diff --git a/windows/security/security-foundations/certification/fips-140-validation.md b/windows/security/security-foundations/certification/fips-140-validation.md index c57af6fb40..7e2163afdc 100644 --- a/windows/security/security-foundations/certification/fips-140-validation.md +++ b/windows/security/security-foundations/certification/fips-140-validation.md @@ -1,7 +1,7 @@ --- title: Windows FIPS 140 validation description: Learn how Microsoft products and cryptographic modules follow the U.S. Federal government standard FIPS 140. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -19,6 +19,10 @@ Microsoft maintains an active commitment to meeting the requirements of the FIPS The Windows client releases listed below include cryptographic modules that have completed FIPS 140 validation. Click on the release for details, including the CMVP certificate, Security Policy document, and algorithm scope for each module. When the CMVP certificate validation label includes the note *When operated in FIPS mode*, specific configuration and security rules outlined in the Security Policy must be followed. +#### Windows 11 releases + +- [Windows 11, version 21H2](validations/fips-140-windows11.md#windows-11-version-21h2) + #### Windows 10 releases - [Windows 10, version 2004 (May 2020 Update)](validations/fips-140-windows10.md#windows-10-version-2004-may-2020-update) @@ -96,7 +100,7 @@ Microsoft validates the cryptographic modules used in Windows and other products ## FIPS 140 and the Commercial National Security Algorithm Suite -The *Commercial National Security Algorithm* (CNSA) suite is a set of cryptographic algorithms promulgated by the National Security Agency as a replacement for NSA Suite B cryptographic algorithms. Many CNSA cryptographic algorithms are also approved under the FIPS 140 standard. To determine whether a CNSA algorithm was included in the scope of CAVP validated algorithms used in a Microsoft product, choose a product from the drop-down menus at the top of this topic and reference the algorithm scope listed for each validated module. +The *Commercial National Security Algorithm* (CNSA) suite is a set of cryptographic algorithms promulgated by the National Security Agency as a replacement for NSA Suite B cryptographic algorithms. Many CNSA cryptographic algorithms are also approved under the FIPS 140 standard. To determine whether a CNSA algorithm was included in the scope of CAVP validated algorithms used in a Microsoft product, navigate to the listing of FIPS 140 validated modules for the product in the sections above and reference the algorithm scope listed for each validated module. Further algorithm details are available in each module Security Policy document. ## FIPS 140 and Common Criteria certifications diff --git a/windows/security/security-foundations/certification/toc.yml b/windows/security/security-foundations/certification/toc.yml index bc8c17e0c7..33099035c3 100644 --- a/windows/security/security-foundations/certification/toc.yml +++ b/windows/security/security-foundations/certification/toc.yml @@ -3,6 +3,8 @@ items: href: fips-140-validation.md - name: Completed FIPS validations items: + - name: Windows 11 + href: validations/fips-140-windows11.md - name: Windows 10 href: validations/fips-140-windows10.md - name: Previous Windows releases diff --git a/windows/security/security-foundations/certification/validations/cc-windows-previous.md b/windows/security/security-foundations/certification/validations/cc-windows-previous.md index b85d60a30b..58209a1bc7 100644 --- a/windows/security/security-foundations/certification/validations/cc-windows-previous.md +++ b/windows/security/security-foundations/certification/validations/cc-windows-previous.md @@ -1,7 +1,7 @@ --- title: Common Criteria certifications for previous Windows releases description: Learn about the completed Common Criteria certifications for previous Windows releases. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd diff --git a/windows/security/security-foundations/certification/validations/cc-windows-server-2022-2019-2016.md b/windows/security/security-foundations/certification/validations/cc-windows-server-2022-2019-2016.md index d8c6ca48e2..5e7d75c602 100644 --- a/windows/security/security-foundations/certification/validations/cc-windows-server-2022-2019-2016.md +++ b/windows/security/security-foundations/certification/validations/cc-windows-server-2022-2019-2016.md @@ -1,7 +1,7 @@ --- title: Common Criteria certifications for Windows Server 2022, 2019, and 2016 description: Learn about the completed Common Criteria certifications for Windows Server 2022, 2019, and 2016. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd diff --git a/windows/security/security-foundations/certification/validations/cc-windows-server-previous.md b/windows/security/security-foundations/certification/validations/cc-windows-server-previous.md index e5c0c04133..8c8a0fc482 100644 --- a/windows/security/security-foundations/certification/validations/cc-windows-server-previous.md +++ b/windows/security/security-foundations/certification/validations/cc-windows-server-previous.md @@ -1,7 +1,7 @@ --- title: Common Criteria certifications for previous Windows Server releases description: Learn about the completed Common Criteria certifications for previous Windows Server releases. