Certificate 1335 - Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys)
intCertNum 1335
strVendorName Microsoft Corporation
strURL http://www.microsoft.com
strAddress1 One Microsoft Way
strAddress2
strAddress3
strCity Redmond
strStateProv WA
strPostalCode 98052-6399
strCountry 98052-6399
strContact Tim Myers
strEmail FIPS@microsoft.com
strPhone 800-MICROSOFT
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 1335
strModuleName Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys)
strPartNumber Software Versions: 6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076
memModuleNotes When operated in FIPS mode with Windows Server 2008 R2 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1333 operating in FIPS mode
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf][txt]
strPURL
strModuleType Software
strValidationDate 08/12/2010;06/01/2011;06/21/2011;02/09/2012;01/24/2013
intOverallLevel 1
memIndividualLevelNotes -Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 (x64 Version); Microsoft Windows Server 2008 R2 (IA64 version); Microsoft Windows Server 2008 R2 SP1 (x64 version); Microsoft Windows Server 2008 R2 SP1 (IA64 version) (single-user mode)
strFIPSAlgorithms AES (Certs. #1168 and #1187);
AES GCM (Cert. #1168, vendor-affirmed);
AES GMAC (Cert. #1168, vendor-affirmed);
DRBG (Certs. #23 and #27);
ECDSA (Cert. #142);
HMAC (Cert. #686);
KAS (SP 800-56A, vendor affirmed, key agreement: key establishment methodology provides between 80 and 256 bits of encryption strength);
RNG (Cert. #649);
RSA (Certs. #559 and #567);
SHS (Cert. #1081);
Triple-DES (Cert. #846)
strOtherAlgorithms AES (Cert. #1168, key wrapping;
key establishment methodology provides between 128 and 256 bits of encryption strength);
DES;
Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
MD2;
MD4;
MD5;
HMAC MD5;
RC2;
RC4
strConfiguration Multi-chip standalone
memModuleDescription CNG.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Server 2008 R2 kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet).
intModuleCount 1
memAdditionalNotes 06/01/11: Added SW 6.1.7601.17514 and OE Microsoft Windows Server 2008 R2 SP1 (x64 version), updated contact information and Security Policy.
06/21/11: Added Microsoft Windows Server 2008 R2 SP1 (IA64 version), updated Security Policy.
02/09/12: Added SW 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17725 and 6.1.7601.21861. Updated security policy.
01/24/13: added SW 6.1.7601.17919, 6.1.7601.22076 and updated security policy.
strFirstValidtionDate 08/12/10 00:00:00
strLabName Leidos
strValidationYear 2010