Certificate 1000 - Microsoft Windows Vista Kernel Mode Security Support Provider Interface (ksecdd.sys)
intCertNum 1000
strVendorName Microsoft Corporation
strURL http://www.microsoft.com
strAddress1 One Microsoft Way
strAddress2
strAddress3
strCity Redmond
strStateProv WA
strPostalCode 98052-6399
strCountry 98052-6399
strContact Tim Myers
strEmail FIPS@microsoft.com
strPhone 800-MICROSOFT
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 1000
strModuleName Microsoft Windows Vista Kernel Mode Security Support Provider Interface (ksecdd.sys)
strPartNumber Software Versions: 6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869
memModuleNotes When operated in FIPS mode with Windows Vista OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #979 operating in FIPS mode
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf][txt]
strPURL
strModuleType Software
strValidationDate 08/15/2008;07/24/2009;10/16/2009;02/09/2012;09/27/2012
intOverallLevel 1
memIndividualLevelNotes -Operational Environment: Tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition SP1 (x86 Version); Microsoft Windows Vista Ultimate Edition SP1 (x64 version) (single-user mode)
strFIPSAlgorithms AES (Certs. #739 and #756);
ECDSA (Cert. #82);
HMAC (Cert. #412);
RNG (Cert. #435 and SP 800-90 AES-CTR, vendor-affirmed);
RSA (Certs. #353 and #357);
SHS (Cert. #753);
Triple-DES (Cert. #656)
strOtherAlgorithms AES (GCM and GMAC;
non-compliant);
DES;
Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (key agreement: key establishment methodology provides between 128 and 256 bits of encryption strength);
MD2;
MD4;
MD5;
HMAC MD5;
RC2;
RC4;
RNG (SP 800-90 Dual-EC;
non-compliant);
RSA (key wrapping;
key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength)
strConfiguration Multi-chip standalone
memModuleDescription KSECDD.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Vista kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet).
intModuleCount 1
memAdditionalNotes 07/24/09: Added v6.0.6002.18005 and updated Security Policy.
10/16/09: Added SW v6.0.6001.18272, 6.0.6001.22450, 6.0.6002.18051 and 6.0.6002.22152 and updated Security Policy.
02/09/12: Added SW 6.0.6001.18709, 6.0.6001.22987, 6.0.6002.18541 and 6.0.6002.22742; changed POC contact information. Updated security policy.
09/27/12: Added SW 6.0.6001.18796, 6.0.6001.23069, 6.0.6002.18643, and 6.0.6002.22869. Updated security policy.
strFirstValidtionDate 08/15/08 00:00:00
strLabName Leidos
strValidationYear 2008