deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Paolo Matarazzo
2022-11-03 18:10:43 -04:00
parent bcad3d1cc0
commit d7e389c451
1 changed files with 289 additions and 182 deletions
Download Patch File Download Diff File Expand all files Collapse all files

471
windows/security/threat-protection/fips-140-validation.md
View File

@ -76,14 +76,14 @@ Validated Editions: Home, Pro, Enterprise, Education
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.17763](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf)|[#3644][certificate-3644]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf)|[#3615][certificate-3615]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf)|[#3651][certificate-3651]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.17763](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
|Virtual TPM|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf)|[#3690][certificate-3690]|See Security Policy and Certificate page for algorithm information|
|Cryptographic Primitives Library|[10.0.17763][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.17763][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.17763][sp-3644]|[#3644][certificate-3644]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.17763][sp-3615]|[#3615][certificate-3615]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.17763][sp-3651]|[#3651][certificate-3651]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.17763][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.17763][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
|Virtual TPM|[10.0.17763][sp-3690]|[#3690][certificate-3690]|See Security Policy and Certificate page for algorithm information|
</details>
@ -95,13 +95,13 @@ Validated Editions: Home, Pro, Enterprise, Education
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf)|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf)|[#3480][certificate-3480]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
|Cryptographic Primitives Library|[10.0.17134][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.17134][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.17134][sp-3195]|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.17134][sp-3480]|[#3480][certificate-3480]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.17134][sp-3096]|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.17134][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.17134][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
</details>
@ -113,14 +113,14 @@ Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf)|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf)|[#3194][certificate-3194]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Windows Resume|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf)|[#3091][certificate-3091]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
|Cryptographic Primitives Library|[10.0.16299][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.16299][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.16299][sp-3195]|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.16299][sp-3194]|[#3194][certificate-3194]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.16299][sp-3096]|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.16299][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Windows Resume|[10.0.16299][sp-3091]|[#3091][certificate-3091]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.16299][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
</details>
@ -132,14 +132,14 @@ Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3095.pdf)|[#3095][certificate-3095]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); CKG (vendor affirmed); CVL (Certs<p>[#1278][component-1278] and [#1281][component-1281]); DRBG (Cert. [#1555][drbg-1555]); DSA (Cert. [#1223][dsa-1223]); ECDSA (Cert. [#1133][ecdsa-1133]); HMAC (Cert. [#3061][hmac-3061]); KAS (Cert. [#127][kas-127]); KBKDF (Cert. [#140][kdf-140]); KTS (AES Cert. [#4626][aes-4626]; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2521][rsa-2521] and [#2522][rsa-2522]); SHS (Cert. [#3790][shs-3790]); Triple-DES (Cert. [#2459][tdes-2459]<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#1133][component-1133]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#2521][component-2521]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#1281][component-1281]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#1278][component-1278])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3094.pdf)|[#3094][certificate-3094]|[#3094][certificate-3094]<p>FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4626][aes-4626]); CKG (vendor affirmed); CVL (Certs. [#1278][component-1278] and [#1281][component-1281]); DRBG (Cert. [#1555][drbg-1555]); DSA (Cert. [#1223][dsa-1223]); ECDSA (Cert. [#1133][ecdsa-1133]); HMAC (Cert. [#3061][hmac-3061]); KAS (Cert. [#127][kas-127]); KBKDF (Cert. [#140][kdf-140]); KTS (AES Cert. [#4626][aes-4626]; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2521][rsa-2521] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]); Triple-DES (Cert. [#2459][tdes-2459]<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>[Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages ([Cert. [#3094]][certificate-3094])<p>[#1133][component-1133][); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert.][certificate-3094][#2521][component-2521][); FIPS186-4 RSA; RSADP - RSADP Primitive [Cert.][certificate-3094]<p>[#1281][component-1281][Cert. #3094][certificate-3094]|
|Boot Manager|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089][certificate-3089]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); CKG (vendor affirmed); HMAC (Cert. [#3061][hmac-3061]); PBKDF (vendor affirmed); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Other algorithms: PBKDF (vendor affirmed); VMK KDF (vendor affirmed)|
|Windows OS Loader|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3090.pdf)|[#3090][certificate-3090]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>[Other algorithms: NDRNG][certificate-3090]|
|Windows Resume <sup>[1]</sup>|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf)|[#3091][certificate-3091]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790])|
|BitLocker® Dump Filter <sup>[2]</sup>|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092][certificate-3092]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2522][rsa-2522]); SHS (Cert. [#3790][shs-3790])|
|Code Integrity (ci.dll)|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3093.pdf)|[#3093][certificate-3093]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); RSA (Certs. [#2522][rsa-2522] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282][component-1282])|
|Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.15063](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096][certificate-3096]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); RSA (Certs. [#2522][rsa-2522] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282][component-1282])|
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.15063][sp-3095]|[#3095][certificate-3095]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); CKG (vendor affirmed); CVL (Certs<p>[#1278][component-1278] and [#1281][component-1281]); DRBG (Cert. [#1555][drbg-1555]); DSA (Cert. [#1223][dsa-1223]); ECDSA (Cert. [#1133][ecdsa-1133]); HMAC (Cert. [#3061][hmac-3061]); KAS (Cert. [#127][kas-127]); KBKDF (Cert. [#140][kdf-140]); KTS (AES Cert. [#4626][aes-4626]; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2521][rsa-2521] and [#2522][rsa-2522]); SHS (Cert. [#3790][shs-3790]); Triple-DES (Cert. [#2459][tdes-2459]<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#1133][component-1133]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#2521][component-2521]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#1281][component-1281]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#1278][component-1278])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.15063][sp-3094]|[#3094][certificate-3094]|[#3094][certificate-3094]<p>FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4626][aes-4626]); CKG (vendor affirmed); CVL (Certs. [#1278][component-1278] and [#1281][component-1281]); DRBG (Cert. [#1555][drbg-1555]); DSA (Cert. [#1223][dsa-1223]); ECDSA (Cert. [#1133][ecdsa-1133]); HMAC (Cert. [#3061][hmac-3061]); KAS (Cert. [#127][kas-127]); KBKDF (Cert. [#140][kdf-140]); KTS (AES Cert. [#4626][aes-4626]; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2521][rsa-2521] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]); Triple-DES (Cert. [#2459][tdes-2459]<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>[Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages ([Cert. [#3094]][certificate-3094])<p>[#1133][component-1133][); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert.][certificate-3094][#2521][component-2521][); FIPS186-4 RSA; RSADP - RSADP Primitive [Cert.][certificate-3094]<p>[#1281][component-1281][Cert. #3094][certificate-3094]|
|Boot Manager|[10.0.15063][sp-3089]|[#3089][certificate-3089]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); CKG (vendor affirmed); HMAC (Cert. [#3061][hmac-3061]); PBKDF (vendor affirmed); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Other algorithms: PBKDF (vendor affirmed); VMK KDF (vendor affirmed)|
|Windows OS Loader|[10.0.15063][sp-3090]|[#3090][certificate-3090]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>[Other algorithms: NDRNG][certificate-3090]|
|Windows Resume <sup>[1]</sup>|[10.0.15063][sp-3091]|[#3091][certificate-3091]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790])|
|BitLocker® Dump Filter <sup>[2]</sup>|[10.0.15063][sp-3092]|[#3092][certificate-3092]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2522][rsa-2522]); SHS (Cert. [#3790][shs-3790])|
|Code Integrity (ci.dll)|[10.0.15063][sp-3093]|[#3093][certificate-3093]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); RSA (Certs. [#2522][rsa-2522] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282][component-1282])|
|Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.15063][sp-3096]|[#3096][certificate-3096]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); RSA (Certs. [#2522][rsa-2522] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282][component-1282])|
<sup>\[1\]</sup> Applies only to Home, Pro, Enterprise, Education, and S.
