Windows 2000 (fips.sys) [#35][shs-35]<p>Windows 2000 Microsoft Outlook Cryptographic Provider (EXCHCSP.DLL) SR-1A (3821) [#32][shs-32]<p>Windows 2000 RSAENH.DLL [#24][shs-24]<p>Windows 2000 RSABASE.DLL [#23][shs-23]<p>Windows NT 4 SP6 RSAENH.DLL [#21][shs-21]<p>Windows NT 4 SP6 RSABASE.DLL [#20][shs-20]|
+
+</details>
+
+<details>
+<summary><b>SP 800-132 Password-Based Key Derivation Function (PBKDF)</b></summary>
+
+| Modes / States / Key Sizes | Algorithm Implementation and Certificate # |
+| --- | --- |
+| PBKDF (vendor affirmed) |  Kernel Mode Cryptographic Primitives Library (cng.sys) Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2937][certificate-2937]<br/>(Software Version: 10.0.14393)<br/><br/>Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2936][certificate-2936]<br/>(Software Version: 10.0.14393)<br/><br/>Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2935][certificate-2935]<br/>(Software Version: 10.0.14393) |
+| PBKDF (vendor affirmed) | Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2936][certificate-2936]<br/>(Software Version: 10.0.14393)<br/><br/>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG), vendor-affirmed |
+
+</details>
+
+<details>
+<summary><b>Triple DES</b></summary>
+
+|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
+|--- |--- |
+|<p>TDES-CBC:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB64:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB8:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-ECB:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#2558][tdes-2558]<p>Version 10.0.15063.674|
+|<p>TDES-CBC:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB64:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB8:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-ECB:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#2557][tdes-2557]<p>Version 10.0.15254|
+|<p>TDES-CBC:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB64:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB8:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-ECB:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#2556][tdes-2556]<p>Version 10.0.16299|
+|**TECB**(KO 1 e/d); **TCBC**(KO 1 e/d); **TCFB8**(KO 1 e/d); **TCFB64**(KO 1 e/d)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#2459][tdes-2459]<p>Version 10.0.15063|
+|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2384][tdes-2384]<p>Version 8.00.6246|
+|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2383][tdes-2383]<p>Version 8.00.6246|
+|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**CTR** (int only)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2382][tdes-2382]<p>Version 7.00.2872|
+|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2381][tdes-2381]<p>Version 8.00.6246|
+|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**TCFB8**(KO 1 e/d);**TCFB64**(KO 1 e/d)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#2227][tdes-2227]<p>Version 10.0.14393|
+|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**TCFB8**(KO 1 e/d);**TCFB64**(KO 1 e/d)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations [#2024][tdes-2024]<p>Version 10.0.10586|
+|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**TCFB8**(KO 1 e/d);**TCFB64**(KO 1 e/d)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#1969][tdes-1969]<p>Version 10.0.10240|
+|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**TCFB8**(KO 1 e/d);**TCFB64**(KO 1 e/d)|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#1692][tdes-1692]<p>Version 6.3.9600|
+|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2);**TCFB64**(e/d; KO 1, 2)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#1387][tdes-1387]|
+|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) [#1386][tdes-1386]|
+|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2)|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation [#846][tdes-846]|
+|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2)|Windows Vista SP1 and Windows Server 2008 Symmetric Algorithm Implementation [#656][tdes-656]|
+|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2)|Windows Vista Symmetric Algorithm Implementation [#549][tdes-549]|
+|**Triple DES MAC**|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 [#1386][tdes-1386], vendor-affirmedWindows 7 and SP1 and Windows Server 2008 R2 and SP1 [#846][tdes-846], vendor-affirmed|
+|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2)|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1308][tdes-1308]Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#1307][tdes-1307]<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#691][tdes-691]<p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) [#677][tdes-677]<p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#676][tdes-676]<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#675][tdes-675]<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#544][tdes-544]<p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider [#543][tdes-543]<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) [#542][tdes-542]Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#526][tdes-526]<p>Windows CE and Windows Mobile 6 and Windows Mobile 6.1 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) [#517][tdes-517]<p>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#381][tdes-381]<p>Windows Server 2003 SP1 Kernel Mode Cryptographic Module (fips.sys) [#370][tdes-370]<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#365][tdes-365]Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) [#315][tdes-315]<p>Windows Server 2003 Kernel Mode Cryptographic Module (fips.sys) [#201][tdes-201]<p>Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#199][tdes-199]<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) [#192][tdes-192]Windows XP Microsoft Enhanced Cryptographic Provider [#81][tdes-81]<p>Windows 2000 Microsoft Outlook Cryptographic Provider (EXCHCSP.DLL) SR-1A (3821) [#18][tdes-18]Crypto Driver for Windows 2000 (fips.sys) [#16][tdes-16]|
+
+</details>
+
+## Contact
+
+fips@microsoft.com
+
+## References
+
+* [FIPS 140-2, Security Requirements for Cryptographic Modules](https://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf))
+* [Cryptographic Module Validation Program (CMVP) FAQ](https://csrc.nist.gov/groups/stm/cmvp/documents/cmvpfaq.pdf)
+* [SP 800-57 - Recommendation for Key Management - Part 1: General (Revised)](https://csrc.nist.gov/publications/detail/sp/800-57-part-1/rev-5/final)
+* [SP 800-131A - Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](https://csrc.nist.gov/publications/nistpubs/800-131a/sp800-131a.pdf)
+
+---
+
 ## Frequently asked questions
 
 ### How long does it take to certify a cryptographic module?
@@ -91,874 +1113,670 @@ Suite B is a set of cryptographic algorithms defined by the U.S. National Securi
 
 SMB3 can be FIPS 140 compliant, if Windows is configured to operate in FIPS 140 mode on both client and server.  In FIPS mode, SMB3 relies on the underlying Windows FIPS 140 validated cryptographic modules for cryptographic operations.
 