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd diff --git a/windows/security/security-foundations/certification/validations/cc-windows-server-semi-annual.md b/windows/security/security-foundations/certification/validations/cc-windows-server-semi-annual.md index 7e0251cb87..d65c3f9442 100644 --- a/windows/security/security-foundations/certification/validations/cc-windows-server-semi-annual.md +++ b/windows/security/security-foundations/certification/validations/cc-windows-server-semi-annual.md @@ -1,7 +1,7 @@ --- title: Common Criteria certifications for Windows Server semi-annual releases description: Learn about the completed Common Criteria certifications for Windows Server semi-annual releases. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd diff --git a/windows/security/security-foundations/certification/validations/cc-windows10.md b/windows/security/security-foundations/certification/validations/cc-windows10.md index 8df6313f6a..916d28b4cd 100644 --- a/windows/security/security-foundations/certification/validations/cc-windows10.md +++ b/windows/security/security-foundations/certification/validations/cc-windows10.md @@ -1,7 +1,7 @@ --- title: Common Criteria certifications for Windows 10 description: Learn about the completed Common Criteria certifications for Windows 10. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -17,7 +17,7 @@ The following tables list the completed Windows 10 Common Criteria certification |Product details |Date |Scope |Documents | |---------|---------|---------|---------| -|Build: 10.0.19045.2006. Validated editions: Pro, Enterprise. |January 17, 2024 |Certified against the Protection Profile for General Purpose Operating Systems (4.2.1), the PP-Module for VPN Client (2.4), the PP-Module for Wireless Local Area Network Client (1.0) and the PP-Module for Bluetooth (1.0). |[Security Target][security-target-january-2024]; [Administrative Guide][admin-guide-january-2024]; [Assurance Activity Report][assurance-report-january-2024]; [Certification Report][certification-report-january-2024] | +|Build: 10.0.19045.2006. Validated editions: Pro, Enterprise. |January 17, 2024 |Certified against the Protection Profile for General Purpose Operating Systems, the PP-Module for VPN Client, the PP-Module for Wireless Local Area Network Client and the PP-Module for Bluetooth. |[Security Target][security-target-january-2024]; [Administrative Guide][admin-guide-january-2024]; [Assurance Activity Report][assurance-report-january-2024]; [Certification Report][certification-report-january-2024] | ## Windows 10, version 21H2 (November 2021 Update) diff --git a/windows/security/security-foundations/certification/validations/cc-windows11.md b/windows/security/security-foundations/certification/validations/cc-windows11.md index 0dc16601a4..1f653104a1 100644 --- a/windows/security/security-foundations/certification/validations/cc-windows11.md +++ b/windows/security/security-foundations/certification/validations/cc-windows11.md @@ -1,7 +1,7 @@ --- title: Common Criteria certifications for Windows 11 description: Learn about the completed Common Criteria certifications for Windows 11. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd diff --git a/windows/security/security-foundations/certification/validations/fips-140-other-products.md b/windows/security/security-foundations/certification/validations/fips-140-other-products.md index 5dbe1360ae..1d93f90168 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-other-products.md +++ b/windows/security/security-foundations/certification/validations/fips-140-other-products.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for other products description: This topic lists the completed FIPS 140 cryptographic module validations for products other than Windows and Windows Server that leverage the Windows cryptographic modules. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -35,11 +35,15 @@ The following tables list the completed FIPS 140 validations in products other t + + [certificate-110]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/110 [certificate-825]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/825 [certificate-2956]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2956 [certificate-2957]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2957 + + [sp-110]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp110.pdf [sp-825]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp825.pdf [sp-2956]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2956.pdf diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows-previous.md b/windows/security/security-foundations/certification/validations/fips-140-windows-previous.md index 9aacdf0014..eca7af6d57 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-windows-previous.md +++ b/windows/security/security-foundations/certification/validations/fips-140-windows-previous.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for previous Windows versions description: This topic lists the completed FIPS 140 cryptographic module validations for versions of Windows prior to Windows 10. