Module Name
Microsoft Kernel Mode Security Support Provider Interface (ksecdd.sys)
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode
Embodiment
Multi-chip standalone
Description
KSECDD.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Vista kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet).
Tested Configuration(s)
- Microsoft Windows Vista Ultimate Edition (x64 version) (single-user mode)
- Microsoft Windows Vista Ultimate Edition (x86 Version)
Approved Algorithms
AES |
Cert. #553 |
ECDSA |
Cert. #60 |
HMAC |
Cert. #298 |
RNG |
Cert. #321 |
RSA |
Certs. #257 and #258 |
SHS |
Cert. #618 |
Triple-DES |
Cert. #549 |
Other Algorithms
DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5
Software Versions
6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067