- 1 -
The Microsoft Corporation's Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) is a FIPS
140-2 Level 1 compliant, software-based, cryptographic service provider. Like other cryptographic providers
that ship with Microsoft Windows Server 2008 R2, RSAENH encapsulates several different cryptographic
algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Software
developers can dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2
compliant cryptographic support.
Windows Server 2008 R2 does not ship the previously FIPS-140-1 validated Microsoft Base Cryptographic
Provider (RSABASE) anymore. There is no loss of functionality as the RSABASE functionality has always
been a subset of the RSAENH functionality.
Cryptographic Boundary
The Microsoft Enhanced Cryptographic Provider (RSAENH) consists of a single dynamically-linked library
(DLL) named RSAENH.DLL (Software version
6.1.7600.16385) tested on an x86 and x64 processors, which
comprises the module's logical boundary. The cryptographic boundary for RSAENH is defined as the enclosure
of the computer system on which the cryptographic module is to be executed. The physical configuration of the
module, as defined in FIPS PUB 140-2, is Multi-Chip Standalone. It should be noted that the Data Protection
API of Microsoft Windows Server 2008 R2 is not part of the module and should be considered to be outside the
boundary.
Introduction