-## Microsoft FIPS 140-2 validated cryptographic modules
-
-The following tables identify the cryptographic modules used in an operating system, organized by release.
-
-## Modules used by Windows
-
-##### Windows 10 Fall 2018 Update (Version 1809)
-
-Validated Editions: Home, Pro, Enterprise, Education
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197)|See Security Policy and Certificate page for algorithm information|
-|Kernel Mode Cryptographic Primitives Library|[10.0.17763](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196)|See Security Policy and Certificate page for algorithm information|
-|Code Integrity|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf)|[#3644](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644)|See Security Policy and Certificate page for algorithm information|
-|Windows OS Loader|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf)|[#3615](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615)|See Security Policy and Certificate page for algorithm information|
-|Secure Kernel Code Integrity|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf)|[#3651](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651)|See Security Policy and Certificate page for algorithm information|
-|BitLocker Dump Filter|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092)|See Security Policy and Certificate page for algorithm information|
-|Boot Manager|[10.0.17763](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089)|See Security Policy and Certificate page for algorithm information|
-|Virtual TPM|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf)|[#3690](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690)|See Security Policy and Certificate page for algorithm information|
-
-##### Windows 10 Spring 2018 Update (Version 1803)
-
-Validated Editions: Home, Pro, Enterprise, Education
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197)|See Security Policy and Certificate page for algorithm information|
-|Kernel Mode Cryptographic Primitives Library|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196)|See Security Policy and Certificate page for algorithm information|
-|Code Integrity|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf)|[#3195](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195)|See Security Policy and Certificate page for algorithm information|
-|Windows OS Loader|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf)|[#3480](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480)|See Security Policy and Certificate page for algorithm information|
-|Secure Kernel Code Integrity|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096)|See Security Policy and Certificate page for algorithm information|
-|BitLocker Dump Filter|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092)|See Security Policy and Certificate page for algorithm information|
-|Boot Manager|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089)|See Security Policy and Certificate page for algorithm information|
-
-##### Windows 10 Fall Creators Update (Version 1709)
-
-Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197)|See Security Policy and Certificate page for algorithm information|
-|Kernel Mode Cryptographic Primitives Library|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196)|See Security Policy and Certificate page for algorithm information|
-|Code Integrity|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf)|[#3195](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195)|See Security Policy and Certificate page for algorithm information|
-|Windows OS Loader|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf)|[#3194](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194)|See Security Policy and Certificate page for algorithm information|
-|Secure Kernel Code Integrity|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096)|See Security Policy and Certificate page for algorithm information|
-|BitLocker Dump Filter|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092)|See Security Policy and Certificate page for algorithm information|
-|Windows Resume|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf)|[#3091](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091)|See Security Policy and Certificate page for algorithm information|
-|Boot Manager|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089)|See Security Policy and Certificate page for algorithm information|
-
-##### Windows 10 Creators Update (Version 1703)
-
-Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3095.pdf)|[#3095](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3095)|FIPS approved algorithms: AES (Cert. [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624)); CKG (vendor affirmed); CVL (Certs<p>[#1278](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278) and [#1281](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281)); DRBG (Cert. [#1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)); DSA (Cert. [#1223](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223)); ECDSA (Cert. [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133)); HMAC (Cert. [#3061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061)); KAS (Cert. [#127](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127)); KBKDF (Cert. [#140](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#140)); KTS (AES Cert. [#4626](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626); key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2521](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2521) and [#2522](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522)); SHS (Cert. [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)); Triple-DES (Cert. [#2459](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2459)<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1133)); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#2521](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#2521)); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#1281](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281)); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#1278](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278))|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3094.pdf)|[#3094](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094)|[#3094](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094)<p>FIPS approved algorithms: AES (Certs. [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624) and [#4626](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626)); CKG (vendor affirmed); CVL (Certs. [#1278](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278) and [#1281](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281)); DRBG (Cert. [#1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)); DSA (Cert. [#1223](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223)); ECDSA (Cert. [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133)); HMAC (Cert. [#3061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061)); KAS (Cert. [#127](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127)); KBKDF (Cert. [#140](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#140)); KTS (AES Cert. [#4626](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626); key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2521](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2521) and [#2523](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523)); SHS (Cert. [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)); Triple-DES (Cert. [#2459](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2459)<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>[Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert.](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094<p>[#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1133)[); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert.](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094)[#2521](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#2521)[); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert.](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094<p>[#1281](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281)[)](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094)|
-|Boot Manager|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089)|FIPS approved algorithms: AES (Certs. [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624) and [#4625](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625)); CKG (vendor affirmed); HMAC (Cert. [#3061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061)); PBKDF (vendor affirmed); RSA (Cert. [#2523](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523)); SHS (Cert. [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>Other algorithms: PBKDF (vendor affirmed); VMK KDF (vendor affirmed)|
-|Windows OS Loader|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3090.pdf)|[#3090](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3090)|FIPS approved algorithms: AES (Certs. [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624) and [#4625](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625)); RSA (Cert. [#2523](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523)); SHS (Cert. [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>[Other algorithms: NDRNG](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3090)|
-|Windows Resume <sup>[1]</sup>|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf)|[#3091](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091)|FIPS approved algorithms: AES (Certs. [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624) and [#4625](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625)); RSA (Cert. [#2523](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523)); SHS (Cert. [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790))|
-|BitLocker® Dump Filter <sup>[2]</sup>|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092)|FIPS approved algorithms: AES (Certs. [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624) and [#4625](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625)); RSA (Cert. [#2522](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522)); SHS (Cert. [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790))|
-|Code Integrity (ci.dll)|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3093.pdf)|[#3093](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3093)|FIPS approved algorithms: AES (Cert. [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624)); RSA (Certs. [#2522](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522) and [#2523](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523)); SHS (Cert. [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1282))|
-|Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096)|FIPS approved algorithms: AES (Cert. [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624)); RSA (Certs. [#2522](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522) and [#2523](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523)); SHS (Cert. [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1282))|
-
-
-<sup>\[1\]</sup> Applies only to Home, Pro, Enterprise, Education, and S.
-
-<sup>\[2\]</sup> Applies only to Pro, Enterprise, Education, S, Mobile, and Surface Hub
-
-<sup>\[3\]</sup> Applies only to Pro, Enterprise, Education, and S
-
-##### Windows 10 Anniversary Update (Version 1607)
-
-Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2937.pdf)|[#2937](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937)|FIPS approved algorithms: AES (Cert. [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); DRBG (Cert. [#1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)); DSA (Cert. [#1098](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098)); ECDSA (Cert. [#911](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911)); HMAC (Cert. [#2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)); KAS (Cert. [#92](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92)); KBKDF (Cert. [#101](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101)); KTS (AES Cert. [#4062](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062); key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192), [#2193, and #2195](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)); Triple-DES (Cert. [#2227](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227))<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#922)); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888)); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#887)); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#886))|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2936.pdf)|[#2936](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936)|FIPS approved algorithms: AES (Cert. [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); DRBG (Cert. [#1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)); DSA (Cert. [#1098](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098)); ECDSA (Cert. [#911](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911)); HMAC (Cert. [#2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)); KAS (Cert. [#92](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92)); KBKDF (Cert. [#101](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101)); KTS (AES Cert. [#4062](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062); key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192), [#2193, and #2195](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)); Triple-DES (Cert. [#2227](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227))<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#922)); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888)); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#887))|
-|Boot Manager|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2931.pdf)|[#2931](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931)|FIPS approved algorithms: AES (Certs. [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061) and [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); HMAC (Cert. [#2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)); PBKDF (vendor affirmed); RSA (Cert. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
-|BitLocker® Windows OS Loader (winload)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2932.pdf)|[#2932](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932)|FIPS approved algorithms: AES (Certs. [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061) and [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); RSA (Cert. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: NDRNG; MD5|
-|BitLocker® Windows Resume (winresume)<sup>[1]</sup>|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2933.pdf)|[#2933](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2933)|FIPS approved algorithms: AES (Certs. [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061) and [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); RSA (Cert. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)<sup>[2]</sup>|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2934.pdf)|[#2934](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934)|FIPS approved algorithms: AES (Certs. [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061) and [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064))|
-|Code Integrity (ci.dll)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2935.pdf)|[#2935](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935)|FIPS approved algorithms: RSA (Cert. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888))|
-|Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2938.pdf)|[#2938](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938)|FIPS approved algorithms: RSA (Certs. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Certs. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888))|
-
-<sup>\[1\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
-
-<sup>\[2\]</sup> Applies only to Pro, Enterprise, Enterprise LTSB, and Mobile
-
-<sup>\[3\]</sup> Applies only to Pro, Enterprise, and Enterprise LTSB
-
-##### Windows 10 November 2015 Update (Version 1511)
-
-Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10586](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf)|[#2606](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606)|FIPS approved algorithms: AES (Certs. [#3629](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629)); DRBG (Certs. [#955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955)); DSA (Certs. [#1024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024)); ECDSA (Certs. [#760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760)); HMAC (Certs. [#2381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381)); KAS (Certs. [#72](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#72); key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#72)); KTS (AES Certs. [#3653](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653); key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1887), [#1888, and #1889](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1888)); SHS (Certs. [#3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)); Triple-DES (Certs. [#2024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2024))<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#666)); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665)); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#663)); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#664](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#664))|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10586](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf)|[#2605](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605)|FIPS approved algorithms: AES (Certs. [#3629](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629)); DRBG (Certs. [#955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955)); DSA (Certs.  [#1024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024)); ECDSA (Certs. [#760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760)); HMAC (Certs. [#2381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381)); KAS (Certs. [#72](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#72); key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#72)); KTS (AES Certs. [#3653](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653); key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1887), [#1888, and #1889](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1888)); SHS (Certs. [#3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)); Triple-DES (Certs. [#2024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2024))<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#666)); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665)); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#663))|
-|Boot Manager <sup>[4]</sup>|[10.0.10586](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2700.pdf)|[#2700](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2700)|FIPS approved algorithms: AES (Certs. [#3653](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653)); HMAC (Cert. [#2381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381)); PBKDF (vendor affirmed); RSA (Cert. [#1871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871)); SHS (Certs. [#3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047) and [#3048](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048))<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
-|BitLocker® Windows OS Loader (winload)<sup>[5]</sup>|[10.0.10586](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2701.pdf)|[#2701](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2701)|FIPS approved algorithms: AES (Certs. [#3629](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629) and [#3653](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653)); RSA (Cert. [#1871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871)); SHS (Cert. [#3048](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048))<p>Other algorithms: MD5; NDRNG|
-|BitLocker® Windows Resume (winresume)<sup>[6]</sup>|[10.0.10586](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2702.pdf)|[#2702](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2702)|FIPS approved algorithms: AES (Certs. [#3653](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653)); RSA (Cert. [#1871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871)); SHS (Cert. [#3048](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048))<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)<sup>[7]</sup>|[10.0.10586](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2703.pdf)|[#2703](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2703)|FIPS approved algorithms: AES (Certs. [#3653](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653))|
-|Code Integrity (ci.dll)|[10.0.10586](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2604.pdf)|[#2604](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2604)|FIPS approved algorithms: RSA (Certs. [#1871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871)); SHS (Certs. [#3048](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048))<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665))|
-|Secure Kernel Code Integrity (skci.dll)<sup>[8]</sup>|[10.0.10586](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2607.pdf)|[#2607](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2607)|FIPS approved algorithms: RSA (Certs. [#1871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871)); SHS (Certs. [#3048](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048))<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665))|
-
-<sup>\[4\]</sup> Applies only to Home, Pro, Enterprise, Mobile, and Surface Hub
-
-<sup>\[5\]</sup> Applies only to Home, Pro, Enterprise, Mobile, and Surface Hub
-
-<sup>\[6\]</sup> Applies only to Home, Pro, and Enterprise
-
-<sup>\[7\]</sup> Applies only to Pro, Enterprise, Mobile, and Surface Hub
-
-<sup>\[8\]</sup> Applies only to Enterprise and Enterprise LTSB
-
-##### Windows 10 (Version 1507)
-
-Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, and Surface Hub
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10240](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf)|#[2606](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606)|FIPS approved algorithms: AES (Certs. [#3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497)); DRBG (Certs. [#868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868)); DSA (Certs. [#983](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983)); ECDSA (Certs. [#706](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706)); HMAC (Certs. [#2233](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233)); KAS (Certs. [#64](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64); key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#66)); KTS (AES Certs. [#3507](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3507); key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1783), [#1798](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1798), and [#1802](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1802)); SHS (Certs. [#2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)); Triple-DES (Certs. [#1969](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1969))<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572)); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#576)); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#575](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#575))|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10240](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf)|[#2605](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605)|FIPS approved algorithms: AES (Certs. [#3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497)); DRBG (Certs. [#868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868)); DSA (Certs. [#983](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983)); ECDSA (Certs. [#706](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706)); HMAC (Certs. [#2233](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233)); KAS (Certs. [#64](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64); key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#66)); KTS (AES Certs. [#3507](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3507); key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1783), [#1798](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1798), and [#1802](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1802)); SHS (Certs. [#2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)); Triple-DES (Certs. [#1969](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1969))<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572)); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#576))|
-|Boot Manager<sup>[9]</sup>|[10.0.10240](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2600.pdf)|[#2600](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2600)|FIPS approved algorithms: AES (Cert. [#3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497)); HMAC (Cert. [#2233](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233)); KTS (AES Cert. [#3498](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498)); PBKDF (vendor affirmed); RSA (Cert. [#1784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784)); SHS (Certs. [#2871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871) and [#2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886))<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
-|BitLocker® Windows OS Loader (winload)<sup>[10]</sup>|[10.0.10240](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2601.pdf)|[#2601](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2601)|FIPS approved algorithms: AES (Certs. [#3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497) and [#3498](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498)); RSA (Cert. [#1784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784)); SHS (Cert. [#2871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871))<p>Other algorithms: MD5; NDRNG|
-|BitLocker® Windows Resume (winresume)<sup>[11]</sup>|[10.0.10240](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2602.pdf)|[#2602](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2602)|FIPS approved algorithms: AES (Certs. [#3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497) and [#3498](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498)); RSA (Cert. [#1784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784)); SHS (Cert. [#2871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871))<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)<sup>[12]</sup>|[10.0.10240](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2603.pdf)|[#2603](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2603)|FIPS approved algorithms: AES (Certs. [#3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497) and [#3498](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498))|
-|Code Integrity (ci.dll)|[10.0.10240](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2604.pdf)|[#2604](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2604)|FIPS approved algorithms: RSA (Certs. [#1784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784)); SHS (Certs. [#2871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871))<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572))|
-|Secure Kernel Code Integrity (skci.dll)<sup>[13]</sup>|[10.0.10240](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2607.pdf)|[#2607](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2607)|FIPS approved algorithms: RSA (Certs. [#1784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784)); SHS (Certs. [#2871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871))<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572))|
-
-
-<sup>\[9\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
-
-<sup>\[10\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
-
-<sup>\[11\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
-
-<sup>\[12\]</sup> Applies only to Pro, Enterprise, and Enterprise LTSB
-
-<sup>\[13\]</sup> Applies only to Enterprise and Enterprise LTSB
-
-##### Windows 8.1
-
-Validated Editions: RT, Pro, Enterprise, Phone, Embedded
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2357.pdf)|[#2357](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); DRBG (Certs. [#489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)); DSA (Cert. [#855](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855)); ECDSA (Cert. [#505](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505)); HMAC (Cert. [#1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773)); KAS (Cert. [#47](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47)); KBKDF (Cert. [#30](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30)); PBKDF (vendor affirmed); RSA (Certs. [#1487](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487), [#1493, and #1519](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493)); SHS (Cert. [#2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)); Triple-DES (Cert. [#1692](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692))<p>Other algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)#2832, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#288)); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289)); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#323](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#323))|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2356.pdf)|[#2356](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); DRBG (Certs. [#489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)); ECDSA (Cert. [#505](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505)); HMAC (Cert. [#1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773)); KAS (Cert. [#47](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47)); KBKDF (Cert. [#30](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30)); PBKDF (vendor affirmed); RSA (Certs. [#1487](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487), [#1493, and #1519](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493)); SHS (Cert. [# 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)); Triple-DES (Cert. [#1692](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692))<p>Other algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#288)); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289))|
-|Boot Manager|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2351.pdf)|[#2351](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); HMAC (Cert. [#1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773)); PBKDF (vendor affirmed); RSA (Cert. [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)); SHS (Certs. [# 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373) and [#2396](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396))<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
-|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2352.pdf)|[#2352](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); RSA (Cert. [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)); SHS (Cert. [#2396](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396))<p>Other algorithms: MD5; NDRNG|
-|BitLocker® Windows Resume (winresume)<sup>[14]</sup>|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2353.pdf)|[#2353](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); RSA (Cert. [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)); SHS (Certs. [# 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373) and [#2396](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396))<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2354.pdf)|[#2354](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832))<p>Other algorithms: N/A|
-|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2355.pdf)|[#2355](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355)|FIPS approved algorithms: RSA (Cert. [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)); SHS (Cert. [# 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373))<p>Other algorithms: MD5<p>Validated Component Implementations: PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289))|
-
-<sup>\[14\]</sup> Applies only to Pro, Enterprise, and Embedded 8.
-
-##### Windows 8
-
-Validated Editions: RT, Home, Pro, Enterprise, Phone
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1892.pdf)|[#1892](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1892)|FIPS approved algorithms: AES (Certs. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197) and [#2216](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216)); DRBG (Certs. [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)); DSA (Cert. [#687](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687)); ECDSA (Cert. [#341](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341)); HMAC (Cert. [#1345](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345)); KAS (Cert. [#36](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36)); KBKDF (Cert. [#3](http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RSA (Certs. [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133) and [#1134](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)); Triple-DES (Cert. [#1387](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387))<p>Other algorithms: AES (Cert. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258); DSA (Cert.); ECDSA (Cert.); HMAC (Cert.); KAS (Cert); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1891.pdf)|[#1891](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891)|FIPS approved algorithms: AES (Certs. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197) and [#2216](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216)); DRBG (Certs. [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258) and [#259](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#259)); ECDSA (Cert. [#341](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341)); HMAC (Cert. [#1345](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345)); KAS (Cert. [#36](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36)); KBKDF (Cert. [#3](http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RNG (Cert. [#1110](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110)); RSA (Certs. [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133) and [#1134](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)); Triple-DES (Cert. [#1387](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387))<p>Other algorithms: AES (Cert. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258 and); ECDSA (Cert.); HMAC (Cert.); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RNG (Cert.); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
-|Boot Manager|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1895.pdf)|[#1895](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1895)|FIPS approved algorithms: AES (Certs. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196) and [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198)); HMAC (Cert. #[1347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1347)); RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903))<p>Other algorithms: MD5|
-|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1896.pdf)|[#1896](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1896)|FIPS approved algorithms: AES (Certs. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196) and [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198)); RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903))<p>Other algorithms: AES (Cert. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197); non-compliant); MD5; Non-Approved RNG|
-|BitLocker® Windows Resume (WINRESUME)<sup>[15]</sup>|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1898.pdf)|[#1898](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1898)|FIPS approved algorithms: AES (Certs. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196) and [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198)); RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903))<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1899.pdf)|[#1899](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1899)|FIPS approved algorithms: AES (Certs. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196) and [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198))<p>Other algorithms: N/A|
-|Code Integrity (CI.DLL)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1897.pdf)|[#1897](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1897)|FIPS approved algorithms: RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903))<p>Other algorithms: MD5|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1893.pdf)|[#1893](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1893)|FIPS approved algorithms: DSA (Cert. [#686](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#686)); SHS (Cert. [#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)); Triple-DES (Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386)); Triple-DES MAC (Triple-DES Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386), vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386), key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#1902); Triple-DES (Cert.); Triple-DES MAC (Triple-DES Certificate, vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Certificate, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1894.pdf)|[#1894](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1894)|FIPS approved algorithms: AES (Cert. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196)); HMAC (Cert. #1346); RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)); Triple-DES (Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386))<p>Other algorithms: AES (Cert. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386), key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-
-<sup>\[15\]</sup> Applies only to Home and Pro
-
-**Windows 7**
-
-Validated Editions: Windows 7, Windows 7 SP1
-
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1329.pdf)<p>[6.1.7601.17514](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1329.pdf)|[1329](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1329)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1178](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1178)); AES GCM (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed); AES GMAC (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed); DRBG (Certs. [#23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23) and [#24](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#24)); DSA (Cert. [#386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#386)); ECDSA (Cert. [#141](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#141)); HMAC (Cert. [#677](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#677)); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559) and [#560](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#560)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)); Triple-DES (Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846))<p>Other algorithms: AES (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4#559 and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf)<p>[6.1.7600.16915](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf)<p>[6.1.7600.21092](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf)<p>[6.1.7601.17514](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf)<p>[6.1.7601.17725](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf)<p>[6.1.7601.17919](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf)<p>[6.1.7601.21861](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf)<p>[6.1.7601.22076](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1328.pdf)|[1328](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1328)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1178](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1178)); AES GCM (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed); AES GMAC (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed); DRBG (Certs. [#23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23) and [#24](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#24)); ECDSA (Cert. [#141](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#141)); HMAC (Cert. [#677](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#677)); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559) and [#560](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#560)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)); Triple-DES (Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846))<p>Other algorithms: AES (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
-|Boot Manager|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1319.pdf)<p>[6.1.7601.17514](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1319.pdf)|[1319](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1319)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)); HMAC (Cert. [#675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675)); RSA (Cert. [#557](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081))<p>Other algorithms: MD5#1168 and); HMAC (Cert.); RSA (Cert.); SHS (Cert.)<p>Other algorithms: MD5|
-|Winload OS Loader (winload.exe)|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf)<p>[6.1.7600.16757](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf)<p>[6.1.7600.20897](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf)<p>[6.1.7600.20916](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf)<p>[6.1.7601.17514](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf)<p>[6.1.7601.17556](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf)<p>[6.1.7601.21655](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf)<p>[6.1.7601.21675](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1326.pdf)|[1326](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1326)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)); RSA (Cert. [#557](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081))<p>Other algorithms: MD5|
-|BitLocker™ Drive Encryption|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7600.16429](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7600.16757](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7600.20536](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7600.20873](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7600.20897](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7600.20916](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7601.17514](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7601.17556](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7601.21634](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7601.21655](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)<p>[6.1.7601.21675](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1332.pdf)|[1332](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1332)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)); HMAC (Cert. [#675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081))<p>Other algorithms: Elephant Diffuser|
-|Code Integrity (CI.DLL)|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf)<p>[6.1.7600.17122](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf)v[6.1.7600.21320](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf)<p>[6.1.7601.17514](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf)<p>[6.1.7601.17950](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf)v[6.1.7601.22108](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1327.pdf)|[1327](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1327)|FIPS approved algorithms: RSA (Cert. [#557](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081))<p>Other algorithms: MD5|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1331.pdf)<p>(no change in SP1)|[1331](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1331)|FIPS approved algorithms: DSA (Cert. [#385](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#385)); RNG (Cert. [#649](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)); Triple-DES (Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846)); Triple-DES MAC (Triple-DES Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846), vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
-|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1330.pdf)<p>(no change in SP1)|[1330](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1330)|FIPS approved algorithms: AES (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168)); DRBG (Cert. [#23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23)); HMAC (Cert. [#673](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#673)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)); RSA (Certs. [#557](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557) and [#559](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559)); Triple-DES (Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846))<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-
-##### Windows Vista SP1
-
-Validated Editions: Ultimate Edition
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Boot Manager (bootmgr)|[6.0.6001.18000 and 6.0.6002.18005](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp978.pdf)|[978](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/978)|FIPS approved algorithms: AES (Certs. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739) and [#760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760)); HMAC (Cert. [#415](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#415)); RSA (Cert. [#354](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753))|
-|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18027, 6.0.6001.18606, 6.0.6001.22125, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411 and 6.0.6002.22596](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp979.pdf)|[979](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/979)|FIPS approved algorithms: AES (Certs. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739) and [#760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760)); RSA (Cert. [#354](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753))<p>Other algorithms: MD5|
-|Code Integrity (ci.dll)|[6.0.6001.18000, 6.0.6001.18023, 6.0.6001.22120, and 6.0.6002.18005](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp980.pdf)|[980](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/980)|FIPS approved algorithms: RSA (Cert. [#354](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753))<p>Other algorithms: MD5|
-|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1000.pdf)|[1000](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1000)|FIPS approved algorithms: AES (Certs. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739) and [#756](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#756)); ECDSA (Cert. [#82](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#82)); HMAC (Cert. [#412](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#412)); RNG (Cert. [#435](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs. [#353](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353) and [#357](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#357)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)); Triple-DES (Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656))#739 and); ECDSA (Cert.); HMAC (Cert.); RNG (Cert.  and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1002.pdf)|[1001](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1001)|FIPS approved algorithms: AES (Certs. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739) and [#756](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#756)); DSA (Cert. [#283](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#283)); ECDSA (Cert. [#82](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#82)); HMAC (Cert. [#412](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#412)); RNG (Cert. [#435](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP 800-90, vendor affirmed); RSA (Certs. [#353](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353) and [#357](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#357)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)); Triple-DES (Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656))<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)|
-|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1002.pdf)|[1002](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1002)|FIPS approved algorithms: AES (Cert. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739)); HMAC (Cert. [#407](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#407)); RNG (SP 800-90, vendor affirmed); RSA (Certs. [#353](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353) and [#354](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)); Triple-DES (Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656))<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1003.pdf)|[1003](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1003)|FIPS approved algorithms: DSA (Cert. [#281](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#281)); RNG (Cert. [#435](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)); Triple-DES (Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656)); Triple-DES MAC (Triple-DES Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656), vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
-
-##### Windows Vista
-
-Validated Editions: Ultimate Edition
-
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Enhanced Cryptographic Provider (RSAENH) | [6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp893.pdf) | [893](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/893) | FIPS approved algorithms: AES (Cert. [#553](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#553)); HMAC (Cert. [#297](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#297)); RNG (Cert. [#321](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); RSA (Certs. [#255](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#255) and [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#258)); SHS (Cert. [#618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)); Triple-DES (Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549))<br/><br/>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp894.pdf)|[894](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/894)|FIPS approved algorithms: DSA (Cert. [#226](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#226)); RNG (Cert. [#321](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); SHS (Cert. [#618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)); Triple-DES (Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549)); Triple-DES MAC (Triple-DES Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549), vendor affirmed)<br/><br/>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
-|BitLocker™ Drive Encryption|[6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp947.pdf)|[947](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/947)|FIPS approved algorithms: AES (Cert. [#715](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#715)); HMAC (Cert. [#386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#386)); SHS (Cert. [#737](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737))<br/><br/>Other algorithms: Elephant Diffuser|
-|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp891.pdf)|[891](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/891)|FIPS approved algorithms: AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549)<br/><br/>Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5|
-
-##### Windows XP SP3
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.1.2600.5512](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp997.pdf)|[997](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/997)|FIPS approved algorithms: HMAC (Cert. [#429](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#429)); RNG (Cert. [#449](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#449)); SHS (Cert. [#785](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785)); Triple-DES (Cert. [#677](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#677)); Triple-DES MAC (Triple-DES Cert. [#677](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#677), vendor affirmed)<p>Other algorithms: DES; MD5; HMAC MD5|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.1.2600.5507](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp990.pdf)|[990](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/990)|FIPS approved algorithms: DSA (Cert. [#292](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#292)); RNG (Cert. [#448](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#448)); SHS (Cert. [#784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#784)); Triple-DES (Cert. [#676](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#676)); Triple-DES MAC (Triple-DES Cert. [#676](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#676), vendor affirmed)<p>Other algorithms: DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits); MD5; RC2; RC4|
-|Enhanced Cryptographic Provider (RSAENH)|[5.1.2600.5507](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp989.pdf)|[989](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/989)|FIPS approved algorithms: AES (Cert. [#781](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#781)); HMAC (Cert. [#428](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#428)); RNG (Cert. [#447](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#447)); RSA (Cert. [#371](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#371)); SHS (Cert. [#783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783)); Triple-DES (Cert. [#675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#675)); Triple-DES MAC (Triple-DES Cert. [#675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#675), vendor affirmed)<p>Other algorithms: DES; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits)|
-
-##### Windows XP SP2
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|DSS/Diffie-Hellman Enhanced Cryptographic Provider|[5.1.2600.2133](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp240.pdf)|[240](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/240)|FIPS approved algorithms: Triple-DES (Cert. [#16](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16)); DSA/SHA-1 (Cert. [#29](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29))<p>Other algorithms: DES (Cert. [#66](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66)); RC2; RC4; MD5; DES40; Diffie-Hellman (key agreement)|
-|Microsoft Enhanced Cryptographic Provider|[5.1.2600.2161](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp238.pdf)|[238](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/238)|FIPS approved algorithms: Triple-DES (Cert. [#81](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#81)); AES (Cert. [#33](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#33)); SHA-1 (Cert. [#83](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83)); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. [#83](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83), vendor affirmed)<p>Other algorithms: DES (Cert. [#156](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#156)); RC2; RC4; MD5|
-
-
-##### Windows XP SP1
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Microsoft Enhanced Cryptographic Provider|[5.1.2600.1029](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp238.pdf)|[238](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/238)|FIPS approved algorithms: Triple-DES (Cert. [#81](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#81)); AES (Cert. [#33](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#33)); SHA-1 (Cert. [#83](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83)); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. [#83](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83), vendor affirmed)<p>Other algorithms: DES (Cert. [#156](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#156)); RC2; RC4; MD5|
-
-##### Windows XP
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Kernel Mode Cryptographic Module|[5.1.2600.0](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp241.pdf)|[241](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/241)|FIPS approved algorithms: Triple-DES (Cert. [#16](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16)); DSA/SHA-1 (Cert. [#35](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#35)); HMAC-SHA-1 (Cert. [#35](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#35), vendor affirmed)<p>Other algorithms: DES (Cert. [#89](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
-
-##### Windows 2000 SP3
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp106.pdf)|[106](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/106)|FIPS approved algorithms: Triple-DES (Cert. [#16](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16)); SHA-1 (Certs. [#35](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#35))<p>Other algorithms: DES (Certs. [#89](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
-|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[(Base DSS: 5.0.2195.3665 [SP3])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(Base: 5.0.2195.3839 [SP3])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(DSS/DH Enh: 5.0.2195.3665 [SP3])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(Enh: 5.0.2195.3839 [SP3]](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)|[103](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103)|FIPS approved algorithms: Triple-DES (Cert. [#16](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16)); DSA/SHA-1 (Certs. [#28](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28) and [#29](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29)); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
-
-##### Windows 2000 SP2
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp106.pdf)|[106](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/106)|FIPS approved algorithms: Triple-DES (Cert. [#16](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16)); SHA-1 (Certs. [#35](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#35))<p>Other algorithms: DES (Certs. [#89](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
-|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[(Base DSS:](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[5.0.2195.2228 [SP2])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(Base:](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[5.0.2195.2228 [SP2])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(DSS/DH Enh:](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[5.0.2195.2228 [SP2])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(Enh:](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[5.0.2195.2228 [SP2])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)|[103](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103)|FIPS approved algorithms: Triple-DES (Cert. [#16](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16)); DSA/SHA-1 (Certs. [#28](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28) and [#29](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29)); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
-
-##### Windows 2000 SP1
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|([Base DSS: 5.0.2150.1391 [SP1])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(Base: 5.0.2150.1391 [SP1])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(DSS/DH Enh: 5.0.2150.1391 [SP1])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)<p>[(Enh: 5.0.2150.1391 [SP1])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp103.pdf)|[103](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103)|FIPS approved algorithms: Triple-DES (Cert. [#16](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16)); DSA/SHA-1 (Certs. [#28](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28) and [#29](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29)); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
-
-##### Windows 2000
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.2150.1](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp76.pdf)|[76](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/76)|FIPS approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Certs. [#28](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28) and [29](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29)); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
-
-##### Windows 95 and Windows 98
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp75.pdf)|[75](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/75)|FIPS approved algorithms: Triple-DES (vendor affirmed); SHA-1 (Certs. [#20](https://social.msdn.microsoft.com/forums/en-us/f93c9ee5-89b9-41a4-96c4-6eb9346625b9/msrai-msra-parsing-remote-assistance-packets-in-network-monitor?forum=os_windowsprotocolshttps://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#20) and [21](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#21)); DSA/SHA-1 (Certs. [#25](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#25) and [26](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#26)); RSA (vendor- affirmed)<p>Other algorithms: DES (Certs. [#61](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#61), [62](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#62), [63](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#63) and [64](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#64)); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
-
-
-##### Windows NT 4.0
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Base Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp68.pdf)|[68](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/68)|FIPS approved algorithms: SHA-1 (Certs. [#20](https://social.msdn.microsoft.com/forums/en-us/f93c9ee5-89b9-41a4-96c4-6eb9346625b9/msrai-msra-parsing-remote-assistance-packets-in-network-monitor?forum=os_windowsprotocolshttps://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#20) and [21](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#21)); DSA/SHA- 1 (Certs. [#25](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#25) and [26](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#26)); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#61](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#61), [62](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#62), [63](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#63) and [64](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#64)); Triple-DES (allowed for US and Canadian Government use); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
-
-## Modules used by Windows Server
-
-##### Windows Server 2019 (Version 1809)
-
-Validated Editions: Standard, Datacenter
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197)|See Security Policy and Certificate page for algorithm information|
-|Kernel Mode Cryptographic Primitives Library|[10.0.17763](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196)|See Security Policy and Certificate page for algorithm information|
-|Code Integrity|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf)|[#3644](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644)|See Security Policy and Certificate page for algorithm information|
-|Windows OS Loader|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf)|[#3615](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615)|See Security Policy and Certificate page for algorithm information|
-|Secure Kernel Code Integrity|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf)|[#3651](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651)|See Security Policy and Certificate page for algorithm information|
-|BitLocker Dump Filter|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092)|See Security Policy and Certificate page for algorithm information|
-|Boot Manager|[10.0.17763](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089)|See Security Policy and Certificate page for algorithm information|
-|Virtual TPM|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf)|[#3690](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690)|See Security Policy and Certificate page for algorithm information|
-
-##### Windows Server (Version 1803)
-
-Validated Editions: Standard, Datacenter
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197)|See Security Policy and Certificate page for algorithm information|
-|Kernel Mode Cryptographic Primitives Library|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196)|See Security Policy and Certificate page for algorithm information|
-|Code Integrity|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf)|[#3195](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195)|See Security Policy and Certificate page for algorithm information|
-|Windows OS Loader|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf)|[#3480](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480)|See Security Policy and Certificate page for algorithm information|
-|Secure Kernel Code Integrity|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096)|See Security Policy and Certificate page for algorithm information|
-|BitLocker Dump Filter|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092)|See Security Policy and Certificate page for algorithm information|
-|Boot Manager|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089)|See Security Policy and Certificate page for algorithm information|
-
-##### Windows Server (Version 1709)
-
-Validated Editions: Standard, Datacenter
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197)|See Security Policy and Certificate page for algorithm information|
-|Kernel Mode Cryptographic Primitives Library|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196)|See Security Policy and Certificate page for algorithm information|
-|Code Integrity|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf)|[#3195](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195)|See Security Policy and Certificate page for algorithm information|
-|Windows OS Loader|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf)|[#3194](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194)|See Security Policy and Certificate page for algorithm information|
-|Secure Kernel Code Integrity|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096)|See Security Policy and Certificate page for algorithm information|
-|BitLocker Dump Filter|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092)|See Security Policy and Certificate page for algorithm information|
-|Windows Resume|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf)|[#3091](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091)|See Security Policy and Certificate page for algorithm information|
-|Boot Manager|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089)|See Security Policy and Certificate page for algorithm information|
-
-##### Windows Server 2016
-
-Validated Editions: Standard, Datacenter, Storage Server
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2937.pdf)|[2937](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937)|FIPS approved algorithms: AES (Cert. [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); DRBG (Cert. [#1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)); DSA (Cert. [#1098](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098)); ECDSA (Cert. [#911](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911)); HMAC (Cert. [#2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)); KAS (Cert. [#92](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92)); KBKDF (Cert. [#101](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101)); KTS (AES Cert. [#4062](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062); key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192), [#2193, and #2195](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)); Triple-DES (Cert. [#2227](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227))<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2936.pdf)|[2936](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936)|FIPS approved algorithms: AES (Cert. [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); DRBG (Cert. [#1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)); DSA (Cert. [#1098](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098)); ECDSA (Cert. [#911](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911)); HMAC (Cert. [#2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)); KAS (Cert. [#92](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92)); KBKDF (Cert. [#101](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101)); KTS (AES Cert. [#4062](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062); key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192), [#2193, and #2195](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)); Triple-DES (Cert. [#2227](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227))<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
-|Boot Manager|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2931.pdf)|[2931](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931)|FIPS approved algorithms: AES (Certs. [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061) and [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); HMAC (Cert. [#2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)); PBKDF (vendor affirmed); RSA (Cert. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
-|BitLocker® Windows OS Loader (winload)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2932.pdf)|[2932](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932)|FIPS approved algorithms: AES (Certs. [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061) and [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); RSA (Cert. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: NDRNG; MD5|
-|BitLocker® Windows Resume (winresume)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2933.pdf)|[2933](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934)|FIPS approved algorithms: AES (Certs. [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061) and [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)); RSA (Cert. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2934.pdf)|[2934](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934)|FIPS approved algorithms: AES (Certs. [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061) and [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064))|
-|Code Integrity (ci.dll)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2935.pdf)|[2935](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935)|FIPS approved algorithms: RSA (Cert. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Cert. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: AES (non-compliant); MD5|
