Certificate 1007 - Microsoft Windows Server 2008 Kernel Mode Security Support Provider Interface (ksecdd.sys)
intCertNum 1007
strVendorName Microsoft Corporation
strURL http://www.microsoft.com
strAddress1 One Microsoft Way
strAddress2
strAddress3
strCity Redmond
strStateProv WA
strPostalCode 98052-6399
strCountry 98052-6399
strContact Tim Myers
strEmail FIPS@microsoft.com
strPhone 800-MICROSOFT
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 1007
strModuleName Microsoft Windows Server 2008 Kernel Mode Security Support Provider Interface (ksecdd.sys)
strPartNumber Software Versions: 6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869
memModuleNotes When operated in FIPS mode with Windows Server 2008 OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1005 operating in FIPS mode
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf][txt]
strPURL
strModuleType Software
strValidationDate 08/15/2008;02/23/2009;07/30/2009;10/16/2009;02/09/2012;09/27/2012
intOverallLevel 1
memIndividualLevelNotes -Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 (x86 Version); Microsoft Windows Server 2008 (x64 version); Microsoft Windows Server 2008 (IA64 version) (single-user mode)
strFIPSAlgorithms AES (Certs. #739 and #757);
ECDSA (Cert. #83);
HMAC (Cert. #413);
RNG (Cert. #435 and SP800-90 AES-CTR, vendor affirmed);
RSA (Certs. #353 and #358);
SHS (Cert. #753);
Triple-DES (Cert. #656)
strOtherAlgorithms AES (GCM and GMAC;
non-compliant);
DES;
Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (key agreement: key establishment methodology provides between 128 and 256 bits of encryption strength);
MD2;
MD4;
MD5;
HMAC MD5;
RC2;
RC4;
RNG (SP 800-90 Dual-EC;
non-compliant);
RSA (key wrapping: key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength)
strConfiguration Multi-chip standalone
memModuleDescription KSECDD.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Vista kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet).
intModuleCount 1
memAdditionalNotes 02/23/09: Updated Security Policy.
07/30/09: Added v6.0.6002.18005 and updated Security Policy.
10/16/09: Added SW v6.0.6001.18272, 6.0.6001.22450, 6.0.6002.18051 and 6.0.6002.22152 and updated Security Policy.
02/09/12: Added SW 6.0.6001.18709, 6.0.6001.22987, 6.0.6002.18541 and 6.0.6002.22742; changed POC contact information. Updated security policy.
09/27/12: Added SW 6.0.6001.18796, 6.0.6001.23069, 6.0.6002.18643, and 6.0.6002.22869. Updated security policy.
strFirstValidtionDate 08/15/08 00:00:00
strLabName Leidos
strValidationYear 2008