@ -158,14 +158,14 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2937.pdf)|[#2937][certificate-2937]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922][component-922]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887][component-887]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#886][component-886])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2936.pdf)|[#2936][certificate-2936]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922][component-922]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887][component-887])|
|Boot Manager|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2931.pdf)|[#2931][certificate-2931]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); HMAC (Cert. [#2651][hmac-2651]); PBKDF (vendor affirmed); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
|BitLocker® Windows OS Loader (winload)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2932.pdf)|[#2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
|BitLocker® Windows Resume (winresume)<sup>[1]</sup>|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2933.pdf)|[#2933][certificate-2933]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)<sup>[2]</sup>|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2934.pdf)|[#2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
|Code Integrity (ci.dll)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2935.pdf)|[#2935][certificate-2935]|FIPS approved algorithms: RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888])|
|Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2938.pdf)|[#2938][certificate-2938]|FIPS approved algorithms: RSA (Certs. [#2193][rsa-2193]); SHS (Certs. [#3347][shs-3347])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888])|
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393][sp-2937]|[#2937][certificate-2937]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922][component-922]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887][component-887]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#886][component-886])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393][sp-2936]|[#2936][certificate-2936]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922][component-922]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887][component-887])|
|Boot Manager|[10.0.14393][sp-2931]|[#2931][certificate-2931]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); HMAC (Cert. [#2651][hmac-2651]); PBKDF (vendor affirmed); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
|BitLocker® Windows OS Loader (winload)|[10.0.14393][sp-2932]|[#2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
|BitLocker® Windows Resume (winresume)<sup>[1]</sup>|[10.0.14393][sp-2933]|[#2933][certificate-2933]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)<sup>[2]</sup>|[10.0.14393][sp-2934]|[#2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
|Code Integrity (ci.dll)|[10.0.14393][sp-2935]|[#2935][certificate-2935]|FIPS approved algorithms: RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888])|
|Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.14393][sp-2938]|[#2938][certificate-2938]|FIPS approved algorithms: RSA (Certs. [#2193][rsa-2193]); SHS (Certs. [#3347][shs-3347])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888])|
<sup>\[1\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
@ -183,14 +183,14 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10586](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2605.pdf)|[#2606][certificate-2606]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629]); DRBG (Certs. [#955][drbg-955]); DSA (Certs. [#1024][dsa-1024]); ECDSA (Certs. [#760][ecdsa-760]); HMAC (Certs. [#2381][hmac-2381]); KAS (Certs. [#72][kas-72]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72][kdf-72]); KTS (AES Certs. [#3653][aes-3653]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887][rsa-1887], [#1888, and #1889][rsa-1888]); SHS (Certs. [#3047][shs-3047]); Triple-DES (Certs. [#2024][tdes-2024])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666][component-666]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663][component-663]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#664][component-664])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10586](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2605.pdf)|[#2605][certificate-2605]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629]); DRBG (Certs. [#955][drbg-955]); DSA (Certs. [#1024][dsa-1024]); ECDSA (Certs. [#760][ecdsa-760]); HMAC (Certs. [#2381][hmac-2381]); KAS (Certs. [#72][kas-72]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72][kdf-72]); KTS (AES Certs. [#3653][aes-3653]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887][rsa-1887], [#1888, and #1889][rsa-1888]); SHS (Certs. [#3047][shs-3047]); Triple-DES (Certs. [#2024][tdes-2024])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666][component-666]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663][component-663])|
|Boot Manager <sup>[4]</sup>|[10.0.10586](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2700.pdf)|[#2700][certificate-2700]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); HMAC (Cert. [#2381][hmac-2381]); PBKDF (vendor affirmed); RSA (Cert. [#1871][rsa-1871]); SHS (Certs. [#3047][shs-3047] and [#3048][shs-3048])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
|BitLocker® Windows OS Loader (winload)<sup>[5]</sup>|[10.0.10586](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2701.pdf)|[#2701][certificate-2701]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629] and [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5; NDRNG|
|BitLocker® Windows Resume (winresume)<sup>[6]</sup>|[10.0.10586](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2702.pdf)|[#2702][certificate-2702]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)<sup>[7]</sup>|[10.0.10586](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2703.pdf)|[#2703][certificate-2703]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653])|
|Code Integrity (ci.dll)|[10.0.10586](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2604.pdf)|[#2604][certificate-2604]|FIPS approved algorithms: RSA (Certs. [#1871][rsa-1871]); SHS (Certs. [#3048][shs-3048])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665])|
|Secure Kernel Code Integrity (skci.dll)<sup>[8]</sup>|[10.0.10586](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2607.pdf)|[#2607][certificate-2607]|FIPS approved algorithms: RSA (Certs. [#1871][rsa-1871]); SHS (Certs. [#3048][shs-3048])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665])|
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10586][sp-2605]|[#2606][certificate-2606]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629]); DRBG (Certs. [#955][drbg-955]); DSA (Certs. [#1024][dsa-1024]); ECDSA (Certs. [#760][ecdsa-760]); HMAC (Certs. [#2381][hmac-2381]); KAS (Certs. [#72][kas-72]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72][kdf-72]); KTS (AES Certs. [#3653][aes-3653]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887][rsa-1887], [#1888, and #1889][rsa-1888]); SHS (Certs. [#3047][shs-3047]); Triple-DES (Certs. [#2024][tdes-2024])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666][component-666]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663][component-663]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#664][component-664])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10586][sp-2605]|[#2605][certificate-2605]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629]); DRBG (Certs. [#955][drbg-955]); DSA (Certs. [#1024][dsa-1024]); ECDSA (Certs. [#760][ecdsa-760]); HMAC (Certs. [#2381][hmac-2381]); KAS (Certs. [#72][kas-72]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72][kdf-72]); KTS (AES Certs. [#3653][aes-3653]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887][rsa-1887], [#1888, and #1889][rsa-1888]); SHS (Certs. [#3047][shs-3047]); Triple-DES (Certs. [#2024][tdes-2024])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666][component-666]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663][component-663])|
|Boot Manager <sup>[4]</sup>|[10.0.10586][sp-2700]|[#2700][certificate-2700]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); HMAC (Cert. [#2381][hmac-2381]); PBKDF (vendor affirmed); RSA (Cert. [#1871][rsa-1871]); SHS (Certs. [#3047][shs-3047] and [#3048][shs-3048])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
|BitLocker® Windows OS Loader (winload)<sup>[5]</sup>|[10.0.10586][sp-2701]|[#2701][certificate-2701]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629] and [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5; NDRNG|
|BitLocker® Windows Resume (winresume)<sup>[6]</sup>|[10.0.10586][sp-2702]|[#2702][certificate-2702]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)<sup>[7]</sup>|[10.0.10586][sp-2703]|[#2703][certificate-2703]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653])|
|Code Integrity (ci.dll)|[10.0.10586][sp-2604]|[#2604][certificate-2604]|FIPS approved algorithms: RSA (Certs. [#1871][rsa-1871]); SHS (Certs. [#3048][shs-3048])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665])|
|Secure Kernel Code Integrity (skci.dll)<sup>[8]</sup>|[10.0.10586][sp-2607]|[#2607][certificate-2607]|FIPS approved algorithms: RSA (Certs. [#1871][rsa-1871]); SHS (Certs. [#3048][shs-3048])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665])|
<sup>\[4\]</sup> Applies only to Home, Pro, Enterprise, Mobile, and Surface Hub
@ -212,14 +212,14 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, and Surface
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10240](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2605.pdf)|#[2606][certificate-2606]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497]); DRBG (Certs. [#868][drbg-868]); DSA (Certs. [#983][dsa-983]); ECDSA (Certs. [#706][ecdsa-706]); HMAC (Certs. [#2233][hmac-2233]); KAS (Certs. [#64][kas-64]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66][kdf-66]); KTS (AES Certs. [#3507][aes-3507]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783][rsa-1783], [#1798][rsa-1798], and [#1802][rsa-1802]); SHS (Certs. [#2886][shs-2886]); Triple-DES (Certs. [#1969][tdes-1969])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576][component-576]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#575][component-575])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10240](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2605.pdf)|[#2605][certificate-2605]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497]); DRBG (Certs. [#868][drbg-868]); DSA (Certs. [#983][dsa-983]); ECDSA (Certs. [#706][ecdsa-706]); HMAC (Certs. [#2233][hmac-2233]); KAS (Certs. [#64][kas-64]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66][kdf-66]); KTS (AES Certs. [#3507][aes-3507]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783][rsa-1783], [#1798][rsa-1798], and [#1802][rsa-1802]); SHS (Certs. [#2886][shs-2886]); Triple-DES (Certs. [#1969][tdes-1969])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576][component-576])|
|Boot Manager<sup>[9]</sup>|[10.0.10240](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2600.pdf)|[#2600][certificate-2600]|FIPS approved algorithms: AES (Cert. [#3497][aes-3497]); HMAC (Cert. [#2233][hmac-2233]); KTS (AES Cert. [#3498][aes-3498]); PBKDF (vendor affirmed); RSA (Cert. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871] and [#2886][shs-2886])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
|BitLocker® Windows OS Loader (winload)<sup>[10]</sup>|[10.0.10240](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2601.pdf)|[#2601][certificate-2601]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5; NDRNG|
|BitLocker® Windows Resume (winresume)<sup>[11]</sup>|[10.0.10240](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2602.pdf)|[#2602][certificate-2602]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)<sup>[12]</sup>|[10.0.10240](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2603.pdf)|[#2603][certificate-2603]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498])|
|Code Integrity (ci.dll)|[10.0.10240](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2604.pdf)|[#2604][certificate-2604]|FIPS approved algorithms: RSA (Certs. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572])|
|Secure Kernel Code Integrity (skci.dll)<sup>[13]</sup>|[10.0.10240](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2607.pdf)|[#2607][certificate-2607]|FIPS approved algorithms: RSA (Certs. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572])|
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10240][sp-2605]|#[2606][certificate-2606]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497]); DRBG (Certs. [#868][drbg-868]); DSA (Certs. [#983][dsa-983]); ECDSA (Certs. [#706][ecdsa-706]); HMAC (Certs. [#2233][hmac-2233]); KAS (Certs. [#64][kas-64]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66][kdf-66]); KTS (AES Certs. [#3507][aes-3507]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783][rsa-1783], [#1798][rsa-1798], and [#1802][rsa-1802]); SHS (Certs. [#2886][shs-2886]); Triple-DES (Certs. [#1969][tdes-1969])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576][component-576]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#575][component-575])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10240][sp-2605]|[#2605][certificate-2605]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497]); DRBG (Certs. [#868][drbg-868]); DSA (Certs. [#983][dsa-983]); ECDSA (Certs. [#706][ecdsa-706]); HMAC (Certs. [#2233][hmac-2233]); KAS (Certs. [#64][kas-64]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66][kdf-66]); KTS (AES Certs. [#3507][aes-3507]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783][rsa-1783], [#1798][rsa-1798], and [#1802][rsa-1802]); SHS (Certs. [#2886][shs-2886]); Triple-DES (Certs. [#1969][tdes-1969])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576][component-576])|
|Boot Manager<sup>[9]</sup>|[10.0.10240][sp-2600]|[#2600][certificate-2600]|FIPS approved algorithms: AES (Cert. [#3497][aes-3497]); HMAC (Cert. [#2233][hmac-2233]); KTS (AES Cert. [#3498][aes-3498]); PBKDF (vendor affirmed); RSA (Cert. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871] and [#2886][shs-2886])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
|BitLocker® Windows OS Loader (winload)<sup>[10]</sup>|[10.0.10240][sp-2601]|[#2601][certificate-2601]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5; NDRNG|
|BitLocker® Windows Resume (winresume)<sup>[11]</sup>|[10.0.10240][sp-2602]|[#2602][certificate-2602]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)<sup>[12]</sup>|[10.0.10240][sp-2603]|[#2603][certificate-2603]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498])|
|Code Integrity (ci.dll)|[10.0.10240][sp-2604]|[#2604][certificate-2604]|FIPS approved algorithms: RSA (Certs. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572])|
|Secure Kernel Code Integrity (skci.dll)<sup>[13]</sup>|[10.0.10240][sp-2607]|[#2607][certificate-2607]|FIPS approved algorithms: RSA (Certs. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572])|
<sup>\[9\]</sup> Applies only to Home, Pro, Enterprise, and Enterprise LTSB
@ -242,13 +242,13 @@ Validated Editions: RT, Pro, Enterprise, Phone, Embedded
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2357.pdf)|[#2357][certificate-2357]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); DSA (Cert. [#855][dsa-855]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [#2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)#2832, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288][component-288]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#323][component-323])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2356.pdf)|[#2356][certificate-2356]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [# 2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288][component-288]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289])|
|Boot Manager|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2351.pdf)|[#2351][certificate-2351]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); HMAC (Cert. [#1773][hmac-1773]); PBKDF (vendor affirmed); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2352.pdf)|[#2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
|BitLocker® Windows Resume (winresume)<sup>[14]</sup>|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2353.pdf)|[#2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2354.pdf)|[#2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2355.pdf)|[#2355][certificate-2355]|FIPS approved algorithms: RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [# 2373][shs-2373])<p>Other algorithms: MD5<p>Validated Component Implementations: PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289])|
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031][sp-2357]|[#2357][certificate-2357]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); DSA (Cert. [#855][dsa-855]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [#2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)#2832, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288][component-288]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#323][component-323])|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042][sp-2356]|[#2356][certificate-2356]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [# 2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288][component-288]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289])|
|Boot Manager|[6.3.9600 6.3.9600.17031][sp-2351]|[#2351][certificate-2351]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); HMAC (Cert. [#1773][hmac-1773]); PBKDF (vendor affirmed); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[#2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
|BitLocker® Windows Resume (winresume)<sup>[14]</sup>|[6.3.9600 6.3.9600.17031][sp-2353]|[#2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)|[6.3.9600 6.3.9600.17031][sp-2354]|[#2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031][sp-2355]|[#2355][certificate-2355]|FIPS approved algorithms: RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [# 2373][shs-2373])<p>Other algorithms: MD5<p>Validated Component Implementations: PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289])|
<sup>\[14\]</sup> Applies only to Pro, Enterprise, and Embedded 8.