-|Secure Kernel Code Integrity (skci.dll)|[10.0.14393](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2938.pdf)|[2938](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938)|FIPS approved algorithms: RSA (Certs. [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)); SHS (Certs. [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347))<p>Other algorithms: MD5|
-
-##### Windows Server 2012 R2
-
-Validated Editions: Server, Storage Server,
-
-**StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2**
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2357.pdf)|[2357](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); DRBG (Certs. [#489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)); DSA (Cert. [#855](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855)); ECDSA (Cert. [#505](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505)); HMAC (Cert. [#1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773)); KAS (Cert. [#47](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47)); KBKDF (Cert. [#30](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30)); PBKDF (vendor affirmed); RSA (Certs. [#1487](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487), [#1493, and #1519](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493)); SHS (Cert. [#2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)); Triple-DES (Cert. [#1692](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692))<p>Other algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2356.pdf)|[2356](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); DRBG (Certs. [#489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)); ECDSA (Cert. [#505](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505)); HMAC (Cert. [#1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773)); KAS (Cert. [#47](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47)); KBKDF (Cert. [#30](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30)); PBKDF (vendor affirmed); RSA (Certs. [#1487](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487), [#1493, and #1519](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493)); SHS (Cert. [# 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)); Triple-DES (Cert. [#1692](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692))<p>Other algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
-|Boot Manager|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2351.pdf)|[2351](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); HMAC (Cert. [#1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773)); PBKDF (vendor affirmed); RSA (Cert. [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)); SHS (Certs. [# 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373) and [#2396](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396))<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
-|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2352.pdf)|[2352](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); RSA (Cert. [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)); SHS (Cert. [#2396](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396))<p>Other algorithms: MD5; NDRNG|
-|BitLocker® Windows Resume (winresume)<sup>[16]</sup>|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2353.pdf)|[2353](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)); RSA (Cert. [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)); SHS (Certs. [# 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373) and [#2396](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396))<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)<sup>[17]</sup>|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2354.pdf)|[2354](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354)|FIPS approved algorithms: AES (Cert. [#2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832))<p>Other algorithms: N/A|
-|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2355.pdf)|[2355](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355)|FIPS approved algorithms: RSA (Cert. [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)); SHS (Cert. [# 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373))<p>Other algorithms: MD5|
-
-<sup>\[16\]</sup> Doesn't apply to **Azure StorSimple Virtual Array Windows Server 2012 R2**
-
-<sup>\[17\]</sup> Doesn't apply to **Azure StorSimple Virtual Array Windows Server 2012 R2**
-
-**Windows Server 2012**
-
-Validated Editions: Server, Storage Server
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1892.pdf)|[1892](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1892)|FIPS approved algorithms: AES (Certs. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197) and [#2216](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216)); DRBG (Certs. [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)); DSA (Cert. [#687](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687)); ECDSA (Cert. [#341](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341)); HMAC (Cert. #[1345](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345)); KAS (Cert. [#36](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36)); KBKDF (Cert. [#3](http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RSA (Certs. [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133) and [#1134](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)); Triple-DES (Cert. [#1387](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387))<p>Other algorithms: AES (Cert. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#687); ECDSA (Cert.); HMAC (Cert. #); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1891.pdf)|[1891](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891)|FIPS approved algorithms: AES (Certs. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197) and [#2216](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216)); DRBG (Certs. [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258) and [#259](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#259)); ECDSA (Cert. [#341](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341)); HMAC (Cert. [#1345](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345)); KAS (Cert. [#36](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36)); KBKDF (Cert. [#3](http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RNG (Cert. [#1110](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110)); RSA (Certs. [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133) and [#1134](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)); Triple-DES (Cert. [#1387](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387))<p>Other algorithms: AES (Cert. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#1110); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
-|Boot Manager|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1895.pdf)|[1895](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1895)|FIPS approved algorithms: AES (Certs. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196) and [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198)); HMAC (Cert. #[1347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1347)); RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903))<p>Other algorithms: MD5|
-|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1896.pdf)|[1896](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1896)|FIPS approved algorithms: AES (Certs. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196) and [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198)); RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903))<p>Other algorithms: AES (Cert. [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197); non-compliant); MD5; Non-Approved RNG|
-|BitLocker® Windows Resume (WINRESUME)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1898.pdf)|[1898](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1898)|FIPS approved algorithms: AES (Certs. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196) and [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198)); RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903))<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1899.pdf)|[1899](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1899)|FIPS approved algorithms: AES (Certs. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196) and [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198))<p>Other algorithms: N/A|
-|Code Integrity (CI.DLL)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1897.pdf)|[1897](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1897)|FIPS approved algorithms: RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903))<p>Other algorithms: MD5|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1893.pdf)|[1893](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1893)|FIPS approved algorithms: DSA (Cert. [#686](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#686)); SHS (Cert. [#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)); Triple-DES (Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386)); Triple-DES MAC (Triple-DES Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386), vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386), key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1894.pdf)|[1894](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1894)|FIPS approved algorithms: AES (Cert. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196)); HMAC (Cert. [#1346](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1346)); RSA (Cert. [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)); SHS (Cert. [#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)); Triple-DES (Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386))<p>Other algorithms: AES (Cert. [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386), key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-
-##### Windows Server 2008 R2
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Boot Manager (bootmgr)|[6.1.7600.16385 or 6.1.7601.17514](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1321.pdf)|[1321](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1321)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)); HMAC (Cert. [#675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675)); RSA (Cert. [#568](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081))<p>Other algorithms: MD5|
-|Winload OS Loader (winload.exe)|[6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1333.pdf)|[1333](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1333)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)); RSA (Cert. [#568](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081))<p>Other algorithms: MD5|
-|Code Integrity (ci.dll)|[6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950 and 6.1.7601.22108](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1334.pdf)|[1334](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1334)|FIPS approved algorithms: RSA (Cert. [#568](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081))<p>Other algorithms: MD5|
-|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1335.pdf)|[1335](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1335)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)); AES GCM (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed); AES GMAC (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed); DRBG (Certs. [#23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23) and [#27](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#27)); ECDSA (Cert. [#142](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#142)); HMAC (Cert. [#686](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#686)); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559) and [#567](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#567)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)); Triple-DES (Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846))<p>Other algorithms: AES (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
-|Cryptographic Primitives Library (bcryptprimitives.dll)|[66.1.7600.16385 or 6.1.7601.17514](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1336.pdf)|[1336](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1336)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)); AES GCM (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed); AES GMAC (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed); DRBG (Certs. [#23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23) and [#27](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#27)); DSA (Cert. [#391](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#391)); ECDSA (Cert. [#142](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#142)); HMAC (Cert. [#686](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#686)); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559) and [#567](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#567)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)); Triple-DES (Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846))<p>Other algorithms: AES (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; HMAC MD5; MD2; MD4; MD5; RC2; RC4|
-|Enhanced Cryptographic Provider (RSAENH)|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1337.pdf)|[1337](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1337)|FIPS approved algorithms: AES (Cert. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168)); DRBG (Cert. [#23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23)); HMAC (Cert. [#687](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#687)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)); RSA (Certs. [#559](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559) and [#568](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568)); Triple-DES (Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846))<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.1.7600.16385](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1338.pdf)|[1338](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1338)|FIPS approved algorithms: DSA (Cert. [#390](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#390)); RNG (Cert. [#649](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)); Triple-DES (Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846)); Triple-DES MAC (Triple-DES Cert. [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846), vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
-|BitLocker™ Drive Encryption|[6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1339.pdf)|[1339](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1339)|FIPS approved algorithms: AES (Certs. [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168) and [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)); HMAC (Cert. [#675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675)); SHS (Cert. [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081))<p>Other algorithms: Elephant Diffuser|
-
-##### Windows Server 2008
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Boot Manager (bootmgr)|[6.0.6001.18000, 6.0.6002.18005 and 6.0.6002.22497](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1004.pdf)|[1004](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1004)|FIPS approved algorithms: AES (Certs. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739) and [#760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760)); HMAC (Cert. [#415](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#415)); RSA (Cert. [#355](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753))<p>Other algorithms: N/A|
-|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1005.pdf)|[1005](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1005)|FIPS approved algorithms: AES (Certs. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739) and [#760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760)); RSA (Cert. [#355](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753))<p>Other algorithms: MD5|
-|Code Integrity (ci.dll)|[6.0.6001.18000 and 6.0.6002.18005](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1006.pdf)|[1006](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1006)|FIPS approved algorithms: RSA (Cert. [#355](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753))<p>Other algorithms: MD5|
-|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1007.pdf)|[1007](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1007)|FIPS approved algorithms: AES (Certs. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739) and [#757](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#757)); ECDSA (Cert. [#83](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#83)); HMAC (Cert. [#413](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#413)); RNG (Cert. [#435](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP800-90 AES-CTR, vendor affirmed); RSA (Certs. [#353](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353) and [#358](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#358)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)); Triple-DES (Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656))<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#83); HMAC (Cert.); RNG (Cert.  and SP800-90 AES-CTR, vendor affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1008.pdf)|[1008](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1008)|FIPS approved algorithms: AES (Certs. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739) and [#757](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#757)); DSA (Cert. [#284](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#284)); ECDSA (Cert. [#83](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#83)); HMAC (Cert. [#413](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#413)); RNG (Cert. [#435](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP800-90, vendor affirmed); RSA (Certs. [#353](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353) and [#358](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#358)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)); Triple-DES (Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656))<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1009.pdf)|[1009](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1009)|FIPS approved algorithms: DSA (Cert. [#282](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#282)); RNG (Cert. [#435](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)); Triple-DES (Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656)); Triple-DES MAC (Triple-DES Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656), vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
-|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1010.pdf)|[1010](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1010)|FIPS approved algorithms: AES (Cert. [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739)); HMAC (Cert. [#408](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#408)); RNG (SP 800-90, vendor affirmed); RSA (Certs. [#353](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353) and [#355](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355)); SHS (Cert. [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)); Triple-DES (Cert. [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656))<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-
-##### Windows Server 2003 SP2
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.3959](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp875.pdf)|[875](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/875)|FIPS approved algorithms: DSA (Cert. [#221](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#221)); RNG (Cert. [#314](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#314)); RSA (Cert. [#245](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#245)); SHS (Cert. [#611](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#611)); Triple-DES (Cert. [#543](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#543))<p>Other algorithms: DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC4|
-|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.3959](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp869.pdf)|[869](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/869)|FIPS approved algorithms: HMAC (Cert. [#287](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#287)); RNG (Cert. [#313](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#313)); SHS (Cert. [#610](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610)); Triple-DES (Cert. [#542](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#542))<p>Other algorithms: DES; HMAC-MD5|
-|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.3959](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp868.pdf)|[868](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/868)|FIPS approved algorithms: AES (Cert. [#548](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#548)); HMAC (Cert. [#289](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#289)); RNG (Cert. [#316](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#316)); RSA (Cert. [#245](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#245)); SHS (Cert. [#613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613)); Triple-DES (Cert. [#544](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#544))<p>Other algorithms: DES; RC2; RC4; MD2; MD4; MD5; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
-
-##### Windows Server 2003 SP1
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.1830 [SP1]](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp405.pdf)|[405](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405)|FIPS approved algorithms: Triple-DES (Certs. [#201](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#201)[1] and [#370](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#370)[1]); SHS (Certs. [#177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#177)[1] and [#371](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#371)[2])<p>Other algorithms: DES (Cert. [#230](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#230)[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)<p>[1] x86<p>[2] SP1 x86, x64, IA64|
-|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.1830 [Service Pack 1])](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp382.pdf)|[382](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382)|FIPS approved algorithms: Triple-DES (Cert. [#192](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#192)[1] and [#365](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#365)[2]); AES (Certs. [#80](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#80)[1] and [#290](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#290)[2]); SHS (Cert. [#176](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176)[1] and [#364](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364)[2]); HMAC (Cert. [#176](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176), vendor affirmed[1] and [#99](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#99)[2]); RSA (PKCS#1, vendor affirmed[1] and [#81](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81)[2])<p>Other algorithms: DES (Cert. [#226](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#226)[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5<p>[1] x86<p>[2] SP1 x86, x64, IA64|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.1830 [Service Pack 1]](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp381.pdf)|[381](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381)|FIPS approved algorithms: Triple-DES (Certs. [#199](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#199)[1] and [#381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#381)[2]); SHA-1 (Certs. [#181](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181)[1] and [#385](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385)[2]); DSA (Certs. [#95](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#95)[1] and [#146](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#146)[2]); RSA (Cert. [#81](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81))<p>Other algorithms: DES (Cert. [#229](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#229)[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40<p>[1] x86<p>[2] SP1 x86, x64, IA64|
-
-##### Windows Server 2003
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.0](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp405.pdf)|[405](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405)|FIPS approved algorithms: Triple-DES (Certs. [#201](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#201)[1] and [#370](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#370)[1]); SHS (Certs. [#177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#177)[1] and [#371](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#371)[2])<p>Other algorithms: DES (Cert. [#230](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#230)[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)<p>[1] x86<p>[2] SP1 x86, x64, IA64|
-|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.0](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp382.pdf)|[382](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382)|FIPS approved algorithms: Triple-DES (Cert. [#192](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#192)[1] and [#365](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#365)[2]); AES (Certs. [#80](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#80)[1] and [#290](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#290)[2]); SHS (Cert. [#176](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176)[1] and [#364](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364)[2]); HMAC (Cert. [#176](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176), vendor affirmed[1] and [#99](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#99)[2]); RSA (PKCS#1, vendor affirmed[1] and [#81](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81)[2])<p>Other algorithms: DES (Cert. [#226](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#226)[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5<p>[1] x86<p>[2] SP1 x86, x64, IA64|
-|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.0](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp381.pdf)|[381](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381)|FIPS approved algorithms: Triple-DES (Certs. [#199](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#199)[1] and [#381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#381)[2]); SHA-1 (Certs. [#181](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181)[1] and [#385](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385)[2]); DSA (Certs. [#95](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#95)[1] and [#146](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#146)[2]); RSA (Cert. [#81](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81))<p>Other algorithms: DES (Cert. [#229](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#229)[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40<p>[1] x86<p>[2] SP1 x86, x64, IA64|
-
-#### Other Products
-
-##### Windows Embedded Compact 7 and Windows Embedded Compact 8
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Enhanced Cryptographic Provider|[7.00.2872 [1] and 8.00.6246 [2]](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2957.pdf)|[2957](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2957)|FIPS approved algorithms: AES (Certs.[#4433](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433)and[#4434](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434)); CKG (vendor affirmed); DRBG (Certs.[#1432](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1432)and[#1433](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1433)); HMAC (Certs.[#2946](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2946)and[#2945](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2945)); RSA (Certs.[#2414](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2414)and[#2415](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2415)); SHS (Certs.[#3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)and[#3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)); Triple-DES (Certs.[#2383](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2383)and[#2384](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2384))<p>Allowed algorithms: HMAC-MD5, MD5, NDRNG|
-|Cryptographic Primitives Library (bcrypt.dll)|[7.00.2872 [1] and 8.00.6246 [2]](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2956.pdf)|[2956](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2956)|FIPS approved algorithms: AES (Certs.[#4430](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430)and[#4431](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431)); CKG (vendor affirmed); CVL (Certs.[#1139](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1139)and[#1140](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1140)); DRBG (Certs.[#1429](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429)and[#1430](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430)); DSA (Certs.[#1187](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1187)and[#1188](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1188)); ECDSA (Certs.[#1072](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1072)and[#1073](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1073)); HMAC (Certs.[#2942](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2942)and[#2943](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2943)); KAS (Certs.[#114](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#114)and[#115](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#115)); RSA (Certs.[#2411](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2411)and[#2412](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2412)); SHS (Certs.[#3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)and[#3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)); Triple-DES (Certs.[#2381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2381)and[#2382](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2382))<p>Allowed algorithms: MD5, NDRNG, RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength|
-
-##### Windows CE 6.0 and Windows Embedded Compact 7
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Enhanced Cryptographic Provider|[6.00.1937 [1] and 7.00.1687 [2]](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp825.pdf)|[825](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/825)|FIPS approved algorithms: AES (Certs. [#516](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#516) [1] and [#2024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2024) [2]); HMAC (Certs. [#267](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#267) [1] and [#1227](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1227) [2]); RNG (Certs. [#292](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#292) [1] and [#1060](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1060) [2]); RSA (Cert. [#230](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#230) [1] and [#1052](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1052) [2]); SHS (Certs. [#589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589) [1] and #1774 [2]); Triple-DES (Certs. [#526](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#526) [1] and [#1308](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1308) [2])<p>Other algorithms: MD5; HMAC-MD5; RC2; RC4; DES|
-
-##### Outlook Cryptographic Provider
-
-|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
-|--- |--- |--- |--- |
-|Outlook Cryptographic Provider (EXCHCSP)|[SR-1A (3821)](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp110.pdf)|[110](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/110)|FIPS approved algorithms: Triple-DES (Cert. [#18](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#18)); SHA-1 (Certs. [#32](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#32)); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#91](http://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#91)); DES MAC; RC2; MD2; MD5|
-
-### Cryptographic Algorithms
-
-The following tables are organized by cryptographic algorithms with their modes, states, and key sizes. For each algorithm implementation (operating system / platform), there is a link to the Cryptographic Algorithm Validation Program (CAVP) issued certificate.
-
-### Advanced Encryption Standard (AES)
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|<p>AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-OFB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)|Microsoft Surface Hub Virtual TPM Implementations [#4904](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4904)<p>Version 10.0.15063.674|
-|<p>AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-OFB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#4903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4903)<p>Version 10.0.16299|
-|<p>AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CCM:<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB8:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CMAC:<li>Generation:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>Verification:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-ECB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-GCM:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)<li>Additional authenticated data lengths: 0, 8, 1016, 1024 (bits)<li>96 bit IV supported<p>AES-XTS:<li>Key Size: 128:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full<li>Key Size: 256:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#4902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902)<p>Version 10.0.15063.674|
-|<p>AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CCM:<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB8:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CMAC:<li>Generation:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<li>Verification:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-ECB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-GCM:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)<li>Additional authenticated data lengths: 0, 8, 1016, 1024 (bits),96 bit IV supported<p>AES-XTS:<li>Key Size: 128:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full<li>Key Size: 256:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#4901](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901)<p>Version 10.0.15254|
-|AES-CBC:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CCM:<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 32, 48, 64, 80, 96, 112, 128 (bits)<li>IV Lengths: 56, 64, 72, 80, 88, 96, 104 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES-CFB128:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CFB8:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-CMAC:<li>Generation:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>Verification:<p>AES-128:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-192:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-256:<li>Block Sizes: Full, Partial<li>Message Length: 0-65536<li>Tag Length: 16-16<p>AES-CTR:<p>Counter Source: Internal<li>Key Lengths: 128, 192, 256 (bits)<p>AES-ECB:<li>Modes: Decrypt, Encrypt<li>Key Lengths: 128, 192, 256 (bits)<p>AES-GCM:<li>Modes: Decrypt, Encrypt<li>IV Generation: External<li>Key Lengths: 128, 192, 256 (bits)<li>Tag Lengths: 96, 104, 112, 120, 128 (bits)<li>Plain Text Lengths: 0, 8, 1016, 1024 (bits)<li>Additional authenticated data lengths: 0, 8, 1016, 1024 (bits)<li>96 bit IV supported<p>AES-XTS:<li>Key Size: 128:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full<li>Key Size: 256:<li>Modes: Decrypt, Encrypt<li>Block Sizes: Full|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#4897](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897)<p>Version 10.0.16299|
-|AES-KW:<li>Modes: Decrypt, Encrypt<li>CIPHK transformation direction: Forward<li>Key Lengths: 128, 192, 256 (bits)<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)<p>AES [validation number 4902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902)|Microsoft Surface Hub Cryptography Next Generation (CNG) Implementations [#4900](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4900)<p>Version 10.0.15063.674|
-|AES-KW:<li>Modes: Decrypt, Encrypt<li>CIPHK transformation direction: Forward<li>Key Lengths: 128, 192, 256 (bits)<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)<p>AES [validation number 4901](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901)|Windows 10 Mobile (version 1709) Cryptography Next Generation (CNG) Implementations [#4899](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4899)<p>Version 10.0.15254|
-|AES-KW:<li>Modes: Decrypt, Encrypt<li>CIPHK transformation direction: Forward<li>Key Lengths: 128, 192, 256 (bits)<li>Plain Text Lengths: 128, 192, 256, 320, 2048 (bits)<p>AES [validation number 4897](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Cryptography Next Generation (CNG) Implementations [#4898](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4898)<p>Version 10.0.16299|
-|AES-CCM:<li>Key Lengths: 256 (bits)<li>Tag Lengths: 128 (bits)<li>IV Lengths: 96 (bits)<li>Plain<li>Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES [validation number 4902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902)|Microsoft Surface Hub BitLocker(R) Cryptographic Implementations [#4896](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4896)<p>Version 10.0.15063.674|
-|AES-CCM:<li>Key Lengths: 256 (bits)<li>Tag Lengths: 128 (bits)<li>IV Lengths: 96 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES [validation number 4901](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901)|Windows 10 Mobile (version 1709) BitLocker(R) Cryptographic Implementations [#4895](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4895)<p>Version 10.0.15254|
-|AES-CCM:<li>Key Lengths: 256 (bits)<li>Tag Lengths: 128 (bits)<li>IV Lengths: 96 (bits)<li>Plain Text Length: 0-32<li>Additional authenticated data length: 0-65536<p>AES [validation number 4897](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); BitLocker(R) Cryptographic Implementations [#4894](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4894)<p>Version 10.0.16299|
-|**CBC** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**OFB** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#4627](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4627)<p>Version 10.0.15063|
-|**KW** (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 256, 192, 320, 2048)<p>AES [validation number 4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile Cryptography Next Generation (CNG) Implementations [#4626](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626)<p>Version 10.0.15063|
-|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile BitLocker(R) Cryptographic Implementations [#4625](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625)<p>Version 10.0.15063|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC** (Generation/Verification) (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 16 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 16 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 16 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)<p>IV Generated: (External); PT Lengths Tested: (0, 1024, 8, 1016); Additional authenticated data lengths tested: (0, 1024, 8, 1016); 96 bit IV supported<p>GMAC supported<p>**XTS**((KS: XTS_128((e/d)(f)) KS: XTS_256((e/d)(f))|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624)<p>Version 10.0.15063|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#4434](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434)<p>Version 7.00.2872|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#4433](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433)<p>Version 8.00.6246|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#4431](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431)<p>Version 7.00.2872|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#4430](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430)<p>Version 8.00.6246|
-|**CBC** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**OFB** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#4074](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4074)<p>Version 10.0.14393|
-|**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested: (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d)(f)) **KS: XTS_256**((e/d)(f))|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)<p>Version 10.0.14393|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations [#4063](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4063)<p>Version 10.0.14393|
-|**KW**  (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 192, 256, 320, 2048)<p>AES [validation number 4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#4062](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062)<p>Version 10.0.14393|
-|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BitLocker® Cryptographic Implementations [#4061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061)<p>Version 10.0.14393|
-|**KW**  (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 256, 192, 320, 2048)<p>AES [validation number 3629](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations [#3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3652)<p>Version 10.0.10586|
-|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 3629](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” BitLocker® Cryptographic Implementations [#3653](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653)<p>Version 10.0.10586|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” RSA32 Algorithm Implementations [#3630](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3630)<p>Version 10.0.10586|
-|**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)v**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested: (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d) (f)) **KS: XTS_256**((e/d) (f))|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” SymCrypt Cryptographic Implementations [#3629](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629)<p>Version 10.0.10586|
-|**KW** (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 256, 192, 320, 2048)<p>AES [validation number 3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#3507](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3507)<p>Version 10.0.10240|
-|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BitLocker® Cryptographic Implementations [#3498](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498)<p>Version 10.0.10240|
-|**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC(Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested:  (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d)(f)) **KS: XTS_256**((e/d)(f))|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497)<p>Version 10.0.10240|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations [#3476](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3476)<p>Version 10.0.10240|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations [#2853](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2853)<p>Version 6.3.9600|
-|**CCM (KS: 256)** (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 BitLocker Cryptographic Implementations [#2848](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2848)<p>Version 6.3.9600|
-|**CCM (KS: 128, 192, 256)** (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 0 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification) (KS: 128**; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM (KS: AES_128**(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>**(KS: AES_256**(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 128, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 128, 1024, 8, 1016); IV Lengths Tested:  (8, 1024); 96 bit IV supported;<p>**OtherIVLen_Supported<p>GMAC supported**|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations #[2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832)<p>Version 6.3.9600|
-|**CCM (KS: 128, 192, 256**) **(Assoc. Data Len Range**: 0-0, 2^16) **(Payload Length Range**: 0 - 32 (**Nonce Length(s)**: 7 8 9 10 11 12 13 **(Tag Length(s)**: 4 6 8 10 12 14 16)<p>AES [validation number 2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197)<p>**CMAC** (Generation/Verification) **(KS: 128;** Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16) **(KS: 192**; Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16) **(KS: 256**; Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16)<p>AES [validation number 2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197)<p>**GCM(KS: AES_128**(e/d) Tag Length(s): 128 120 112 104 96) **(KS: AES_192**(e/d) Tag Length(s): 128 120 112 104 96)<p>**(KS: AES_256**(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:** (Externally); **PT Lengths Tested:** (0, 128, 1024, 8, 1016); **Additional authenticated data lengths tested:** (0, 128, 1024, 8, 1016); **IV Lengths Tested:** (8, 1024); **96 bit IV supported<p>GMAC supported**|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#2216](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216)|
-|**CCM (KS: 256) (Assoc. Data Len Range: **0 - 0, 2^16**) (Payload Length Range:** 0 - 32 (**Nonce Length(s)**: 12 **(Tag Length(s)**: 16)<p>AES [validation number 2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations [#2198](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198)|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197)|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) [#2196](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196)|
-|**CCM (KS: 128, 192, 256) (Assoc. Data Len Range: **0 – 0, 2^16**) (Payload Length Range:** 0 - 32 **(Nonce Length(s):** 7 8 9 10 11 12 13 **(Tag Length(s): **4 6 8 10 12 14 16**)**<p>AES [validation number 1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168)|Windows Server 2008 R2 and SP1 CNG algorithms [#1187](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1187)<p>Windows 7 Ultimate and SP1 CNG algorithms [#1178](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1178)|
-|**CCM (KS: 128, 256) (Assoc. Data Len Range: **0 - 8**) (Payload Length Range:** 4 - 32 **(Nonce Length(s):** 7 8 12 13 **(Tag Length(s): **4 6 8 14 16**)**<p>AES [validation number 1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168)|Windows 7 Ultimate and SP1 and Windows Server 2008 R2 and SP1 BitLocker Algorithm Implementations [#1177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177)|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168)|
-|**GCM**<p>**GMAC**|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation [#1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168), vendor-affirmed|
-|**CCM (KS: 128, 256) (Assoc. Data Len Range: **0 - 8**) (Payload Length Range:** 4 - 32 **(Nonce Length(s):** 7 8 12 13 **(Tag Length(s): **4 6 8 14 16**)**|Windows Vista Ultimate SP1 and Windows Server 2008 BitLocker Algorithm Implementations [#760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760)|
-|**CCM (KS: 128, 192, 256) (Assoc. Data Len Range: **0 - 0, 2^16**) (Payload Length Range:** 1 - 32 **(Nonce Length(s):** 7 8 9 10 11 12 13 **(Tag Length(s):** 4 6 8 10 12 14 16**)**|Windows Server 2008 CNG algorithms [#757](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#757)<p>Windows Vista Ultimate SP1 CNG algorithms [#756](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#756)|
-|**CBC** (e/d; 128, 256);<p>**CCM** (**KS: 128, 256**) (**Assoc. Data Len Range**: 0 - 8) (**Payload Length Range**: 4 - 32 (**Nonce Length(s)**: 7 8 12 13 (**Tag Length(s)**: 4 6 8 14 16)|Windows Vista Ultimate BitLocker Drive Encryption [#715](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#715)<p>Windows Vista Ultimate BitLocker Drive Encryption [#424](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#424)|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Windows Vista Ultimate SP1 and Windows Server 2008 Symmetric Algorithm Implementation [#739](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739)<p>Windows Vista Symmetric Algorithm Implementation [#553](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#553)|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#2023](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2023)|
-|**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#2024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2024)<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#818](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#818)<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#781](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#781)<p>Windows 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#548](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#548)<p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#516](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#516)<p>Windows CE and Windows Mobile 6, 6.1, and 6.5 Enhanced Cryptographic Provider (RSAENH) [#507](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#507)<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#290](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#290)<p>Windows CE 5.0 and 5.1 Enhanced Cryptographic Provider (RSAENH) [#224](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#224)<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) [#80](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#80)<p>Windows XP, SP1, and SP2 Enhanced Cryptographic Provider (RSAENH) [#33](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#33)|
-
-### Deterministic Random Bit Generator (DRBG)
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function not used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4904](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4904)|Microsoft Surface Hub Virtual TPM Implementations [#1734](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734)<p>Version 10.0.15063.674|
-|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function not used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4903)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#1733](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733)<p>Version 10.0.16299|
-|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)<p>Version 10.0.15063.674|
-|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4901](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)<p>Version 10.0.15254|
-|<p>Counter:<li>Modes: AES-256<li>Derivation Function States: Derivation Function used<li>Prediction Resistance Modes: Not Enabled<p>Prerequisite: AES [#4897](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)<p>Version 10.0.16299|
-|**CTR_DRBG:** [Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256)<p>(AES [validation number 4627](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4627))]|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#1556](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556)<p>Version 10.0.15063|
-|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256 (AES [validation number 4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624))]|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)<p>Version 10.0.15063|
-|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4434](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434))]|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#1433](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1433)<p>Version 7.00.2872|
-|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4433](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433))]|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#1432](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1432)<p>Version 8.00.6246|
-|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4431](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431))]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1430](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430)<p>Version 7.00.2872|
-|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4430](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430))]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1429](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429)<p>Version 8.00.6246|
-|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 4074](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4074))]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#1222](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222)<p>Version 10.0.14393|
-|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064))]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)<p>Version 10.0.14393|
-|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 3629](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629))]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations [#955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955)<p>Version 10.0.10586|
-|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497))]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868)<p>Version 10.0.10240|
-|**CTR_DRBG:**[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 2832](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832))]|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)<p>Version 6.3.9600|
-|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: (AES-256) (AES [validation number 2197](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197))]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)|
-|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 2023](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2023))]|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193)|
-|**CTR_DRBG**:[Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: (AES-256) (AES [validation number 1168](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168))]|Windows 7 Ultimate and SP1 and Windows Server 2008 R2 and SP1 RNG Library [#23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23)|
-|**DRBG** (SP 800–90)|Windows Vista Ultimate SP1, vendor-affirmed|
-
-#### Digital Signature Algorithm (DSA)
-
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|DSA:<li>186-4:<p>PQGGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>PQGVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>KeyPair:<li>L = 2048, N = 256<li>L = 3072, N = 256<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1303](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1303)<p>Version 10.0.15063.674|
-|DSA:<li>186-4:<p>PQGGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>PQGVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>KeyPair:<li>L = 2048, N = 256<li>L = 3072, N = 256<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1302](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1302)<p>Version 10.0.15254|
-|DSA:<li>186-4:<p>PQGGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>PQGVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigGen:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>SigVer:<li>L = 2048, N = 256 SHA: SHA-256<li>L = 3072, N = 256 SHA: SHA-256<p>KeyPair:<li>L = 2048, N = 256<li>L = 3072, N = 256<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1301](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1301)<p>Version 10.0.16299|
-|**FIPS186-4:**<br>**PQG(gen)** PARMS TESTED:   [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<br>**KeyPairGen**:   [(2048,256); (3072,256)]<p>**SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)** PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>DRBG: [validation number  1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1223](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223)<p>Version 10.0.15063|
-|**FIPS186-4:<br>PQG(ver)PARMS TESTED:**   [(1024,160) SHA(1)]<p>**SIG(ver)PARMS TESTED:**   [(1024,160) SHA(1)]<p>SHS: [validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1188](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1188)<p>Version 7.00.2872|
-|**FIPS186-4:<br>PQG(ver)PARMS TESTED:**   [(1024,160) SHA(1)]<p>**SIG(ver)PARMS TESTED:**   [(1024,160) SHA(1)]<p>SHS: [validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1187](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1187)<p>Version 8.00.6246|
-|**FIPS186-4:<br>PQG(gen)** PARMS TESTED: [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<br>KeyPairGen:    [(2048,256); (3072,256)]<p>**SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p>DRBG: [validation number  1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#1098](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098)<p>Version 10.0.14393|
-|**FIPS186-4:<br>PQG(gen)** PARMS TESTED:   [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<br>KeyPairGen:    [(2048,256); (3072,256)] **SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)<p>DRBG: [validation number  955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations [#1024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024)<p>Version 10.0.10586|
-|**FIPS186-4:<br>PQG(gen)** PARMS TESTED:   [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<br>KeyPairGen: [(2048,256); (3072,256)]<p>**SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)] **SIG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)<p>DRBG: [validation number  868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations [#983](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983)<p>Version 10.0.10240|
-|**FIPS186-4:<br>PQG(gen)** PARMS TESTED:   [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver**)PARMS TESTED:   [(2048,256), SHA(256); (3072,256) SHA(256)]<br>KeyPairGen:    [(2048,256); (3072,256)]<p>**SIG(gen)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)**PARMS TESTED:   [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [validation number  2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)<p>DRBG: [validation number  489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#855](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855)<p>Version 6.3.9600|
-|**FIPS186-2**:<p>**PQG(ver)** MOD(1024);<p>**SIG(ver)** MOD(1024);<p>SHS: [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<P>DRBG: [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)<p>**FIPS186-4: PQG(gen)PARMS TESTED**: [(2048,256)SHA(256); (3072,256) SHA(256)]<p>**PQG(ver)PARMS TESTED**: [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(gen)PARMS TESTED**: [(2048,256) SHA(256); (3072,256) SHA(256)]<p>**SIG(ver)PARMS TESTED**: [(2048,256) SHA(256); (3072,256) SHA(256)]<p>SHS: [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p>DRBG: [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 687](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#687).|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#687](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687)|
-|**FIPS186-2:<br>PQG(ver)** MOD(1024);<p>**SIG(ver)** MOD(1024);<p>SHS: [#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)<p>DRBG: [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 686](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#686).|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 DSS and Diffie-Hellman Enhanced Cryptographic Provider (DSSENH) [#686](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#686)|
-|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)<p>DRBG: [validation number  193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 645](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#645).|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#645](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#645)|
-|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p>DRBG: [validation number  23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 391](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#391). See [Historical DSA List validation number 386](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#386).|Windows Server 2008 R2 and SP1 CNG algorithms [#391](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#391)<p>Windows 7 Ultimate and SP1 CNG algorithms [#386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#386)|
-|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p>RNG: [validation number  649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#649)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 390](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#390). See [Historical DSA List validation number 385](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#385).|Windows Server 2008 R2 and SP1 Enhanced DSS (DSSENH) [#390](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#390)<p>Windows 7 Ultimate and SP1 Enhanced DSS (DSSENH) [#385](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#385)|
-|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 284](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#284). See [Historical DSA List validation number 283](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#283).|Windows Server 2008 CNG algorithms [#284](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#284)<p>Windows Vista Ultimate SP1 CNG algorithms [#283](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#283)|
-|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p>RNG: [validation number  435](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#435)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 282](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#282). See [Historical DSA List validation number 281](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#281).|Windows Server 2008 Enhanced DSS (DSSENH) [#282](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#282)<p>Windows Vista Ultimate SP1 Enhanced DSS (DSSENH) [#281](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#281)|
-|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p>RNG: [validation number  321](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 227](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#227). See [Historical DSA List validation number 226](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#226).|Windows Vista CNG algorithms [#227](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#227)<p>Windows Vista Enhanced DSS (DSSENH) [#226](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#226)|
-|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#784)<p>RNG: [validation number  448](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#448)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 292](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#292).|Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#292](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#292)|
-|**FIPS186-2:<br>SIG(ver)** MOD(1024);<p>SHS: [validation number  783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783)<p>RNG: [validation number  447](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#447)vSome of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical DSA List validation number 291](http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#291).|Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#291](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#291)|
-|**FIPS186-2:<br>PQG(gen)** MOD(1024);<p>**PQG(ver)** MOD(1024);<p>**KEYGEN(Y)** MOD(1024);<p>**SIG(gen)** MOD(1024);<P>**SIG(ver)** MOD(1024);<p>SHS: [validation number  611](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#611)<p>RNG: [validation number  314](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#314)|Windows 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider [#221](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#221)|
-|**FIPS186-2:<br>PQG(gen)** MOD(1024);<p>**PQG(ver)** MOD(1024);<p>**KEYGEN(Y)** MOD(1024);<p>**SIG(gen)** MOD(1024);v**SIG(ver)** MOD(1024);vSHS: [validation number  385](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385)|Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#146](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#146)|
-|**FIPS186-2:<br>PQG(ver)** MOD(1024);<p>**KEYGEN(Y)** MOD(1024);v**SIG(gen)** MOD(1024);<p>**SIG(ver)** MOD(1024);<p>SHS: [validation number  181](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181)|Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#95](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#95)|
-|**FIPS186-2:<br>PQG(gen)** MOD(1024);<p>**PQG(ver)** MOD(1024);<p>**KEYGEN(Y)** MOD(1024);<p>**SIG(gen)** MOD(1024); SHS: SHA-1 (BYTE)<p>**SIG(ver)** MOD(1024); SHS: SHA-1 (BYTE)|Windows 2000 DSSENH.DLL [#29](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29)<p>Windows 2000 DSSBASE.DLL [#28](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28)<p>Windows NT 4 SP6 DSSENH.DLL [#26](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#26)<p>Windows NT 4 SP6 DSSBASE.DLL [#25](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#25)|
-|**FIPS186-2: PRIME;<br>FIPS186-2:**<p>**KEYGEN(Y):**SHS: SHA-1 (BYTE)<p>**SIG(gen):SIG(ver)** MOD(1024);<p>SHS: SHA-1 (BYTE)|Windows NT 4.0 SP4 Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider [#17](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#17)|
-
-
-#### Elliptic Curve Digital Signature Algorithm (ECDSA)
-
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|<p>ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373), DRBG [#489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#1263](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1263)<p>Version 6.3.9600|
-|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384<li>Generation Methods: Testing Candidates<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DRBG [#1734](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734)|Microsoft Surface Hub Virtual TPM Implementations [#1253](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1253)<p>Version 10.0.15063.674|
-|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384<li>Generation Methods: Testing Candidates<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DRBG [#1733](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#1252](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1252)<p>Version 10.0.16299|
-|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub MsBignum Cryptographic Implementations [#1251](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1251)<p>Version 10.0.15063.674|
-|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1250](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1250)<p>Version 10.0.15063.674|
-|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1249](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1249)<p>Version 10.0.15254|
-|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#1248](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1248)<p>Version 10.0.15254|
-|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#1247](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1247)<p>Version 10.0.16299|
-|ECDSA:186-4:<p>Key Pair Generation:<li>Curves: P-256, P-384, P-521<li>Generation Methods: Extra Random Bits<p>Public Key Validation:<li>Curves: P-256, P-384, P-521<p>Signature Generation:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Signature Verification:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1246](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1246)<p>Version 10.0.16299|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 TestingCandidates)<p>SHS: [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>DRBG: [validation number  1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#1136](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1136)<p>Version 10.0.15063|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>DRBG: [validation number  1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#1135](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1135)<p>Version 10.0.15063|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>DRBG: [validation number  1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133)<p>Version 10.0.15063|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SigVer: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512))<p>**SHS:**[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)<p>**DRBG:**[validation number  1430](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1073](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1073)<p>Version 7.00.2872|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SigVer: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512))<p>**SHS:**[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<p>**DRBG:**[validation number  1429](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1072](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1072)<p>Version 8.00.6246|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 TestingCandidates)v**PKV: CURVES**(P-256 P-384)<p>**SigGen: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384) SIG(gen) with SHA-1 affirmed for use with protocols only.v**SigVer: CURVES**(P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384))<p>SHS: [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p>DRBG: [validation number  1222](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#920](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#920)<p>Version 10.0.14393|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**PKV: CURVES**(P-256 P-384 P-521)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))vSHS: [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p>DRBG: [validation number  1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#911](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911)<p>Version 10.0.14393|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)<p>DRBG: [validation number  955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations [#760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760)<p>Version 10.0.10586|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer**: CURVES(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)<p>DRBG: [validation number  868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations [#706](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706)<p>Version 10.0.10240|
-|**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>SHS: [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)<p>DRBG: [validation number  489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#505](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505)<p>Version 6.3.9600|
-|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p>**DRBG**: [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p>**DRBG**: [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)<p>**FIPS186-4: <br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>**SHS**: [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p>**DRBG**: [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical ECDSA List validation number 341](http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#341).|Windows 8,<p>Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#341](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341)|
