Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2606

Details

Module Name
Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub
Standard
FIPS 140-2
Status
Active
Sunset Date
8/25/2021
Validation Dates
6/2/2016
8/26/2016
6/10/2019
Overall Level
1
Caveat
When operated in FIPS mode with the module Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2605 operating in FIPS mode and Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2604 operating in FIPS mode or Code Integrity (ci.dll) in Windows Enterprise LTSB under Cert. #3437 operating in FIPS mode or Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #3469 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 2
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography.
Tested Configuration(s)
  • Windows 10 (x64) running on a Dell XPS 8700 with PAA [1][3][4]
  • Windows 10 (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]
  • Windows 10 (x86) running on a Dell Inspiron 660s without PAA [1][3][4]
  • Windows 10 Enterprise (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface 3 with PAA [1][3][4]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Book with PAA [3][4]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 2 with PAA [1][3][4]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 3 with PAA [1][3][4]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 4 with PAA [3][4]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro with PAA [1][3][4]
  • Windows 10 Enterprise (x86) running on a Dell Inspiron 660s without PAA [1][3][4]
  • Windows 10 Enterprise LTSB (x64) running on a Dell XPS 8700 with PAA [1][2]
  • Windows 10 Enterprise LTSB (x64) running on a HP Compaq Pro 6305 with PAA [1][2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface 3 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 2 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 3 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro with PAA [2] (single-user mode)
  • Windows 10 Enterprise LTSB (x86) running on a Dell Inspiron 660s without PAA [1][2]
  • Windows 10 for Surface Hub (x64) running on a Microsoft Surface Hub 55" with PAA [3][4]
  • Windows 10 for Surface Hub (x64) running on a Microsoft Surface Hub 84" with PAA [3][4]
  • Windows 10 Mobile (ARMv7) running on a Microsoft Lumia 635 [3][4]
  • Windows 10 Mobile (ARMv7) running on a Microsoft Lumia 950 [3][4]
  • Windows 10 Pro (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]
  • Windows 10 Pro (x64) running on a Microsoft Surface Book with PAA [3][4]
  • Windows 10 Pro (x64) running on a Microsoft Surface Pro 2 with PAA [1][3][4]
  • Windows 10 Pro (x64) running on a Microsoft Surface Pro 3 with PAA [1][3][4]
  • Windows 10 Pro (x64) running on a Microsoft Surface Pro 4 with PAA [3][4]
  • Windows 10 Pro (x64) running on a Microsoft Surface Pro with PAA [1][3][4]
  • Windows 10 Pro (x86) running on a Dell Inspiron 660s without PAA [1][3][4]
FIPS Algorithms
AES Certs. #3497, #3629, #5287 and #5291
CVL Certs. #575, #576, #663, #664, #1754, #1755, #1757 and #1758
DRBG Certs. #868, #955, #2033 and #2035
DSA Certs. #983, #1024, #1369 and #1370
ECDSA Certs. #706, #760, #1381 and #1383
HMAC Certs. #2233, #2381, #3494 and #3496
KAS Certs. #64, #72, #169 and #170
KBKDF Certs. #66, #72, #183 and #184
KTS AES Certs. #3507, #3653, #5290 and #5294; key establishment methodology provides between 128 and 256 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #1783, #1784, #1798, #1802, #1871, #1887, #1888, #1889, #2821, #2825, #2827, #2828, #2829, #2830, #2831 and #2835
SHS Certs. #2871, #2886, #3047, #3048, #4240, #4246, #4248 and #4249
Triple-DES Certs. #1969, #2024, #2672 and #2674
Other Algorithms
HMAC-MD5; MD5; NDRNG
Software Versions
10.0.10240 [1], 10.0.10240.17643 [2], 10.0.10586 [3], 10.0.10586.1176 [4]

Vendor

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Mike Grimm
FIPS@microsoft.com
Phone: 800-Microsoft

Lab

Leidos Accredited Testing & Evaluation (AT&E) Labs (formerly SAIC)
NVLAP Code: 200427-0