Certificate 2605 - Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub
intCertNum 2605
strVendorName Microsoft Corporation
strURL http://www.microsoft.com
strAddress1 One Microsoft Way
strAddress2
strAddress3
strCity Redmond
strStateProv WA
strPostalCode 98052-6399
strCountry 98052-6399
strContact Tim Myers
strEmail FIPS@microsoft.com
strPhone 800-642-7676
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 2605
strModuleName Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub
strPartNumber Software Versions: 10.0.10240 [1] and 10.0.10586 [2]
memModuleNotes When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2601 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2602 operating in FIPS mode or BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2701 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise validated to FIPS 140-2 under Cert. #2702 operating in FIPS mode
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Software
strValidationDate 06/02/2016;08/26/2016
intOverallLevel 1
memIndividualLevelNotes -Physical Security: N/A;-Design Assurance: Level 2;-Operational Environment: Windows 10 Enterprise (x64) running on a Microsoft Surface Pro with PAA [1][2]; Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 2 with PAA [1][2]; Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 3 with PAA [1][2]; Windows 10 Pro (x64) running on a Microsoft Surface Pro with PAA [1][2]; Windows 10 Pro (x64) running on a Microsoft Surface Pro 2 with PAA [1][2]; Windows 10 Pro (x64) running on a Microsoft Surface Pro 3 with PAA [1][2]; Windows 10 Enterprise (x64) running on a Microsoft Surface 3 with PAA [1][2]; Windows 10 Enterprise (x86) running on a Dell Inspiron 660s without PAA [1][2]; Windows 10 Pro (x86) running on a Dell Inspiron 660s without PAA [1][2]; Windows 10 (x86) running on a Dell Inspiron 660s without PAA [1][2]; Windows 10 Enterprise (x64) running on a HP Compaq Pro 6305 with PAA [1][2]; Windows 10 Pro (x64) running on a HP Compaq Pro 6305 with PAA [1][2]; Windows 10 (x64) running on a HP Compaq Pro 6305 with PAA [1][2]; Windows 10 (x64) running on a Dell XPS 8700 with PAA [1][2]; Windows 10 Enterprise LTSB (x86) running on a Dell Inspiron without PAA [1]; Windows 10 Enterprise LTSB (x64) running on a HP Compaq Pro 6305 with PAA [1]; Windows 10 Enterprise LTSB (x64) running on a Dell XPS 8700 with PAA [1]; Windows 10 Mobile (ARMv7) running on a Microsoft Lumia 950 [2]; Windows 10 Mobile (ARMv7) running on a Microsoft Lumia 635 [2]; Windows 10 Enterprise (x64) running on a Microsoft Surface Book with PAA [2]; Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 4 with PAA [2]; Windows 10 Pro (x64) running on a Microsoft Surface Book with PAA [2]; Windows 10 Pro (x64) running on a Microsoft Surface Pro 4 with PAA [2]; Windows 10 for Surface Hub (x64) running on a Microsoft Surface Hub 84"" with PAA [2]; Windows 10 for Surface Hub (x64) running on a Microsoft Surface Hub 55"" with PAA [2] (single-user mode)
strFIPSAlgorithms AES (Certs. #3497 and #3629);
CVL (Certs. #576 and #663);
DRBG (Certs. #868 and #955);
DSA (Certs. #983 and #1024);
ECDSA (Certs. #706 and #760);
HMAC (Certs. #2233 and #2381);
KAS (Certs. #64 and #72;
key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength);
KBKDF (Certs. #66 and #72);
KTS (AES Certs. #3507 and #3653;
key wrapping;
key establishment methodology provides between 128 and 256 bits of encryption strength);
PBKDF (vendor affirmed);
RSA (Certs. #1783, #1798, #1802, #1887, #1888 and #1889);
SHS (Certs. #2886 and #3047);
Triple-DES (Certs. #1969 and #2024)
strOtherAlgorithms DES;
HMAC-MD5;
Legacy CAPI KDF;
MD2;
MD4;
MD5;
NDRNG;
RC2;
RC4;
RSA (encrypt/decrypt)
strConfiguration Multi-Chip Stand Alone
memModuleDescription Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet).
intModuleCount 1
memAdditionalNotes
strFirstValidtionDate 06/02/16 00:00:00
strLabName Leidos
strValidationYear 2016