![]() ![]() FIPS mode does not control which cryptographic algorithms are used. The Cryptographic Primitives Library and the Kernel Mode Cryptographic Primitives Library are the only modules that use the FIPS mode configuration setting. These self-tests meet FIPS 140 requirements and ensure that the modules are functioning properly. ![]() To view or download the Security Policy documents for a given product release, navigate to the listing of FIPS 140 validated modules for the release in the sections above and select the links to the Security Policy documents.Īs part of the configuration rules outlined in the Security Policy documents, Windows and Windows Server may be configured to run in a FIPS 140 approved mode of operation, commonly referred to as "FIPS mode." In current versions of Windows, when you enable the FIPS mode setting, the Cryptographic Primitives Library (bcryptprimitives.dll) and Kernel Mode Cryptographic Primitives Library (CNG.sys) modules will run self-tests before Windows runs cryptographic operations. To use Windows and Windows Server in a FIPS 140 approved mode of operation, all of the specific configuration and security rules outlined in the module Security Policy documents must be followed. Use Windows in a FIPS approved mode of operation When the CMVP certificate validation label includes the note When operated in FIPS mode, specific configuration and security rules outlined in the Security Policy must be followed. Click on the release for details, including the CMVP certificate, Security Policy document, and algorithm scope for each module. The Windows Server releases listed below include cryptographic modules that have completed FIPS 140 validation. Windows Server operating systems and cryptographic modules Windows CE 6.0 and Windows Embedded Compact 7.Windows Embedded Compact 7 and Windows Embedded Compact 8.Windows 10, version 1511 (November Update).Windows 10, version 1607 (Anniversary Update).Windows 10, version 1703 (Creators Update).Windows 10, version 1709 (Fall Creators Update).Windows 10, version 1803 (April 2018 Update).Windows 10, version 1809 (October 2018 Update).Windows 10, version 1903 (May 2019 Update).Windows 10, version 1909 (November 2019 Update). ![]() Windows 10, version 2004 (May 2020 Update).The Windows client releases listed below include cryptographic modules that have completed FIPS 140 validation. Windows client operating systems and cryptographic modules The NIST Information Technology Laboratory operates related programs that Microsoft also participates in: the Cryptographic Algorithm Validation Program (CAVP) certifies FIPS-approved cryptographic algorithms and the Entropy Validation program certifies entropy sources to the NIST SP 800-90B standard. The CMVP validates cryptographic modules against the Security Requirements for Cryptographic Modules (part of FIPS 140) and related FIPS cryptography standards. National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS). Windows cryptographic modules are validated under the Cryptographic Module Validation Program (CMVP), a joint effort between the U.S. Microsoft maintains an active commitment to meeting the requirements of the FIPS 140 standard, having validated cryptographic modules against it since it was first established in 2001. The Windows cryptographic modules are used across different Microsoft products, including Windows client operating systems, Windows Server operating systems, and Azure cloud services. This topic introduces FIPS 140 validation for the Windows cryptographic modules. government standard that defines the minimum-security requirements for cryptographic modules in IT products. The Federal Information Processing Standard (FIPS) Publication 140 is a U.S.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |