deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 11:53:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Converted HTML table to MD

Browse Source
This commit is contained in:
Mandi Ohlinger
2021-12-02 18:20:30 -05:00
committed by GitHub
parent 33308186a2
commit 5a4ec7850a
1 changed files with 11 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
windows/security/threat-protection/fips-140-validation.md
View File

@ -301,12 +301,14 @@ Validated Editions: Ultimate Edition
##### Windows Vista
Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Enhanced Cryptographic Provider (RSAENH)|[6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp893.pdf)|[893](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/893)|FIPS approved algorithms: AES (Cert. [#553](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#553)); HMAC (Cert. [#297](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#297)); RNG (Cert. [#321](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); RSA (Certs. [#255](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#255) and [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#258)); SHS (Cert. [#618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)); Triple-DES (Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549))<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp894.pdf)|[894](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/894)|FIPS approved algorithms: DSA (Cert. [#226](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#226)); RNG (Cert. [#321](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); SHS (Cert. [#618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)); Triple-DES (Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549)); Triple-DES MAC (Triple-DES Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549), vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
|BitLocker™ Drive Encryption|[6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp947.pdf)|[947](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/947)|FIPS approved algorithms: AES (Cert. [#715](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#715)); HMAC (Cert. [#386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#386)); SHS (Cert. [#737](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737))<p>Other algorithms: Elephant Diffuser|
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp891.pdf)|[891](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/891)|FIPS approved algorithms: AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549)<p>Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5|
|Enhanced Cryptographic Provider (RSAENH) | [6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp893.pdf) | [893](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/893) | FIPS approved algorithms: AES (Cert. [#553](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#553)); HMAC (Cert. [#297](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#297)); RNG (Cert. [#321](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); RSA (Certs. [#255](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#255) and [#258](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#258)); SHS (Cert. [#618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)); Triple-DES (Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549))<br/><br/>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp894.pdf)|[894](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/894)|FIPS approved algorithms: DSA (Cert. [#226](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#226)); RNG (Cert. [#321](http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); SHS (Cert. [#618](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618)); Triple-DES (Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549)); Triple-DES MAC (Triple-DES Cert. [#549](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549), vendor affirmed)<br/><br/>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
|BitLocker™ Drive Encryption|[6.0.6000.16386](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp947.pdf)|[947](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/947)|FIPS approved algorithms: AES (Cert. [#715](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#715)); HMAC (Cert. [#386](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#386)); SHS (Cert. [#737](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737))<br/><br/>Other algorithms: Elephant Diffuser|
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067](http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp891.pdf)|[891](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/891)|FIPS approved algorithms: AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549)<br/><br/>Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5|
##### Windows XP SP3
@ -910,35 +912,10 @@ Random Number Generator (RNG)
#### SP 800-132 Password-Based Key Derivation Function (PBKDF)
<table border="1" cellpadding="0">
<tr>
<td>
**Modes / States / Key Sizes**
</td>
<td colspan="2">
**Algorithm Implementation and Certificate #**
</td>
</tr>
<tr>
<td>
**PBKDF** (vendor affirmed)</td>
<td colspan="2">
<p> Kernel Mode Cryptographic Primitives Library (cng.sys) Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937">#2937</a><br />(Software Version: 10.0.14393)</p>
<p>Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">#2936</a><br />(Software Version: 10.0.14393)</p>
<p>Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935">#2935</a><br />(Software Version: 10.0.14393)</p>
<p>Boot Manager in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931">#2931</a><br />(Software Version: 10.0.14393)</p>
</td>
</tr>
<tr>
<td colspan="2">
**PBKDF** (vendor affirmed)</td>
<td>
<p>Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">#2936</a><br />(Software Version: 10.0.14393)</p>
<p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG), vendor-affirmed</p>
</td>
</tr>
</table>
| Modes / States / Key Sizes | Algorithm Implementation and Certificate # |
| --- | --- |
| PBKDF (vendor affirmed) | Kernel Mode Cryptographic Primitives Library (cng.sys) Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2937](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937)<br/>(Software Version: 10.0.14393)<br/><br/>Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2936](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936)<br/>(Software Version: 10.0.14393)<br/><br/>Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2935](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935)<br/>(Software Version: 10.0.14393) |
| PBKDF (vendor affirmed) | Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 [#2936](https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936)<br/>(Software Version: 10.0.14393)<br/><br/>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG), vendor-affirmed |
#### Component Validation List