Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

Description
The Microsoft Windows Next Generation Cryptographic algorithm implementation provides enhanced support for AES, DRBG, DSA, ECDSA, RSA, HMAC, KAS, KDF, SHS (SHA), and Triple-DES. All implementations are packaged into a library used by Microsoft and other third-party applications.
Version
10.0.17134
Type
SOFTWARE
Vendor
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA
Contacts
Mike Grimm
FIPS@microsoft.com
800-Microsoft

Validations

Number
Date
Operating Environments
Algorithm Capabilities
Component 2110
10/5/2018
  • Windows 10 Education April 2018 Update (x64) on Intel Core i5 with AES-NI and without SHA Extensions on Microsoft Surface Laptop
  • Windows 10 Enterprise April 2018 Update (x64) on Intel Core i5 with AES-NI and without SHA Extensions on Microsoft Surface Laptop
  • Windows 10 Enterprise April 2018 Update (x64) on Intel Core i7 with AES-NI and without SHA Extensions on Microsoft Surface Book 2
  • Windows 10 Enterprise April 2018 Update (x64) on Intel Core i7 with AES-NI and without SHA Extensions on Microsoft Surface Studio
  • Windows 10 Enterprise April 2018 Update (x64) on Intel Core m3 with AES-NI and without SHA Extensionson Microsoft Surface Pro LTE
  • Windows 10 Enterprise April 2018 Update (x64) w/ Intel Core i7 with AES-NI and without SHA Extensions on HP Pro x2 612 G2 Detachable PC with LTE
  • Windows 10 Home April 2018 Update (x86) on Intel Core i3 without AES-NI and SHA Extensions on Dell Inspiron 660s
  • Windows 10 Pro April 2018 Update (x64) on Intel Core i5 with AES-NI and without SHA Extensions on Dell Latitude 5290
  • Windows 10 Pro April 2018 Update (x64) on Intel Core i5 with AES-NI and without SHA Extensions on Microsoft Surface Laptop
  • Windows 10 Pro April 2018 Update (x64) on Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Book 2
  • Windows 10 Pro April 2018 Update (x64) on Intel Core m3 with AES-NI and without SHA Extensions on Microsoft Surface Pro LTE
  • Windows 10 Pro April 2018 Update (x64) on Intel Core m5 with AES-NI and without SHA Extensions on Dell Latitude 12 Rugged Tablet
  • Windows 10 Pro April 2018 Update (x64) on Intel Pentium with AES-NI and SHA Extensions on HP Slimline Desktop
  • Windows 10 Pro April 2018 Update (x64) on Intel Pentium with AES-NI and without SHA Extensions on Microsoft Surface Go
  • Windows Server Core on Hyper-V on Windows Server 2016 (x64) on Intel Xeon with AES-NI and without SHA Extensions on Dell PowerEdge R740 Server
  • Windows Server Datacenter Core (x64) on Intel Xeon with AES-NI and without SHA Extensions on Dell PowerEdge R740 Server
  • Windows Server Datacenter Core on Hyper-V on Windows Server (x64) on Intel Xeon with AES-NI and without SHA Extensions on Dell Precision Tower 5810MT
  • Windows Server Standard Core (x64) on Intel Xeon with AES-NI and without SHA Extensions on Dell PowerEdge R740 Server
  • Windows Server Standard Core on Hyper-V on Windows Server (x64) on Intel Xeon with AES-NI and without SHA Extensions on Dell Precision Tower 5810MT
  • KDF IKEv1
      • Capabilities:
        • Authentication Method: Digital Signature
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Digital Signature
        • Diffie-Hellman Shared Secret Length: 256
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Diffie-Hellman Shared Secret Length: 256
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Diffie-Hellman Shared Secret Length: 256
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Digital Signature
        • Diffie-Hellman Shared Secret Length: 384
        • Hash Algorithm: SHA2-384
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Diffie-Hellman Shared Secret Length: 384
        • Hash Algorithm: SHA2-384
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Diffie-Hellman Shared Secret Length: 384
        • Hash Algorithm: SHA2-384
    Prerequisites:
  • KDF IKEv2
      • Capabilities:
        • Responder Nonce Length: 192-1792
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Responder Nonce Length: 192-1792
        • Diffie-Hellman Shared Secret Length: 256
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Responder Nonce Length: 192-1792
        • Diffie-Hellman Shared Secret Length: 384
        • Hash Algorithm: SHA2-384
    Prerequisites:
  • KDF TLS
    • TLS Version: v1.0/1.1, v1.2
    • Hash Algorithm: SHA2-256, SHA2-384
    Prerequisites:
  • Windows 10 Enterprise April 2018 Update (x64) on Intel Core i7 with AES-NI and without SHA Extensions w/ Microsoft Surface Studio 2
    • processor
      • manufacturer: Intel
    • software
  • Windows 10 Pro April 2018 Update (x64) on Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Laptop 2
    • processor
      • manufacturer: Intel
    • software
  • Windows 10 Pro April 2018 Update (x64) on Intel Core i5 with AES-NI and without SHA Extensions w/ Microsoft Surface Pro 6
    • processor
      • manufacturer: Intel
    • software
  • KDF IKEv1
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 256
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 384
        • Hash Algorithm: SHA2-384
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 256
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Public Key Encryption
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 384
        • Hash Algorithm: SHA2-384
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 256
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 384
        • Hash Algorithm: SHA2-384
    Prerequisites:
  • KDF IKEv2
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Derived Keying Material Length: 192-1792
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 256
        • Derived Keying Material Length: 192-1792
        • Hash Algorithm: SHA2-256
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 384
        • Derived Keying Material Length: 192-1792
        • Hash Algorithm: SHA2-384
    Prerequisites:
  • KDF TLS
    • TLS Version: v1.0/1.1, v1.2
    • Hash Algorithm: SHA2-256, SHA2-384
    Prerequisites: