Upravit

Sdílet prostřednictvím


FIPS 140 validated modules in Windows Server 2016

The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows Server 2016, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see Use Windows in a FIPS approved mode of operation. For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.

Windows Server 2016

Build: 10.0.14393.1770. Validated Editions: Standard, Datacenter, Storage Server.

Cryptographic Module (linked to Security Policy document) CMVP Certificate # Validated Algorithms
BitLocker Windows OS Loader (winload) #3502 FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG
BitLocker Windows Resume (winresume) #3501 FIPS Approved: AES, RSA, and SHS
Boot Manager #3487 FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS
Code Integrity (ci.dll) #3510 FIPS Approved: AES, RSA, and SHS
Secure Kernel Code Integrity (skci.dll) #3513 FIPS Approved: RSA and SHS; Other Allowed: MD5

Build: 10.0.14393. Validated Editions: Standard, Datacenter, Storage Server.

Cryptographic Module (linked to Security Policy document) CMVP Certificate # Validated Algorithms
BitLocker Dump Filter (dumpfve.sys) #2934 FIPS Approved: AES
BitLocker Windows OS Loader (winload) #2932 FIPS Approved: AES, RSA, and SHS; Other: NDRNG
BitLocker Windows Resume (winresume) #2933 FIPS Approved: AES, RSA, and SHS; Other: MD5
Boot Manager #2931 FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS; Other: MD5, Non-Compliant PBKDF, and VMK KDF
Code Integrity (ci.dll) #2935 FIPS Approved: RSA and SHS
Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) #2937 FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other: HMAC-MD5 and MD5.
Kernel Mode Cryptographic Primitives Library (cng.sys) #2936 FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other: HMAC-MD5, MD5, and NDRNG
Secure Kernel Code Integrity (skci.dll) #2938 FIPS Approved: RSA and SHS; Other: MD5