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -151,6 +151,8 @@ Validated Edition: Ultimate Edition + + [certificate-68]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/68 [certificate-75]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/75 [certificate-76]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/76 @@ -190,6 +192,8 @@ Validated Edition: Ultimate Edition [certificate-2356]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356 [certificate-2357]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357 + + [sp-68]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp68.pdf [sp-75]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp75.pdf [sp-76]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp76.pdf diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows-server-2016.md b/windows/security/security-foundations/certification/validations/fips-140-windows-server-2016.md index 53401e27f7..e745be28d9 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-windows-server-2016.md +++ b/windows/security/security-foundations/certification/validations/fips-140-windows-server-2016.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for Windows Server 2016 description: This topic lists the completed FIPS 140 cryptographic module validations for Windows Server 2016. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -41,6 +41,8 @@ Build: 10.0.14393. Validated Editions: Standard, Datacenter, Storage Server. + + [certificate-2931]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931 [certificate-2932]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932 [certificate-2934]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934 @@ -54,6 +56,8 @@ Build: 10.0.14393. Validated Editions: Standard, Datacenter, Storage Server. [certificate-3510]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3510 [certificate-3513]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3513 + + [sp-2931]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2931.pdf [sp-2932]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2932.pdf [sp-2933]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2933.pdf diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows-server-2019.md b/windows/security/security-foundations/certification/validations/fips-140-windows-server-2019.md index 53fbd25cc9..bff75555af 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-windows-server-2019.md +++ b/windows/security/security-foundations/certification/validations/fips-140-windows-server-2019.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for Windows Server 2019 description: This topic lists the completed FIPS 140 cryptographic module validations for Windows Server 2019. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -14,19 +14,6 @@ The following tables list the completed FIPS 140 validations of cryptographic mo ## Windows Server 2019 -Builds: 10.0.17763.10021 and 10.0.17763.10127. Validated Edition: Datacenter Core - -|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms| -|--- |--- |--- | -|[BitLocker Dump Filter]|Pending [(in process)][in-process]|| -|[Boot Manager][sp-4484]|[#4484][certificate-4484]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS| -|[Code Integrity][sp-4602]|[#4602][certificate-4602]|FIPS Approved: RSA and SHS| -|[Cryptographic Primitives Library]|Pending [(in process)][in-process]|| -|[Kernel Mode Cryptographic Primitives Library][sp-4670]|[#4670][certificate-4670]|AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: ECDH| -|[Secure Kernel Code Integrity][sp-4640]|[#4640][certificate-4640]|FIPS Approved: RSA and SHS| -|[Virtual TPM]|Pending [(in process)][in-process]|| -|[Windows OS Loader][sp-4545]|[#4545][certificate-4545]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG| - Build: 10.0.17763.107. Validated Editions: Standard Core, Datacenter Core |Cryptographic Module (linked to Security Policy document)|Version|CMVP Certificate #|Validated Algorithms| @@ -44,6 +31,8 @@ Build: 10.0.17763.107. Validated Editions: Standard Core, Datacenter Core + + [certificate-3089]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089 [certificate-3092]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092 [certificate-3196]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196 @@ -52,11 +41,8 @@ Build: 10.0.17763.107. Validated Editions: Standard Core, Datacenter Core [certificate-3644]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644 [certificate-3651]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651 [certificate-3690]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690 -[certificate-4484]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4484 -[certificate-4545]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4545 -[certificate-4602]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4602 -[certificate-4640]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4640 -[certificate-4670]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4670 + + [sp-3089]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf [sp-3092]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf @@ -66,10 +52,3 @@ Build: 10.0.17763.107. Validated