-|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)<p>**DRBG**: [validation number  193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193)<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)<p>**DRBG**: [validation number  193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193)<p>**FIPS186-4:<br>PKG: CURVES**(P-256 P-384 P-521 ExtraRandomBits)<p>**SigGen: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<p>**SigVer: CURVES**(P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512))<p>**SHS**: [validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)<p>**DRBG**: [validation number  193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical ECDSA List validation number 295](http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#295).|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#295](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#295)|
-|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p>**DRBG**: [validation number  23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23)<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p>**DRBG**: [validation number  23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical ECDSA List validation number 142](http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#142). See [Historical ECDSA List validation number 141](http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#141).|Windows Server 2008 R2 and SP1 CNG algorithms [#142](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#142)<p>Windows 7 Ultimate and SP1 CNG algorithms [#141](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#141)|
-|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical ECDSA List validation number 83](http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#83). See [Historical ECDSA List validation number 82](http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#82).|Windows Server 2008 CNG algorithms [#83](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#83)<p>Windows Vista Ultimate SP1 CNG algorithms [#82](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#82)|
-|**FIPS186-2:<br>PKG: CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p>**RNG**: [validation number  321](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p>**SIG(ver): CURVES**(P-256 P-384 P-521)<p>**SHS**: [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p>**RNG**: [validation number  321](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical ECDSA List validation number 60](http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#60).|Windows Vista CNG algorithms [#60](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#60)|
-
-#### Keyed-Hash Message Authentication Code (HMAC)
-
-
-|**Modes / States / <li>Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|<p>HMAC-SHA-1:<li><li>Key Sizes &lt; Block Size<li><li>Key Sizes &gt; Block Size<li><li>Key Sizes = Block Size<p><p>HMAC-SHA2-256:<li><li>Key Sizes &lt; Block Size<li><li>Key Sizes &gt; Block Size<li><li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011)|Microsoft Surface Hub Virtual TPM Implementations [#3271](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/<p>HMAC#3271)<p>Version 10.0.15063.674|
-|<p>HMAC-SHA-1:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-256:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#3270](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/<p>HMAC#3270)<p>Version 10.0.16299|
-|<p>HMAC-SHA-1:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-256:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-512:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#3269](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/<p>HMAC#3269)<p>Version 10.0.15063.674|
-|<p>HMAC-SHA-1:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-256:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-512:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#3268](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/<p>HMAC#3268)<p>Version 10.0.15254|
-|<p>HMAC-SHA-1:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-256:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-384:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>HMAC-SHA2-512:<li>Key Sizes &lt; Block Size<li>Key Sizes &gt; Block Size<li>Key Sizes = Block Size<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#3267](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/<p>HMAC#3267)<p>Version 10.0.16299|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#3062](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3062)<p>Version 10.0.15063|
-|<p> **HMAC-SHA1(Key Sizes Ranges Tested:** KSBS) SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#3061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061)<p>Version 10.0.15063|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2946](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2946)<p>Version 7.00.2872|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2945](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2945)<p>Version 8.00.6246|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2943](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2943)<p>Version 7.00.2872|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested:** KSBS) SHS [validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<p> **HMAC-SHA256 (Key Size Ranges Tested:** KSBS) SHS [validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<p> **HMAC-SHA384 (Key Size Ranges Tested:** KSBS) SHS [validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<p> **HMAC-SHA512 (Key Size Ranges Tested:** KSBS) SHS[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2942](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2942)<p>Version 8.00.6246|
-|<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<p>SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS) SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS) SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#2661](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2661)<p>Version 10.0.14393|
-|<p> **HMAC-SHA1** (Key Sizes Ranges Tested: KSBS) SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p> **HMAC-SHA256** (Key Size Ranges Tested: KSBS) SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p> **HMAC-SHA384** (Key Size Ranges Tested: KSBS) SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p> **HMAC-SHA512** (Key Size Ranges Tested: KSBS) SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)<p>Version 10.0.14393|
-|<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<br>SHS [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)<p> **HMAC-SHA512** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” SymCrypt Cryptographic Implementations [#2381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381)<p>Version 10.0.10586|
-|<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<br>SHS[validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS)<br>SHS[validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS)<br>[ SHSvalidation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)<p> **HMAC-SHA512** (Key Size Ranges Tested:  KSBS)<br>SHS[validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#2233](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233)<p>Version 10.0.10240|
-|<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<br>SHS [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)<p> **HMAC-SHA512** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773)<p>Version 6.3.9600|
-|<p> **HMAC-SHA1** (Key Sizes Ranges Tested: KSBS) SHS [validation number 2764](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764)<p> **HMAC-SHA256** (Key Size Ranges Tested: KSBS) SHS [validation number 2764](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764)<p> **HMAC-SHA384** (Key Size Ranges Tested: KSBS) SHS [validation number 2764](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764)<p> **HMAC-SHA512** (Key Size Ranges Tested: KSBS) SHS [validation number 2764](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764)|Windows CE and Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH) [#2122](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2122)<p>Version 5.2.29344|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations #[1347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1347)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS**[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS**[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS**[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS**[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) #[1346](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1346)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS)**<br>**SHS**[#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) #[1345](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)<br>**Tinker HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll), [#1364](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1364)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774)|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1227](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1227)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)|Windows Server 2008 R2 and SP1 CNG algorithms [#686](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#686)<p>Windows 7 and SP1 CNG algorithms [#677](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#677)<p>Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) [#687](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#687)<p>Windows 7 Enhanced Cryptographic Provider (RSAENH) [#673](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#673)|
-|<p> **HMAC-SHA1(Key Sizes Ranges Tested: KS**[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 BitLocker Algorithm Implementations [#675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816)|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#452](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#452)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)|Windows Vista Ultimate SP1 and Windows Server 2008 BitLocker Algorithm Implementations [#415](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#415)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS)** SHS [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)|Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) [#408](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#408)<p>Windows Vista Enhanced Cryptographic Provider (RSAENH) [#407](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#407)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS)SHS** [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)|Windows Vista Enhanced Cryptographic Provider (RSAENH) [#297](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#297)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 785](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785)|Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) [#429](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#429)<p>Windows XP, vendor-affirmed|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783)|Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#428](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#428)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613)|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#289](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#289)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 610](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610)|Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) [#287](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#287)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)|Windows Server 2008 CNG algorithms [#413](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#413)<p>Windows Vista Ultimate SP1 CNG algorithms [#412](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#412)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[validation number 737](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737)<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[validation number 737](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737)|Windows Vista Ultimate BitLocker Drive Encryption [#386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#386)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 618](http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#618)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)|Windows Vista CNG algorithms [#298](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#298)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS)SHS** [validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589)|Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#267](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#267)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578)|Windows CE and Windows Mobile 6.0 and Windows Mobil 6.5 Enhanced Cryptographic Provider (RSAENH) [#260](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#260)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[validation number 495](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495)<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[validation number 495](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495)|Windows Vista BitLocker Drive Encryption [#199](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#199)|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 364](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364)|Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#99](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#99)<p>Windows XP, vendor-affirmed|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305)<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305)<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305)<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305)|Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) [#31](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#31)|
-
-
-
-#### Key Agreement Scheme (KAS)
-
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|KAS ECC: <br>Functions: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration<p>Schemes:<br><p>Full Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<br>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), ECDSA [#1253](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1253), DRBG [#1734](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734)|Microsoft Surface Hub Virtual TPM Implementations [#150](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#150)<p>Version 10.0.15063.674|
-|KAS ECC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Full Public Key Validation, Key Pair Generation, Public Key Regeneration<p>Schemes:<br><p>Full Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<br>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), ECDSA [#1252](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1252), DRBG [#1733](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#149](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#149)<p>Version 10.0.16299|
-|KAS ECC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration<p>Schemes:<p>Ephemeral Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>One-Pass DH:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>Static Unified:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<p><li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<br>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), ECDSA [#1250](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1250), DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)<p>KAS FFC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation<p>Schemes:<p>dhEphem:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<p>dhOneFlow:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC<li>SHA: SHA-256<li>MAC: HMAC<p>dhStatic:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<br>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DSA [#1303](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1303), DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#148](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#148)<p>Version 10.0.15063.674|
-|KAS ECC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration<p>Schemes:<p>Ephemeral Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMA<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>One-Pass DH:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>Static Unified:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<br>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), ECDSA [#1249](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1249), DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)<p>KAS FFC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation<p>Schemes:<p>dhEphem:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<p>dhOneFlow:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC<li>SHA: SHA-256<li>MAC: HMAC<p>dhStatic:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<br>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), DSA [#1302](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1302), DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#147](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#147)<p>Version 10.0.15254|
-|KAS ECC:<p><br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation, Public Key Regeneration<p>Schemes:<p>Ephemeral Unified:<li>Key Agreement Roles: Initiator, Responder<li>KDFs: Concatenation<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>One-Pass DH:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<p>Static Unified:<p><li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>EC:<li>Curve: P-256<li>SHA: SHA-256<li>MAC: HMAC<p>ED:<li>Curve: P-384<li>SHA: SHA-384<li>MAC: HMAC<p>EE:<li>Curve: P-521<li>SHA: SHA-512<li>MAC: HMAC<br>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), ECDSA [#1246](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1246), DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)<p>KAS FFC:<br>Functions: Domain Parameter Generation, Domain Parameter Validation, Key Pair Generation, Partial Public Key Validation<p>Schemes:<p>dhEphem:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<p>dhOneFlow:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<p>dhStatic:<li>Key Agreement Roles: Initiator, Responder<li>Parameter Sets:<p>FB:<li>SHA: SHA-256<li>MAC: HMAC<p>FC:<li>SHA: SHA-256<li>MAC: HMAC<br>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DSA [#1301](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1301), DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#146](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#146)<p>Version 10.0.16299|
-|**ECC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration) **SCHEMES** [**FullUnified** (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC)]<P>SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<P>DSA [validation number 1135](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1135)<p>DRBG [validation number 1556](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#128](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#128)<p>Version 10.0.15063|
-|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation)<p>**SCHEMES** [**dhEphem** (KARole(s): Initiator / Responder)(**FB:** SHA256) (**FC:** SHA256)]<p>[**dhOneFlow** (**FB:** SHA256) (**FC:** SHA256)]<p>[**dhStatic** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FB:** SHA256 HMAC) (**FC:** SHA256   HMAC)]<P>SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<P>DSA [validation number 1223](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223)<p>DRBG [validation number 1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)**ECC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation) **SCHEMES** [**EphemeralUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[**OnePassDH** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<p>[**StaticUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<P>ECDSA [validation number 1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133)DRBG [validation number 1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#127](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127)<p>Version 10.0.15063|
-|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation)<p>**SCHEMES** [**dhEphem** (KARole(s): Initiator / Responder)(**FB:** SHA256) (**FC:** SHA256)]<p>[**dhOneFlow** (KARole(s): Initiator / Responder) (**FB:** SHA256) (**FC:** SHA256)] [**dhStatic** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FB:** SHA256 HMAC) (**FC:** SHA256   HMAC)]<P>SHS [validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)<P>DSA [validation number 1188](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1188)<p>DRBG [validation number 1430](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430)<p>**ECC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration)<p>**SCHEMES** [**EphemeralUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[**OnePassDH** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<p>[**StaticUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#115](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#115)<p>Version 7.00.2872|
-|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation)<p>**SCHEMES** [**dhEphem** (KARole(s): Initiator / Responder)(**FB:** SHA256) (**FC:** SHA256)]<p>[**dhHybridOneFlow** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FB:**SHA256 HMAC) (**FC:** SHA256   HMAC)]<p>[**dhStatic** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FB:**SHA256 HMAC) (**FC:** SHA256   HMAC)]<P>SHS [validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<P>DSA [validation number 1187](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1187)<p>DRBG [validation number 1429](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429)<p>**ECC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration)<p>**SCHEMES** [**EphemeralUnified** (**No_KC**) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[**OnePassDH** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<p>[**StaticUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC:** P-256   SHA256   HMAC) (**ED:** P-384   SHA384   HMAC) (**EE:** P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<P>ECDSA [validation number 1072](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1072)<p>DRBG [validation number 1429](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#114](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#114)<p>Version 8.00.6246|
-|**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration)<p>**SCHEMES  [FullUnified  (No_KC**  &lt; KARole(s): Initiator / Responder &gt; &lt; KDF: CONCAT &gt;) (**EC:**  P-256   SHA256   HMAC) (**ED:**  P-384   SHA384   HMAC)]<P>SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347) ECDSA [validation number 920](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#920) DRBG [validation number 1222](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#93](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#93)<p>Version 10.0.14393|
-|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation)<p>**SCHEMES**  [dhEphem  (KARole(s): Initiator / Responder)(**FB:** SHA256) (**FC:** SHA256)]<p>[dhOneFlow (KARole(s): Initiator / Responder) (**FB:**  SHA256) (**FC:**  SHA256)] [**dhStatic (No_KC**  &lt; KARole(s): Initiator / Responder &gt;) (FB:  SHA256 HMAC) (FC:  SHA256   HMAC)]<P>SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347) DSA [validation number 1098](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098) DRBG [validation number 1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)<p>**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration) **SCHEMES**  [EphemeralUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[OnePassDH  (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<p>[StaticUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347) DSA [validation number 1098](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098) ECDSA [validation number 911](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911) DRBG [validation number 1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217) HMAC [validation number 2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#92](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92)<p>Version 10.0.14393|
-|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation) SCHEMES  [dhEphem  (KARole(s): Initiator / Responder)(FB: SHA256) (FC: SHA256)]<p>[dhOneFlow (KARole(s): Initiator / Responder) (FB:  SHA256) (FC:  SHA256)] [dhStatic (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (FB:  SHA256 HMAC) (FC:  SHA256   HMAC)]<P>SHS [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047) DSA [validation number 1024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024) DRBG [validation number 955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955)<p>**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration) SCHEMES  [EphemeralUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[OnePassDH  (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<p>[StaticUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047) ECDSA [validation number 760](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760) DRBG [validation number 955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub Cryptography Next Generation (CNG) Implementations [#72](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#72)<p>Version 10.0.10586|
-|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation) SCHEMES  [dhEphem  (KARole(s): Initiator / Responder)(FB: SHA256) (FC: SHA256)]<p>[dhOneFlow (KARole(s): Initiator / Responder) (FB:  SHA256) (FC:  SHA256)] [dhStatic (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (FB:  SHA256 HMAC) (FC:  SHA256   HMAC)]<P>SHS [validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886) DSA [validation number 983](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983) DRBG [validation number 868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868)<p>**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration) SCHEMES  [EphemeralUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[OnePassDH  (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<p>[StaticUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886) ECDSA [validation number 706](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706) DRBG [validation number 868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations [#64](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64)<p>Version 10.0.10240|
-|**FFC:** (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation) SCHEMES  [dhEphem  (KARole(s): Initiator / Responder)(FB: SHA256) (FC: SHA256)]<p>[dhOneFlow (KARole(s): Initiator / Responder) (FB:  SHA256) (FC:  SHA256)] [dhStatic (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (FB:  SHA256 HMAC) (FC:  SHA256   HMAC)]<P>SHS [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373) DSA [validation number 855](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855) DRBG [validation number 489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)<p>**ECC:**  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration) SCHEMES  [EphemeralUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[OnePassDH  (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<p>[StaticUnified (No_KC  &lt; KARole(s): Initiator / Responder &gt;) (EC:  P-256   SHA256   HMAC) (ED:  P-384   SHA384   HMAC) (EE:  P-521   HMAC (SHA512, HMAC_SHA512))]<P>SHS [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373) ECDSA [validation number 505](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505) DRBG [validation number 489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations [#47](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47)<p>Version 6.3.9600|
-|**FFC**: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation) SCHEMES [**dhEphem** (KARole(s): Initiator / Responder)<p>(**FA**: SHA256) (**FB**: SHA256) (**FC**: SHA256)]<p>[**dhOneFlow** (KARole(s): Initiator / Responder) (**FA**: SHA256) (**FB**: SHA256) (**FC**: SHA256)]<p>[**dhStatic** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**FA**: SHA256 HMAC) (**FB**: SHA256 HMAC) (**FC**: SHA256 HMAC)]<P>SHS [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903) DSA [validation number 687](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687) DRBG [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)<p>**ECC**: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation Key Regeneration) **SCHEMES**<p>[**EphemeralUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (EC: P-256 SHA256 HMAC) (**ED**: P-384 SHA384 HMAC) (**EE**: P-521 HMAC (SHA512, HMAC_SHA512)))]<p>[**OnePassDH(No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC**: P-256 SHA256) (**ED**: P-384 SHA384) (**EE**: P-521 (SHA512, HMAC_SHA512)))]<p>[**StaticUnified** (**No_KC** &lt; KARole(s): Initiator / Responder&gt;) (**EC**: P-256 SHA256 HMAC) (**ED**: P-384 SHA384 HMAC) (**EE**: P-521 HMAC (SHA512, HMAC_SHA512))]<P>SHS [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903) <P>ECDSA [validation number 341](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341) DRBG [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#36](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36)|
-|**KAS (SP 800–56A)**<li>Key Agreement: Key establishment methodology provides 80 bits to 256 bits of encryption strength|Windows 7 and SP1, vendor-affirmed<p>Windows Server 2008 R2 and SP1, vendor-affirmed|
-
-SP 800-108 Key-Based Key Derivation Functions (KBKDF)
-
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|Counter:<p>MACs: HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384<p>MAC prerequisite: HMAC [#3271](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3271)<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: DRBG [#1734](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734), KAS [#150](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#150)|Microsoft Surface Hub Virtual TPM Implementations [#161](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#161)<p>Version 10.0.15063.674|
-|Counter:<p>MACs: HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384<p>MAC prerequisite: HMAC [#3270](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3270)<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: DRBG [#1733](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733), KAS [#149](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#149)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#160](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#160)<p>Version 10.0.16299|
-|Counter:<p>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512<p>MAC prerequisite: AES [#4902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4902), HMAC [#3269](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269)<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: KAS [#148](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#148)|Microsoft Surface Hub Cryptography Next Generation (CNG) Implementations [#159](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#159)<p>Version 10.0.15063.674|
-|Counter:<p>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512<p>MAC prerequisite: AES [#4901](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4901), HMAC [#3268](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268)<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: KAS [#147](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#147)|Windows 10 Mobile (version 1709) Cryptography Next Generation (CNG) Implementations [#158](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#158)<p>Version 10.0.15254|
-|Counter:<p>MACs: CMAC-AES-128, CMAC-AES-192, CMAC-AES-256, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512<p>MAC prerequisite: AES [#4897](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4897), HMAC [#3267](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267)<p><li>Counter Location: Before Fixed Data<li>R Length: 32 (bits)<li>SPs used to generate K: SP 800-56A, SP 800-90A<p>K prerequisite: KAS [#146](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#146)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Cryptography Next Generation (CNG) Implementations [#157](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#157)<p>Version 10.0.16299|
-|**CTR_Mode:** (Llength(Min0 Max0) MACSupported([HMACSHA1] [HMACSHA256][HMACSHA384]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 128](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#128)<p>DRBG [validation number 1556](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556)<p>MAC [validation number 3062](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3062)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#141](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#141)<p>Version 10.0.15063|
-|**CTR_Mode:** (Llength(Min20 Max64) MACSupported([CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 127](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127)<p>AES [validation number 4624](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624)<p>DRBG [validation number 1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)<p>MAC [validation number 3061](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile Cryptography Next Generation (CNG) Implementations [#140](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#140)<p>Version 10.0.15063|
-|**CTR_Mode:**  (Llength(Min20 Max64) MACSupported([HMACSHA1] [HMACSHA256] [HMACSHA384]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 93](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#93) DRBG [validation number 1222](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222) MAC [validation number 2661](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2661)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#102](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#102)<p>Version 10.0.14393|
-|**CTR_Mode:**  (Llength(Min20 Max64) MACSupported([CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 92](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92) AES [validation number 4064](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064) DRBG [validation number 1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217) MAC [validation number 2651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#101](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101)<p>Version 10.0.14393|
-|**CTR_Mode:**  (Llength(Min20 Max64) MACSupported([CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 72](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#72) AES [validation number 3629](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629) DRBG [validation number 955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955) MAC [validation number 2381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations [#72](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#72)<p>Version 10.0.10586|
-|**CTR_Mode:**  (Llength(Min20 Max64) MACSupported([CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>KAS [validation number 64](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64) AES [validation number 3497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497) RBG [validation number 868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868) MAC [validation number 2233](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations [#66](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#66)<p>Version 10.0.10240|
-|**CTR_Mode:**  (Llength(Min0 Max0) MACSupported([HMACSHA1] [HMACSHA256] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>DRBG [validation number 489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489) MAC [validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773)|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations [#30](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30)<p>Version 6.3.9600|
-|**CTR_Mode**: (Llength(Min0 Max4) MACSupported([HMACSHA1] [HMACSHA256] [HMACSHA512]) LocationCounter([BeforeFixedData]) rlength([32]))<p>DRBG [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258) HMAC [validation number 1345](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#3](http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)|
-
-Random Number Generator (RNG)
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|**FIPS 186-2 General Purpose**<br>**[(x-Original); (SHA-1)]**|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations #[1110](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#1110)|
-|**FIPS 186-2<br>[(x-Original); (SHA-1)]**|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1060](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#1060)<p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#292](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#292)<p>Windows CE and Windows Mobile 6.0 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) [#286](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#286)<p>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) [#66](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#66)|
-|**FIPS 186-2<br>[(x-Change Notice); (SHA-1)]**; **FIPS 186-2 General Purpose<br>[(x-Change Notice); (SHA-1)]**|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 RNG Library [#649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#649)<p>Windows Vista Ultimate SP1 and Windows Server 2008 RNG Implementation [#435](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#435)<p>Windows Vista RNG implementation [#321](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321)|
-|**FIPS 186-2 General Purpose<br>[(x-Change Notice); (SHA-1)]**|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#470](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#470)<p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) [#449](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#449)<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#447](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#447)<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#316](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#316)<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) [#313](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#313)|
-|**FIPS 186-2<br>[(x-Change Notice); (SHA-1)]**|Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#448](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#448)<p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider [#314](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#314)|
-
-#### RSA
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|RSA:<p>186-4:<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: SHA-1, <li>SHA-256, <li>SHA-384<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: SHA-1, <li>SHA-256, <li>SHA-384<p>Mod 2048 SHA: SHA-1, <li>SHA-256, <li>SHA-384<br><p>Signature Verification PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DRBG [#1734](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1734)|Microsoft Surface Hub Virtual TPM Implementations [#2677](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2677)<p>Version 10.0.15063.674|
-|RSA:<p>186-4:<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 240 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384<br><p>Signature Verification PSS:<p>Mod 1024<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DRBG [#1733](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1733)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (<p>Version 1709); Virtual TPM Implementations [#2676](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2676)<p>Version 10.0.16299|
-|RSA:<p>186-4:<p>Key Generation:<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256<li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub RSA32 Algorithm Implementations [#2675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2675)<p>Version 10.0.15063.674|
-|RSA:<p>186-4:<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384,<li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); RSA32 Algorithm Implementations [#2674](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2674)<p>Version 10.0.16299|
-|RSA:<p>186-4:<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) RSA32 Algorithm Implementations [#2673](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2673)<p>Version 10.0.15254|
-|RSA:<p>186-4:<p>Key Generation:<li>Public Key Exponent: Fixed (10001)<li>Provable Primes with Conditions:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.3<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS<p>Mod 1024<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub MsBignum Cryptographic Implementations [#2672](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2672)<p>Version 10.0.15063.674|
-|RSA:<p>186-4:<p>Key Generation:<p>Probable Random Primes:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C 2<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#2671](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2671)<p>Version 10.0.15063.674|
-|RSA:<p>186-4:<p>Key Generation:<p>Probable Random Primes:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.2<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits)<p>Mod 2048<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#2670](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2670)<p>Version 10.0.15254|
-|RSA:<p>186-4:<p>Key Generation:<p>Public Key Exponent: Fixed (10001)<p>Provable Primes with Conditions:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.3<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits)<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#2669](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2669)<p>Version 10.0.15254|
-|<p>186-4:<p>Key Generation:<p>Public Key Exponent: Fixed (10001)<p>Provable Primes with Conditions:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.3<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1,<li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits)<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#2668](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2668)<p><p>Version 10.0.16299|
-|<p>186-4:<p>Key Generation<p>Probable Random Primes:<p>Mod lengths: 2048, 3072 (bits)<p>Primality Tests: C.2<br><p>Signature Generation PKCS1.5:<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-51<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Generation PSS:<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<br><p>Signature Verification PKCS1.5:<p>Mod 1024 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 2048 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<p>Mod 3072 SHA: <li>SHA-1, <li>SHA-256, <li>SHA-384, <li>SHA-512<br><p>Signature Verification PSS:<p>Mod 1024:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 496 (bits)<p>Mod 2048:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Mod 3072:<li>SHA-1: Salt Length: 160 (bits)<li>SHA-256: Salt Length: 256 (bits)<li>SHA-384: Salt Length: 384 (bits)<li>SHA-512: Salt Length: 512 (bits)<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#2667](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2667)<p>Version 10.0.16299|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384)) (2048 SHA(1, 256, 384))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48))) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48)))<p>SHA [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#2524](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2524)<p>Version 10.0.15063|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile RSA32 Algorithm Implementations [#2523](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523)<p>Version 10.0.15063|
-|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001);<p>**PGM(ProbPrimeCondition):** 2048, 3072 **PPTT:**(C.3)**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))**SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64<p>SHA [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>DRBG: [validation number  1555](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#2522](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522)<p>Version 10.0.15063|
-|<p>**FIPS186-4:<p>186-4KEY(gen):**PGM(ProbRandom:** (2048, 3072) **PPTT:**(C.2)**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number 3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#2521](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2521)<p>Version 10.0.15063|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)**<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 4096, SHS: <li>SHA-256[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652), <li>SHA-384[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652), <li>SHA-512[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652), SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652), <li>SHA-256[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652), <li>SHA-384[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652), <li>SHA-512[validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)<p>**FIPS186-4:<br>ALG[ANSIX9.31]** Sig(Gen): (2048 SHA(1)) (3072 SHA(1))**SIG(gen) with SHA-1 affirmed for use with protocols only.**SIG(ver): (1024 SHA(1)) (2048 SHA(1)) (3072 SHA(1))**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2415](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2415)<p>Version 7.00.2872|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)**<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 4096, SHS: <li>SHA-256[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651), <li>SHA-384[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651), <li>SHA-512[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651), <li>SHA-256[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651), <li>SHA-384[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651), <li>SHA-512[validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)<p>**FIPS186-4:<br>ALG[ANSIX9.31]** Sig(Gen): (2048 SHA(1)) (3072 SHA(1))**SIG(gen) with SHA-1 affirmed for use with protocols only.** SIG(ver): (1024 SHA(1)) (2048 SHA(1)) (3072 SHA(1))**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2414](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2414)<p>Version 8.00.6246|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 4096, SHS: <li>SHA-256[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649), <li>SHA-384[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649), <li>SHA-512[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649), <li>SHA-256[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649), <li>SHA-384[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649), <li>SHA-512[validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001);<p>**PGM(ProbRandom:** (2048, 3072) **PPTT:**(C.2)<br>**ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number  3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)<p>DRBG: [validation number  1430](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2412](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2412)<p>Version 7.00.2872|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 4096, SHS: <li>SHA-256[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648), <li>SHA-384[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648), <li>SHA-512[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648), SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648), <li>SHA-256[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648), <li>SHA-384[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648), <li>SHA-512[validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001);<p>**PGM(ProbRandom:** (2048, 3072) **PPTT:**(C.2)**<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512)) **SIG(gen) with SHA-1 affirmed for use with protocols only.<p>**SIG(ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<p>DRBG: [validation number  1429](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2411](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2411)<p>Version 8.00.6246|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(1, 256, 384)) SIG(gen) with SHA-1 affirmed for use with protocols only.SIG(Ver) (1024 SHA(1, 256, 384)) (2048 SHA(1, 256, 384))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48))) SIG(gen) with SHA-1 affirmed for use with protocols only.Sig(Ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48)))<p>SHA [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#2206](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2206)<p>Version 10.0.14393|
-|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001<p>**PGM(ProbPrimeCondition):** 2048, 3072 PPTT:(C.3)<p>SHA [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347) DRBG: [validation number  1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA Key Generation Implementation [#2195](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195)<p>Version 10.0.14393|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3346](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3346)|soft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations [#2194](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2194)<p>Version 10.0.14393|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(256, 384, 512)) (3072 SHA(256, 384, 512))<p>**SIG(Ver)** (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347) DRBG: [validation number  1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#2193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193)<p>Version 10.0.14393|
-|<p>**FIPS186-4:<br>[RSASSA-PSS]: Sig(Gen):** (2048 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))<p>**Sig(Ver):** (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number  3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347) DRBG: [validation number  1217](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#2192](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192)<p>Version 10.0.14393|
-|<p>**FIPS186-4:<p>186-4KEY(gen)**:  FIPS186-4_Fixed_e (10001);<p>**PGM(ProbPrimeCondition**): 2048, 3072 PPTT:(C.3)<p>SHA [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047) DRBG: [validation number  955](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” RSA Key Generation Implementation [#1889](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1889)<p>Version 10.0.10586|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 3048](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub RSA32 Algorithm Implementations [#1871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871)<p>Version 10.0.10586|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(256, 384, 512)) (3072 SHA(256, 384, 512))<p>**SIG(Ver)** (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub MsBignum Cryptographic Implementations [#1888](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1888)<p>Version 10.0.10586|
-|<p>**FIPS186-4:<br>[RSASSA-PSS]: Sig(Gen)**: (2048 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>**Sig(Ver):** (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number  3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub Cryptography Next Generation (CNG) Implementations [#1887](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1887)<p>Version 10.0.10586|
-|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e (10001);PGM(ProbPrimeCondition): 2048, 3072 PPTT:(C.3)<p>SHA [validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886) DRBG: [validation number  868](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA Key Generation Implementation [#1798](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1798)<p>Version 10.0.10240|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 2871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations [#1784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784)<p>Version 10.0.10240|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 2871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations [#1783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1783)<p>Version 10.0.10240|
-|<p>**FIPS186-4:<br>[RSASSA-PSS]:** Sig(Gen): (2048 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))), Sig(Ver): (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number  2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations [#1802](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1802)<p>Version 10.0.10240|
-|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e;<p>**PGM(ProbPrimeCondition):** 2048, 3072 PPTT:(C.3)<p>SHA [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373) DRBG: [validation number  489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 RSA Key Generation Implementation [#1487](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487)<p>Version 6.3.9600|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations [#1494](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494)<p>Version 6.3.9600|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(256, 384, 512)) (3072 SHA(256, 384, 512)), SIG(Ver) (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512))<p>SHA [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#1493](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493)<p>Version 6.3.9600|
-|<p>**FIPS186-4:<br>[RSASSA-PSS]:** Sig(Gen): (2048 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))), Sig(Ver): (1024 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(62))) (2048 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64))) (3072 SHA(1 SaltLen(20), 256 SaltLen(32), 384 SaltLen(48), 512 SaltLen(64)))<p>SHA [validation number 2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations [#1519](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519)<p>Version 6.3.9600|
-|<p>**FIPS186-4:<br>ALG[RSASSA-PKCS1_V1_5]** SIG(gen) (2048 SHA(256, 384, 512-256)) (3072 SHA(256, 384, 512-256)), SIG(Ver) (1024 SHA(1, 256, 384, 512-256)) (2048 SHA(1, 256, 384, 512-256)) (3072 SHA(1, 256, 384, 512-256))<p>**[RSASSA-PSS]:**  Sig(Gen): (2048 SHA(256, 384, 512)) (3072 SHA(256, 384, 512)), Sig(Ver): (1024 SHA(1, 256, 384, 512)) (2048 SHA(1, 256, 384, 512)) (3072 SHA(1, 256, 384, 512, 512)), SHA [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 1134](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1134).|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#1134](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134)|
-|<p>**FIPS186-4:<p>186-4KEY(gen):** FIPS186-4_Fixed_e, FIPS186-4_Fixed_e_Value<p>**PGM(ProbPrimeCondition):** 2048, 3072 **PPTT:**(C.3)<p>SHA [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903) DRBG: [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 RSA Key Generation Implementation [#1133](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537 DRBG: [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258)<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902), <li>SHA-384[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902), <li>SHA-512[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902),, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902), <li>SHA-256[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902), SHA-[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902), <li>SHA-512[#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 1132](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1132).|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) [#1132](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132)|
-|<p>**FIPS186-2:ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774)<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774), <li>SHA-384[validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774), <li>SHA-512[validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774),SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774), <li>SHA-256[validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774), <li>SHA-384[validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774), <li>SHA-512[validation number 1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 1052](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1052).|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1052](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1052)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537 DRBG: [validation number  193](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193)<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773), <li>SHA-384[validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773), <li>SHA-512[validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773),SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773), <li>SHA-256[validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773), <li>SHA-384[validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773), <li>SHA-512[validation number 1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 1051](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1051).|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1051](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1051)|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-384[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-512[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081),SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-256[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-384[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-512[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 568](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#568).|Windows Server 2008 R2 and SP1 Enhanced Cryptographic Provider (RSAENH) [#568](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568)|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-384[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-512[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-256[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-384[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-512[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081),<br>**ALG[RSASSA-PSS]:** SIG(gen); 2048, 3072, 4096, SHS: <li>SHA-256[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-384[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-512[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-256[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-384[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-512[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 567](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#567). See [Historical RSA List validation number 560](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#560).|Windows Server 2008 R2 and SP1 CNG algorithms [#567](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#567)<p>Windows 7 and SP1 CNG algorithms [#560](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#560)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537 DRBG: [validation number  23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 559](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#559).|Windows 7 and SP1 and Server 2008 R2 and SP1 RSA Key Generation Implementation [#559](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559)|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS:<li>SHA-256[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-384[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-512[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-256[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-384[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081), <li>SHA-512[validation number 1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 557](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#557).|Windows 7 and SP1 Enhanced Cryptographic Provider (RSAENH) [#557](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816), <li>SHA-384[validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816), <li>SHA-512[validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816),SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816), <li>SHA-256[validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816), <li>SHA-384[validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816), <li>SHA-512[validation number 816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 395](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#395).|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#395](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#395)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783)**<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783), <li>SHA-384[validation number 783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783), <li>SHA-512[validation number 783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 371](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#371).|Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#371](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#371)|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-384[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-512[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-256[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-384[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-512[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753),<br>**ALG[RSASSA-PSS]:** SIG(gen); 2048, 3072, 4096, SHS: <li>SHA-256[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-384[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-512[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-256[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-384[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-512[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 358](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#358). See [Historical RSA List validation number 357](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#357).|Windows Server 2008 CNG algorithms [#358](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#358)<p>Windows Vista SP1 CNG algorithms [#357](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#357)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-384[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-512[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-256[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-384[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753), <li>SHA-512[validation number 753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 355](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#355). See [Historical RSA List validation number 354](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#354).|Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) [#355](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355)<p>Windows Vista SP1 Enhanced Cryptographic Provider (RSAENH) [#354](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 353](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#353).|Windows Vista SP1 and Windows Server 2008 RSA Key Generation Implementation [#353](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** Key(gen)(MOD: 2048, 3072, 4096 PubKey Values: 65537 RNG: [validation number  321](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 258](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#258).|Windows Vista RSA key generation implementation [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#258)|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-384[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-512[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618),SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-256[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-384[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-512[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618),<br>**ALG[RSASSA-PSS]:** SIG(gen); 2048, 3072, 4096, SHS: <li>SHA-256[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-384[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-512[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-256[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-384[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-512[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 257](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#257).|Windows Vista CNG algorithms [#257](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#257)|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-384[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-512[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618),, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-256[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-384[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618), <li>SHA-512[validation number 618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 255](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#255).|Windows Vista Enhanced Cryptographic Provider (RSAENH) [#255](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#255)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613)<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613), <li>SHA-384[validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613), <li>SHA-512[validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613), SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613), <li>SHA-256[validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613), <li>SHA-384[validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613), <li>SHA-512[validation number 613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 245](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#245).|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#245](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#245)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589)<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589), <li>SHA-384[validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589), <li>SHA-512[validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589),, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589), <li>SHA-256[validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589), <li>SHA-384[validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589), <li>SHA-512[validation number 589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 230](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#230).|Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#230](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#230)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578)<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578), <li>SHA-384[validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578), <li>SHA-512[validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578),, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578), <li>SHA-256[validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578), <li>SHA-384[validation number 578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578), <li>SHA-512[validation number 578](http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#578),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 222](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#222).|Windows CE and Windows Mobile 6 and Windows Mobile 6.1 Enhanced Cryptographic Provider (RSAENH) [#222](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#222)|
-|<p>**FIPS186-2:<br>ALG[RSASSA-PKCS1_V1_5]:**<p>SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 364](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364)<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 81](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#81).|Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#81](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81)|
-|<p>**FIPS186-2:<br>ALG[ANSIX9.31]:** SIG(ver); 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 305](http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#305)<br>**ALG[RSASSA-PKCS1_V1_5]:** SIG(gen) 2048, 3072, 4096, SHS: <li>SHA-256[validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305), <li>SHA-384[validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305), <li>SHA-512[validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305),, SIG(ver): 1024, 1536, 2048, 3072, 4096, SHS: SHA-1[validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305), <li>SHA-256[validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305), <li>SHA-384[validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305), <li>SHA-512[validation number 305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305),<p>Some of the previously validated components for this validation have been removed because they're now non-compliant per the SP800-131A transition. See [Historical RSA List validation number 52](http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#52).|Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) [#52](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#52)|
-|<p>**FIPS186-2:**: <li>PKCS#1 v1.5, Signature generation, and verification<li>Mod sizes: 1024, 1536, 2048, 3072, 4096<li>SHS: SHA–1/256/384/512|Windows XP, vendor-affirmed<p>Windows 2000, vendor-affirmed|
-
-#### Secure Hash Standard (SHS)
-
-|Modes / States / Key Sizes|Algorithm Implementation and Certificate #|
-|--- |--- |
-|<p>SHA-1:<br>Supports Empty Message<p>SHA-256:<br>Supports Empty Message<p>SHA-384:<br>Supports Empty Message<p>SHA-512:<br>Supports Empty Message|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011)<p>Version 10.0.15063.674|
-|<p>SHA-1:<br>Supports Empty Message<p>SHA-256:<br>Supports Empty Message<p>SHA-384:<br>Supports Empty Message<p>SHA-512:<br>Supports Empty Message|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010)<p>Version 10.0.15254|
-|<p>SHA-1:<br>Supports Empty Message<p>SHA-256:<br>Supports Empty Message<p>SHA-384:<br>Supports Empty Message<p>SHA-512:<br>Supports Empty Message|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009)<p>Version 10.0.16299|
-|<li>**SHA-1**      (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only)<li>**SHA-512**  (BYTE-only)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#3790](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790)<p>Version 10.0.15063|
-|<li>**SHA-1**      (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only)<li>**SHA-512**  (BYTE-only)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#3652](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652)<p>Version 7.00.2872|
-|<li>**SHA-1**      (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only<li>**SHA-512**  (BYTE-only)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#3651](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651)<p>Version 8.00.6246|
-|<li>**SHA-1**      (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only)<li>**SHA-512**  (BYTE-only)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#3649](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649)<p>Version 7.00.2872|
