Certificate 1893 - Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows Storage Server 2012 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)
intCertNum 1893
strVendorName Microsoft Corporation
strURL http://www.microsoft.com
strAddress1 One Microsoft Way
strAddress2
strAddress3
strCity Redmond
strStateProv WA
strPostalCode 98052-6399
strCountry 98052-6399
strContact Tim Myers
strEmail FIPS@microsoft.com
strPhone 800-MICROSOFT
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 1893
strModuleName Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows
Storage Server 2012 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)
strPartNumber Software Version: 6.2.9200
memModuleNotes When operated in FIPS mode with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Boot Manager validated to FIPS 140-2 under Cert. #1895 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 BitLocker Windows OS Loader (WINLOAD) validated to FIPS 140-2 under Cert. #1896 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Code Integrity (CI.DLL) validated to FIPS 140-2 under Cert. #1897 operating in FIPS mode, Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Kernel Mode Cryptographic Primitives Library (CNG.SYS) validated to FIPS 140-2 under Cert. #1891 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) validated to FIPS 140-2 under Cert. #1892 operating in FIPS mode.
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Software
strValidationDate 09/13/2013;01/09/2015
intOverallLevel 1
memIndividualLevelNotes -Design Assurance: Level 2;;;-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 8 Enterprise (x86) running on a Dell Dimension C521; Microsoft Windows 8 Enterprise (x64) running on a Dell PowerEdge SC430 without PAA; Microsoft Windows 8 Enterprise (x64) running on Intel Core i7 with PAA running on an Intel Client Desktop; Microsoft Windows Server 2012 (x64) running on a Dell PowerEdge SC430 without PAA; Microsoft Windows Server 2012 (x64) running on Intel Core i7 with PAA running on an Intel Client Desktop; Microsoft Windows RT (ARMv7 Thumb-2) running on an NVIDIA Tegra 3 Tablet; Microsoft Windows RT (ARMv7 Thumb-2) running on a Qualcomm Tablet; Microsoft Windows RT (ARMv7 Thumb-2) running on a Microsoft Surface Windows RT; Microsoft Windows 8 Pro (x64) running on an Intel x64 Processor with PAA running on a Microsoft Surface Windows 8 Pro; Microsoft Windows Phone 8 (ARMv7 Thumb-2) running on a Windows Phone 8; Microsoft Windows Storage Server 2012 (x64) running on an Intel Maho Bay with PAA; Microsoft Windows Storage Server 2012 (x64) running on an Intel Maho Bay without PAA (single-user mode)
strFIPSAlgorithms DSA (Cert. #686);
SHS (Cert. #1902);
Triple-DES (Cert. #1386);
Triple-DES MAC (Triple-DES Cert. #1386, vendor affirmed)
strOtherAlgorithms DES;
DES MAC;
DES40;
DES40 MAC;
Diffie-Hellman;
MD5;
RC2;
RC2 MAC;
RC4;
Triple-DES (Cert. #1386, key wrapping;
key establishment methodology provides 112 bits of encryption strength;
non-compliant less than 112 bits of encryption strength)
strConfiguration Multi-chip standalone
memModuleDescription The Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL) encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 validated cryptography.
This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter.
intModuleCount 1
memAdditionalNotes 01/09/15: Updated module name, added OE Microsoft Windows Storage Server 2012 (x64) running on an Intel Maho Bay with AES-NI; Microsoft Windows Storage Server 2012 (x64) running on an Intel Maho Bay without AES-NI and updated the security policy.
strFirstValidtionDate 09/13/13 00:00:00
strLabName Leidos
strValidationYear 2013