intCertNum |
1335 |
strVendorName |
Microsoft Corporation |
strURL |
http://www.microsoft.com |
strAddress1 |
One Microsoft Way |
strAddress2 |
|
strAddress3 |
|
strCity |
Redmond |
strStateProv |
WA |
strPostalCode |
98052-6399 |
strCountry |
98052-6399 |
strContact |
Tim Myers |
strEmail |
FIPS@microsoft.com |
strPhone |
800-MICROSOFT |
strFax |
|
strContact2 |
|
strEmail2 |
|
strFax2 |
|
strPhone2 |
|
intCertNum |
1335 |
strModuleName |
Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys) |
strPartNumber |
Software Versions: 6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076 |
memModuleNotes |
When operated in FIPS mode with Windows Server 2008 R2 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1333 operating in FIPS mode |
str140Version |
140-2 |
_sp_ |
Security Policy [pdf][html][txt] |
_cert_ |
Certificate [pdf][txt] |
strPURL |
|
strModuleType |
Software |
strValidationDate |
08/12/2010;06/01/2011;06/21/2011;02/09/2012;01/24/2013 |
intOverallLevel |
1 |
memIndividualLevelNotes |
-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 (x64 Version); Microsoft Windows Server 2008 R2 (IA64 version); Microsoft Windows Server 2008 R2 SP1 (x64 version); Microsoft Windows Server 2008 R2 SP1 (IA64 version) (single-user mode) |
strFIPSAlgorithms |
AES (Certs. #1168 and #1187); AES GCM (Cert. #1168, vendor-affirmed); AES GMAC (Cert. #1168, vendor-affirmed); DRBG (Certs. #23 and #27); ECDSA (Cert. #142); HMAC (Cert. #686); KAS (SP 800-56A, vendor affirmed, key agreement: key establishment methodology provides between 80 and 256 bits of encryption strength); RNG (Cert. #649); RSA (Certs. #559 and #567); SHS (Cert. #1081); Triple-DES (Cert. #846) |
strOtherAlgorithms |
AES (Cert. #1168, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4 |
strConfiguration |
Multi-chip standalone |
memModuleDescription |
CNG.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Server 2008 R2 kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet). |
intModuleCount |
1 |
memAdditionalNotes |
06/01/11: Added SW 6.1.7601.17514 and OE Microsoft Windows Server 2008 R2 SP1 (x64 version), updated contact information and Security Policy. 06/21/11: Added Microsoft Windows Server 2008 R2 SP1 (IA64 version), updated Security Policy. 02/09/12: Added SW 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17725 and 6.1.7601.21861. Updated security policy. 01/24/13: added SW 6.1.7601.17919, 6.1.7601.22076 and updated security policy. |
strFirstValidtionDate |
08/12/10 00:00:00 |
strLabName |
Leidos |
strValidationYear |
2010 |