Edit

Share via

FIPS 140 validated modules in previous Windows versions

  • Article

The following tables list the completed FIPS 140 validations of cryptographic modules used in versions of Windows prior to Windows 10, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see Use Windows in a FIPS approved mode of operation. For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.

Windows 8.1

Validated Editions: RT, Pro, Enterprise, Phone, Embedded

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
BitLocker Dump Filter (dumpfve.sys) 6.3.9600 6.3.9600.17031 #2354
BitLocker Windows OS Loader (winload) 6.3.9600 6.3.9600.17031 #2352
BitLocker Windows Resume (winresume)
Applies only to Pro, Enterprise, and Embedded 8.		 6.3.9600 6.3.9600.17031 #2353
Boot Manager 6.3.9600 6.3.9600.17031 #2351
Code Integrity (ci.dll) 6.3.9600 6.3.9600.17031 #2355
Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) 6.3.9600 6.3.9600.17031 #2357
Kernel Mode Cryptographic Primitives Library (cng.sys) 6.3.9600 6.3.9600.17042 #2356

Windows 8

Validated Editions: RT, Home, Pro, Enterprise, Phone

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
BitLocker Dump Filter (DUMPFVE.SYS) 6.2.9200 #1899
BitLocker Windows OS Loader (WINLOAD) 6.2.9200 #1896
BitLocker Windows Resume (WINRESUME)
Applies only to Home and Pro		 6.2.9200 #1898
Boot Manager 6.2.9200 #1895
Code Integrity (CI.DLL) 6.2.9200 #1897
Enhanced Cryptographic Provider (RSAENH.DLL) 6.2.9200 #1894
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL) 6.2.9200 #1893
Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) 6.2.9200 #1892
Kernel Mode Cryptographic Primitives Library (cng.sys) 6.2.9200 #1891

Windows 7

Validated Editions: Windows 7, Windows 7 SP1

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
BitLocker Drive Encryption 6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655, and 6.1.7601.21675 1332
Boot Manager 6.1.7600.16385 and 6.1.7601.17514 1319
Code Integrity (CI.DLL) 6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950, and 6.1.7601.22108 1327
Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) 6.1.7600.16385 and 6.1.7601.17514 1329
Enhanced Cryptographic Provider (RSAENH.DLL) 6.1.7600.16385 (no change in SP1) 1330
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL) 6.1.7600.16385 (no change in SP1) 1331
Kernel Mode Cryptographic Primitives Library (cng.sys) 6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17725, 6.1.7601.17919, 6.1.7601.21861, 6.1.7601.22076 1328
Winload OS Loader (winload.exe) 6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655, and 6.1.7601.21675 1326

Windows Vista SP1

Validated Edition: Ultimate Edition

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Boot Manager (bootmgr) 6.0.6001.18000 and 6.0.6002.18005 978
Cryptographic Primitives Library (bcrypt.dll) 6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872 1001
Code Integrity (ci.dll) 6.0.6001.18000, 6.0.6001.18023, 6.0.6001.22120, and 6.0.6002.18005 980
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) 6.0.6001.18000 and 6.0.6002.18005 1003
Enhanced Cryptographic Provider (RSAENH) 6.0.6001.22202 and 6.0.6002.18005 1002
Kernel Mode Security Support Provider Interface (ksecdd.sys) 6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869 1000
Winload OS Loader (winload.exe) 6.0.6001.18000, 6.0.6001.18027, 6.0.6001.18606, 6.0.6001.22125, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411 and 6.0.6002.22596 979

Windows Vista

Validated Edition: Ultimate Edition

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
BitLocker Drive Encryption 6.0.6000.16386 947
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) 6.0.6000.16386 894
Enhanced Cryptographic Provider (RSAENH) 6.0.6000.16386 893
Kernel Mode Security Support Provider Interface (ksecdd.sys) 6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067 891

Windows XP SP3

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) 5.1.2600.5507 990
Enhanced Cryptographic Provider (RSAENH) 5.1.2600.5507 989
Kernel Mode Cryptographic Module (FIPS.SYS) 5.1.2600.5512 997

Windows XP SP2

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
DSS/Diffie-Hellman Enhanced Cryptographic Provider 5.1.2600.2133 240
Microsoft Enhanced Cryptographic Provider 5.1.2600.2161 238

Windows XP SP1

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Microsoft Enhanced Cryptographic Provider 5.1.2600.1029 238

Windows XP

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Kernel Mode Cryptographic Module 5.1.2600.0 241

Windows 2000 SP3

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider Base DSS: 5.0.2195.3665 (SP3), Base: 5.0.2195.3839 (SP3), DSS/DH Enh: 5.0.2195.3665 (SP3), Enh: 5.0.2195.3839 (SP3) 103
Kernel Mode Cryptographic Module (FIPS.SYS) 5.0.2195.1569 106

Windows 2000 SP2

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider Base DSS 5.0.2195.2228 (SP2), Base 5.0.2195.2228 (SP2), DSS/DH Enh 5.0.2195.2228 (SP2), Enh 5.0.2195.2228 (SP2) 103
Kernel Mode Cryptographic Module (FIPS.SYS) 5.0.2195.1569 106

Windows 2000 SP1

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider Base DSS 5.0.2150.1391 (SP1), Base 5.0.2150.1391 (SP1), DSS/DH Enh: 5.0.2150.1391 (SP1), Enh 5.0.2150.1391 (SP1) 103

Windows 2000

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider 5.0.2150.1 76

Windows 95 and Windows 98

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider 5.0.1877.6 and 5.0.1877.7 75

Windows NT 4.0

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Base Cryptographic Provider 5.0.1877.6 and 5.0.1877.7 68