-|<li>**SHA-1**      (BYTE-only)<li>**SHA-256**  (BYTE-only)<li>**SHA-384**  (BYTE-only)<li>**SHA-512**  (BYTE-only)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#3648](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648)<p>Version 8.00.6246|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#3347](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347)<p>Version 10.0.14393|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations [#3346](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3346)<p>Version 10.0.14393|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub RSA32 Algorithm Implementations [#3048](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048)<p>Version 10.0.10586|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations [#3047](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047)<p>Version 10.0.10586|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#2886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886)<p>Version 10.0.10240|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations [#2871](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871)<p>Version 10.0.10240|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations [#2396](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396)<p>Version 6.3.9600|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#2373](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373)<p>Version 6.3.9600|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)<p>Implementation does not support zero-length (null) messages.|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#1903](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903)<p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) [#1902](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902)|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1774](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774)<p>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#1773](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773)|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation [#1081](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081)<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#816](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816.)|
-|<li>**SHA-1** (BYTE-only)|Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) [#785](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785)<p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#784](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#784)|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#783](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783)|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows Vista SP1 and Windows Server 2008 Symmetric Algorithm Implementation [#753](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753)<p>Windows Vista Symmetric Algorithm Implementation [#618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)|Windows Vista BitLocker Drive Encryption [#737](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737)<p>Windows Vista Beta 2 BitLocker Drive Encryption [#495](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495)|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#613](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613)<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#364](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364)|
-|<li>**SHA-1** (BYTE-only)|Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider [#611](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#611)<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) [#610](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610)<p>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#385](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385)<p>Windows Server 2003 SP1 Kernel Mode Cryptographic Module (fips.sys) [#371](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#371)<p>Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#181](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181)<p>Windows Server 2003 Kernel Mode Cryptographic Module (fips.sys) [#177](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#177)<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) [#176](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176)|
-|<li>**SHA-1** (BYTE-only)<li>**SHA-256** (BYTE-only)<li>**SHA-384** (BYTE-only)<li>**SHA-512** (BYTE-only)|Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#589](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589)<p>Windows CE and Windows Mobile 6 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) [#578](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578)<p>Windows CE 5.00 and Windows CE 5.01 Enhanced<p>Cryptographic Provider (RSAENH) [#305](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305)|
-|<li>**SHA-1** (BYTE-only)|Windows XP Microsoft Enhanced Cryptographic Provider [#83](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83)<p>Crypto Driver for Windows 2000 (fips.sys) [#35](http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htmlhttp:/csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.html#35)<p>Windows 2000 Microsoft Outlook Cryptographic Provider (EXCHCSP.DLL) SR-1A (3821) [#32](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#32)<p>Windows 2000 RSAENH.DLL [#24](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#24)<p>Windows 2000 RSABASE.DLL [#23](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#23)<p>Windows NT 4 SP6 RSAENH.DLL [#21](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#21)<p>Windows NT 4 SP6 RSABASE.DLL [#20](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#20)|
-
-
-#### Triple DES
-
-
-|**Modes / States / Key Sizes**|**Algorithm Implementation and Certificate #**|
-|--- |--- |
-|<p>TDES-CBC:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB64:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB8:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-ECB:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#2558](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2558)<p>Version 10.0.15063.674|
-|<p>TDES-CBC:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB64:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB8:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-ECB:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#2557](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2557)<p>Version 10.0.15254|
-|<p>TDES-CBC:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB64:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-CFB8:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1<p>TDES-ECB:<li>Modes: Decrypt, Encrypt<li>Keying Option: 1|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#2556](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2556)<p>Version 10.0.16299|
-|**TECB**(KO 1 e/d); **TCBC**(KO 1 e/d); **TCFB8**(KO 1 e/d); **TCFB64**(KO 1 e/d)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#2459](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2459)<p>Version 10.0.15063|
-|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2384](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2384)<p>Version 8.00.6246|
-|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d)|Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) [#2383](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2383)<p>Version 8.00.6246|
-|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**CTR** (int only)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2382](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2382)<p>Version 7.00.2872|
-|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d)|Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#2381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2381)<p>Version 8.00.6246|
-|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**TCFB8**(KO 1 e/d);**TCFB64**(KO 1 e/d)|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#2227](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227)<p>Version 10.0.14393|
-|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**TCFB8**(KO 1 e/d);**TCFB64**(KO 1 e/d)|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations [#2024](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2024)<p>Version 10.0.10586|
-|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**TCFB8**(KO 1 e/d);**TCFB64**(KO 1 e/d)|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#1969](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1969)<p>Version 10.0.10240|
-|**TECB**(KO 1 e/d);**TCBC**(KO 1 e/d);**TCFB8**(KO 1 e/d);**TCFB64**(KO 1 e/d)|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#1692](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692)<p>Version 6.3.9600|
-|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2);**TCFB64**(e/d; KO 1, 2)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#1387](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387)|
-|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386)|
-|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2)|Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846)|
-|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2)|Windows Vista SP1 and Windows Server 2008 Symmetric Algorithm Implementation [#656](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656)|
-|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2);**TCFB8**(e/d; KO 1, 2)|Windows Vista Symmetric Algorithm Implementation [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549)|
-|**Triple DES MAC**|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 [#1386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386), vendor-affirmedWindows 7 and SP1 and Windows Server 2008 R2 and SP1 [#846](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846), vendor-affirmed|
-|**TECB**(e/d; KO 1, 2);**TCBC**(e/d; KO 1, 2)|Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) [#1308](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1308)Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) [#1307](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1307)<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#691](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#691)<p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) [#677](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#677)<p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#676](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#676)<p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) [#675](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#675)<p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) [#544](http://csrc.nist.gov/groups/stm/cavp/documents/des/tripledesval.html#544)<p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider [#543](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#543)<p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) [#542](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#542)Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) [#526](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#526)<p>Windows CE and Windows Mobile 6 and Windows Mobile 6.1 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) [#517](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#517)<p>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#381](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#381)<p>Windows Server 2003 SP1 Kernel Mode Cryptographic Module (fips.sys) [#370](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#370)<p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) [#365](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#365)Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) [#315](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#315)<p>Windows Server 2003 Kernel Mode Cryptographic Module (fips.sys) [#201](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#201)<p>Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) [#199](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#199)<p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) [#192](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#192)Windows XP Microsoft Enhanced Cryptographic Provider [#81](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#81)<p>Windows 2000 Microsoft Outlook Cryptographic Provider (EXCHCSP.DLL) SR-1A (3821) [#18](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#18)Crypto Driver for Windows 2000 (fips.sys) [#16](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#16)|
-
-#### SP 800-132 Password-Based Key Derivation Function (PBKDF)
-
-| Modes / States / Key Sizes | Algorithm Implementation and Certificate # |
-| --- | --- |
-| PBKDF (vendor affirmed) |  Kernel Mode Cryptographic Primitives Library (cng.sys) Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2937](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937)<br/>(Software Version: 10.0.14393)<br/><br/>Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2936](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936)<br/>(Software Version: 10.0.14393)<br/><br/>Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2935](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935)<br/>(Software Version: 10.0.14393) |
-| PBKDF (vendor affirmed) | Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2936](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936)<br/>(Software Version: 10.0.14393)<br/><br/>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG), vendor-affirmed |
-
-#### Component Validation List
-
-
-|**Publication / Component Validated / Description**|**Implementation and Certificate #**|
-|--- |--- |
-|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#489](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489)|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#1540](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1540)<p>Version 6.3.9600|
-|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Microsoft Surface Hub Virtual TPM Implementations [#1519](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1519)<p>Version 10.0.15063.674|
-|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); Virtual TPM Implementations [#1518](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1518)<p>Version 10.0.16299|
-|RSADP:<p>Modulus Size: 2048 (bits)|Microsoft Surface Hub MsBignum Cryptographic Implementations [#1517](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1517)<p>Version 10.0.15063.674|
-|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Microsoft Surface Hub MsBignum Cryptographic Implementations [#1516](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1516)<p>Version 10.0.15063.674|
-|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub MsBignum Cryptographic Implementations [#1515](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1515)<p>Version 10.0.15063.674|
-|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1732](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1732)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1514](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1514)<p>Version 10.0.15063.674|
-|RSADP:<p>Modulus Size: 2048 (bits)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1513](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1513)<p>Version 10.0.15063.674|
-|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1512](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1512)<p>Version 10.0.15063.674|
-|<p>IKEv1:<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption<li>Pre-shared Key Length: 64-2048<p>Diffie-Hellman shared secrets:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), HMAC [#3269](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269)<p>IKEv2:<li>Derived Keying Material length: 192-1792<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), HMAC [#3269](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269)<p>TLS:<li>Supports TLS 1.0/1.1<li>Supports TLS 1.2:<p>SHA Functions: SHA-256, SHA-384<p>Prerequisite: SHS [#4011](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4011), HMAC [#3269](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3269)|Microsoft Surface Hub SymCrypt Cryptographic Implementations [#1511](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1511)<p>Version 10.0.15063.674|
-|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1510](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1510)<p>Version 10.0.15254|
-|RSADP:<p>Modulus Size: 2048 (bits)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1509](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1509)<p>Version 10.0.15254|
-|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1508](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1508)<p>Version 10.0.15254|
-|<p>IKEv1:<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption<li>Pre-shared Key Length: 64-2048<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), HMAC [#3268](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268)<p>IKEv2:<li>Derived Keying Material length: 192-1792<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), HMAC [#3268](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268)<p>TLS:<li>Supports TLS 1.0/1.1<li>Supports TLS 1.2:<p>SHA Functions: SHA-256, SHA-384<p>Prerequisite: SHS [#4010](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4010), HMAC [#3268](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3268)|Windows 10 Mobile (version 1709) SymCrypt Cryptographic Implementations [#1507](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1507)<p>Version 10.0.15254|
-|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1731](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1731)|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#1506](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1506)<p>Version 10.0.15254|
-|RSADP:<p>Modulus Size: 2048 (bits)|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#1505](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1505)<p>Version 10.0.15254|
-|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Mobile (version 1709) MsBignum Cryptographic Implementations [#1504](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1504)<p>Version 10.0.15254|
-|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#1503](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1503)<p>Version 10.0.16299|
-|RSADP:<p>Modulus Size: 2048 (bits)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#1502](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1502)<p>Version 10.0.16299|
-|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); MsBignum Cryptographic Implementations [#1501](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1501)<p>Version 10.0.16299|
-|<p>ECDSA SigGen:<li>P-256 SHA: SHA-256<li>P-384 SHA: SHA-384<li>P-521 SHA: SHA-512<p>Prerequisite: DRBG [#1730](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1730)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1499](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1499)<p>Version 10.0.16299|
-|RSADP:<p>Modulus Size: 2048 (bits)|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations [#1498](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1498)<p>Version 10.0.16299|
-|<p>RSASP1:<p>Modulus Size: 2048 (bits)<br>Padding Algorithms: PKCS 1.5|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  [#1497](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1497)<p>Version 10.0.16299|
-|<p>IKEv1:<li>Methods: Digital Signature, Pre-shared Key, Public Key Encryption<li>Pre-shared Key Length: 64-2048<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), HMAC [#3267](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267)<p>IKEv2:<li>Derived Keying Material length: 192-1792<p>Diffie-Hellman shared secret:<li>Length: 2048 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 256 (bits)<li>SHA Functions: SHA-256<p>Diffie-Hellman shared secret:<li>Length: 384 (bits)<li>SHA Functions: SHA-384<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), HMAC [#3267](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267)<p>TLS:<li>Supports TLS 1.0/1.1<li>Supports TLS 1.2:<p>SHA Functions: SHA-256, SHA-384<p>Prerequisite: SHS [#4009](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#4009), HMAC [#3267](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3267)|Windows 10 Home, Pro, Enterprise, Education,Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  [#1496](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1496)<p>Version 10.0.16299|
-|FIPS186-4 ECDSA<p>Signature Generation of hash sized messages<p>ECDSA SigGen Component: CURVES(P-256 P-384 P-521)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#1284](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1284)<p>Version 10.0. 15063<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1279](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1279)<p>Version 10.0. 15063<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#922](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#922)<p>Version 10.0.14393<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#894](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#894)<p>Version 10.0.14393icrosoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations [#666](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#666)<p>Version 10.0.10586<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations [#288](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#288)<p>Version 6.3.9600|
-|FIPS186-4 RSA; PKCS#1 v2.1<p>RSASP1 Signature Primitive<p>RSASP1: (Mod2048: PKCS1.5 PKCSPSS)|Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations [#1285](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1285)<p>Version 10.0.15063<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#1282](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1282)<p>Version 10.0.15063<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1280](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1280)<p>Version 10.0.15063<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#893](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#893)<p>Version 10.0.14393<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations [#888](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888)<p>Version 10.0.14393<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations [#665](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665)<p>Version 10.0.10586<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations [#572](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572)<p>Version  10.0.10240<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry MsBignum Cryptographic Implementations [#289](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289)<p>Version 6.3.9600|
-|FIPS186-4 RSA; RSADP<p>RSADP Primitive<p>RSADP: (Mod2048)|Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations [#1283](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1283)<p>Version 10.0.15063<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1281](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281)<p>Version 10.0.15063<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations [#895](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#895)<p>Version 10.0.14393<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#887](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#887)<p>Version 10.0.14393<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations [#663](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#663)<p>Version 10.0.10586<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations [#576](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#576)<p>Version  10.0.10240|
-|SP800-135<p>Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS|Windows 10 Home, Pro, Enterprise, Education, Windows 10 S Fall Creators Update; Windows Server, Windows Server Datacenter (version 1709); SymCrypt Cryptographic Implementations  [#1496](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1496)<p>Version 10.0.16299<p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations [#1278](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278)<p>Version 10.0.15063<p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1140](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1140)<p>Version 7.00.2872<p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) [#1139](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1139)<p>Version 8.00.6246<p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BcryptPrimitives and NCryptSSLp [#886](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#886)<p>Version 10.0.14393<p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” BCryptPrimitives and NCryptSSLp [#664](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#664)<p>Version 10.0.10586<p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BCryptPrimitives and NCryptSSLp [#575](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#575)<p>Version  10.0.10240<p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 BCryptPrimitives and NCryptSSLp [#323](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#323)<p>Version 6.3.9600|
-
-## Contact
-
-fips@microsoft.com
-
-## References
-
-* [FIPS 140-2, Security Requirements for Cryptographic Modules](http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf))
-* [Cryptographic Module Validation Program (CMVP) FAQ](http://csrc.nist.gov/groups/stm/cmvp/documents/cmvpfaq.pdf)
-* [SP 800-57 - Recommendation for Key Management – Part 1: General (Revised)](https://csrc.nist.gov/publications/detail/sp/800-57-part-1/rev-5/final)
-* [SP 800-131A - Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths](http://csrc.nist.gov/publications/nistpubs/800-131a/sp800-131a.pdf)
+---
+
+<!-- Links -->
+
+[HTTP-1]: https://csrc.nist.gov/Projects/cryptographic-module-validation-program
+
+
+[aes-33]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=33
+[aes-80]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=80
+[aes-224]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=224
+[aes-290]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=290
+[aes-424]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=424
+[aes-507]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=507
+[aes-516]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=516
+[aes-548]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=548
+[aes-553]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=553
+[aes-715]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=715
+[aes-739]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=739
+[aes-756]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=756
+[aes-757]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=757
+[aes-760]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=760
+[aes-781]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=781
+[aes-818]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=818
+[aes-1168]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=1168
+[aes-1177]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=1177
+[aes-1178]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=1178
+[aes-1187]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=1187
+[aes-2023]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2023
+[aes-2024]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2024
+[aes-2196]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2196
+[aes-2197]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2197
+[aes-2198]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2198
+[aes-2216]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2216
+[aes-2832]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2832
+[aes-2848]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2848
+[aes-2853]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=2853
+[aes-3476]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=3476
+[aes-3497]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=3497
+[aes-3498]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=3498
+[aes-3507]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=3507
+[aes-3629]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=3629
+[aes-3630]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=3630
+[aes-3652]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=3652
+[aes-3653]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=3653
+[aes-4061]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4061
+[aes-4062]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4062
+[aes-4063]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4063
+[aes-4064]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4064
+[aes-4074]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4074
+[aes-4430]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4430
+[aes-4431]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4431
+[aes-4433]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4433
+[aes-4434]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4434
+[aes-4624]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4624
+[aes-4625]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4625
+[aes-4626]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4626
+[aes-4627]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4627
+[aes-4894]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4894
+[aes-4895]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4895
+[aes-4896]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4896
+[aes-4897]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4897
+[aes-4898]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4898
+[aes-4899]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4899
+[aes-4900]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4900
+[aes-4901]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4901
+[aes-4902]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4902
+[aes-4903]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4903
+[aes-4904]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=4904
+
+[component-288]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=288
+[component-289]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=289
+[component-323]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=323
+[component-572]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=572
+[component-575]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=575
+[component-576]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=576
+[component-663]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=663
+[component-664]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=664
+[component-665]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=665
+[component-666]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=666
+[component-886]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=886
+[component-887]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=887
+[component-888]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=888
+[component-893]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=893
+[component-894]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=894
+[component-895]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=895
+[component-922]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=922
+[component-1133]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1133
+[component-1139]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1139
+[component-1140]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1140
+[component-1278]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1278
+[component-1279]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1279
+[component-1280]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1280
+[component-1281]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1281
+[component-1282]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1282
+[component-1283]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1283
+[component-1284]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1284
+[component-1285]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1285
+[component-1496]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1496
+[component-1497]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1497
+[component-1498]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1498
+[component-1499]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1499
+[component-1501]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1501
+[component-1502]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1502
+[component-1503]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1503
+[component-1504]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1504
+[component-1505]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1505
+[component-1506]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1506
+[component-1507]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1507
+[component-1508]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1508
+[component-1509]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1509
+[component-1510]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1510
+[component-1511]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1511
+[component-1512]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1512
+[component-1513]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1513
+[component-1514]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1514
+[component-1515]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1515
+[component-1516]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1516
+[component-1517]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1517
+[component-1518]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1518
+[component-1519]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1519
+[component-1540]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=1540
+[component-2521]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=component&number=2521
+
+[des-91]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=des&number=91
+[des-156]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=des&number=156
+[des-230]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=des&number=230
+
+[drbg-23]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=23
+[drbg-24]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=24
+[drbg-27]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=27
+[drbg-193]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=193
+[drbg-258]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=258
+[drbg-259]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=259
+[drbg-489]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=489
+[drbg-868]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=868
+[drbg-955]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=955
+[drbg-1217]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1217
+[drbg-1222]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1222
+[drbg-1429]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1429
+[drbg-1430]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1430
+[drbg-1432]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1432
+[drbg-1433]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1433
+[drbg-1555]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1555
+[drbg-1556]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1556
+[drbg-1730]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1730
+[drbg-1731]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1731
+[drbg-1732]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1732
+[drbg-1733]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1733
+[drbg-1734]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=drbg&number=1734
+
+[dsa-17]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=17
+[dsa-25]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=25
+[dsa-26]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=26
+[dsa-28]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=28
+[dsa-29]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=29
+[dsa-35]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=35
+[dsa-72]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=72
+[dsa-95]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=95
+[dsa-146]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=146
+[dsa-221]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=221
+[dsa-226]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=226
+[dsa-227]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=227
+[dsa-281]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=281
+[dsa-282]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=282
+[dsa-283]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=283
+[dsa-284]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=284
+[dsa-291]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=291
+[dsa-292]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=292
+[dsa-385]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=385
+[dsa-386]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=386
+[dsa-390]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=390
+[dsa-391]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=391
+[dsa-645]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=645
+[dsa-686]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=686
+[dsa-687]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=687
+[dsa-855]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=855
+[dsa-983]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=983
+[dsa-1024]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1024
+[dsa-1098]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1098
+[dsa-1135]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1135
+[dsa-1187]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1187
+[dsa-1188]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1188
+[dsa-1223]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1223
+[dsa-1301]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1301
+[dsa-1302]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1302
+[dsa-1303]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=dsa&number=1303
+
+[ecdsa-60]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=60
+[ecdsa-82]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=82
+[ecdsa-83]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=83
+[ecdsa-141]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=141
+[ecdsa-142]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=142
+[ecdsa-295]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=295
+[ecdsa-341]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=341
+[ecdsa-505]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=505
+[ecdsa-706]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=706
+[ecdsa-760]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=760
+[ecdsa-911]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=911
+[ecdsa-920]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=920
+[ecdsa-1072]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1072
+[ecdsa-1073]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1073
+[ecdsa-1133]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1133
+[ecdsa-1135]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1135
+[ecdsa-1136]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1136
+[ecdsa-1246]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1246
+[ecdsa-1247]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1247
+[ecdsa-1248]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1248
+[ecdsa-1249]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1249
+[ecdsa-1250]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1250
+[ecdsa-1251]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1251
+[ecdsa-1252]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1252
+[ecdsa-1253]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1253
+[ecdsa-1263]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=ecdsa&number=1263
+
+[hmac-31]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=31
+[hmac-99]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=99
+[hmac-199]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=199
+[hmac-260]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=260
+[hmac-267]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=267
+[hmac-287]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=287
+[hmac-289]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=289
+[hmac-297]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=297
+[hmac-298]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=298
+[hmac-386]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=386
+[hmac-407]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=407
+[hmac-408]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=408
+[hmac-412]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=412
+[hmac-413]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=413
+[hmac-415]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=415
+[hmac-428]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=428
+[hmac-429]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=429
+[hmac-452]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=452
+[hmac-673]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=673
+[hmac-675]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=675
+[hmac-677]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=677
+[hmac-686]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=686
+[hmac-687]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=687
+[hmac-1227]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=1227
+[hmac-1345]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=1345
+[hmac-1346]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=1346
+[hmac-1347]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=1347
+[hmac-1364]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=1364
+[hmac-1773]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=1773
+[hmac-2122]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2122
+[hmac-2233]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2233
+[hmac-2381]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2381
+[hmac-2651]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2651
+[hmac-2661]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2661
+[hmac-2942]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2942
+[hmac-2943]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2943
+[hmac-2945]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2945
+[hmac-2946]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=2946
+[hmac-3061]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=3061
+[hmac-3062]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=3062
+[hmac-3267]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=3267
+[hmac-3268]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=3268
+[hmac-3269]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=3269
+[hmac-3270]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=3270
+[hmac-3271]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=hmac&number=3271
+
+[kas-36]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=36
+[kas-47]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=47
+[kas-64]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=64
+[kas-72]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=72
+[kas-92]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=92
+[kas-93]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=93
+[kas-114]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=114
+[kas-115]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=115
+[kas-127]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=127
+[kas-128]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=128
+[kas-146]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=146
+[kas-147]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=147
+[kas-148]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=148
+[kas-149]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=149
+[kas-150]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kas&number=150
+
+[kdf-3]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=3
+[kdf-30]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=30
+[kdf-66]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=66
+[kdf-72]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=72
+[kdf-101]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=101
+[kdf-102]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=102
+[kdf-140]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=140
+[kdf-141]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=141
+[kdf-157]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=157
+[kdf-158]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=158
+[kdf-159]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=159
+[kdf-160]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=160
+[kdf-161]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=kdf&number=161
+
+[rng-66]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=66
+[rng-286]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=286
+[rng-292]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=292
+[rng-313]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=313
+[rng-314]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=314
+[rng-316]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=316
+[rng-321]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=321
+[rng-435]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=435
+[rng-447]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=447
+[rng-448]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=448
+[rng-449]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=449
+[rng-470]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=470
+[rng-649]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=649
+[rng-1060]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=1060
+[rng-1110]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rng&number=1110
+
+[rsa-52]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=52
+[rsa-81]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=81
+[rsa-222]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=222
+[rsa-230]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=230
+[rsa-245]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=245
+[rsa-255]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=255
+[rsa-257]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=257
+[rsa-258]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=258
+[rsa-353]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=353
+[rsa-354]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=354
+[rsa-355]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=355
+[rsa-357]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=357
+[rsa-358]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=358
+[rsa-371]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=371
+[rsa-395]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=395
+[rsa-557]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=557
+[rsa-559]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=559
+[rsa-560]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=560
+[rsa-567]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=567
+[rsa-568]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=568
+[rsa-1051]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1051
+[rsa-1052]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1052
+[rsa-1132]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1132
+[rsa-1133]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1133
+[rsa-1134]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1134
+[rsa-1487]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1487
+[rsa-1493]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1493
+[rsa-1494]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1494
+[rsa-1519]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1519
+[rsa-1783]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1783
+[rsa-1784]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1784
+[rsa-1798]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1798
+[rsa-1802]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1802
+[rsa-1871]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1871
+[rsa-1887]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1887
+[rsa-1888]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1888
+[rsa-1889]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=1889
+[rsa-2192]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2192
+[rsa-2193]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2193
+[rsa-2194]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2194
+[rsa-2195]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2195
+[rsa-2206]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2206
+[rsa-2411]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2411
+[rsa-2412]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2412
+[rsa-2414]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2414
+[rsa-2415]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2415
+[rsa-2521]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2521
+[rsa-2522]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2522
+[rsa-2523]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2523
+[rsa-2524]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2524
+[rsa-2667]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2667
+[rsa-2668]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2668
+[rsa-2669]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2669
+[rsa-2670]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2670
+[rsa-2671]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2671
+[rsa-2672]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2672
+[rsa-2673]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2673
+[rsa-2674]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2674
+[rsa-2675]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2675
+[rsa-2676]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2676
+[rsa-2677]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=rsa&number=2677
+
+[shs-20]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=20
+[shs-21]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=21
+[shs-23]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=23
+[shs-24]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=24
+[shs-32]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=32
+[shs-35]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=35
+[shs-83]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=83
+[shs-176]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=176
+[shs-177]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=177
+[shs-181]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=181
+[shs-267]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=267
+[shs-305]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=305
+[shs-364]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=364
+[shs-371]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=371
+[shs-385]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=385
+[shs-428]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=428
+[shs-429]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=429
+[shs-495]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=495
+[shs-578]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=578
+[shs-589]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=589
+[shs-610]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=610
+[shs-611]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=611
+[shs-613]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=613
+[shs-618]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=618
+[shs-737]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=737
+[shs-753]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=753
+[shs-783]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=783
+[shs-784]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=784
+[shs-785]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=785
+[shs-816]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=816
+[shs-1081]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=1081
+[shs-1773]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=1773
+[shs-1774]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=1774
+[shs-1902]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=1902
+[shs-1903]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=1903
+[shs-2373]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=2373
+[shs-2396]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=2396
+[shs-2764]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=2764
+[shs-2871]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=2871
+[shs-2886]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=2886
+[shs-3047]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3047
+[shs-3048]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3048
+[shs-3346]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3346
+[shs-3347]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3347
+[shs-3648]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3648
+[shs-3649]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3649
+[shs-3651]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3651
+[shs-3652]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3652
+[shs-3790]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=3790
+[shs-4009]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=4009
+[shs-4010]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=4010
+[shs-4011]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=4011
+
+[tdes-16]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=16
+[tdes-18]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=18
+[tdes-81]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=81
+[tdes-192]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=192
+[tdes-199]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=199
+[tdes-201]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=201
+[tdes-315]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=315
+[tdes-365]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=365
+[tdes-370]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=370
+[tdes-381]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=381
+[tdes-517]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=517
+[tdes-526]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=526
+[tdes-542]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=542
+[tdes-543]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=543
+[tdes-544]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=544
+[tdes-549]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=549
+[tdes-656]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=656
+[tdes-675]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=675
+[tdes-676]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=676
+[tdes-677]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=677
+[tdes-691]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=691
+[tdes-846]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=846
+[tdes-1307]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=1307
+[tdes-1308]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=1308
+[tdes-1386]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=1386
+[tdes-1387]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=1387
+[tdes-1692]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=1692
+[tdes-1969]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=1969
+[tdes-2024]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2024
+[tdes-2227]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2227
+[tdes-2381]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2381
+[tdes-2382]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2382
+[tdes-2383]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2383
+[tdes-2384]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2384
+[tdes-2459]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2459
+[tdes-2556]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2556
+[tdes-2557]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2557
+[tdes-2558]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=tdes&number=2558
+
+[certificate-68]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/68
+[certificate-75]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/75
+[certificate-76]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/76
+[certificate-103]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103
+[certificate-106]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/106
+[certificate-110]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/110
+[certificate-238]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/238
+[certificate-240]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/240
+[certificate-241]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/241
+[certificate-381]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381
+[certificate-382]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382
+[certificate-405]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405
+[certificate-825]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/825
+[certificate-868]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/868
+[certificate-869]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/869
+[certificate-875]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/875
+[certificate-891]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/891
+[certificate-893]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/893
+[certificate-894]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/894
+[certificate-947]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/947
+[certificate-978]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/978
+[certificate-979]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/979
+[certificate-980]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/980
+[certificate-989]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/989
+[certificate-990]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/990
+[certificate-997]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/997
+[certificate-1000]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1000
+[certificate-1001]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1001
+[certificate-1002]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1002
+[certificate-1003]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1003
+[certificate-1004]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1004
+[certificate-1005]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1005
+[certificate-1006]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1006
+[certificate-1007]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1007
+[certificate-1008]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1008
+[certificate-1009]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1009
+[certificate-1010]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1010
+[certificate-1319]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1319
+[certificate-1321]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1321
+[certificate-1326]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1326
+[certificate-1327]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1327
+[certificate-1328]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1328
+[certificate-1329]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1329
+[certificate-1330]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1330
+[certificate-1331]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1331
+[certificate-1332]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1332
+[certificate-1333]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1333
+[certificate-1334]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1334
+[certificate-1335]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1335
+[certificate-1336]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1336
+[certificate-1337]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1337
+[certificate-1338]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1338
+[certificate-1339]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1339
+[certificate-1891]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891
+[certificate-2351]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351
+[certificate-2352]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352
+[certificate-2353]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353
+[certificate-2354]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354
+[certificate-2355]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355
+[certificate-2356]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356
+[certificate-2357]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357
+[certificate-2600]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2600
+[certificate-2601]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2601
+[certificate-2602]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2602
+[certificate-2603]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2603
+[certificate-2604]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2604
+[certificate-2605]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605
+[certificate-2606]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606
+[certificate-2607]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2607
+[certificate-2700]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2700
+[certificate-2701]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2701
+[certificate-2702]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2702
+[certificate-2703]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2703
+[certificate-2931]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931
+[certificate-2932]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932
+[certificate-2933]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2933
+[certificate-2934]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934
+[certificate-2935]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935
+[certificate-2936]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936
+[certificate-2937]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937
+[certificate-2938]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938
+[certificate-2956]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2956
+[certificate-2957]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2957
+[certificate-3089]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089
+[certificate-3090]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3090
+[certificate-3091]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091
+[certificate-3092]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092
+[certificate-3093]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3093
+[certificate-3094]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094
+[certificate-3095]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3095
+[certificate-3096]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096
+[certificate-3194]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194
+[certificate-3195]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195
+[certificate-3196]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196
+[certificate-3197]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197
+[certificate-3480]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480
+[certificate-3615]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615
+[certificate-3644]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644
+[certificate-3651]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651
+[certificate-3690]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690
+
+[sp-68]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp68.pdf
+[sp-75]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp75.pdf
+[sp-76]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp76.pdf
+[sp-103]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf
+[sp-106]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp106.pdf
+[sp-110]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp110.pdf
+[sp-238]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp238.pdf
+[sp-240]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp240.pdf
+[sp-241]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp241.pdf
+[sp-381]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp381.pdf
+[sp-382]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp382.pdf
+[sp-405]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp405.pdf
+[sp-825]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp825.pdf
+[sp-868]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp868.pdf
+[sp-869]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp869.pdf
+[sp-875]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp875.pdf
+[sp-891]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp891.pdf
+[sp-893]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp893.pdf
+[sp-894]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp894.pdf
+[sp-947]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp947.pdf
+[sp-978]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp978.pdf
+[sp-979]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp979.pdf
+[sp-980]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp980.pdf
+[sp-989]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp989.pdf
+[sp-990]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp990.pdf
+[sp-997]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp997.pdf
+[sp-1000]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1000.pdf
+[sp-1002]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1002.pdf
+[sp-1003]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1003.pdf
+[sp-1004]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1004.pdf
+[sp-1005]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1005.pdf
+[sp-1006]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1006.pdf
+[sp-1007]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1007.pdf
+[sp-1008]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1008.pdf
+[sp-1009]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1009.pdf
+[sp-1010]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1010.pdf
+[sp-1319]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1319.pdf
+[sp-1321]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1321.pdf
+[sp-1326]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf
+[sp-1327]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf
+[sp-1328]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf
+[sp-1329]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1329.pdf
+[sp-1330]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1330.pdf
+[sp-1331]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1331.pdf
+[sp-1332]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf
+[sp-1333]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1333.pdf
+[sp-1334]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1334.pdf
+[sp-1335]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1335.pdf
+[sp-1336]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1336.pdf
+[sp-1337]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1337.pdf
+[sp-1338]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1338.pdf
+[sp-1339]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1339.pdf
+[sp-1891]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1891.pdf
+[sp-1892]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1892.pdf
+[sp-1893]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1893.pdf
+[sp-1894]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1894.pdf
+[sp-1895]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1895.pdf
+[sp-1896]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1896.pdf
+[sp-1897]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1897.pdf
+[sp-1898]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1898.pdf
+[sp-1899]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1899.pdf
+[sp-2351]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2351.pdf
+[sp-2352]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2352.pdf
+[sp-2353]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2353.pdf
+[sp-2354]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2354.pdf
+[sp-2355]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2355.pdf
+[sp-2356]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2356.pdf
+[sp-2357]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2357.pdf
+[sp-2600]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2600.pdf
+[sp-2601]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2601.pdf
+[sp-2602]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2602.pdf
+[sp-2603]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2603.pdf
+[sp-2604]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2604.pdf
+[sp-2605]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2605.pdf
+[sp-2607]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2607.pdf
+[sp-2700]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2700.pdf
+[sp-2701]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2701.pdf
+[sp-2702]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2702.pdf
+[sp-2703]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2703.pdf
+[sp-2931]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2931.pdf
+[sp-2932]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2932.pdf
+[sp-2933]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2933.pdf
+[sp-2934]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2934.pdf
+[sp-2935]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2935.pdf
+[sp-2936]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2936.pdf
+[sp-2937]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2937.pdf
+[sp-2938]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2938.pdf
+[sp-2956]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2956.pdf
+[sp-2957]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2957.pdf
+[sp-3089]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf
+[sp-3090]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3090.pdf
+[sp-3091]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf
+[sp-3092]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf
+[sp-3093]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3093.pdf
+[sp-3094]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3094.pdf
+[sp-3095]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3095.pdf
+[sp-3096]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf
+[sp-3194]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf
+[sp-3195]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf
+[sp-3196]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf
+[sp-3197]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf
+[sp-3480]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf
+[sp-3615]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf
+[sp-3644]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf
+[sp-3651]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf
+[sp-3690]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf
\ No newline at end of file
diff --git a/windows/security/threat-protection/get-support-for-security-baselines.md b/windows/security/threat-protection/get-support-for-security-baselines.md
index 60f033276b..7fec38f0ff 100644
--- a/windows/security/threat-protection/get-support-for-security-baselines.md
+++ b/windows/security/threat-protection/get-support-for-security-baselines.md
@@ -40,7 +40,7 @@ The toolkit supports formats created by the Windows GPO backup feature (`.pol`,
 