Editions: Standard Core, Datacenter Core [sp-3644]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf [sp-3651]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf [sp-3690]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf -[sp-4484]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4484.pdf -[sp-4545]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4545.pdf -[sp-4602]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4602.pdf -[sp-4640]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4640.pdf -[sp-4670]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4670.pdf - -[in-process]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/modules-in-process/modules-in-process-list \ No newline at end of file diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows-server-previous.md b/windows/security/security-foundations/certification/validations/fips-140-windows-server-previous.md index 5fd10fcbce..7e5d018a04 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-windows-server-previous.md +++ b/windows/security/security-foundations/certification/validations/fips-140-windows-server-previous.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for previous Windows Server versions description: This topic lists the completed FIPS 140 cryptographic module validations for versions of Windows Server prior to Windows Server 2016. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -95,6 +95,8 @@ Validated Editions: Server, Storage Server + + [certificate-381]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381 [certificate-382]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382 [certificate-405]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405 @@ -124,6 +126,8 @@ Validated Editions: Server, Storage Server [certificate-2356]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356 [certificate-2357]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357 + + [sp-381]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp381.pdf [sp-382]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp382.pdf [sp-405]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp405.pdf diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows-server-semi-annual.md b/windows/security/security-foundations/certification/validations/fips-140-windows-server-semi-annual.md index 7999b092a5..773a622fe4 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-windows-server-semi-annual.md +++ b/windows/security/security-foundations/certification/validations/fips-140-windows-server-semi-annual.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for Windows Server Semi-Annual Releases description: This topic lists the completed FIPS 140 cryptographic module validations for Windows Server semi-annual releases. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -105,6 +105,8 @@ Build: 10.0.16299. Validated Editions: Standard Core, Datacenter Core + + [certificate-3089]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089 [certificate-3092]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092 [certificate-3096]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096 @@ -126,6 +128,8 @@ Build: 10.0.16299. Validated Editions: Standard Core, Datacenter Core [certificate-4537]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4537 [certificate-4538]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4538 + + [sp-3089]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf [sp-3092]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf [sp-3096]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows10.md b/windows/security/security-foundations/certification/validations/fips-140-windows10.md index 35ce558000..d2d5b384b6 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-windows10.md +++ b/windows/security/security-foundations/certification/validations/fips-140-windows10.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for Windows 10 description: This topic lists the completed FIPS 140 cryptographic module validations for Windows 10. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -199,6 +199,8 @@ Build: 10.0.10240. Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, M + + [certificate-2600]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2600 [certificate-2601]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2601 [certificate-2602]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2602 @@ -260,6 +262,8 @@ Build: 10.0.10240. Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, M [certificate-4537]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4537 [certificate-4538]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4538 + + [sp-2600]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2600.pdf [sp-2601]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2601.pdf [sp-2602]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2602.pdf diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows11.md b/windows/security/security-foundations/certification/validations/fips-140-windows11.md new file mode 100644 index 0000000000..0eb4fa7733 --- /dev/null +++ b/windows/security/security-foundations/certification/validations/fips-140-windows11.md @@ -0,0 +1,34 @@ +--- +title: FIPS 140 validated modules for Windows 11 +description: This topic lists the completed FIPS 140 cryptographic module validations for Windows 11. +ms.date: 2/1/2024 +ms.topic: reference +ms.author: v-rodurff +author: msrobertd +ms.reviewer: paoloma +ms.collection: tier3 +--- + +# FIPS 140 validated modules for Windows 11 + +The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows 11, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS approved mode of operation](../fips-140-validation.md#use-windows-in-a-fips-approved-mode-of-operation). