Cryptographic Module Validation Program CMVP

Certificate #2607

Details

Module Name
Secure Kernel Code Integrity (skci.dll) in Microsoft Windows 10 Enterprise, Windows 10 Enterprise LTSB
Standard
FIPS 140-2
Status
Active
Sunset Date
8/25/2021
Validation Dates
06/02/2016;08/26/2016;04/30/2019
Overall Level
1
Caveat
When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2604 operating in FIPS mode or Code Integrity (ci.dll) in Microsoft Windows Enterprise LTSB under Cert. #3437 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 2
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed.
Tested Configuration(s)
  • Windows 10 Enterprise (x64) running on a HP Compaq Pro 6305 with PAA [1][3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface 3 with PAA [1][3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Book with PAA [3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 2 with PAA [1][3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 3 with PAA [1][3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 4 with PAA [3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro with PAA [1][3]
  • Windows 10 Enterprise (x86) running on a Dell Inspiron 660s without PAA [1][3]
  • Windows 10 Enterprise LTSB (x64) running on a Dell XPS 8700 with PAA [1][2]
  • Windows 10 Enterprise LTSB (x64) running on a HP Compaq Pro 6305 with PAA [1][2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface 3 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 2 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 3 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro with PAA [2] (single-user mode)
  • Windows 10 Enterprise LTSB (x86) running on a Dell Inspiron 660s without PAA [1][2]
FIPS Algorithms
RSA Certs. #1784, #1871 and #2829
SHS Certs. #2871, #3048 and #4249
Other Algorithms
N/A
Software Versions
10.0.10240 [1], 10.0.10240.17643 [2], 10.0.10586 [3]

Vendor

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Mike Grimm
FIPS@microsoft.com
Phone: 800-Microsoft

Lab

Leidos Accredited Testing & Evaluation (AT&E) Labs (formerly SAIC)
NVLAP Code: 200427-0