 Not yet. PowerShell-based DSC is rapidly gaining popularity, and more DSC tools are coming online to convert GPOs and DSC and to validate system configuration. We're currently developing a tool to provide customers with these features.
 
-### Does SCT support the creation of Microsoft Endpoint Configuration Manager DCM packs?
+### Does SCT support the creation of Microsoft Configuration Manager DCM packs?
 
 No. A potential alternative is Desired State Configuration (DSC), a feature of the [Windows Management Framework](https://www.microsoft.com/download/details.aspx?id=54616). A tool that supports conversion of GPO backups to DSC format is the [BaselineManagement module](https://github.com/Microsoft/BaselineManagement).
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
index 7a727f59dd..b4fb01a3c6 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
@@ -94,7 +94,7 @@ Application Guard functionality is turned off by default. However, you can quick
 
 :::image type="content" source="images/MDAG-EndpointMgr-newprofile.jpg" alt-text="Enroll devices in Intune.":::
 
-1. Go to [https://endpoint.microsoft.com](https://endpoint.microsoft.com) and sign in.
+1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 
 1. Choose **Devices** > **Configuration profiles** > **+ Create profile**, and do the following: <br/>
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
index fa0962d09f..1ba47ee970 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
@@ -1,6 +1,6 @@
 ---
 title: Microsoft Defender Application Guard (Windows 10 or Windows 11)
-description: Learn about Microsoft Defender Application Guard and how it helps to combat malicious content and malware out on the Internet.
+description: Learn about Microsoft Defender Application Guard and how it helps combat malicious content and malware out on the Internet.
 ms.prod: windows-client
 ms.mktglfcycl: manage
 ms.sitesec: library
@@ -39,13 +39,13 @@ For Microsoft Office, Application Guard helps prevents untrusted Word, PowerPoin
 
 Application Guard has been created to target several types of devices:
 
-- **Enterprise desktops**. These desktops are domain-joined and managed by your organization. Configuration management is primarily done through Microsoft Endpoint Manager or Microsoft Intune. Employees typically have Standard User privileges and use a high-bandwidth, wired, corporate network.
+- **Enterprise desktops**. These desktops are domain-joined and managed by your organization. Configuration management is primarily done through Microsoft Configuration Manager or Microsoft Intune. Employees typically have Standard User privileges and use a high-bandwidth, wired, corporate network.
 
-- **Enterprise mobile laptops**. These laptops are domain-joined and managed by your organization. Configuration management is primarily done through Microsoft Endpoint Manager or Microsoft Intune. Employees typically have Standard User privileges and use a high-bandwidth, wireless, corporate network.
+- **Enterprise mobile laptops**. These laptops are domain-joined and managed by your organization. Configuration management is primarily done through Microsoft Configuration Manager or Microsoft Intune. Employees typically have Standard User privileges and use a high-bandwidth, wireless, corporate network.
 
-- **Bring your own device (BYOD) mobile laptops**. These personally-owned laptops are not domain-joined, but are managed by your organization through tools, such as Microsoft Intune. The employee is typically an admin on the device and uses a high-bandwidth wireless corporate network while at work and a comparable personal network while at home.
+- **Bring your own device (BYOD) mobile laptops**. These personally owned laptops aren't domain-joined, but are managed by your organization through tools, such as Microsoft Intune. The employee is typically an admin on the device and uses a high-bandwidth wireless corporate network while at work and a comparable personal network while at home.
 
-- **Personal devices**. These personally-owned desktops or mobile laptops are not domain-joined or managed by an organization. The user is an admin on the device and uses a high-bandwidth wireless personal network while at home or a comparable public network while outside.
+- **Personal devices**. These personally owned desktops or mobile laptops aren't domain-joined or managed by an organization. The user is an admin on the device and uses a high-bandwidth wireless personal network while at home or a comparable public network while outside.
 
 ## Related articles
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md
index e7ea108193..85f176411e 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md
@@ -47,4 +47,4 @@ Your environment must have the following hardware to run Microsoft Defender Appl
 |--------|-----------|
 | Operating system | Windows 10 Enterprise edition, version 1809 or later <br/> Windows 10 Professional edition, version 1809 or later <br/> Windows 10 Professional for Workstations edition, version 1809 or later <br/> Windows 10 Professional Education edition, version 1809 or later <br/> Windows 10 Education edition, version 1809 or later <br/> Windows 11 Education, Enterprise, and Professional editions |
 | Browser | Microsoft Edge |
-| Management system <br> (only for managed devices)| [Microsoft Intune](/intune/) <p> **OR** <p> [Microsoft Endpoint Configuration Manager](/configmgr/) <p> **OR** <p> [Group Policy](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc753298(v=ws.11)) <p> **OR** <p>Your current, company-wide, non-Microsoft mobile device management (MDM) solution. For info about non-Mirosoft MDM solutions, see the documentation that came with your product. |
+| Management system <br> (only for managed devices)| [Microsoft Intune](/intune/) <p> **OR** <p> [Microsoft Configuration Manager](/configmgr/) <p> **OR** <p> [Group Policy](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc753298(v=ws.11)) <p> **OR** <p>Your current, company-wide, non-Microsoft mobile device management (MDM) solution. For info about non-Mirosoft MDM solutions, see the documentation that came with your product. |
diff --git a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
index dff954f4db..c038120c89 100644
--- a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
+++ b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
@@ -280,7 +280,7 @@ SAWs are computers that are built to help significantly reduce the risk of compr
 
 To protect high-value assets, SAWs are used to make secure connections to those assets.
 
-Similarly, on corporate fully managed workstations, where applications are installed by using a distribution tool like Microsoft Endpoint Configuration Manager, Intune, or any third-party device management, then Device Guard is applicable. In that type of scenario, the organization has a good idea of the software that an average user is running.
+Similarly, on corporate fully managed workstations, where applications are installed by using a distribution tool like Microsoft Configuration Manager, Intune, or any third-party device management, then Device Guard is applicable. In that type of scenario, the organization has a good idea of the software that an average user is running.
 
 It could be challenging to use Device Guard on corporate, lightly managed workstations where the user is typically allowed to install software on their own. When an organization offers great flexibility, it’s difficult to run Device Guard in enforcement mode. Nevertheless, Device Guard can be run in Audit mode, and in that case, the event log will contain a record of any binaries that violated the Device Guard policy. When Device Guard is used in Audit mode, organizations can get rich data about drivers and applications that users install and run.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md
index ae3272781f..6b822bc07e 100644
--- a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md
@@ -48,7 +48,7 @@ Multiple WDAC policies can be managed from an MDM server through ApplicationCont
 
 However, when policies are unenrolled from an MDM server, the CSP will attempt to remove every policy from devices, not just the policies added by the CSP. The reason for this is that the ApplicationControl CSP doesn't track enrollment sources for individual policies, even though it will query all policies on a device, regardless if they were deployed by the CSP.
 
