Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2937

Details

Module Name
Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016
Standard
FIPS 140-2
Status
Active
Sunset Date
1/25/2022
Validation Dates
1/26/2017
Overall Level
1
Caveat
When operated in FIPS mode with the modules Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 under Cert. #2935 operating in FIPS mode and Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2936 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 2
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography.
Tested Configuration(s)
  • Windows 10 Anniversary Update (x64) running on a Dell XPS 8700 with PAA
  • Windows 10 Anniversary Update (x64) running on a Microsoft Surface 3 with PAA
  • Windows 10 Anniversary Update (x86) running on a Dell Inspiron 660s without PAA
  • Windows 10 Enterprise Anniversary Update (x64) running on a Dell Precision Tower 5810MT with PAA
  • Windows 10 Enterprise Anniversary Update (x64) running on a HP Compaq Pro 6305 with PAA
  • Windows 10 Enterprise Anniversary Update (x64) running on a Microsoft Surface Book with PAA
  • Windows 10 Enterprise Anniversary Update (x64) running on a Microsoft Surface Pro 3 with PAA
  • Windows 10 Enterprise Anniversary Update (x64) running on a Microsoft Surface Pro 4 with PAA
  • Windows 10 Enterprise Anniversary Update (x86) running on a Dell Inspiron 660s without PAA
  • Windows 10 Enterprise LTSB Anniversary Update (x64) running on a Dell Precision Tower 5810MT with PAA
  • Windows 10 Enterprise LTSB Anniversary Update (x64) running on a Dell XPS 8700 with PAA
  • Windows 10 Enterprise LTSB Anniversary Update (x86) running on a Dell Inspiron 660s without PAA
  • Windows 10 Mobile Anniversary Update (ARMv7) running on a Microsoft Lumia 950 (single-user mode)
  • Windows 10 Pro Anniversary Update (x64) running on a Dell Precision Tower 5810MT with PAA
  • Windows 10 Pro Anniversary Update (x64) running on a Microsoft Surface Book with PAA
  • Windows 10 Pro Anniversary Update (x64) running on a Microsoft Surface Pro 3 with PAA
  • Windows 10 Pro Anniversary Update (x64) running on a Microsoft Surface Pro 4 with PAA
  • Windows 10 Pro Anniversary Update (x86) running on a Dell Inspiron 660s without PAA
  • Windows Server 2016 Datacenter Edition (x64) running on a Dell PowerEdge R630 Server with PAA
  • Windows Server 2016 Standard Edition (x64) running on a Dell PowerEdge R630 Server with PAA
  • Windows Server 2016 Standard Edition (x64) running on a HP Compaq Pro 6305 with PAA
  • Windows Storage Server 2016 (x64) running on a Dell PowerEdge R630 Server with PAA
FIPS Algorithms
AES Cert. #4064
CVL Certs. #886 and #887
DRBG Cert. #1217
DSA Cert. #1098
ECDSA Cert. #911
HMAC Cert. #2651
KAS Cert. #92
KBKDF Cert. #101
KTS AES Cert. #4062; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #2192, #2193 and #2195
SHS Cert. #3347
Triple-DES Cert. #2227
Other Algorithms
HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)
Software Versions
10.0.14393

Vendor

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
FIPS@microsoft.com
Phone: 800-642-7676

Lab

LEIDOS ACCREDITED TESTING & EVALUATION (AT&E)
NVLAP Code: 200427-0