Module Name
Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows
Storage Server 2012 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)
Historical Reason
Moved to historical list due to dependency on certificate #1892
Caveat
When operated in FIPS mode with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Boot Manager validated to FIPS 140-2 under Cert. #1895 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 BitLocker® Windows OS Loader (WINLOAD) validated to FIPS 140-2 under Cert. #1896 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Code Integrity (CI.DLL) validated to FIPS 140-2 under Cert. #1897 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Kernel Mode Cryptographic Primitives Library (CNG.SYS) validated to FIPS 140-2 under Cert. #1891 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) validated to FIPS 140-2 under Cert. #1892 operating in FIPS mode.
Security Level Exceptions
- Design Assurance: Level 2
Embodiment
Multi-chip standalone
Description
The Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL) encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 validated cryptography.
This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter.
Tested Configuration(s)
- Microsoft Windows 8 Enterprise (x64) running on a Dell PowerEdge SC430 without PAA
- Microsoft Windows 8 Enterprise (x64) running on Intel Core i7 with PAA running on an Intel Client Desktop
- Microsoft Windows 8 Enterprise (x86) running on a Dell Dimension C521
- Microsoft Windows 8 Pro (x64) running on an Intel x64 Processor with PAA running on a Microsoft Surface Windows 8 Pro
- Microsoft Windows Phone 8 (ARMv7 Thumb-2) running on a Windows Phone 8
- Microsoft Windows RT (ARMv7 Thumb-2) running on a Microsoft Surface Windows RT
- Microsoft Windows RT (ARMv7 Thumb-2) running on a Qualcomm Tablet
- Microsoft Windows RT (ARMv7 Thumb-2) running on an NVIDIA Tegra 3 Tablet
- Microsoft Windows Server 2012 (x64) running on a Dell PowerEdge SC430 without PAA
- Microsoft Windows Server 2012 (x64) running on Intel Core i7 with PAA running on an Intel Client Desktop
- Microsoft Windows Storage Server 2012 (x64) running on an Intel Maho Bay with PAA
- Microsoft Windows Storage Server 2012 (x64) running on an Intel Maho Bay without PAA (single-user mode)
Approved Algorithms
DSA |
Cert. #686 |
SHS |
Cert. #1902 |
Triple-DES |
Cert. #1386 |
Triple-DES MAC |
Triple-DES Cert. #1386, vendor affirmed |
Other Algorithms
DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. #1386, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Software Versions
6.2.9200