-For more information, see [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp) to deploy multiple policies, and optionally use Microsoft Endpoint Manager Intune's Custom OMA-URI capability.
+For more information, see [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp) to deploy multiple policies, and optionally use Microsoft Intune's Custom OMA-URI capability.
 
 > [!NOTE]
 > WMI and GP don't currently support multiple policies. If you can't directly access the MDM stack, use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage multiple policy format Windows Defender Application Control policies.
diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.yml b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
index 0eee8eff2c..2c063bad24 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.yml
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
@@ -30,6 +30,8 @@
               href: allow-com-object-registration-in-windows-defender-application-control-policy.md
             - name: Use WDAC with .NET hardening
               href: use-windows-defender-application-control-with-dynamic-code-security.md
+            - name: Script enforcement with Windows Defender Application Control
+              href: design/script-enforcement.md
             - name: Manage packaged apps with WDAC
               href: manage-packaged-apps-with-windows-defender-application-control.md
             - name: Use WDAC to control specific plug-ins, add-ins, and modules
diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
index af84836ade..f078f7a073 100644
--- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md
@@ -29,7 +29,7 @@ ms.technology: itpro-security
 > [!NOTE]
 > Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
 
-Windows Defender Application Control (WDAC) includes an option called **managed installer** that helps balance security and manageability when enforcing application control policies. This option lets you automatically allow applications installed by a designated software distribution solution, such as Microsoft Endpoint Configuration Manager (MEMCM) or Microsoft Intune.
+Windows Defender Application Control (WDAC) includes an option called **managed installer** that helps balance security and manageability when enforcing application control policies. This option lets you automatically allow applications installed by a designated software distribution solution, such as Microsoft Configuration Manager (MEMCM) or Microsoft Intune.
 
 ## How does a managed installer work?
 
@@ -127,7 +127,7 @@ The AppLocker policy creation UI in GPO Editor and the AppLocker PowerShell cmdl
     </RuleCollection>
     ```
 
-4. Verify your AppLocker policy. The following example shows a complete AppLocker policy that sets Configuration Manager and Microsoft Endpoint Manager Intune as managed installers. Only those AppLocker rule collections that have actual rules defined are included in the final XML. This condition-based inclusion ensures the policy will merge successfully on devices that may already have an AppLocker policy in place.
+4. Verify your AppLocker policy. The following example shows a complete AppLocker policy that sets Configuration Manager and Microsoft Intune as managed installers. Only those AppLocker rule collections that have actual rules defined are included in the final XML. This condition-based inclusion ensures the policy will merge successfully on devices that may already have an AppLocker policy in place.
 
     ```xml
     <AppLockerPolicy Version="1">
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md
index 87d2d36eb1..cea19f889b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md
@@ -30,7 +30,7 @@ ms.technology: itpro-security
 >[!NOTE]
 >Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
 
-This section outlines the process to create a Windows Defender Application Control (WDAC) policy for **fully managed devices** within an organization. The key difference between this scenario and [lightly managed devices](create-wdac-policy-for-lightly-managed-devices.md) is that all software deployed to a fully managed device is managed by IT and users of the device can't install arbitrary apps. Ideally, all apps are deployed using a software distribution solution, such as Microsoft Endpoint Manager. Additionally, users on fully managed devices should ideally run as standard user and only authorized IT pros have administrative access.
+This section outlines the process to create a Windows Defender Application Control (WDAC) policy for **fully managed devices** within an organization. The key difference between this scenario and [lightly managed devices](create-wdac-policy-for-lightly-managed-devices.md) is that all software deployed to a fully managed device is managed by IT and users of the device can't install arbitrary apps. Ideally, all apps are deployed using a software distribution solution, such as Microsoft Intune. Additionally, users on fully managed devices should ideally run as standard user and only authorized IT pros have administrative access.
 
 > [!NOTE]
 > Some of the Windows Defender Application Control options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's WDAC policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs.
@@ -46,7 +46,7 @@ Alice previously created a policy for the organization's lightly managed devices
 Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's fully managed devices:
 
 - All clients are running Windows 10 version 1903 or above or Windows 11;
-- All clients are managed by Microsoft Endpoint Manager either with Configuration Manager or with Intune;
+- All clients are managed by Configuration Manager or with Intune;
 - Most, but not all, apps are deployed using Configuration Manager;
 - Sometimes, IT staff install apps directly to these devices without using Configuration Manager;
 - All users except IT are standard users on these devices.
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md
index 378ee082a0..e8c10ae63e 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md
@@ -37,7 +37,7 @@ This section outlines the process to create a Windows Defender Application Contr
 
 As in the [previous article](types-of-devices.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices.
 
-**Alice Pena** is the IT team lead tasked with the rollout of WDAC. Recognizing that Lamna currently has loose application usage policies and a culture of maximum app flexibility for users, Alice knows she'll need to take an incremental approach to application control and use different policies for different workloads.
+**Alice Pena** is the IT team lead tasked with the rollout of WDAC. Lamna currently has loose application usage policies and a culture of maximum app flexibility for users. So, Alice knows she'll need to take an incremental approach to application control and use different policies for different workloads.
 
 For most users and devices, Alice wants to create an initial policy that is as relaxed as possible in order to minimize user productivity impact, while still providing security value.
 
@@ -46,7 +46,7 @@ For most users and devices, Alice wants to create an initial policy that is as r
 Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's lightly managed devices, which currently include most end-user devices:
 
 - All clients are running Windows 10 version 1903 and above, or Windows 11;
-- All clients are managed by Microsoft Endpoint Manager either with Configuration Manager or with Intune.
+- All clients are managed by Configuration Manager or with Intune.
 - Some, but not all, apps are deployed using Configuration Manager;
 - Most users are local administrators on their devices;
 - Some teams may need more rules to authorize specific apps that don't apply generally to all other users.
@@ -154,7 +154,7 @@ Alice follows these steps to complete this task:
     ConvertFrom-CIPolicy $LamnaPolicy $WDACPolicyBin
     ```
 
-1. Upload your base policy XML and the associated binary to a source control solution such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration).
+1. Upload your base policy XML and the associated binary to a source control solution, such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration).
 
 At this point, Alice now has an initial policy that is ready to deploy in audit mode to the managed clients within Lamna.
 
@@ -164,12 +164,12 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
 - **Users with administrative access**
 
-  This is by far the most impactful security trade-off and allows the device user, or malware running with the user's privileges, to modify or remove the WDAC policy on the device. Additionally, administrators can configure any app to act as a managed installer, which would allow them to gain persistent app authorization for whatever apps or binaries they wish.
+  This trade-off is the most impactful security trade-off. It allows the device user, or malware running with the user's privileges, to modify or remove the WDAC policy on the device. Additionally, administrators can configure any app to act as a managed installer, which would allow them to gain persistent app authorization for whatever apps or binaries they wish.
 
   Possible mitigations:
 
   - Use signed WDAC policies and UEFI BIOS access protection to prevent tampering of WDAC policies.
-  - Create and deploy signed catalog files as part of the app deployment process in order to remove the requirement for managed installer.
+  - To remove the requirement for managed installer, create and deploy signed catalog files as part of the app deployment process.
   - Use device attestation to detect the configuration state of WDAC at boot time and use that information to condition access to sensitive corporate resources.
 
 - **Unsigned policies**
@@ -187,7 +187,7 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
   Possible mitigations:
 
-  - Create and deploy signed catalog files as part of the app deployment process in order to remove the requirement for managed installer.
+  - To remove the requirement for managed installer, create and deploy signed catalog files as part of the app deployment process.
   - Limit who can elevate to administrator on the device.
 
 - **Intelligent Security Graph (ISG)**
@@ -196,7 +196,7 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
   Possible mitigations:
 
-  - Implement policies requiring that apps are managed by IT; audit existing app usage and deploy authorized apps using a software distribution solution such as Microsoft Endpoint Manager; move from ISG to managed installer or signature-based rules.
+  - Implement policies that require apps be managed by IT. Audit existing app usage and deploy authorized apps using a software distribution solution, like Microsoft Intune. Move from ISG to managed installer or signature-based rules.
   - Use a restrictive audit mode policy to audit app usage and augment vulnerability detection.
 
 - **Supplemental policies**
@@ -219,7 +219,7 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
 - **Signed files**
 
-  Although files that are code-signed verify the author's identity and ensures that the code has not been altered by anyone other than the author, it does not guarantee that the signed code is safe.
+  Although files that are code-signed verify the author's identity and ensures that the code hasn't been altered by anyone other than the author, it doesn't guarantee that the signed code is safe.
 
   Possible mitigations:
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md
index 2882d6d02c..ee084e1311 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md
@@ -152,7 +152,7 @@ To sign the existing catalog file, copy each of the following commands into an e
 
 5. Copy the catalog file to C:\\Windows\\System32\\catroot\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}.
 
-   For testing purposes, you can manually copy signed catalog files to their intended folder. For large-scale implementations, to copy the appropriate catalog files to all desired computers, we recommend that you use Group Policy File Preferences or an enterprise systems management product such as Microsoft Endpoint Configuration Manager, which also simplifies the management of catalog versions.
+   For testing purposes, you can manually copy signed catalog files to their intended folder. For large-scale implementations, to copy the appropriate catalog files to all desired computers, we recommend that you use Group Policy File Preferences or an enterprise systems management product such as Microsoft Configuration Manager, which also simplifies the management of catalog versions.
 
 ## Add a catalog signing certificate to a Windows Defender Application Control policy
 
@@ -230,7 +230,7 @@ To simplify the management of catalog files, you can use Group Policy preference
 
 Before you begin testing the deployed catalog file, make sure that the catalog signing certificate has been added to an appropriate WDAC policy.
 
-## Deploy catalog files with Microsoft Endpoint Configuration Manager
+## Deploy catalog files with Microsoft Configuration Manager
 
 As an alternative to Group Policy, you can use Configuration Manager to deploy catalog files to the managed computers in your environment. This approach can simplify the deployment and management of multiple catalog files and provide reporting around which catalog each client or collection has deployed. In addition to the deployment of these files, Configuration Manager can also be used to inventory the currently deployed catalog files for reporting and compliance purposes. Complete the following steps to create a new deployment package for catalog files:
 
@@ -305,7 +305,7 @@ After you create the deployment package, deploy it to a collection so that the c
 
 Before you begin testing the deployed catalog file, make sure that the catalog signing certificate has been added to an appropriate WDAC policy,.
 
-## Inventory catalog files with Microsoft Endpoint Configuration Manager
+## Inventory catalog files with Microsoft Configuration Manager
 
 When catalog files have been deployed to the computers within your environment, whether by using Group Policy or Configuration Manager, you can inventory them with the software inventory feature of Configuration Manager. The following process walks you through the enablement of software inventory to discover catalog files on your managed systems through the creation and deployment of a new client settings policy.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index eb4d4fdceb..1d07caffe7 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -88,7 +88,7 @@ When you're merging policies, the policy type and ID of the leftmost/first polic
 
 ## Deploying multiple policies
 
-In order to deploy multiple Windows Defender Application Control policies, you must either deploy them locally by copying the `*.cip` policy files into the proper folder or by using the ApplicationControl CSP, which is supported by Microsoft Endpoint Manager Intune's Custom OMA-URI feature.
+In order to deploy multiple Windows Defender Application Control policies, you must either deploy them locally by copying the `*.cip` policy files into the proper folder or by using the ApplicationControl CSP, which is supported by Microsoft Intune's custom OMA-URI feature.
 
 ### Deploying multiple policies locally
 
@@ -106,7 +106,7 @@ Multiple Windows Defender Application Control policies can be managed from an MD
 
 However, when policies are unenrolled from an MDM server, the CSP will attempt to remove every policy from devices, not just the policies added by the CSP. The reason for this is that the ApplicationControl CSP doesn't track enrollment sources for individual policies, even though it will query all policies on a device, regardless if they were deployed by the CSP.
 
-For more information on deploying multiple policies, optionally using Microsoft Endpoint Manager Intune's Custom OMA-URI capability, see [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp).
+For more information on deploying multiple policies, optionally using Microsoft Intune's custom OMA-URI capability, see [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp).
 
 > [!NOTE]
 > WMI and GP do not currently support multiple policies. Instead, customers who cannot directly access the MDM stack should use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage Multiple Policy Format Windows Defender Application Control policies.
diff --git a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md
index 1702db9877..d66bca3105 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md
@@ -1,6 +1,6 @@
 ---
 title: Deploy Windows Defender Application Control policies with Configuration Manager
-description: You can use Microsoft Endpoint Configuration Manager to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide.
+description: You can use Microsoft Configuration Manager to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide.
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.collection: M365-security-compliance
@@ -13,7 +13,7 @@ ms.topic: how-to
 ms.localizationpriority: medium
 ---
 
-# Deploy WDAC policies by using Microsoft Endpoint Configuration Manager
+# Deploy WDAC policies by using Microsoft Configuration Manager
 
 **Applies to:**
 
@@ -24,7 +24,7 @@ ms.localizationpriority: medium
 > [!NOTE]
 > Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](../feature-availability.md).
 
-You can use Microsoft Endpoint Configuration Manager to configure Windows Defender Application Control (WDAC) on client machines.
+You can use Microsoft Configuration Manager to configure Windows Defender Application Control (WDAC) on client machines.
 
 ## Use Configuration Manager's built-in policies
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
index 99481638a6..9beafe889b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
@@ -82,7 +82,7 @@ You should now have one or more WDAC policies converted into binary form. If not
 
 ## Deploying signed policies
 
-If you are using [signed WDAC policies](/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering), the policies must be deployed into your device's EFI partition in addition to the steps outlined above. Unsigned WDAC policies do not need to be present in the EFI partition. Deploying your policy via [Microsoft Endpoint Manager](/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) or the Application Control CSP will handle this step automatically. 
+If you are using [signed WDAC policies](/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering), the policies must be deployed into your device's EFI partition in addition to the steps outlined above. Unsigned WDAC policies do not need to be present in the EFI partition. Deploying your policy via [Microsoft Intune](/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) or the Application Control CSP will handle this step automatically. 
 
 1. Mount the EFI volume and make the directory, if it doesn't exist, in an elevated PowerShell prompt: 
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md
index f155922fc3..6f8d77a67f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md
@@ -24,7 +24,7 @@ ms.topic: how-to
 > [!NOTE]
 > Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
 
-You can use a Mobile Device Management (MDM) solution, like Microsoft Endpoint Manager Intune, to configure Windows Defender Application Control (WDAC) on client machines. Intune includes native support for WDAC, which can be a helpful starting point, but customers may find the available circle-of-trust options too limiting. To deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. If your organization uses another MDM solution, check with your solution provider for WDAC policy deployment steps.
+You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to configure Windows Defender Application Control (WDAC) on client machines. Intune includes native support for WDAC, which can be a helpful starting point, but customers may find the available circle-of-trust options too limiting. To deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. If your organization uses another MDM solution, check with your solution provider for WDAC policy deployment steps.
 
 ## Use Intune's built-in policies
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
new file mode 100644
index 0000000000..5a4f9be3f6
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md
@@ -0,0 +1,73 @@
+---
+title: Understand WDAC script enforcement
+description: WDAC script enforcement
+keywords: security, malware
+ms.prod: windows-client
+audience: ITPro
+ms.collection: M365-security-compliance
+author: jsuther1974
+ms.reviewer: jogeurte
+ms.author: jogeurte
+ms.manager: jsuther
+manager: aaroncz
+ms.date: 11/02/2022
+ms.technology: itpro-security
+ms.topic: article
+ms.localizationpriority: medium
+---
+
+# Script enforcement with Windows Defender Application Control (WDAC)
+
+**Applies to:**
+
+- Windows 10
+- Windows 11
+- Windows Server 2016 and above
+
+> [!NOTE]
+> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
+
+## Script enforcement overview
+
+By default, script enforcement is enabled for all WDAC policies unless the option **11 Disabled:Script Enforcement** is set in the policy. WDAC script enforcement involves a handshake between an enlightened script host, such as PowerShell, and WDAC. The actual enforcement behavior, however, is handled entirely by the script host. Some script hosts, like the Microsoft HTML Application Host (mshta.exe), simply block all code execution if any WDAC UMCI policy is active. Most script hosts first ask WDAC whether a script should be allowed to run based on the WDAC policies currently active. The script host then either blocks, allows, or changes *how* the script is run to best protect the user and the device.
+
+WDAC shares the *AppLocker - MSI and Script* event log for all script enforcement events. Whenever a script host asks WDAC if a script should be allowed, an event will be logged with the answer WDAC returned to the script host. For more information on WDAC script enforcement events, see [Understanding Application Control events](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#windows-applocker-msi-and-script-log).
+
+> [!IMPORTANT]
+> When a script runs that is not allowed by policy, WDAC raises an event indicating that the script was "blocked". However, the actual script enforcement behavior is handled by the script host and may not actually completely block the file from running.
+>
+> Also be aware that some script hosts may change how they behave even if a WDAC policy is in audit mode only. You should review the information below for each script host and test thoroughly within your environment to ensure the scripts you need to run are working properly.
+
+## Enlightened script hosts that are part of Windows
+
+### PowerShell
+
+All PowerShell scripts (.ps1), modules (.psm1), and manifests (.psd1) must be allowed by WDAC policy in order to run with Full Language rights.
+
+Any **dependent modules** that are loaded by an allowed module must also be allowed by WDAC policy, and module functions must be exported explicitly by name when WDAC is enforced. Modules that do not specify any exported functions (no export name list) will still load but no module functions will be accessible. Modules that use wildcards (\*) in their name will fail to load.
+
+Any PowerShell script that isn't allowed by WDAC policy will still run, but only in Constrained Language Mode.
+
+PowerShell **dot-sourcing** isn't recommended. Instead, scripts should use PowerShell modules to provide common functionality. If a script file that is allowed by WDAC does try to run dot-sourced script files, those script files must also be allowed by the policy.
+
+WDAC will put **interactive PowerShell** into Constrained Language Mode if any WDAC UMCI policy is enforced and *any* active WDAC policy enables script enforcement, even if that policy is in audit mode. To run interactive PowerShell with Full Language rights, you must disable script enforcement for *all* policies.
+
+For more information on PowerShell language modes, see [About Language Modes](/powershell/module/microsoft.powershell.core/about/about_language_modes).
+
+### VBscript, cscript, and jscript
+
+All scripts run using the Windows Based Script Host (wscript.exe) or the Microsoft Console Based Script Host (cscript.exe) must be allowed by the WDAC policy. If not, the script will be blocked.
+
+### Microsoft HTML Application Host (MSHTA) and MSXML
+
+If any WDAC policy is active that enables script enforcement, even if that policy is in audit mode, all code execution using MSHTA or MSXML will be blocked.
+
+### COM objects
+
+WDAC additionally enforces a restricted allowlist for COM objects that can be expanded or further restricted by your WDAC policy. COM object enforcement **isn't** affected by option **11 Disabled:Script Enforcement**. For more information on how to allow or deny COM objects, see [Allow COM object registration](/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy).
+
+## Scripts that aren't directly controlled by WDAC
+
+WDAC doesn't directly control code run via the Windows Command Processor (cmd.exe), including .bat/.cmd script files. However, anything that such a batch script tries to run will be subject to WDAC control. If you don't need to run cmd.exe, it's recommended to block it outright or allow it only by exception based on the calling process. See [Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules](/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules).
+
+WDAC doesn't control scripts run through an unenlightened script host, such as many 3rd-party Java or Python engines. If your WDAC policy allows an unenlightened script host to run, then you implicitly allow all scripts run through that host. For non-Microsoft script hosts, you should check with the software vendor whether their script hosts are enlightened to WDAC policy.
diff --git a/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md b/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md
index 6abeab5887..8ae20cf798 100644
--- a/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md
@@ -36,7 +36,7 @@ When you create policies for use with Windows Defender Application Control (WDAC
 
 | **Example Base Policy** | **Description** | **Where it can be found** |
 |----------------------------|---------------------------------------------------------------|--------|
-| **DefaultWindows.xml** | This example policy is available in both audit and enforced mode. It includes rules to allow Windows, third-party hardware and software kernel drivers, and Windows Store apps. Used as the basis for all [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) policies. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies |
+| **DefaultWindows.xml** | This example policy is available in both audit and enforced mode. It includes rules to allow Windows, third-party hardware and software kernel drivers, and Windows Store apps. Used as the basis for all [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) policies. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies |
 | **AllowMicrosoft.xml** | This example policy is available in audit mode. It includes the rules from DefaultWindows and adds rules to trust apps signed by the Microsoft product root certificate. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies |
 | **AllowAll.xml** | This example policy is useful when creating a blocklist. All block policies should include rules allowing all other code to run and then add the DENY rules for your organization's needs. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies |
 | **AllowAll_EnableHVCI.xml** | This example policy can be used to enable [memory integrity](https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78) (also known as hypervisor-protected code integrity) using Windows Defender Application Control. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies |
diff --git a/windows/security/threat-protection/windows-defender-application-control/feature-availability.md b/windows/security/threat-protection/windows-defender-application-control/feature-availability.md
index 49ba15bfb5..f7a1d7f0a0 100644
--- a/windows/security/threat-protection/windows-defender-application-control/feature-availability.md
+++ b/windows/security/threat-protection/windows-defender-application-control/feature-availability.md
@@ -29,7 +29,7 @@ ms.topic: overview
 |-------------|------|-------------|
 | Platform support    | Available on Windows 10, Windows 11, and Windows Server 2016 or later  | Available on Windows 8 or later   |
 | SKU availability     | Cmdlets are available on all SKUs on 1909+ builds.<br>For pre-1909 builds, cmdlets are only available on Enterprise but policies are effective on all SKUs.  | Policies deployed through GP are only effective on Enterprise devices.<br>Policies deployed through MDM are effective on all SKUs.  |
-| Management solutions   | <ul><li>[Intune](./deployment/deploy-windows-defender-application-control-policies-using-intune.md) (limited built-in policies or custom policy deployment via OMA-URI)</li><li>[Microsoft Endpoint Configuration Manager](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) (limited built-in policies or custom policy deployment via software distribution)</li><li>[Group policy](./deployment/deploy-windows-defender-application-control-policies-using-group-policy.md) </li><li>PowerShell</li></ul>  | <ul><li>[Intune](/windows/client-management/mdm/applocker-csp) (custom policy deployment via OMA-URI only)</li><li>Configuration Manager (custom policy deployment via software distribution only)</li><li>[Group Policy](./applocker/determine-group-policy-structure-and-rule-enforcement.md)</li><li>PowerShell</li><ul> |
+| Management solutions   | <ul><li>[Intune](./deployment/deploy-windows-defender-application-control-policies-using-intune.md) (limited built-in policies or custom policy deployment via OMA-URI)</li><li>[Microsoft Configuration Manager](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) (limited built-in policies or custom policy deployment via software distribution)</li><li>[Group policy](./deployment/deploy-windows-defender-application-control-policies-using-group-policy.md) </li><li>PowerShell</li></ul>  | <ul><li>[Intune](/windows/client-management/mdm/applocker-csp) (custom policy deployment via OMA-URI only)</li><li>Configuration Manager (custom policy deployment via software distribution only)</li><li>[Group Policy](./applocker/determine-group-policy-structure-and-rule-enforcement.md)</li><li>PowerShell</li><ul> |
 | Per-User and Per-User group rules | Not available (policies are device-wide)  | Available on Windows 8+  |
 | Kernel mode policies  | Available on all Windows 10 versions and Windows 11  | Not available |
 | Per-app rules  | [Available on 1703+](./use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md)  | Not available |
diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index d955ebfc22..836db5154a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -67,7 +67,7 @@ You can set several rule options within a WDAC policy. Table 1 describes each ru
 | **8 Required:EV Signers** | This option isn't currently supported. | No |
 | **9 Enabled:Advanced Boot Options Menu** | The F8 preboot menu is disabled by default for all WDAC policies. Setting this rule option allows the F8 menu to appear to physically present users. | No |
 | **10 Enabled:Boot Audit on Failure** | Used when the WDAC policy is in enforcement mode. When a driver fails during startup, the WDAC policy will be placed in audit mode so that Windows will load. Administrators can validate the reason for the failure in the CodeIntegrity event log. | No |
-| **11 Disabled:Script Enforcement** | This option disables script enforcement options. Unsigned PowerShell scripts and interactive PowerShell are no longer restricted to [Constrained Language Mode](/powershell/module/microsoft.powershell.core/about/about_language_modes).<br/> NOTE: This option is required to run HTA files, and is supported on 1709, 1803, and 1809 builds with the 2019 10C LCU or higher, and on devices with the Windows 10 May 2019 Update (1903) and higher. Using it on versions of Windows without the proper update may have unintended results. | No |
+| **11 Disabled:Script Enforcement** | This option disables script enforcement options, covering PowerShell, Windows Based Script Host (wscript.exe), Windows Console Based Script Host (cscript.exe), HTA files run in Microsoft HTML Application Host (mshta.exe), and MSXML. For more information on script enforcement, see [Script enforcement with WDAC](/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement). <br/> NOTE: This option isn't supported on Windows Server 2016 and shouldn't be used on that operating system. | No |
 | **12 Required:Enforce Store Applications** | If this rule option is enabled, WDAC policies will also apply to Universal Windows applications. | No |
 | **13 Enabled:Managed Installer** | Use this option to automatically allow applications installed by a managed installer. For more information, see [Authorize apps deployed with a WDAC managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) | Yes |
 | **14 Enabled:Intelligent Security Graph Authorization** | Use this option to automatically allow applications with "known good" reputation as defined by Microsoft's Intelligent Security Graph (ISG). | Yes |
@@ -150,7 +150,7 @@ Wildcards can be used at the beginning or end of a path rule; only one wildcard
 You can also use the following macros when the exact volume may vary: `%OSDRIVE%`, `%WINDIR%`, `%SYSTEM32%`.
 
 > [!NOTE]
-> When authoring WDAC policies with Microsoft Endpoint Configuration Manager (MEMCM), you can instruct MEMCM to create rules for specified files and folders. These rules **aren't** WDAC filepath rules. Rather, MEMCM performs a one-time scan of the specified files and folders and builds rules for any binaries found in those locations at the time of that scan. File changes to those specified files and folders after that scan won't be allowed unless the MEMCM policy is reapplied.
+> When authoring WDAC policies with Microsoft Configuration Manager (MEMCM), you can instruct MEMCM to create rules for specified files and folders. These rules **aren't** WDAC filepath rules. Rather, MEMCM performs a one-time scan of the specified files and folders and builds rules for any binaries found in those locations at the time of that scan. File changes to those specified files and folders after that scan won't be allowed unless the MEMCM policy is reapplied.
 
 > [!NOTE]
 > There is currently a bug where MSIs cannot be allow listed in file path rules. MSIs must be allow listed using other rule types, for example, publisher rules or file attribute rules.
diff --git a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
index 5bf1b7518f..7122339287 100644
--- a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md
@@ -42,11 +42,11 @@ Typically, deployment of Windows Defender Application Control (WDAC) happens bes
 
 ## An introduction to Lamna Healthcare Company
 
-In the next set of topics, we'll explore each of the above scenarios using a fictional organization called Lamna Healthcare Company.
+In the next set of articles, we'll explore each of the above scenarios using a fictional organization called Lamna Healthcare Company.
 
 Lamna Healthcare Company (Lamna) is a large healthcare provider operating in the United States. Lamna employs thousands of people, from doctors and nurses to accountants, in-house lawyers, and IT technicians. Their device use cases are varied and include single-user workstations for their professional staff, shared kiosks used by doctors and nurses to access patient records, dedicated medical devices such as MRI scanners, and many others. Additionally, Lamna has a relaxed, bring-your-own-device policy for many of their professional staff.
 
