FIPS 140 validated modules in previous Windows versions

Článek
02/01/2024

The following tables list the completed FIPS 140 validations of cryptographic modules used in versions of Windows prior to Windows 10, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see Use Windows in a FIPS approved mode of operation. For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.

Windows 8.1

Validated Editions: RT, Pro, Enterprise, Phone, Embedded

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
BitLocker Dump Filter (dumpfve.sys)	6.3.9600 6.3.9600.17031	#2354
BitLocker Windows OS Loader (winload)	6.3.9600 6.3.9600.17031	#2352
BitLocker Windows Resume (winresume) Applies only to Pro, Enterprise, and Embedded 8.	6.3.9600 6.3.9600.17031	#2353
Boot Manager	6.3.9600 6.3.9600.17031	#2351
Code Integrity (ci.dll)	6.3.9600 6.3.9600.17031	#2355
Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)	6.3.9600 6.3.9600.17031	#2357
Kernel Mode Cryptographic Primitives Library (cng.sys)	6.3.9600 6.3.9600.17042	#2356

Windows 8

Validated Editions: RT, Home, Pro, Enterprise, Phone

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
BitLocker Dump Filter (DUMPFVE.SYS)	6.2.9200	#1899
BitLocker Windows OS Loader (WINLOAD)	6.2.9200	#1896
BitLocker Windows Resume (WINRESUME) Applies only to Home and Pro	6.2.9200	#1898
Boot Manager	6.2.9200	#1895
Code Integrity (CI.DLL)	6.2.9200	#1897
Enhanced Cryptographic Provider (RSAENH.DLL)	6.2.9200	#1894
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)	6.2.9200	#1893
Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)	6.2.9200	#1892
Kernel Mode Cryptographic Primitives Library (cng.sys)	6.2.9200	#1891

Windows 7

Validated Editions: Windows 7, Windows 7 SP1

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
BitLocker Drive Encryption	6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655, and 6.1.7601.21675	1332
Boot Manager	6.1.7600.16385 and 6.1.7601.17514	1319
Code Integrity (CI.DLL)	6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950, and 6.1.7601.22108	1327
Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)	6.1.7600.16385 and 6.1.7601.17514	1329
Enhanced Cryptographic Provider (RSAENH.DLL)	6.1.7600.16385 (no change in SP1)	1330
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)	6.1.7600.16385 (no change in SP1)	1331
Kernel Mode Cryptographic Primitives Library (cng.sys)	6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17725, 6.1.7601.17919, 6.1.7601.21861, 6.1.7601.22076	1328
Winload OS Loader (winload.exe)	6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655, and 6.1.7601.21675	1326

Windows Vista SP1

Validated Edition: Ultimate Edition

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Boot Manager (bootmgr)	6.0.6001.18000 and 6.0.6002.18005	978
Cryptographic Primitives Library (bcrypt.dll)	6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872	1001
Code Integrity (ci.dll)	6.0.6001.18000, 6.0.6001.18023, 6.0.6001.22120, and 6.0.6002.18005	980
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)	6.0.6001.18000 and 6.0.6002.18005	1003
Enhanced Cryptographic Provider (RSAENH)	6.0.6001.22202 and 6.0.6002.18005	1002
Kernel Mode Security Support Provider Interface (ksecdd.sys)	6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869	1000
Winload OS Loader (winload.exe)	6.0.6001.18000, 6.0.6001.18027, 6.0.6001.18606, 6.0.6001.22125, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411 and 6.0.6002.22596	979

Windows Vista

Validated Edition: Ultimate Edition

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
BitLocker Drive Encryption	6.0.6000.16386	947
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)	6.0.6000.16386	894
Enhanced Cryptographic Provider (RSAENH)	6.0.6000.16386	893
Kernel Mode Security Support Provider Interface (ksecdd.sys)	6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067	891

Windows XP SP3

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)	5.1.2600.5507	990
Enhanced Cryptographic Provider (RSAENH)	5.1.2600.5507	989
Kernel Mode Cryptographic Module (FIPS.SYS)	5.1.2600.5512	997

Windows XP SP2

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
DSS/Diffie-Hellman Enhanced Cryptographic Provider	5.1.2600.2133	240
Microsoft Enhanced Cryptographic Provider	5.1.2600.2161	238

Windows XP SP1

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Microsoft Enhanced Cryptographic Provider	5.1.2600.1029	238

Windows XP

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Kernel Mode Cryptographic Module	5.1.2600.0	241

Windows 2000 SP3

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider	Base DSS: 5.0.2195.3665 (SP3), Base: 5.0.2195.3839 (SP3), DSS/DH Enh: 5.0.2195.3665 (SP3), Enh: 5.0.2195.3839 (SP3)	103
Kernel Mode Cryptographic Module (FIPS.SYS)	5.0.2195.1569	106

Windows 2000 SP2

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider	Base DSS 5.0.2195.2228 (SP2), Base 5.0.2195.2228 (SP2), DSS/DH Enh 5.0.2195.2228 (SP2), Enh 5.0.2195.2228 (SP2)	103
Kernel Mode Cryptographic Module (FIPS.SYS)	5.0.2195.1569	106

Windows 2000 SP1

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider	Base DSS 5.0.2150.1391 (SP1), Base 5.0.2150.1391 (SP1), DSS/DH Enh: 5.0.2150.1391 (SP1), Enh 5.0.2150.1391 (SP1)	103

Windows 2000

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider	5.0.2150.1	76

Windows 95 and Windows 98

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider	5.0.1877.6 and 5.0.1877.7	75

Windows NT 4.0

Cryptographic Module	Version (link to Security Policy)	CMVP Certificate #
Base Cryptographic Provider	5.0.1877.6 and 5.0.1877.7	68

Sdílet prostřednictvím