Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #1008

Details

Module Name
Microsoft Windows Server 2008 Cryptographic Primitives Library (bcrypt.dll)
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
8/15/2008
7/24/2009
9/6/2012
Overall Level
1
Caveat
When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1006 operating in FIPS mode
Module Type
Software
Embodiment
Multi-chip standalone
Description
BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Vista components and applications running on Windows Vista. The cryptographic module, BCRYPT.DLL, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography.
Tested Configuration(s)
  • Microsoft Windows Server 2008 (IA64 version) (single-user mode)
  • Microsoft Windows Server 2008 (x64 version)
  • Microsoft Windows Server 2008 (x86 Version)
FIPS Algorithms
AES Certs. #739 and #757
DSA Cert. #284
ECDSA Cert. #83
HMAC Cert. #413
RNG Cert. #435 and SP800-90, vendor affirmed
RSA Certs. #353 and #358
SHS Cert. #753
Triple-DES Cert. #656
Other Algorithms
AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)
Software Versions
6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872

Vendor

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Dave Friant
dave.friant@microsoft.com
Phone: 425-704-7984
Fax: 425-936-7329

Lab

SAIC
NVLAP Code: 200427-0