@ -262,15 +262,15 @@ Validated Editions: RT, Home, Pro, Enterprise, Phone
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1892.pdf)|[#1892](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1892)|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258]); DSA (Cert. [#687][dsa-687]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3](https://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258); DSA (Cert.); ECDSA (Cert.); HMAC (Cert.); KAS (Cert); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1891.pdf)|[#1891][certificate-1891]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258] and [#259][drbg-259]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3](https://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RNG (Cert. [#1110](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110)); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258 and); ECDSA (Cert.); HMAC (Cert.); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RNG (Cert.); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
|Boot Manager|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1895.pdf)|[#1895](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1895)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); HMAC (Cert. #[1347][hmac-1347]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1896.pdf)|[#1896](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1896)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
|BitLocker® Windows Resume (WINRESUME)<sup>[15]</sup>|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1898.pdf)|[#1898](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1898)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1899.pdf)|[#1899](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1899)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
|Code Integrity (CI.DLL)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1897.pdf)|[#1897](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1897)|FIPS approved algorithms: RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1893.pdf)|[#1893](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1893)|FIPS approved algorithms: DSA (Cert. [#686][dsa-686]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386]); Triple-DES MAC (Triple-DES Cert. [#1386][tdes-1386], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#1902); Triple-DES (Cert.); Triple-DES MAC (Triple-DES Certificate, vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Certificate, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1894.pdf)|[#1894](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1894)|FIPS approved algorithms: AES (Cert. [#2196][aes-2196]); HMAC (Cert. #1346); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386])<p>Other algorithms: AES (Cert. [#2196][aes-2196], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200][sp-1892]|[#1892](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1892)|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258]); DSA (Cert. [#687][dsa-687]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3](https://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258); DSA (Cert.); ECDSA (Cert.); HMAC (Cert.); KAS (Cert); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200][sp-1891]|[#1891][certificate-1891]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258] and [#259][drbg-259]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3](https://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RNG (Cert. [#1110](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110)); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258 and); ECDSA (Cert.); HMAC (Cert.); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RNG (Cert.); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
|Boot Manager|[6.2.9200][sp-1895]|[#1895](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1895)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); HMAC (Cert. #[1347][hmac-1347]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[#1896](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1896)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
|BitLocker® Windows Resume (WINRESUME)<sup>[15]</sup>|[6.2.9200][sp-1898]|[#1898](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1898)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[#1899](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1899)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
|Code Integrity (CI.DLL)|[6.2.9200][sp-1897]|[#1897](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1897)|FIPS approved algorithms: RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200][sp-1893]|[#1893](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1893)|FIPS approved algorithms: DSA (Cert. [#686][dsa-686]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386]); Triple-DES MAC (Triple-DES Cert. [#1386][tdes-1386], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#1902); Triple-DES (Cert.); Triple-DES MAC (Triple-DES Certificate, vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Certificate, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200][sp-1894]|[#1894](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1894)|FIPS approved algorithms: AES (Cert. [#2196][aes-2196]); HMAC (Cert. #1346); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386])<p>Other algorithms: AES (Cert. [#2196][aes-2196], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
<sup>\[15\]</sup> Applies only to Home and Pro
@ -284,14 +284,14 @@ Validated Editions: Windows 7, Windows 7 SP1
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1329.pdf)<p>[6.1.7601.17514](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1329.pdf)|[1329][certificate-1329]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1178][aes-1178]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#24][drbg-24]); DSA (Cert. [#386][dsa-386]); ECDSA (Cert. [#141][ecdsa-141]); HMAC (Cert. [#677][hmac-677]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559][rsa-559] and [#560][rsa-560]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4#559 and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf)<p>[6.1.7600.16915](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf)<p>[6.1.7600.21092](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf)<p>[6.1.7601.17514](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf)<p>[6.1.7601.17725](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf)<p>[6.1.7601.17919](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf)<p>[6.1.7601.21861](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf)<p>[6.1.7601.22076](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf)|[1328][certificate-1328]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1178][aes-1178]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#24][drbg-24]); ECDSA (Cert. [#141][ecdsa-141]); HMAC (Cert. [#677][hmac-677]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559][rsa-559] and [#560][rsa-560]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
|Boot Manager|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1319.pdf)<p>[6.1.7601.17514](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1319.pdf)|[1319][certificate-1319]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5#1168 and); HMAC (Cert.); RSA (Cert.); SHS (Cert.)<p>Other algorithms: MD5|
|Winload OS Loader (winload.exe)|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf)<p>[6.1.7600.16757](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf)<p>[6.1.7600.20897](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf)<p>[6.1.7600.20916](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf)<p>[6.1.7601.17514](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf)<p>[6.1.7601.17556](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf)<p>[6.1.7601.21655](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf)<p>[6.1.7601.21675](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf)|[1326][certificate-1326]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|BitLocker™ Drive Encryption|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7600.16429](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7600.16757](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7600.20536](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7600.20873](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7600.20897](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7600.20916](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7601.17514](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7601.17556](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7601.21634](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7601.21655](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)<p>[6.1.7601.21675](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf)|[1332][certificate-1332]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
|Code Integrity (CI.DLL)|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf)<p>[6.1.7600.17122](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf)v[6.1.7600.21320](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf)<p>[6.1.7601.17514](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf)<p>[6.1.7601.17950](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf)v[6.1.7601.22108](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf)|[1327][certificate-1327]|FIPS approved algorithms: RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1331.pdf)<p>(no change in SP1)|[1331][certificate-1331]|FIPS approved algorithms: DSA (Cert. [#385][dsa-385]); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846]); Triple-DES MAC (Triple-DES Cert. [#846][tdes-846], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1330.pdf)<p>(no change in SP1)|[1330][certificate-1330]|FIPS approved algorithms: AES (Cert. [#1168][aes-1168]); DRBG (Cert. [#23][drbg-23]); HMAC (Cert. [#673][hmac-673]); SHS (Cert. [#1081][shs-1081]); RSA (Certs. [#557][rsa-557] and [#559][rsa-559]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.1.7600.16385][sp-1329]<p>[6.1.7601.17514][sp-1329]|[1329][certificate-1329]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1178][aes-1178]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#24][drbg-24]); DSA (Cert. [#386][dsa-386]); ECDSA (Cert. [#141][ecdsa-141]); HMAC (Cert. [#677][hmac-677]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559][rsa-559] and [#560][rsa-560]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4#559 and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385][sp-1328]<p>[6.1.7600.16915][sp-1328]<p>[6.1.7600.21092][sp-1328]<p>[6.1.7601.17514][sp-1328]<p>[6.1.7601.17725][sp-1328]<p>[6.1.7601.17919][sp-1328]<p>[6.1.7601.21861][sp-1328]<p>[6.1.7601.22076][sp-1328]|[1328][certificate-1328]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1178][aes-1178]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#24][drbg-24]); ECDSA (Cert. [#141][ecdsa-141]); HMAC (Cert. [#677][hmac-677]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559][rsa-559] and [#560][rsa-560]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
|Boot Manager|[6.1.7600.16385][sp-1319]<p>[6.1.7601.17514][sp-1319]|[1319][certificate-1319]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5#1168 and); HMAC (Cert.); RSA (Cert.); SHS (Cert.)<p>Other algorithms: MD5|
|Winload OS Loader (winload.exe)|[6.1.7600.16385][sp-1326]<p>[6.1.7600.16757][sp-1326]<p>[6.1.7600.20897][sp-1326]<p>[6.1.7600.20916][sp-1326]<p>[6.1.7601.17514][sp-1326]<p>[6.1.7601.17556][sp-1326]<p>[6.1.7601.21655][sp-1326]<p>[6.1.7601.21675][sp-1326]|[1326][certificate-1326]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|BitLocker™ Drive Encryption|[6.1.7600.16385][sp-1332]<p>[6.1.7600.16429][sp-1332]<p>[6.1.7600.16757][sp-1332]<p>[6.1.7600.20536][sp-1332]<p>[6.1.7600.20873][sp-1332]<p>[6.1.7600.20897][sp-1332]<p>[6.1.7600.20916][sp-1332]<p>[6.1.7601.17514][sp-1332]<p>[6.1.7601.17556][sp-1332]<p>[6.1.7601.21634][sp-1332]<p>[6.1.7601.21655][sp-1332]<p>[6.1.7601.21675][sp-1332]|[1332][certificate-1332]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
|Code Integrity (CI.DLL)|[6.1.7600.16385][sp-1327]<p>[6.1.7600.17122][sp-1327]v[6.1.7600.21320][sp-1327]<p>[6.1.7601.17514][sp-1327]<p>[6.1.7601.17950][sp-1327]v[6.1.7601.22108][sp-1327]|[1327][certificate-1327]|FIPS approved algorithms: RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.1.7600.16385][sp-1331]<p>(no change in SP1)|[1331][certificate-1331]|FIPS approved algorithms: DSA (Cert. [#385][dsa-385]); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846]); Triple-DES MAC (Triple-DES Cert. [#846][tdes-846], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.1.7600.16385][sp-1330]<p>(no change in SP1)|[1330][certificate-1330]|FIPS approved algorithms: AES (Cert. [#1168][aes-1168]); DRBG (Cert. [#23][drbg-23]); HMAC (Cert. [#673][hmac-673]); SHS (Cert. [#1081][shs-1081]); RSA (Certs. [#557][rsa-557] and [#559][rsa-559]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
</details>
@ -303,13 +303,13 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Boot Manager (bootmgr)|[6.0.6001.18000 and 6.0.6002.18005](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp978.pdf)|[978][certificate-978]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); HMAC (Cert. [#415][hmac-415]); RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])|
|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18027, 6.0.6001.18606, 6.0.6001.22125, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411 and 6.0.6002.22596](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp979.pdf)|[979][certificate-979]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
|Code Integrity (ci.dll)|[6.0.6001.18000, 6.0.6001.18023, 6.0.6001.22120, and 6.0.6002.18005](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp980.pdf)|[980][certificate-980]|FIPS approved algorithms: RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1000.pdf)|[1000][certificate-1000]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#756][aes-756]); ECDSA (Cert. [#82][ecdsa-82]); HMAC (Cert. [#412][hmac-412]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs. [#353][rsa-353] and [#357][rsa-357]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])#739 and); ECDSA (Cert.); HMAC (Cert.); RNG (Cert. and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1002.pdf)|[1001][certificate-1001]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#756][aes-756]); DSA (Cert. [#283][dsa-283]); ECDSA (Cert. [#82][ecdsa-82]); HMAC (Cert. [#412][hmac-412]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#357][rsa-357]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)|
|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1002.pdf)|[1002][certificate-1002]|FIPS approved algorithms: AES (Cert. [#739][aes-739]); HMAC (Cert. [#407][hmac-407]); RNG (SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#354][rsa-354]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1003.pdf)|[1003][certificate-1003]|FIPS approved algorithms: DSA (Cert. [#281][dsa-281]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435)); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656]); Triple-DES MAC (Triple-DES Cert. [#656][tdes-656], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
|Boot Manager (bootmgr)|[6.0.6001.18000 and 6.0.6002.18005][sp-978]|[978][certificate-978]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); HMAC (Cert. [#415][hmac-415]); RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])|
|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18027, 6.0.6001.18606, 6.0.6001.22125, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411 and 6.0.6002.22596][sp-979]|[979][certificate-979]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
|Code Integrity (ci.dll)|[6.0.6001.18000, 6.0.6001.18023, 6.0.6001.22120, and 6.0.6002.18005][sp-980]|[980][certificate-980]|FIPS approved algorithms: RSA (Cert. [#354][rsa-354]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869][sp-1000]|[1000][certificate-1000]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#756][aes-756]); ECDSA (Cert. [#82][ecdsa-82]); HMAC (Cert. [#412][hmac-412]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs. [#353][rsa-353] and [#357][rsa-357]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])#739 and); ECDSA (Cert.); HMAC (Cert.); RNG (Cert. and SP 800-90 AES-CTR, vendor-affirmed); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872][sp-1002]|[1001][certificate-1001]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#756][aes-756]); DSA (Cert. [#283][dsa-283]); ECDSA (Cert. [#82][ecdsa-82]); HMAC (Cert. [#412][hmac-412]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#357][rsa-357]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)|
|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005][sp-1002]|[1002][certificate-1002]|FIPS approved algorithms: AES (Cert. [#739][aes-739]); HMAC (Cert. [#407][hmac-407]); RNG (SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#354][rsa-354]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005][sp-1003]|[1003][certificate-1003]|FIPS approved algorithms: DSA (Cert. [#281][dsa-281]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435)); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656]); Triple-DES MAC (Triple-DES Cert. [#656][tdes-656], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
</details>
@ -322,10 +322,10 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Enhanced Cryptographic Provider (RSAENH) | [6.0.6000.16386](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp893.pdf) | [893][certificate-893] | FIPS approved algorithms: AES (Cert. [#553][aes-553]); HMAC (Cert. [#297][hmac-297]); RNG (Cert. [#321](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); RSA (Certs. [#255][rsa-255] and [#258][rsa-258]); SHS (Cert. [#618][shs-618]); Triple-DES (Cert. [#549][tdes-549])<br/><br/>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6000.16386](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp894.pdf)|[894][certificate-894]|FIPS approved algorithms: DSA (Cert. [#226][dsa-226]); RNG (Cert. [#321](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); SHS (Cert. [#618][shs-618]); Triple-DES (Cert. [#549][tdes-549]); Triple-DES MAC (Triple-DES Cert. [#549][tdes-549], vendor affirmed)<br/><br/>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
|BitLocker™ Drive Encryption|[6.0.6000.16386](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp947.pdf)|[947][certificate-947]|FIPS approved algorithms: AES (Cert. [#715][aes-715]); HMAC (Cert. [#386][hmac-386]); SHS (Cert. [#737][shs-737])<br/><br/>Other algorithms: Elephant Diffuser|
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp891.pdf)|[891][certificate-891]|FIPS approved algorithms: AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549)<br/><br/>Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5|
|Enhanced Cryptographic Provider (RSAENH) | [6.0.6000.16386][sp-893] | [893][certificate-893] | FIPS approved algorithms: AES (Cert. [#553][aes-553]); HMAC (Cert. [#297][hmac-297]); RNG (Cert. [#321](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); RSA (Certs. [#255][rsa-255] and [#258][rsa-258]); SHS (Cert. [#618][shs-618]); Triple-DES (Cert. [#549][tdes-549])<br/><br/>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6000.16386][sp-894]|[894][certificate-894]|FIPS approved algorithms: DSA (Cert. [#226][dsa-226]); RNG (Cert. [#321](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#321)); SHS (Cert. [#618][shs-618]); Triple-DES (Cert. [#549][tdes-549]); Triple-DES MAC (Triple-DES Cert. [#549][tdes-549], vendor affirmed)<br/><br/>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
|BitLocker™ Drive Encryption|[6.0.6000.16386][sp-947]|[947][certificate-947]|FIPS approved algorithms: AES (Cert. [#715][aes-715]); HMAC (Cert. [#386][hmac-386]); SHS (Cert. [#737][shs-737])<br/><br/>Other algorithms: Elephant Diffuser|
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067][sp-891]|[891][certificate-891]|FIPS approved algorithms: AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549)<br/><br/>Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5|
</details>
@ -335,9 +335,9 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.1.2600.5512](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp997.pdf)|[997][certificate-997]|FIPS approved algorithms: HMAC (Cert. [#429][shs-429]); RNG (Cert. [#449](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#449)); SHS (Cert. [#785][shs-785]); Triple-DES (Cert. [#677][tdes-677]); Triple-DES MAC (Triple-DES Cert. [#677][tdes-677], vendor affirmed)<p>Other algorithms: DES; MD5; HMAC MD5|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.1.2600.5507](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp990.pdf)|[990][certificate-990]|FIPS approved algorithms: DSA (Cert. [#292][dsa-292]); RNG (Cert. [#448](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#448)); SHS (Cert. [#784][shs-784]); Triple-DES (Cert. [#676][tdes-676]); Triple-DES MAC (Triple-DES Cert. [#676][tdes-676], vendor affirmed)<p>Other algorithms: DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits); MD5; RC2; RC4|
|Enhanced Cryptographic Provider (RSAENH)|[5.1.2600.5507](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp989.pdf)|[989][certificate-989]|FIPS approved algorithms: AES (Cert. [#781][aes-781]); HMAC (Cert. [#428][shs-428]); RNG (Cert. [#447](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#447)); RSA (Cert. [#371][rsa-371]); SHS (Cert. [#783][shs-783]); Triple-DES (Cert. [#675][tdes-675]); Triple-DES MAC (Triple-DES Cert. [#675][tdes-675], vendor affirmed)<p>Other algorithms: DES; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits)|
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.1.2600.5512][sp-997]|[997][certificate-997]|FIPS approved algorithms: HMAC (Cert. [#429][shs-429]); RNG (Cert. [#449](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#449)); SHS (Cert. [#785][shs-785]); Triple-DES (Cert. [#677][tdes-677]); Triple-DES MAC (Triple-DES Cert. [#677][tdes-677], vendor affirmed)<p>Other algorithms: DES; MD5; HMAC MD5|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.1.2600.5507][sp-990]|[990][certificate-990]|FIPS approved algorithms: DSA (Cert. [#292][dsa-292]); RNG (Cert. [#448](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#448)); SHS (Cert. [#784][shs-784]); Triple-DES (Cert. [#676][tdes-676]); Triple-DES MAC (Triple-DES Cert. [#676][tdes-676], vendor affirmed)<p>Other algorithms: DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits); MD5; RC2; RC4|
|Enhanced Cryptographic Provider (RSAENH)|[5.1.2600.5507][sp-989]|[989][certificate-989]|FIPS approved algorithms: AES (Cert. [#781][aes-781]); HMAC (Cert. [#428][shs-428]); RNG (Cert. [#447](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#447)); RSA (Cert. [#371][rsa-371]); SHS (Cert. [#783][shs-783]); Triple-DES (Cert. [#675][tdes-675]); Triple-DES MAC (Triple-DES Cert. [#675][tdes-675], vendor affirmed)<p>Other algorithms: DES; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits)|
</details>
@ -347,8 +347,8 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|DSS/Diffie-Hellman Enhanced Cryptographic Provider|[5.1.2600.2133](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp240.pdf)|[240][certificate-240]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Cert. [#29][dsa-29])<p>Other algorithms: DES (Cert. [#66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66)); RC2; RC4; MD5; DES40; Diffie-Hellman (key agreement)|
|Microsoft Enhanced Cryptographic Provider|[5.1.2600.2161](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp238.pdf)|[238][certificate-238]|FIPS approved algorithms: Triple-DES (Cert. [#81][tdes-81]); AES (Cert. [#33][aes-33]); SHA-1 (Cert. [#83][shs-83]); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. [#83][shs-83], vendor affirmed)<p>Other algorithms: DES (Cert. [#156](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#156)); RC2; RC4; MD5|
|DSS/Diffie-Hellman Enhanced Cryptographic Provider|[5.1.2600.2133][sp-240]|[240][certificate-240]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Cert. [#29][dsa-29])<p>Other algorithms: DES (Cert. [#66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66)); RC2; RC4; MD5; DES40; Diffie-Hellman (key agreement)|
|Microsoft Enhanced Cryptographic Provider|[5.1.2600.2161][sp-238]|[238][certificate-238]|FIPS approved algorithms: Triple-DES (Cert. [#81][tdes-81]); AES (Cert. [#33][aes-33]); SHA-1 (Cert. [#83][shs-83]); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. [#83][shs-83], vendor affirmed)<p>Other algorithms: DES (Cert. [#156](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#156)); RC2; RC4; MD5|
</details>
@ -359,7 +359,7 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Microsoft Enhanced Cryptographic Provider|[5.1.2600.1029](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp238.pdf)|[238][certificate-238]|FIPS approved algorithms: Triple-DES (Cert. [#81][tdes-81]); AES (Cert. [#33][aes-33]); SHA-1 (Cert. [#83][shs-83]); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. [#83][shs-83], vendor affirmed)<p>Other algorithms: DES (Cert. [#156](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#156)); RC2; RC4; MD5|
|Microsoft Enhanced Cryptographic Provider|[5.1.2600.1029][sp-238]|[238][certificate-238]|FIPS approved algorithms: Triple-DES (Cert. [#81][tdes-81]); AES (Cert. [#33][aes-33]); SHA-1 (Cert. [#83][shs-83]); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. [#83][shs-83], vendor affirmed)<p>Other algorithms: DES (Cert. [#156](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#156)); RC2; RC4; MD5|
</details>
@ -369,7 +369,7 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Kernel Mode Cryptographic Module|[5.1.2600.0](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp241.pdf)|[241][certificate-241]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Cert. [#35][dsa-35]); HMAC-SHA-1 (Cert. [#35][shs-35], vendor affirmed)<p>Other algorithms: DES (Cert. [#89](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
|Kernel Mode Cryptographic Module|[5.1.2600.0][sp-241]|[241][certificate-241]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Cert. [#35][dsa-35]); HMAC-SHA-1 (Cert. [#35][shs-35], vendor affirmed)<p>Other algorithms: DES (Cert. [#89](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
</details>
@ -379,8 +379,8 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp106.pdf)|[106][certificate-106]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); SHA-1 (Certs. [#35][shs-35])<p>Other algorithms: DES (Certs. [#89](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[(Base DSS: 5.0.2195.3665 [SP3])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(Base: 5.0.2195.3839 [SP3])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(DSS/DH Enh: 5.0.2195.3665 [SP3])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(Enh: 5.0.2195.3839 [SP3]](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569][sp-106]|[106][certificate-106]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); SHA-1 (Certs. [#35][shs-35])<p>Other algorithms: DES (Certs. [#89](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[(Base DSS: 5.0.2195.3665 [SP3])][sp-103]<p>[(Base: 5.0.2195.3839 [SP3])][sp-103]<p>[(DSS/DH Enh: 5.0.2195.3665 [SP3])][sp-103]<p>[(Enh: 5.0.2195.3839 [SP3]][sp-103]|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
</details>
@ -390,8 +390,8 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp106.pdf)|[106][certificate-106]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); SHA-1 (Certs. [#35][shs-35])<p>Other algorithms: DES (Certs. [#89](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[(Base DSS:](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[5.0.2195.2228 [SP2])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(Base:](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[5.0.2195.2228 [SP2])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(DSS/DH Enh:](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[5.0.2195.2228 [SP2])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(Enh:](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[5.0.2195.2228 [SP2])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569][sp-106]|[106][certificate-106]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); SHA-1 (Certs. [#35][shs-35])<p>Other algorithms: DES (Certs. [#89](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#89))|
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[(Base DSS:][sp-103]<p>[5.0.2195.2228 [SP2])][sp-103]<p>[(Base:][sp-103]<p>[5.0.2195.2228 [SP2])][sp-103]<p>[(DSS/DH Enh:][sp-103]<p>[5.0.2195.2228 [SP2])][sp-103]<p>[(Enh:][sp-103]<p>[5.0.2195.2228 [SP2])][sp-103]|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
</details>
@ -401,7 +401,7 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|([Base DSS: 5.0.2150.1391 [SP1])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(Base: 5.0.2150.1391 [SP1])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(DSS/DH Enh: 5.0.2150.1391 [SP1])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)<p>[(Enh: 5.0.2150.1391 [SP1])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf)|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|([Base DSS: 5.0.2150.1391 [SP1])][sp-103]<p>[(Base: 5.0.2150.1391 [SP1])][sp-103]<p>[(DSS/DH Enh: 5.0.2150.1391 [SP1])][sp-103]<p>[(Enh: 5.0.2150.1391 [SP1])][sp-103]|[103][certificate-103]|FIPS approved algorithms: Triple-DES (Cert. [#16][tdes-16]); DSA/SHA-1 (Certs. [#28][dsa-28] and [#29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5|
</details>
@ -411,7 +411,7 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.2150.1](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp76.pdf)|[76][certificate-76]|FIPS approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Certs. [#28][dsa-28] and [29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.2150.1][sp-76]|[76][certificate-76]|FIPS approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Certs. [#28][dsa-28] and [29][dsa-29]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#65](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#65), [66](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#66), [67](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#67) and [68](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#68)); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
</details>
@ -421,7 +421,7 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp75.pdf)|[75][certificate-75]|FIPS approved algorithms: Triple-DES (vendor affirmed); SHA-1 (Certs. [#20](https://social.msdn.microsoft.com/forums/en-us/f93c9ee5-89b9-41a4-96c4-6eb9346625b9/msrai-msra-parsing-remote-assistance-packets-in-network-monitor?forum=os_windowsprotocolshttps://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=20) and [21][shs-21]); DSA/SHA-1 (Certs. [#25][dsa-25] and [26][dsa-26]); RSA (vendor- affirmed)<p>Other algorithms: DES (Certs. [#61](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#61), [62](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#62), [63](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#63) and [64](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#64)); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7][sp-75]|[75][certificate-75]|FIPS approved algorithms: Triple-DES (vendor affirmed); SHA-1 (Certs. [#20](https://social.msdn.microsoft.com/forums/en-us/f93c9ee5-89b9-41a4-96c4-6eb9346625b9/msrai-msra-parsing-remote-assistance-packets-in-network-monitor?forum=os_windowsprotocolshttps://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=20) and [21][shs-21]); DSA/SHA-1 (Certs. [#25][dsa-25] and [26][dsa-26]); RSA (vendor- affirmed)<p>Other algorithms: DES (Certs. [#61](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#61), [62](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#62), [63](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#63) and [64](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#64)); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
</details>
@ -431,7 +431,7 @@ Validated Editions: Ultimate Edition
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Base Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp68.pdf)|[68][certificate-68]|FIPS approved algorithms: SHA-1 (Certs. [#20](https://social.msdn.microsoft.com/forums/en-us/f93c9ee5-89b9-41a4-96c4-6eb9346625b9/msrai-msra-parsing-remote-assistance-packets-in-network-monitor?forum=os_windowsprotocolshttps://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=20) and [21][shs-21]); DSA/SHA- 1 (Certs. [#25][dsa-25] and [26][dsa-26]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#61](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#61), [62](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#62), [63](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#63) and [64](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#64)); Triple-DES (allowed for US and Canadian Government use); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
|Base Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7][sp-68]|[68][certificate-68]|FIPS approved algorithms: SHA-1 (Certs. [#20](https://social.msdn.microsoft.com/forums/en-us/f93c9ee5-89b9-41a4-96c4-6eb9346625b9/msrai-msra-parsing-remote-assistance-packets-in-network-monitor?forum=os_windowsprotocolshttps://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=shs&number=20) and [21][shs-21]); DSA/SHA- 1 (Certs. [#25][dsa-25] and [26][dsa-26]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#61](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#61), [62](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#62), [63](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#63) and [64](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#64)); Triple-DES (allowed for US and Canadian Government use); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)|
</details>
@ -447,14 +447,14 @@ Validated Editions: Standard, Datacenter
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.17763](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf)|[#3644][certificate-3644]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf)|[#3615][certificate-3615]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf)|[#3651][certificate-3651]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.17763](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
|Virtual TPM|[10.0.17763](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf)|[#3690][certificate-3690]|See Security Policy and Certificate page for algorithm information|
|Cryptographic Primitives Library|[10.0.17763][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.17763][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.17763][sp-3644]|[#3644][certificate-3644]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.17763][sp-3615]|[#3615][certificate-3615]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.17763][sp-3651]|[#3651][certificate-3651]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.17763][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.17763][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
|Virtual TPM|[10.0.17763][sp-3690]|[#3690][certificate-3690]|See Security Policy and Certificate page for algorithm information|
</details>
@ -466,13 +466,13 @@ Validated Editions: Standard, Datacenter
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf)|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf)|[#3480][certificate-3480]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.17134](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.17134](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
|Cryptographic Primitives Library|[10.0.17134][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.17134][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.17134][sp-3195]|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.17134][sp-3480]|[#3480][certificate-3480]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.17134][sp-3096]|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.17134][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.17134][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
</details>
@ -484,14 +484,14 @@ Validated Editions: Standard, Datacenter
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf)|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf)|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf)|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf)|[#3194][certificate-3194]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf)|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf)|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Windows Resume|[10.0.16299](https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf)|[#3091][certificate-3091]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.16299](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf)|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
|Cryptographic Primitives Library|[10.0.16299][sp-3197]|[#3197][certificate-3197]|See Security Policy and Certificate page for algorithm information|
|Kernel Mode Cryptographic Primitives Library|[10.0.16299][sp-3196]|[#3196][certificate-3196]|See Security Policy and Certificate page for algorithm information|
|Code Integrity|[10.0.16299][sp-3195]|[#3195][certificate-3195]|See Security Policy and Certificate page for algorithm information|
|Windows OS Loader|[10.0.16299][sp-3194]|[#3194][certificate-3194]|See Security Policy and Certificate page for algorithm information|
|Secure Kernel Code Integrity|[10.0.16299][sp-3096]|[#3096][certificate-3096]|See Security Policy and Certificate page for algorithm information|
|BitLocker Dump Filter|[10.0.16299][sp-3092]|[#3092][certificate-3092]|See Security Policy and Certificate page for algorithm information|
|Windows Resume|[10.0.16299][sp-3091]|[#3091][certificate-3091]|See Security Policy and Certificate page for algorithm information|
|Boot Manager|[10.0.16299][sp-3089]|[#3089][certificate-3089]|See Security Policy and Certificate page for algorithm information|
</details>
@ -503,14 +503,14 @@ Validated Editions: Standard, Datacenter, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2937.pdf)|[2937][certificate-2937]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2936.pdf)|[2936][certificate-2936]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
|Boot Manager|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2931.pdf)|[2931][certificate-2931]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); HMAC (Cert. [#2651][hmac-2651]); PBKDF (vendor affirmed); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
|BitLocker® Windows OS Loader (winload)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2932.pdf)|[2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
|BitLocker® Windows Resume (winresume)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2933.pdf)|[2933][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2934.pdf)|[2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
|Code Integrity (ci.dll)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2935.pdf)|[2935][certificate-2935]|FIPS approved algorithms: RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: AES (non-compliant); MD5|
|Secure Kernel Code Integrity (skci.dll)|[10.0.14393](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2938.pdf)|[2938][certificate-2938]|FIPS approved algorithms: RSA (Certs. [#2193][rsa-2193]); SHS (Certs. [#3347][shs-3347])<p>Other algorithms: MD5|
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393][sp-2937]|[2937][certificate-2937]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393][sp-2936]|[2936][certificate-2936]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
|Boot Manager|[10.0.14393][sp-2931]|[2931][certificate-2931]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); HMAC (Cert. [#2651][hmac-2651]); PBKDF (vendor affirmed); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
|BitLocker® Windows OS Loader (winload)|[10.0.14393][sp-2932]|[2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
|BitLocker® Windows Resume (winresume)|[10.0.14393][sp-2933]|[2933][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)|[10.0.14393][sp-2934]|[2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
|Code Integrity (ci.dll)|[10.0.14393][sp-2935]|[2935][certificate-2935]|FIPS approved algorithms: RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: AES (non-compliant); MD5|
|Secure Kernel Code Integrity (skci.dll)|[10.0.14393][sp-2938]|[2938][certificate-2938]|FIPS approved algorithms: RSA (Certs. [#2193][rsa-2193]); SHS (Certs. [#3347][shs-3347])<p>Other algorithms: MD5|
</details>
@ -524,13 +524,13 @@ Validated Editions: Server, Storage Server,
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2357.pdf)|[2357][certificate-2357]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); DSA (Cert. [#855][dsa-855]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [#2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2356.pdf)|[2356][certificate-2356]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [# 2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
|Boot Manager|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2351.pdf)|[2351][certificate-2351]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); HMAC (Cert. [#1773][hmac-1773]); PBKDF (vendor affirmed); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2352.pdf)|[2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
|BitLocker® Windows Resume (winresume)<sup>[16]</sup>|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2353.pdf)|[2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)<sup>[17]</sup>|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2354.pdf)|[2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2355.pdf)|[2355][certificate-2355]|FIPS approved algorithms: RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [# 2373][shs-2373])<p>Other algorithms: MD5|
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031][sp-2357]|[2357][certificate-2357]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); DSA (Cert. [#855][dsa-855]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [#2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042][sp-2356]|[2356][certificate-2356]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [# 2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
|Boot Manager|[6.3.9600 6.3.9600.17031][sp-2351]|[2351][certificate-2351]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); HMAC (Cert. [#1773][hmac-1773]); PBKDF (vendor affirmed); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
|BitLocker® Windows Resume (winresume)<sup>[16]</sup>|[6.3.9600 6.3.9600.17031][sp-2353]|[2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (dumpfve.sys)<sup>[17]</sup>|[6.3.9600 6.3.9600.17031][sp-2354]|[2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031][sp-2355]|[2355][certificate-2355]|FIPS approved algorithms: RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [# 2373][shs-2373])<p>Other algorithms: MD5|
<sup>\[16\]</sup> Doesn't apply to **Azure StorSimple Virtual Array Windows Server 2012 R2**
@ -546,15 +546,15 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1892.pdf)|[1892](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1892)|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258]); DSA (Cert. [#687][dsa-687]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. #[1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3](https://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#687); ECDSA (Cert.); HMAC (Cert. #); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1891.pdf)|[1891][certificate-1891]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258] and [#259][drbg-259]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3](https://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RNG (Cert. [#1110](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110)); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#1110); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
|Boot Manager|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1895.pdf)|[1895](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1895)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); HMAC (Cert. #[1347][hmac-1347]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1896.pdf)|[1896](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1896)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
|BitLocker® Windows Resume (WINRESUME)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1898.pdf)|[1898](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1898)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1899.pdf)|[1899](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1899)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
|Code Integrity (CI.DLL)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1897.pdf)|[1897](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1897)|FIPS approved algorithms: RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1893.pdf)|[1893](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1893)|FIPS approved algorithms: DSA (Cert. [#686][dsa-686]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386]); Triple-DES MAC (Triple-DES Cert. [#1386][tdes-1386], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1894.pdf)|[1894](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1894)|FIPS approved algorithms: AES (Cert. [#2196][aes-2196]); HMAC (Cert. [#1346][hmac-1346]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386])<p>Other algorithms: AES (Cert. [#2196][aes-2196], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200][sp-1892]|[1892](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1892)|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258]); DSA (Cert. [#687][dsa-687]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. #[1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3](https://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#687); ECDSA (Cert.); HMAC (Cert. #); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200][sp-1891]|[1891][certificate-1891]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258] and [#259][drbg-259]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3](https://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3)); PBKDF (vendor affirmed); RNG (Cert. [#1110](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110)); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#1110); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
|Boot Manager|[6.2.9200][sp-1895]|[1895](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1895)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); HMAC (Cert. #[1347][hmac-1347]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[1896](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1896)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
|BitLocker® Windows Resume (WINRESUME)|[6.2.9200][sp-1898]|[1898](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1898)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[1899](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1899)|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
|Code Integrity (CI.DLL)|[6.2.9200][sp-1897]|[1897](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1897)|FIPS approved algorithms: RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200][sp-1893]|[1893](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1893)|FIPS approved algorithms: DSA (Cert. [#686][dsa-686]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386]); Triple-DES MAC (Triple-DES Cert. [#1386][tdes-1386], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200][sp-1894]|[1894](https://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401val2013.htm#1894)|FIPS approved algorithms: AES (Cert. [#2196][aes-2196]); HMAC (Cert. [#1346][hmac-1346]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386])<p>Other algorithms: AES (Cert. [#2196][aes-2196], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
</details>
<br>
@ -563,14 +563,14 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Boot Manager (bootmgr)|[6.1.7600.16385 or 6.1.7601.17514](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1321.pdf)|[1321][certificate-1321]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|Winload OS Loader (winload.exe)|[6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1333.pdf)|[1333][certificate-1333]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|Code Integrity (ci.dll)|[6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950 and 6.1.7601.22108](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1334.pdf)|[1334][certificate-1334]|FIPS approved algorithms: RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1335.pdf)|[1335][certificate-1335]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#27][drbg-27]); ECDSA (Cert. [#142][ecdsa-142]); HMAC (Cert. [#686][hmac-686]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559][rsa-559] and [#567][rsa-567]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
|Cryptographic Primitives Library (bcryptprimitives.dll)|[66.1.7600.16385 or 6.1.7601.17514](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1336.pdf)|[1336][certificate-1336]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#27][drbg-27]); DSA (Cert. [#391][dsa-391]); ECDSA (Cert. [#142][ecdsa-142]); HMAC (Cert. [#686][hmac-686]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559][rsa-559] and [#567][rsa-567]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; HMAC MD5; MD2; MD4; MD5; RC2; RC4|
|Enhanced Cryptographic Provider (RSAENH)|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1337.pdf)|[1337][certificate-1337]|FIPS approved algorithms: AES (Cert. [#1168][aes-1168]); DRBG (Cert. [#23][drbg-23]); HMAC (Cert. [#687][hmac-687]); SHS (Cert. [#1081][shs-1081]); RSA (Certs. [#559][rsa-559] and [#568][rsa-568]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.1.7600.16385](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1338.pdf)|[1338][certificate-1338]|FIPS approved algorithms: DSA (Cert. [#390][dsa-390]); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846]); Triple-DES MAC (Triple-DES Cert. [#846][tdes-846], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
|BitLocker™ Drive Encryption|[6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1339.pdf)|[1339][certificate-1339]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
|Boot Manager (bootmgr)|[6.1.7600.16385 or 6.1.7601.17514][sp-1321]|[1321][certificate-1321]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|Winload OS Loader (winload.exe)|[6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675][sp-1333]|[1333][certificate-1333]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|Code Integrity (ci.dll)|[6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950 and 6.1.7601.22108][sp-1334]|[1334][certificate-1334]|FIPS approved algorithms: RSA (Cert. [#568][rsa-568]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076][sp-1335]|[1335][certificate-1335]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#27][drbg-27]); ECDSA (Cert. [#142][ecdsa-142]); HMAC (Cert. [#686][hmac-686]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559][rsa-559] and [#567][rsa-567]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
|Cryptographic Primitives Library (bcryptprimitives.dll)|[66.1.7600.16385 or 6.1.7601.17514][sp-1336]|[1336][certificate-1336]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#27][drbg-27]); DSA (Cert. [#391][dsa-391]); ECDSA (Cert. [#142][ecdsa-142]); HMAC (Cert. [#686][hmac-686]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); RSA (Certs. [#559][rsa-559] and [#567][rsa-567]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; HMAC MD5; MD2; MD4; MD5; RC2; RC4|
|Enhanced Cryptographic Provider (RSAENH)|[6.1.7600.16385][sp-1337]|[1337][certificate-1337]|FIPS approved algorithms: AES (Cert. [#1168][aes-1168]); DRBG (Cert. [#23][drbg-23]); HMAC (Cert. [#687][hmac-687]); SHS (Cert. [#1081][shs-1081]); RSA (Certs. [#559][rsa-559] and [#568][rsa-568]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.1.7600.16385][sp-1338]|[1338][certificate-1338]|FIPS approved algorithms: DSA (Cert. [#390][dsa-390]); RNG (Cert. [#649](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#649)); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846]); Triple-DES MAC (Triple-DES Cert. [#846][tdes-846], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
