| intCertNum |
1335 |
| strVendorName |
Microsoft Corporation |
| strURL |
http://www.microsoft.com |
| strAddress1 |
One Microsoft Way |
| strAddress2 |
|
| strAddress3 |
|
| strCity |
Redmond |
| strStateProv |
WA |
| strPostalCode |
98052-6399 |
| strCountry |
98052-6399 |
| strContact |
Tim Myers |
| strEmail |
FIPS@microsoft.com |
| strPhone |
800-MICROSOFT |
| strFax |
|
| strContact2 |
|
| strEmail2 |
|
| strFax2 |
|
| strPhone2 |
|
| intCertNum |
1335 |
| strModuleName |
Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys) |
| strPartNumber |
Software Versions: 6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076 |
| memModuleNotes |
When operated in FIPS mode with Windows Server 2008 R2 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1333 operating in FIPS mode |
| str140Version |
140-2 |
| _sp_ |
Security Policy [pdf][html][txt] |
| _cert_ |
Certificate [pdf][txt] |
| strPURL |
|
| strModuleType |
Software |
| strValidationDate |
08/12/2010;06/01/2011;06/21/2011;02/09/2012;01/24/2013 |
| intOverallLevel |
1 |
| memIndividualLevelNotes |
-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 (x64 Version); Microsoft Windows Server 2008 R2 (IA64 version); Microsoft Windows Server 2008 R2 SP1 (x64 version); Microsoft Windows Server 2008 R2 SP1 (IA64 version) (single-user mode) |
| strFIPSAlgorithms |
AES (Certs. #1168 and #1187);
AES GCM (Cert. #1168, vendor-affirmed);
AES GMAC (Cert. #1168, vendor-affirmed);
DRBG (Certs. #23 and #27);
ECDSA (Cert. #142);
HMAC (Cert. #686);
KAS (SP 800-56A, vendor affirmed, key agreement: key establishment methodology provides between 80 and 256 bits of encryption strength);
RNG (Cert. #649);
RSA (Certs. #559 and #567);
SHS (Cert. #1081);
Triple-DES (Cert. #846) |
| strOtherAlgorithms |
AES (Cert. #1168, key wrapping;
key establishment methodology provides between 128 and 256 bits of encryption strength);
DES;
Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
MD2;
MD4;
MD5;
HMAC MD5;
RC2;
RC4 |
| strConfiguration |
Multi-chip standalone |
| memModuleDescription |
CNG.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Server 2008 R2 kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet). |
| intModuleCount |
1 |
| memAdditionalNotes |
06/01/11: Added SW 6.1.7601.17514 and OE Microsoft Windows Server 2008 R2 SP1 (x64 version), updated contact information and Security Policy.
06/21/11: Added Microsoft Windows Server 2008 R2 SP1 (IA64 version), updated Security Policy.
02/09/12: Added SW 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17725 and 6.1.7601.21861. Updated security policy.
01/24/13: added SW 6.1.7601.17919, 6.1.7601.22076 and updated security policy. |
| strFirstValidtionDate |
08/12/10 00:00:00 |
| strLabName |
Leidos |
| strValidationYear |
2010 |