U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #2607

Details

Module Name
Secure Kernel Code Integrity (skci.dll) in Microsoft Windows 10 Enterprise, Windows 10 Enterprise LTSB
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to dependency on certificate #2604
Overall Level
1
Caveat
When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2604 operating in FIPS mode or Code Integrity (ci.dll) in Microsoft Windows Enterprise LTSB under Cert. #3437 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 2
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed.
Tested Configuration(s)
  • Windows 10 Enterprise (x64) running on a HP Compaq Pro 6305 with PAA [1][3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface 3 with PAA [1][3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Book with PAA [3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 2 with PAA [1][3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 3 with PAA [1][3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 4 with PAA [3]
  • Windows 10 Enterprise (x64) running on a Microsoft Surface Pro with PAA [1][3]
  • Windows 10 Enterprise (x86) running on a Dell Inspiron 660s without PAA [1][3]
  • Windows 10 Enterprise LTSB (x64) running on a Dell XPS 8700 with PAA [1][2]
  • Windows 10 Enterprise LTSB (x64) running on a HP Compaq Pro 6305 with PAA [1][2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface 3 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 2 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 3 with PAA [2]
  • Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro with PAA [2] (single-user mode)
  • Windows 10 Enterprise LTSB (x86) running on a Dell Inspiron 660s without PAA [1][2]
FIPS Algorithms
RSA Certs. #1784, #1871 and #2829
SHS Certs. #2871, #3048 and #4249
Other Algorithms
N/A
Software Versions
10.0.10240 [1], 10.0.10240.17643 [2], 10.0.10586 [3]

Vendor

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Mike Grimm
FIPS@microsoft.com
Phone: 800-Microsoft

Validation History

Date Type Lab
6/2/2016 Initial LEIDOS CSTL
8/26/2016 Update LEIDOS CSTL
4/30/2019 Update LEIDOS CSTL