|BitLocker™ Drive Encryption|[6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675][sp-1339]|[1339][certificate-1339]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
</details>
@ -580,13 +580,13 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Boot Manager (bootmgr)|[6.0.6001.18000, 6.0.6002.18005 and 6.0.6002.22497](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1004.pdf)|[1004][certificate-1004]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); HMAC (Cert. [#415][hmac-415]); RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: N/A|
|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1005.pdf)|[1005][certificate-1005]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
|Code Integrity (ci.dll)|[6.0.6001.18000 and 6.0.6002.18005](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1006.pdf)|[1006][certificate-1006]|FIPS approved algorithms: RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1007.pdf)|[1007][certificate-1007]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#757][aes-757]); ECDSA (Cert. [#83][ecdsa-83]); HMAC (Cert. [#413][hmac-413]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP800-90 AES-CTR, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#358][rsa-358]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#83); HMAC (Cert.); RNG (Cert. and SP800-90 AES-CTR, vendor affirmed); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1008.pdf)|[1008][certificate-1008]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#757][aes-757]); DSA (Cert. [#284][dsa-284]); ECDSA (Cert. [#83][ecdsa-83]); HMAC (Cert. [#413][hmac-413]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#358][rsa-358]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1009.pdf)|[1009][certificate-1009]|FIPS approved algorithms: DSA (Cert. [#282][dsa-282]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435)); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656]); Triple-DES MAC (Triple-DES Cert. [#656][tdes-656], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1010.pdf)|[1010][certificate-1010]|FIPS approved algorithms: AES (Cert. [#739][aes-739]); HMAC (Cert. [#408][hmac-408]); RNG (SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#355][rsa-355]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Boot Manager (bootmgr)|[6.0.6001.18000, 6.0.6002.18005 and 6.0.6002.22497][sp-1004]|[1004][certificate-1004]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); HMAC (Cert. [#415][hmac-415]); RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: N/A|
|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596][sp-1005]|[1005][certificate-1005]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#760][aes-760]); RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
|Code Integrity (ci.dll)|[6.0.6001.18000 and 6.0.6002.18005][sp-1006]|[1006][certificate-1006]|FIPS approved algorithms: RSA (Cert. [#355][rsa-355]); SHS (Cert. [#753][shs-753])<p>Other algorithms: MD5|
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869][sp-1007]|[1007][certificate-1007]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#757][aes-757]); ECDSA (Cert. [#83][ecdsa-83]); HMAC (Cert. [#413][hmac-413]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP800-90 AES-CTR, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#358][rsa-358]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#83); HMAC (Cert.); RNG (Cert. and SP800-90 AES-CTR, vendor affirmed); RSA (Certs. and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping: key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872][sp-1008]|[1008][certificate-1008]|FIPS approved algorithms: AES (Certs. [#739][aes-739] and [#757][aes-757]); DSA (Cert. [#284][dsa-284]); ECDSA (Cert. [#83][ecdsa-83]); HMAC (Cert. [#413][hmac-413]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435) and SP800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#358][rsa-358]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 bits and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005][sp-1009]|[1009][certificate-1009]|FIPS approved algorithms: DSA (Cert. [#282][dsa-282]); RNG (Cert. [#435](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#435)); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656]); Triple-DES MAC (Triple-DES Cert. [#656][tdes-656], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005][sp-1010]|[1010][certificate-1010]|FIPS approved algorithms: AES (Cert. [#739][aes-739]); HMAC (Cert. [#408][hmac-408]); RNG (SP 800-90, vendor affirmed); RSA (Certs. [#353][rsa-353] and [#355][rsa-355]); SHS (Cert. [#753][shs-753]); Triple-DES (Cert. [#656][tdes-656])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
</details>
@ -596,9 +596,9 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.3959](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp875.pdf)|[875][certificate-875]|FIPS approved algorithms: DSA (Cert. [#221][dsa-221]); RNG (Cert. [#314](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#314)); RSA (Cert. [#245][rsa-245]); SHS (Cert. [#611][shs-611]); Triple-DES (Cert. [#543][tdes-543])<p>Other algorithms: DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC4|
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.3959](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp869.pdf)|[869][certificate-869]|FIPS approved algorithms: HMAC (Cert. [#287][hmac-287]); RNG (Cert. [#313](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#313)); SHS (Cert. [#610][shs-610]); Triple-DES (Cert. [#542][tdes-542])<p>Other algorithms: DES; HMAC-MD5|
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.3959](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp868.pdf)|[868][certificate-868]|FIPS approved algorithms: AES (Cert. [#548][aes-548]); HMAC (Cert. [#289][hmac-289]); RNG (Cert. [#316](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#316)); RSA (Cert. [#245][rsa-245]); SHS (Cert. [#613][shs-613]); Triple-DES (Cert. [#544][tdes-544])<p>Other algorithms: DES; RC2; RC4; MD2; MD4; MD5; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.3959][sp-875]|[875][certificate-875]|FIPS approved algorithms: DSA (Cert. [#221][dsa-221]); RNG (Cert. [#314](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#314)); RSA (Cert. [#245][rsa-245]); SHS (Cert. [#611][shs-611]); Triple-DES (Cert. [#543][tdes-543])<p>Other algorithms: DES; DES40; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC4|
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.3959][sp-869]|[869][certificate-869]|FIPS approved algorithms: HMAC (Cert. [#287][hmac-287]); RNG (Cert. [#313](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#313)); SHS (Cert. [#610][shs-610]); Triple-DES (Cert. [#542][tdes-542])<p>Other algorithms: DES; HMAC-MD5|
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.3959][sp-868]|[868][certificate-868]|FIPS approved algorithms: AES (Cert. [#548][aes-548]); HMAC (Cert. [#289][hmac-289]); RNG (Cert. [#316](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#316)); RSA (Cert. [#245][rsa-245]); SHS (Cert. [#613][shs-613]); Triple-DES (Cert. [#544][tdes-544])<p>Other algorithms: DES; RC2; RC4; MD2; MD4; MD5; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
</details>
@ -608,9 +608,9 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.1830 [SP1]](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp405.pdf)|[405][certificate-405]|FIPS approved algorithms: Triple-DES (Certs. [#201][tdes-201][1] and [#370][tdes-370][1]); SHS (Certs. [#177][shs-177][1] and [#371][shs-371][2])<p>Other algorithms: DES (Cert. [#230](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#230)[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.1830 [Service Pack 1])](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp382.pdf)|[382][certificate-382]|FIPS approved algorithms: Triple-DES (Cert. [#192][tdes-192][1] and [#365][tdes-365][2]); AES (Certs. [#80][aes-80][1] and [#290][aes-290][2]); SHS (Cert. [#176][shs-176][1] and [#364][shs-364][2]); HMAC (Cert. [#176][shs-176], vendor affirmed[1] and [#99][hmac-99][2]); RSA (PKCS#1, vendor affirmed[1] and [#81][rsa-81][2])<p>Other algorithms: DES (Cert. [#226](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#226)[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.1830 [Service Pack 1]](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp381.pdf)|[381][certificate-381]|FIPS approved algorithms: Triple-DES (Certs. [#199][tdes-199][1] and [#381][tdes-381][2]); SHA-1 (Certs. [#181][shs-181][1] and [#385][shs-385][2]); DSA (Certs. [#95][dsa-95][1] and [#146][dsa-146][2]); RSA (Cert. [#81][rsa-81])<p>Other algorithms: DES (Cert. [#229](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#229)[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.1830 [SP1]][sp-405]|[405][certificate-405]|FIPS approved algorithms: Triple-DES (Certs. [#201][tdes-201][1] and [#370][tdes-370][1]); SHS (Certs. [#177][shs-177][1] and [#371][shs-371][2])<p>Other algorithms: DES (Cert. [#230](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#230)[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.1830 [Service Pack 1])][sp-382]|[382][certificate-382]|FIPS approved algorithms: Triple-DES (Cert. [#192][tdes-192][1] and [#365][tdes-365][2]); AES (Certs. [#80][aes-80][1] and [#290][aes-290][2]); SHS (Cert. [#176][shs-176][1] and [#364][shs-364][2]); HMAC (Cert. [#176][shs-176], vendor affirmed[1] and [#99][hmac-99][2]); RSA (PKCS#1, vendor affirmed[1] and [#81][rsa-81][2])<p>Other algorithms: DES (Cert. [#226](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#226)[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.1830 [Service Pack 1]][sp-381]|[381][certificate-381]|FIPS approved algorithms: Triple-DES (Certs. [#199][tdes-199][1] and [#381][tdes-381][2]); SHA-1 (Certs. [#181][shs-181][1] and [#385][shs-385][2]); DSA (Certs. [#95][dsa-95][1] and [#146][dsa-146][2]); RSA (Cert. [#81][rsa-81])<p>Other algorithms: DES (Cert. [#229](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#229)[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40<p>[1] x86<p>[2] SP1 x86, x64, IA64|
</details>
@ -620,9 +620,9 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.0](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp405.pdf)|[405][certificate-405]|FIPS approved algorithms: Triple-DES (Certs. [#201][tdes-201][1] and [#370][tdes-370][1]); SHS (Certs. [#177][shs-177][1] and [#371][shs-371][2])<p>Other algorithms: DES (Cert. [#230](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#230)[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.0](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp382.pdf)|[382][certificate-382]|FIPS approved algorithms: Triple-DES (Cert. [#192][tdes-192][1] and [#365][tdes-365][2]); AES (Certs. [#80][aes-80][1] and [#290][aes-290][2]); SHS (Cert. [#176][shs-176][1] and [#364][shs-364][2]); HMAC (Cert. [#176][shs-176], vendor affirmed[1] and [#99][hmac-99][2]); RSA (PKCS#1, vendor affirmed[1] and [#81][rsa-81][2])<p>Other algorithms: DES (Cert. [#226](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#226)[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.0](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp381.pdf)|[381][certificate-381]|FIPS approved algorithms: Triple-DES (Certs. [#199][tdes-199][1] and [#381][tdes-381][2]); SHA-1 (Certs. [#181][shs-181][1] and [#385][shs-385][2]); DSA (Certs. [#95][dsa-95][1] and [#146][dsa-146][2]); RSA (Cert. [#81][rsa-81])<p>Other algorithms: DES (Cert. [#229](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#229)[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.0][sp-405]|[405][certificate-405]|FIPS approved algorithms: Triple-DES (Certs. [#201][tdes-201][1] and [#370][tdes-370][1]); SHS (Certs. [#177][shs-177][1] and [#371][shs-371][2])<p>Other algorithms: DES (Cert. [#230](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#230)[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant)<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.0][sp-382]|[382][certificate-382]|FIPS approved algorithms: Triple-DES (Cert. [#192][tdes-192][1] and [#365][tdes-365][2]); AES (Certs. [#80][aes-80][1] and [#290][aes-290][2]); SHS (Cert. [#176][shs-176][1] and [#364][shs-364][2]); HMAC (Cert. [#176][shs-176], vendor affirmed[1] and [#99][hmac-99][2]); RSA (PKCS#1, vendor affirmed[1] and [#81][rsa-81][2])<p>Other algorithms: DES (Cert. [#226](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#226)[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5<p>[1] x86<p>[2] SP1 x86, x64, IA64|
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.0][sp-381]|[381][certificate-381]|FIPS approved algorithms: Triple-DES (Certs. [#199][tdes-199][1] and [#381][tdes-381][2]); SHA-1 (Certs. [#181][shs-181][1] and [#385][shs-385][2]); DSA (Certs. [#95][dsa-95][1] and [#146][dsa-146][2]); RSA (Cert. [#81][rsa-81])<p>Other algorithms: DES (Cert. [#229](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#229)[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40<p>[1] x86<p>[2] SP1 x86, x64, IA64|
</details>