-Lamna uses [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) in hybrid mode with both Configuration Manager and Intune. Although they use Microsoft Endpoint Manager to deploy many applications, Lamna has always had relaxed application usage practices: individual teams and employees have been able to install and use any applications they deem necessary for their role on their own workstations. Lamna also recently started to use [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) for better endpoint detection and response.
+Lamna uses [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) in hybrid mode with both Configuration Manager and Intune. Although they use Microsoft Intune to deploy many applications, Lamna has always had relaxed application usage practices: individual teams and employees have been able to install and use any applications they deem necessary for their role on their own workstations. Lamna also recently started to use [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) for better endpoint detection and response.
 
 Recently, Lamna experienced a ransomware event that required an expensive recovery process and may have included data exfiltration by the unknown attacker. Part of the attack included installing and running malicious binaries that evaded detection by Lamna's antivirus solution but would have been blocked by an application control policy. In response, Lamna's executive board has authorized many new security IT responses, including tightening policies for application use and introducing application control.
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
index 73a8d6f71b..6627e9c50a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md
@@ -29,7 +29,7 @@ ms.technology: itpro-security
 > [!NOTE]
 > Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
 
-This topic is for the IT professional. It lists the design questions, possible answers, and ramifications for decisions made, when planning application control policies deployment using Windows Defender Application Control (WDAC), within a Windows operating system environment.
+This article is for the IT professional. It lists the design questions, possible answers, and ramifications for decisions made, when planning application control policies deployment using Windows Defender Application Control (WDAC), within a Windows operating system environment.
 
 When you begin the design and planning process, you should consider the ramifications of your design choices. The resulting decisions will affect your policy deployment scheme and subsequent application control policy maintenance.
 
@@ -62,7 +62,7 @@ Organizations with well-defined, centrally managed app management and deployment
 
 | Possible answers | Design considerations|
 | - | - |
-| All apps are centrally managed and deployed using endpoint management tools like [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager). | Organizations that centrally manage all apps are best-suited for application control. Windows Defender Application Control options like [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) can make it easy to authorize apps that are deployed by the organization's app distribution management solution. |
+| All apps are centrally managed and deployed using endpoint management tools like [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager). | Organizations that centrally manage all apps are best-suited for application control. Windows Defender Application Control options like [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) can make it easy to authorize apps that are deployed by the organization's app distribution management solution. |
 | Some apps are centrally managed and deployed, but teams can install other apps for their members. | [Supplemental policies](deploy-multiple-windows-defender-application-control-policies.md) can be used to allow team-specific exceptions to your core organization-wide Windows Defender Application Control policy. Alternatively, teams can use managed installers to install their team-specific apps, or admin-only file path rules can be used to allow apps installed by admin users. |
 | Users and teams are free to download and install apps but the organization wants to restrict that right to prevalent and reputable apps only. | Windows Defender Application Control can integrate with Microsoft's [Intelligent Security Graph](use-windows-defender-application-control-with-intelligent-security-graph.md) (the same source of intelligence that powers Microsoft Defender Antivirus and Windows Defender SmartScreen) to allow only apps and binaries that have positive reputation. |
 | Users and teams are free to download and install apps without restriction. | Windows Defender Application Control policies can be deployed in audit mode to gain insight into the apps and binaries running in your organization without impacting user and team productivity.|
@@ -74,7 +74,7 @@ Traditional Win32 apps on Windows can run without being digitally signed. This p
 | Possible answers | Design considerations |
 | - | - |
 | All apps used in your organization must be signed. | Organizations that enforce [codesigning](use-code-signing-to-simplify-application-control-for-classic-windows-applications.md) for all executable code are best-positioned to protect their Windows computers from malicious code execution. Windows Defender Application Control rules can be created to authorize apps and binaries from the organization's internal development teams and from trusted independent software vendors (ISV). |
-| Apps used in your organization don't need to meet any codesigning requirements. | Organizations can  [use built-in Windows tools](deploy-catalog-files-to-support-windows-defender-application-control.md) to add organization-specific App Catalog signatures to existing apps as a part of the app deployment process, which can be used to authorize code execution. Solutions like Microsoft Endpoint Manager offer multiple ways to distribute signed App Catalogs. | 
+| Apps used in your organization don't need to meet any codesigning requirements. | Organizations can  [use built-in Windows tools](deploy-catalog-files-to-support-windows-defender-application-control.md) to add organization-specific App Catalog signatures to existing apps as a part of the app deployment process, which can be used to authorize code execution. Solutions like Microsoft Intune offer multiple ways to distribute signed App Catalogs. | 
  
 ### Are there specific groups in your organization that need customized application control policies?
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
index 8b34bf7ff2..a5d9f79a3f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
@@ -111,4 +111,4 @@ Packaged apps aren't supported with the ISG and will need to be separately autho
 The ISG doesn't authorize kernel mode drivers. The WDAC policy must have rules that allow the necessary drivers to run.  
 
 > [!NOTE]
-> A rule that explicitly denies or allows a file will take precedence over that file's reputation data. Microsoft Endpoint Manager Intune's built-in WDAC support includes the option to trust apps with good reputation via the ISG, but it has no option to add explicit allow or deny rules. In most cases, customers using application control will need to deploy a custom WDAC policy (which can include the ISG option if desired) using [Intune's OMA-URI functionality](deployment/deploy-windows-defender-application-control-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri).
+> A rule that explicitly denies or allows a file will take precedence over that file's reputation data. Microsoft Intune's built-in WDAC support includes the option to trust apps with good reputation via the ISG, but it has no option to add explicit allow or deny rules. In most cases, customers using application control will need to deploy a custom WDAC policy (which can include the ISG option if desired) using [Intune's OMA-URI functionality](deployment/deploy-windows-defender-application-control-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri).
diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md
index 78fa9baa34..1676591088 100644
--- a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md
@@ -67,7 +67,7 @@ A description of each policy rule, beginning with the left-most column, is provi
 | **Disable Script Enforcement** | This option disables script enforcement options. Unsigned PowerShell scripts and interactive PowerShell are no longer restricted to [Constrained Language Mode](/powershell/module/microsoft.powershell.core/about/about_language_modes). NOTE: This option is required to run HTA files, and is only supported with the Windows 10 May 2019 Update (1903) and higher. Using it on earlier versions of Windows 10 isn't supported and may have unintended results. |
 |**[Hypervisor-protected code integrity (HVCI)](../device-guard/enable-virtualization-based-protection-of-code-integrity.md)**| When enabled, policy enforcement uses virtualization-based security to run the code integrity service inside a secure environment. HVCI provides stronger protections against kernel malware.|
 | **Intelligent Security Graph Authorization** | Use this option to automatically allow applications with "known good" reputation as defined by the Microsoft Intelligent Security Graph (ISG). |
-| **Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Endpoint Configuration Manager, that has been defined as a managed installer. |
+| **Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Configuration Manager, that has been defined as a managed installer. |
 | **Require WHQL** | By default, legacy drivers that aren't Windows Hardware Quality Labs (WHQL) signed are allowed to execute. Enabling this rule requires that every executed driver is WHQL signed and removes legacy driver support. Henceforth, every new Windows–compatible driver must be WHQL certified. |
 | **Update Policy without Rebooting** | Use this option to allow future Windows Defender Application Control policy updates to apply without requiring a system reboot. |
 | **Unsigned System Integrity Policy** | Allows the policy to remain unsigned. When this option is removed, the policy must be signed and have UpdatePolicySigners added to the policy to enable future policy modifications. |
diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md
index ef8ad65e17..05d77d395a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md
@@ -62,7 +62,7 @@ There are only three policy rules that can be configured by the supplemental pol
 | Rule option | Description |
 |------------ | ----------- |
 | **Intelligent Security Graph Authorization** | Use this option to automatically allow applications with "known good" reputation as defined by Microsoft’s Intelligent Security Graph (ISG). |
-| **Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Endpoint Configuration Manager, that has been defined as a managed installer. |
+| **Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Configuration Manager, that has been defined as a managed installer. |
 | **Disable Runtime FilePath Rule Protection** | Disable default FilePath rule protection (apps and executables allowed based on file path rules must come from a file path that’s only writable by an administrator) for any FileRule that allows a file based on FilePath. |
 
 ![Rule options UI for Windows Allowed mode.](images/wdac-wizard-supplemental-policy-rule-options-UI.png)
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md
index 78914e67c0..c8a1476cff 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md
@@ -59,6 +59,6 @@ All Windows Defender Application Control policy changes should be deployed in au
 There are several options to deploy Windows Defender Application Control policies to managed endpoints, including:
 
 - [Deploy using a Mobile Device Management (MDM) solution](deployment/deploy-windows-defender-application-control-policies-using-intune.md), such as Microsoft Intune
-- [Deploy using Microsoft Endpoint Configuration Manager](deployment/deploy-wdac-policies-with-memcm.md)
+- [Deploy using Microsoft Configuration Manager](deployment/deploy-wdac-policies-with-memcm.md)
 - [Deploy via script](deployment/deploy-wdac-policies-with-script.md)
 - [Deploy via group policy](deployment/deploy-windows-defender-application-control-policies-using-group-policy.md)
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
index 6979f8363a..ab88f6b52c 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
@@ -25,7 +25,7 @@ ms.technology: itpro-security
 - Windows 11
 
 
-The **Device performance & health** section contains information about hardware, devices, and drivers related to the machine. IT administrators and IT pros should reference the appropriate documentation library for the issues they're seeing, such as the [configure the Load and unload device drivers security policy setting](/windows/device-security/security-policy-settings/load-and-unload-device-drivers) and how to [deploy drivers during Windows 10 deployment using Microsoft Endpoint Configuration Manager](/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager).
+The **Device performance & health** section contains information about hardware, devices, and drivers related to the machine. IT administrators and IT pros should reference the appropriate documentation library for the issues they're seeing, such as the [configure the Load and unload device drivers security policy setting](/windows/device-security/security-policy-settings/load-and-unload-device-drivers) and how to [deploy drivers during Windows 10 deployment using Microsoft Configuration Manager](/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager).
 
 The [Windows 10 IT pro troubleshooting topic](/windows/client-management/windows-10-support-solutions), and the main [Windows 10 documentation library](/windows/windows-10/) can also be helpful for resolving issues.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
index 523459b18b..958d4c9085 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
@@ -40,7 +40,7 @@ You can only use Group Policy to change these settings.
 
 ## Use Group Policy to hide non-critical notifications
 
-You can hide notifications that describe regular events related to the health and security of the machine. These notifications are the ones that don't require an action from the machine's user. It can be useful to hide these notifications if you find they're too numerous or you have other status reporting on a larger scale (such as Update Compliance or Microsoft Endpoint Configuration Manager reporting).
+You can hide notifications that describe regular events related to the health and security of the machine. These notifications are the ones that don't require an action from the machine's user. It can be useful to hide these notifications if you find they're too numerous or you have other status reporting on a larger scale (such as Update Compliance or Microsoft Configuration Manager reporting).
 
 These notifications can be hidden only by using Group Policy.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
index 5c51d2770e..d34c5fc2b0 100644
--- a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
+++ b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
@@ -70,7 +70,7 @@ For more information about each section, options for configuring the sections, a
     ![Screenshot of Windows Settings showing the different areas available in the Windows Security.](images/settings-windows-defender-security-center-areas.png)
 
 > [!NOTE]
-> Settings configured with management tools, such as group policy, Microsoft Intune, or Microsoft Endpoint Configuration Manager, will generally take precedence over the settings in the Windows Security.
+> Settings configured with management tools, such as group policy, Microsoft Intune, or Microsoft Configuration Manager, will generally take precedence over the settings in the Windows Security.
 
 ## How the Windows Security app works with Windows security features
 
@@ -96,7 +96,7 @@ The Windows Security app operates as a separate app or process from each of the
 
 It acts as a collector or single place to see the status and perform some configuration for each of the features.
 
-If you disable any of the individual features, it will prevent that feature from reporting its status in the Windows Security app. For example, if you disable a feature through group policy or other management tools, such as Microsoft Endpoint Configuration Manager. The Windows Security app itself will still run and show status for the other security features.
+If you disable any of the individual features, it will prevent that feature from reporting its status in the Windows Security app. For example, if you disable a feature through group policy or other management tools, such as Microsoft Configuration Manager. The Windows Security app itself will still run and show status for the other security features.
 
 > [!IMPORTANT]
 > If you individually disable any of the services, it won't disable the other services or the Windows Security app.
diff --git a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md
index a942f45633..a5a4b985e6 100644
--- a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md
+++ b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md
@@ -82,7 +82,7 @@ As Windows 10 boots, a series of integrity measurements are taken by Windows Def
 
 ![Boot time integrity.](images/windows-defender-system-guard-boot-time-integrity.png)
 
-After the system boots, Windows Defender System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or Microsoft Endpoint Configuration Manager can acquire them for remote analysis. If Windows Defender System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
+After the system boots, Windows Defender System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or Microsoft Configuration Manager can acquire them for remote analysis. If Windows Defender System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
 
 ## System requirements for System Guard
 
diff --git a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
index dc02971c1c..a3d1293e65 100644
--- a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
+++ b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
@@ -26,7 +26,7 @@ appliesto:
 
 To get started, Open the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), and then go to **Devices** > **Windows** > **Configuration profiles** > **Create profile** > Choose **Windows 10 and later** as the platform, Choose **Templates**, then **Endpoint protection** as the profile type. 
 Select Windows Defender Firewall.
-:::image type="content" source="images/windows-firewall-intune.png" alt-text="Example of a Windows Defender Firewall policy in Microsoft Endpoint Manager.":::
+:::image type="content" source="images/windows-firewall-intune.png" alt-text="Example of a Windows Defender Firewall policy in Microsoft Intune and the Endpoint Manager admin center.":::
 
 >[!IMPORTANT]
 >A single Endpoint Protection profile may contain up to a maximum of 150 firewall rules. If a client device requires more than 150 rules, then multiple profiles must be assigned to it.
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
index 20ae8ff495..1f712dc9f7 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
@@ -1,6 +1,6 @@
 ---
 title: Get support for security baselines
-description: Find answers to frequently asked question on how to get support for baselines, the Security Compliance Toolkit (SCT), and related topics.
+description: Find answers to frequently asked question on how to get support for baselines, the Security Compliance Toolkit (SCT), and related articles.
 ms.prod: windows-client
 ms.localizationpriority: medium
 ms.author: vinpa
@@ -32,13 +32,13 @@ Any version of Windows baseline before Windows 10 1703 can still be downloaded u
 
 **What file formats are supported by the new SCT?**
 
-The toolkit supports formats created by the Windows GPO backup feature (.pol, .inf, and .csv). Policy Analyzer saves its data in XML files with a .PolicyRules file extension. LGPO also supports its own LGPO text file format as a text-based analog for the binary registry.pol file format. For more information, see the LGPO documentation. Keep in mind that SCMs' .cab files are no longer supported.
+The toolkit supports formats created by the Windows GPO backup feature (.pol, .inf, and .csv). Policy Analyzer saves its data in XML files with a `.PolicyRules` file extension. LGPO also supports its own LGPO text file format as a text-based analog for the binary registry.pol file format. For more information, see the LGPO documentation. Keep in mind that SCMs' .cab files are no longer supported.
 
 **Does SCT support Desired State Configuration (DSC) file format?**
 
 No. PowerShell-based DSC is rapidly gaining popularity, and more DSC tools are coming online to convert GPOs and DSC and to validate system configuration.
 
-**Does SCT support the creation of Microsoft Endpoint Manager DCM packs?**
+**Does SCT support the creation of Microsoft Configuration Manager DCM packs?**
 
 No. A potential alternative is Desired State Configuration (DSC), a feature of the [Windows Management Framework](https://www.microsoft.com/download/details.aspx?id=54616). A tool that supports conversion of GPO Backups to DSC format can be found [here](https://github.com/Microsoft/BaselineManagement).
 
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
index c7acc81e52..5bedbaf17a 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
@@ -56,7 +56,7 @@ Our recommendations follow a streamlined and efficient approach to baseline defi
 You can use security baselines to:
 
 - Ensure that user and device configuration settings are compliant with the baseline.
-- Set configuration settings. For example, you can use group policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline.
+- Set configuration settings. For example, you can use group policy, Microsoft Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline.
 
 ## Where can I get the security baselines?
 
@@ -66,7 +66,7 @@ There are several ways to get and use security baselines:
 
 2. [Mobile device management (MDM) security baselines](/windows/client-management/mdm/#mdm-security-baseline) function like the Microsoft group policy-based security baselines and can easily integrate these baselines into an existing MDM management tool.
 
-3. MDM security baselines can easily be configures in Microsoft Endpoint Manager on devices that run Windows 10 and Windows 11. For more information, see [List of the settings in the Windows 10/11 MDM security baseline in Intune](/mem/intune/protect/security-baseline-settings-mdm-all).
+3. MDM security baselines can easily be configures in Microsoft Intune on devices that run Windows 10 and Windows 11. For more information, see [List of the settings in the Windows 10/11 MDM security baseline in Intune](/mem/intune/protect/security-baseline-settings-mdm-all).
 
 ## Community
 
diff --git a/windows/security/zero-trust-windows-device-health.md b/windows/security/zero-trust-windows-device-health.md
index 6e2cf83c4a..49dbfdd3d3 100644
--- a/windows/security/zero-trust-windows-device-health.md
+++ b/windows/security/zero-trust-windows-device-health.md
@@ -60,7 +60,7 @@ A summary of the steps involved in attestation and Zero Trust on the device side
 
 6. The attestation service returns an attestation report that contains information about the security features based on the policy configured in the attestation service.
 
-7. The device then sends the report to the Microsoft Endpoint Manager cloud to assess the trustworthiness of the platform according to the admin-configured device compliance rules.
+7. The device then sends the report to the Microsoft Intune cloud to assess the trustworthiness of the platform according to the admin-configured device compliance rules.
 
 8. Conditional access, along with device-compliance state then decides to allow or deny access.
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index b9156bc86a..9619a71f7d 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -236,7 +236,7 @@ Enterprises have the following identity and management choices.
 |---|---|
 | Identity   | Active Directory; Azure AD         |
 | Grouping   | Domain join; Workgroup; Azure AD join    |
-| Device management | Group Policy; Microsoft Endpoint Configuration Manager; Microsoft Intune; other MDM solutions; Exchange ActiveSync; Windows PowerShell; Windows Management Instrumentation (WMI) |
+| Device management | Group Policy; Microsoft Configuration Manager; Microsoft Intune; other MDM solutions; Exchange ActiveSync; Windows PowerShell; Windows Management Instrumentation (WMI) |
 
 > [!NOTE]
 > With the release of Windows Server 2012 R2, Network Access Protection (NAP) was deprecated and the NAP client has now been removed in Windows 10. For more information about support lifecycles, see [Microsoft Support Lifecycle](/lifecycle/).
@@ -275,7 +275,7 @@ By using [Group Policy Objects](/previous-versions/cc498727(v=msdn.10)), Windows
 
 -   **Use with existing tools** such as Microsoft Intune and the [Enterprise Mobility Suite](/enterprise-mobility-security).
 
-Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, and provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh852345(v=ws.11)) and [Microsoft Endpoint Configuration Manager](/configmgr).
+Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, and provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh852345(v=ws.11)) and [Microsoft Configuration Manager](/configmgr).
 
 
 Learn more about [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index ef03698602..1e2217e1d0 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -36,7 +36,7 @@ The Windows 10 Enterprise LTSC 2019 release is an important release for LTSC use
 
 ## Microsoft Intune
 
-Microsoft Intune supports Windows 10 Enterprise LTSC 2019 and later. However, Windows 10 update rings device profiles don't support LTSC releases. For installing software updates, use the [policy configuration service provider (CSP)](/windows/client-management/mdm/policy-csp-update), Windows Server Update Services (WSUS), or Microsoft Endpoint Configuration Manager.
+Microsoft Intune supports Windows 10 Enterprise LTSC 2019 and later. However, Windows 10 update rings device profiles don't support LTSC releases. For installing software updates, use the [policy configuration service provider (CSP)](/windows/client-management/mdm/policy-csp-update), Windows Server Update Services (WSUS), or Microsoft Configuration Manager.
 
 ## Security
 
@@ -382,7 +382,7 @@ If you wish to take advantage of [Kiosk capabilities in Microsoft Edge](/previou
 
 ### Co-management
 
-Intune and Microsoft Endpoint Configuration Manager policies have been added to enable hybrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
+Intune and Microsoft Configuration Manager policies have been added to enable hybrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
 
 For more information, see [What's New in MDM enrollment and management](/windows/client-management/mdm/new-in-windows-mdm-enrollment-management).
 
diff --git a/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md b/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
index 2f0d7cfea7..24a9eacec5 100644
--- a/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
+++ b/windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
@@ -277,7 +277,7 @@ Enterprises have the following identity and management choices.
 |---|---|
 | Identity   | Active Directory; Azure AD         |
 | Grouping   | Domain join; Workgroup; Azure AD join    |
-| Device management | Group Policy; Microsoft Endpoint Configuration Manager; Microsoft Intune; other MDM solutions; Exchange ActiveSync; Windows PowerShell; Windows Management Instrumentation (WMI) |
+| Device management | Group Policy; Microsoft Configuration Manager; Microsoft Intune; other MDM solutions; Exchange ActiveSync; Windows PowerShell; Windows Management Instrumentation (WMI) |
 
 > [!NOTE]
 > With the release of Windows Server 2012 R2, Network Access Protection (NAP) was deprecated and the NAP client has now been removed in Windows 10. For more information about support lifecycles, see [Microsoft Support Lifecycle](/lifecycle/).
@@ -326,7 +326,7 @@ By using [Group Policy Objects](/previous-versions/cc498727(v=msdn.10)), Windows
 
 -   **Use with existing tools** such as Microsoft Intune and the [Enterprise Mobility Suite](/enterprise-mobility-security).
 
-Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, and provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh852345(v=ws.11)) and [Microsoft Endpoint Configuration Manager](/configmgr).
+Together, these Windows Update for Business features help reduce device management costs, provide controls over update deployment, offer quicker access to security updates, and provide access to the latest innovations from Microsoft on an ongoing basis. Windows Update for Business is a free service for all Windows 10 Pro, Enterprise, and Education editions, and can be used independent of, or in conjunction with, existing device management solutions such as [Windows Server Update Services (WSUS)](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh852345(v=ws.11)) and [Microsoft Configuration Manager](/configmgr).
 
 
 Learn more about [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).
diff --git a/windows/whats-new/whats-new-windows-10-version-1703.md b/windows/whats-new/whats-new-windows-10-version-1703.md
index f91dd12313..83a34f13b1 100644
--- a/windows/whats-new/whats-new-windows-10-version-1703.md
+++ b/windows/whats-new/whats-new-windows-10-version-1703.md
@@ -181,7 +181,7 @@ We recently added the option to download Windows 10 Insider Preview builds using
 
 ### Optimize update delivery
 
-With changes delivered in Windows 10, version 1703, [express updates](/windows/deployment/do/waas-optimize-windows-10-updates#express-update-delivery) are now fully supported with Microsoft Endpoint Configuration Manager, starting with version 1702 of Configuration Manager, and with other third-party updating and management products that [implement this new functionality](/windows-server/administration/windows-server-update-services/deploy/express-update-delivery-isv-support). This support is in addition to current Express support on Windows Update, Windows Update for Business and WSUS.
+With changes delivered in Windows 10, version 1703, [express updates](/windows/deployment/do/waas-optimize-windows-10-updates#express-update-delivery) are now fully supported with Microsoft Configuration Manager, starting with version 1702 of Configuration Manager, and with other third-party updating and management products that [implement this new functionality](/windows-server/administration/windows-server-update-services/deploy/express-update-delivery-isv-support). This support is in addition to current Express support on Windows Update, Windows Update for Business and WSUS.
 
 >[!NOTE]
 > The above changes can be made available to Windows 10, version 1607, by installing the April 2017 cumulative update.
diff --git a/windows/whats-new/whats-new-windows-10-version-1803.md b/windows/whats-new/whats-new-windows-10-version-1803.md
index b1aaf69503..97e8587b75 100644
--- a/windows/whats-new/whats-new-windows-10-version-1803.md
+++ b/windows/whats-new/whats-new-windows-10-version-1803.md
@@ -130,7 +130,7 @@ Portions of the work done during the offline phases of a Windows update have bee
 
 ### Co-management
 
-**Intune** and **Microsoft Endpoint Configuration Manager** policies have been added to enable hybrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
+**Intune** and **Microsoft Configuration Manager** policies have been added to enable hybrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
 
 For more information, see [What's New in MDM enrollment and management](/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew1803)
 
diff --git a/windows/whats-new/windows-11-overview.md b/windows/whats-new/windows-11-overview.md
index 6576712f31..165bd132d3 100644
--- a/windows/whats-new/windows-11-overview.md
+++ b/windows/whats-new/windows-11-overview.md
@@ -78,7 +78,7 @@ For more information on the security features you can configure, manage, and enf
 
   - [What is Intune?](/mem/intune/fundamentals/what-is-intune)
   - [Add Microsoft 365 apps to Windows 10 devices with Microsoft Intune](/mem/intune/apps/apps-add-office365)
-  - [Install Microsoft Teams using Microsoft Endpoint Configuration Manager](/microsoftteams/msi-deployment)
+  - [Install Microsoft Teams using Microsoft Configuration Manager](/microsoftteams/msi-deployment)
 
   Users can manage preinstalled apps using the **Settings** app > **Apps** > **Apps & Features**. Admins can [create a policy that pins apps, or removes the default pinned apps from the Taskbar](/windows/configuration/customize-taskbar-windows-11).
 
diff --git a/windows/whats-new/windows-11-plan.md b/windows/whats-new/windows-11-plan.md
index 7262d639de..b0af27c9a3 100644
--- a/windows/whats-new/windows-11-plan.md
+++ b/windows/whats-new/windows-11-plan.md
@@ -45,7 +45,7 @@ The availability of Windows 11 will vary according to a device's hardware and wh
 
 ##### Managed devices
 
-Managed devices are devices that are under organization control. Managed devices include those devices managed by Microsoft Intune, Microsoft Endpoint Configuration Manager, or other endpoint management solutions. 
+Managed devices are devices that are under organization control. Managed devices include those devices managed by Microsoft Intune, Microsoft Configuration Manager, or other endpoint management solutions. 
 
 If you manage devices on behalf of your organization, you'll be able to upgrade eligible devices to Windows 11 using your existing deployment and management tools at no cost when the upgrade reaches general availability. Organizations that use Windows Update for Business will have added benefits, such as:  
 
diff --git a/windows/whats-new/windows-11-prepare.md b/windows/whats-new/windows-11-prepare.md
index 1d156a6983..3bdc8c1a18 100644
--- a/windows/whats-new/windows-11-prepare.md
+++ b/windows/whats-new/windows-11-prepare.md
@@ -35,7 +35,7 @@ The tools that you use for core workloads during Windows 10 deployments can stil
   > [!NOTE]
   > During deployment, you will be prompted to agree to the Microsoft Software License Terms on behalf of your users. Additionally, you will not see an x86 option because Windows 11 is not supported on 32-bit architecture.
 
-- If you use [Microsoft Endpoint Configuration Manager](/mem/configmgr/), you can sync the new **Windows 11** product category and begin upgrading eligible devices. If you would like to validate Windows 11 prior to release, you can sync the **Windows Insider Pre-release** category as well.  
+- If you use [Microsoft Configuration Manager](/mem/configmgr/), you can sync the new **Windows 11** product category and begin upgrading eligible devices. If you would like to validate Windows 11 prior to release, you can sync the **Windows Insider Pre-release** category as well.  
 
   > [!NOTE]
   > Configuration Manager will prompt you to accept the Microsoft Software License Terms on behalf of the users in your organization.