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate. + +## Windows 11, version 21H2 + +Build: 10.0.22000. Validated Edition: Windows 11 + +|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms| +|--- |--- |--- | +|[Boot Manager][sp-4546]|[#4546][certificate-4546]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS| + +--- + + + + + +[certificate-4546]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4546 + + + +[sp-4546]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4546.pdf diff --git a/windows/security/security-foundations/certification/windows-platform-common-criteria.md b/windows/security/security-foundations/certification/windows-platform-common-criteria.md index 49267e443e..d012841b09 100644 --- a/windows/security/security-foundations/certification/windows-platform-common-criteria.md +++ b/windows/security/security-foundations/certification/windows-platform-common-criteria.md @@ -1,7 +1,7 @@ --- title: Windows Common Criteria certifications description: Learn how Microsoft products are certified under the Common Criteria for Information Technology Security Evaluation program. -ms.date: 1/30/2024 +ms.date: 2/1/2024 ms.topic: reference ms.author: v-rodurff author: msrobertd @@ -15,7 +15,7 @@ Microsoft is committed to optimizing the security of its products and services. ## Windows client operating systems -The Windows client releases listed below have been certified against one or more Protection Profiles, as listed on the [Common Criteria Portal](https://commoncriteriaportal.org/pps/index.cfm). Click on a release for its certification details, including links to certification documents. The *Security Target* describes the product editions in scope, the security functionality in the product, and the assurance measures from the Protection Profile used as part of the evaluation. The *Administrative Guide* provides guidance on configuring the product to match the evaluated configuration. The *Certification Report* or *Validation Report* documents the results of the evaluation, with the *Assurance Activity Report* (when available) providing details on the evaluator's actions. +The Windows client releases listed below have been certified against one or more Protection Profiles, as listed on the [Common Criteria Portal](https://commoncriteriaportal.org/pps/index.cfm). Click on a release for its certification details, including links to certification documents. The *Security Target* describes the product editions in scope, the security functionality in the product, and the assurance measures from the Protection Profile used as part of the evaluation. The *Administrative Guide* provides guidance on configuring the product to match the evaluated configuration. The *Certification Report* or *Validation Report* documents the results of the evaluation, with the *Assurance Activity Report* (where available) providing details on the evaluator's actions. #### Windows 11 releases @@ -47,7 +47,7 @@ The Windows client releases listed below have been certified against one or more ## Windows Server operating systems -The Windows Server releases listed below have been certified against one or more Protection Profiles, as listed on the [Common Criteria Portal](https://commoncriteriaportal.org/pps/index.cfm). Click on a release for its certification details, including links to certification documents. The *Security Target* describes the product editions in scope, the security functionality in the product, and the assurance measures from the Protection Profile used as part of the evaluation. The *Administrative Guide* provides guidance on configuring the product to match the evaluated configuration. The *Certification Report* or *Validation Report* documents the results of the evaluation, with the *Assurance Activity Report* providing details on the evaluator's actions. +The Windows Server releases listed below have been certified against one or more Protection Profiles, as listed on the [Common Criteria Portal](https://commoncriteriaportal.org/pps/index.cfm). Click on a release for its certification details, including links to certification documents. The *Security Target* describes the product editions in scope, the security functionality in the product, and the assurance measures from the Protection Profile used as part of the evaluation. The *Administrative Guide* provides guidance on configuring the product to match the evaluated configuration. The *Certification Report* or *Validation Report* documents the results of the evaluation, with the *Assurance Activity Report* (where available) providing details on the evaluator's actions. #### Windows Server 2022, 2019, and 2016 releases