@ -633,8 +633,8 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Enhanced Cryptographic Provider|[7.00.2872 [1] and 8.00.6246 [2]](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2957.pdf)|[2957][certificate-2957]|FIPS approved algorithms: AES (Certs.[#4433][aes-4433]and[#4434][aes-4434]); CKG (vendor affirmed); DRBG (Certs.[#1432][drbg-1432]and[#1433][drbg-1433]); HMAC (Certs.[#2946][hmac-2946]and[#2945][hmac-2945]); RSA (Certs.[#2414][rsa-2414]and[#2415][rsa-2415]); SHS (Certs.[#3651][shs-3651]and[#3652][shs-3652]); Triple-DES (Certs.[#2383][tdes-2383]and[#2384][tdes-2384])<p>Allowed algorithms: HMAC-MD5, MD5, NDRNG|
|Cryptographic Primitives Library (bcrypt.dll)|[7.00.2872 [1] and 8.00.6246 [2]](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2956.pdf)|[2956][certificate-2956]|FIPS approved algorithms: AES (Certs.[#4430][aes-4430]and[#4431][aes-4431]); CKG (vendor affirmed); CVL (Certs.[#1139][component-1139]and[#1140][component-1140]); DRBG (Certs.[#1429][drbg-1429]and[#1430][drbg-1430]); DSA (Certs.[#1187][dsa-1187]and[#1188][dsa-1188]); ECDSA (Certs.[#1072][ecdsa-1072]and[#1073][ecdsa-1073]); HMAC (Certs.[#2942][hmac-2942]and[#2943][hmac-2943]); KAS (Certs.[#114][kas-114]and[#115][kas-115]); RSA (Certs.[#2411][rsa-2411]and[#2412][rsa-2412]); SHS (Certs.[#3648][shs-3648]and[#3649][shs-3649]); Triple-DES (Certs.[#2381][tdes-2381]and[#2382][tdes-2382])<p>Allowed algorithms: MD5, NDRNG, RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength|
|Enhanced Cryptographic Provider|[7.00.2872 [1] and 8.00.6246 [2]][sp-2957]|[2957][certificate-2957]|FIPS approved algorithms: AES (Certs.[#4433][aes-4433]and[#4434][aes-4434]); CKG (vendor affirmed); DRBG (Certs.[#1432][drbg-1432]and[#1433][drbg-1433]); HMAC (Certs.[#2946][hmac-2946]and[#2945][hmac-2945]); RSA (Certs.[#2414][rsa-2414]and[#2415][rsa-2415]); SHS (Certs.[#3651][shs-3651]and[#3652][shs-3652]); Triple-DES (Certs.[#2383][tdes-2383]and[#2384][tdes-2384])<p>Allowed algorithms: HMAC-MD5, MD5, NDRNG|
|Cryptographic Primitives Library (bcrypt.dll)|[7.00.2872 [1] and 8.00.6246 [2]][sp-2956]|[2956][certificate-2956]|FIPS approved algorithms: AES (Certs.[#4430][aes-4430]and[#4431][aes-4431]); CKG (vendor affirmed); CVL (Certs.[#1139][component-1139]and[#1140][component-1140]); DRBG (Certs.[#1429][drbg-1429]and[#1430][drbg-1430]); DSA (Certs.[#1187][dsa-1187]and[#1188][dsa-1188]); ECDSA (Certs.[#1072][ecdsa-1072]and[#1073][ecdsa-1073]); HMAC (Certs.[#2942][hmac-2942]and[#2943][hmac-2943]); KAS (Certs.[#114][kas-114]and[#115][kas-115]); RSA (Certs.[#2411][rsa-2411]and[#2412][rsa-2412]); SHS (Certs.[#3648][shs-3648]and[#3649][shs-3649]); Triple-DES (Certs.[#2381][tdes-2381]and[#2382][tdes-2382])<p>Allowed algorithms: MD5, NDRNG, RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength|
</details>
@ -644,7 +644,7 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Enhanced Cryptographic Provider|[6.00.1937 [1] and 7.00.1687 [2]](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp825.pdf)|[825][certificate-825]|FIPS approved algorithms: AES (Certs. [#516][aes-516] [1] and [#2024][aes-2024] [2]); HMAC (Certs. [#267][shs-267] [1] and [#1227][hmac-1227] [2]); RNG (Certs. [#292](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#292) [1] and [#1060](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1060) [2]); RSA (Cert. [#230][rsa-230] [1] and [#1052][rsa-1052] [2]); SHS (Certs. [#589][shs-589] [1] and #1774 [2]); Triple-DES (Certs. [#526][tdes-526] [1] and [#1308][tdes-1308] [2])<p>Other algorithms: MD5; HMAC-MD5; RC2; RC4; DES|
|Enhanced Cryptographic Provider|[6.00.1937 [1] and 7.00.1687 [2]][sp-825]|[825][certificate-825]|FIPS approved algorithms: AES (Certs. [#516][aes-516] [1] and [#2024][aes-2024] [2]); HMAC (Certs. [#267][shs-267] [1] and [#1227][hmac-1227] [2]); RNG (Certs. [#292](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#292) [1] and [#1060](https://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1060) [2]); RSA (Cert. [#230][rsa-230] [1] and [#1052][rsa-1052] [2]); SHS (Certs. [#589][shs-589] [1] and #1774 [2]); Triple-DES (Certs. [#526][tdes-526] [1] and [#1308][tdes-1308] [2])<p>Other algorithms: MD5; HMAC-MD5; RC2; RC4; DES|
</details>
@ -654,7 +654,7 @@ Validated Editions: Server, Storage Server
|Cryptographic Module|Version (link to Security Policy)|FIPS Certificate #|Algorithms|
|--- |--- |--- |--- |
|Outlook Cryptographic Provider (EXCHCSP)|[SR-1A (3821)](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp110.pdf)|[110][certificate-110]|FIPS approved algorithms: Triple-DES (Cert. [#18][tdes-18]); SHA-1 (Certs. [#32][shs-32]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#91](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#91)); DES MAC; RC2; MD2; MD5|
|Outlook Cryptographic Provider (EXCHCSP)|[SR-1A (3821)][sp-110]|[110][certificate-110]|FIPS approved algorithms: Triple-DES (Cert. [#18][tdes-18]); SHA-1 (Certs. [#32][shs-32]); RSA (vendor affirmed)<p>Other algorithms: DES (Certs. [#91](https://csrc.nist.gov/groups/stm/cavp/documents/des/desval.html#91)); DES MAC; RC2; MD2; MD5|
</details>
@ -1158,7 +1158,7 @@ SMB3 can be FIPS 140 compliant, if Windows is configured to operate in FIPS 140
---
<!-- Algorithms links -->
<!-- Links -->
[aes-33]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=33
[aes-80]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=80
[aes-224]: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?source=aes&number=224
@ -1706,4 +1706,111 @@ SMB3 can be FIPS 140 compliant, if Windows is configured to operate in FIPS 140
[certificate-3615]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615
[certificate-3644]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644
[certificate-3651]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651
[certificate-3690]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690
[certificate-3690]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690
[sp-1000]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1000.pdf
[sp-1002]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1002.pdf
[sp-1003]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1003.pdf
[sp-1004]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1004.pdf
[sp-1005]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1005.pdf
[sp-1006]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1006.pdf
[sp-1007]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1007.pdf
[sp-1008]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1008.pdf
[sp-1009]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1009.pdf
[sp-1010]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1010.pdf
[sp-103]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf
[sp-106]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp106.pdf
[sp-110]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp110.pdf
[sp-1319]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1319.pdf
[sp-1321]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1321.pdf
[sp-1326]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf
[sp-1327]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf
[sp-1328]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf
[sp-1329]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1329.pdf
[sp-1330]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1330.pdf
[sp-1331]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1331.pdf
[sp-1332]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf
[sp-1333]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1333.pdf
[sp-1334]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1334.pdf
[sp-1335]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1335.pdf
[sp-1336]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1336.pdf
[sp-1337]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1337.pdf
[sp-1338]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1338.pdf
[sp-1339]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1339.pdf
[sp-1891]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1891.pdf
[sp-1892]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1892.pdf
[sp-1893]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1893.pdf
[sp-1894]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1894.pdf
[sp-1895]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1895.pdf
[sp-1896]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1896.pdf
[sp-1897]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1897.pdf
[sp-1898]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1898.pdf
[sp-1899]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1899.pdf
[sp-2351]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2351.pdf
[sp-2352]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2352.pdf
[sp-2353]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2353.pdf
[sp-2354]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2354.pdf
[sp-2355]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2355.pdf
[sp-2356]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2356.pdf
[sp-2357]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2357.pdf
[sp-238]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp238.pdf
[sp-240]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp240.pdf
[sp-241]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp241.pdf
[sp-2600]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2600.pdf
[sp-2601]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2601.pdf
[sp-2602]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2602.pdf
[sp-2603]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2603.pdf
[sp-2604]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2604.pdf
[sp-2605]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2605.pdf
[sp-2607]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2607.pdf
[sp-2700]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2700.pdf
[sp-2701]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2701.pdf
[sp-2702]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2702.pdf
[sp-2703]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2703.pdf
[sp-2931]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2931.pdf
[sp-2932]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2932.pdf
[sp-2933]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2933.pdf
[sp-2934]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2934.pdf
[sp-2935]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2935.pdf
[sp-2936]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2936.pdf
[sp-2937]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2937.pdf
[sp-2938]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2938.pdf
[sp-2956]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2956.pdf
[sp-2957]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2957.pdf
[sp-3089]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf
[sp-3090]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3090.pdf
[sp-3091]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf
[sp-3092]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf
[sp-3093]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3093.pdf
[sp-3094]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3094.pdf
[sp-3095]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3095.pdf
[sp-3096]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf
[sp-3194]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf
[sp-3195]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf
[sp-3196]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf
[sp-3197]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf
[sp-3480]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf
[sp-3615]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf
[sp-3644]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf
[sp-3651]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf
[sp-3690]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf
[sp-381]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp381.pdf
[sp-382]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp382.pdf
[sp-405]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp405.pdf
[sp-68]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp68.pdf
[sp-75]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp75.pdf
[sp-76]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp76.pdf
[sp-825]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp825.pdf
[sp-868]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp868.pdf
[sp-869]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp869.pdf
[sp-875]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp875.pdf
[sp-891]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp891.pdf
[sp-893]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp893.pdf
[sp-894]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp894.pdf
[sp-947]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp947.pdf
[sp-978]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp978.pdf
[sp-979]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp979.pdf
[sp-980]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp980.pdf
[sp-989]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp989.pdf
[sp-990]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp990.pdf
[sp-997]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp997.pdf