Virtual TPM

Certificate #3690

Webpage information

Status historical
Historical reason SP 800-56Arev3 transition
Validation dates 27.07.2020
Standard FIPS 140-2
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode with the modules Kernel Mode Cryptographic Primitives Library validated to FIPS 140-2 under Cert. #3196 operating in FIPS mode and Code Integrity validated to FIPS 140-2 under Cert. #3644 operating in FIPS mode or Secure Kernel Code Integrity validated to FIPS 140-2 under Cert. #3651 operating in FIPS mode
Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 2
Description The Virtual Trusted Platform Module (Virtual TPM or VTPM) is a dynamically linked library, TPMEngUM.dll, that provides TPM 2.0 cryptographic services to virtual machines that are running in guest partitions on the host Windows operating system.
Tested configurations
  • Windows 10 Education October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 with PAA
  • Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7 with PAA
  • Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 with PAA
  • Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Pro LTE with an Intel Core i5 with PAA
  • Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Studio with an Intel Core i7 with PAA
  • Windows 10 Enterprise October 2018 Update (x64) running on a Samsung Galaxy Book 12" with an Intel Core i5 with PAA
  • Windows 10 Enterprise October 2018 Update (x64) running on an HP EliteBook x360 1030 G2 with an Intel Core i7 with PAA
  • Windows 10 Pro October 2018 Update (x64) running on a Dell Latitude 5290 with an Intel Core i7 with PAA
  • Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7 with PAA
  • Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Go with an Intel Pentium with PAA
  • Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 with PAA
  • Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Pro LTE with an Intel Core i5 with PAA
  • Windows 10 Pro October 2018 Update (x64) running on a Samsung Galaxy Book 10.6" with an Intel Core m3 with PAA
  • Windows 10 Pro October 2018 Update (x64) running on an HP Elite x2 1013 G3 Tablet with an Intel Core i7 PAA
  • Windows 10 Pro October 2018 Update (x64) running on an HP Slimline Desktop with an Intel Pentium with PAA
  • Windows Server 2019 Core (x64) on Hyper-V on Windows Server 2016 running on a Dell PowerEdge R740 Server with an Intel Xeon Gold with PAA
  • Windows Server 2019 Core (x64) on Hyper-V on Windows Server 2019 running on a Dell Precision Tower 5810MT with an Intel Xeon E5 with PAA
  • Windows Server 2019 Core (x64) running on a Dell PowerEdge R740 Server with an Intel Xeon Gold with PAA
  • Windows Server 2019 Datacenter Core (x64) on Hyper-V on Windows Server 2019 running on a Dell Precision Tower 5810MT with an Intel Xeon E5 with PAA (single-user mode)
  • Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R740 Server with an Intel Xeon Gold with PAA
Vendor Microsoft Corporation
References

This certificate's webpage directly references 3 certificates, transitively this expands into 8 certificates.

Security policy

Symmetric Algorithms
AES, AES-128, AES-192, AES-256, HMAC, HMAC-SHA-256, HMAC-SHA-384
Asymmetric Algorithms
RSA-OAEP, ECDH, ECDSA, ECC, Diffie-Hellman
Hash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA384, SHA-2, SHA2
Schemes
Key Agreement
Protocols
SSL
Randomness
DRBG
Elliptic Curves
P-256, P-384
Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM

Vendor
Samsung, Microsoft, Microsoft Corporation

Standards
FIPS 140, FIPS 140-2, FIPS 186-4, FIPS 180-4, FIPS 197, FIPS PUB 198-1, SP 800-56A, SP 800-90A, SP 800-108, SP 800-56B, SP 800-133, NIST SP 800-56A, PKCS#1

File metadata

Creation date D:20200721105124-04'00'
Modification date D:20200721105124-04'00'
Pages 35

References

Outgoing
  • 3196 - historical - Kernel Mode Cryptographic Primitives Library
  • 3651 - historical - Secure Kernel Code Integrity
  • 3644 - historical - Code Integrity

Heuristics

No heuristics are available for this certificate.

References

Loading...

Updates Feed

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 3690,
  "dgst": "7768e375a15e957a",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "HMAC#C350",
        "CVL#C348",
        "AES#C350",
        "RSA#C211",
        "DRBG#C211",
        "DRBG#C350",
        "KAS#C350",
        "AES#C211",
        "ECDSA#C350",
        "RSA#C348",
        "RSA#C350",
        "KBKDF#C350",
        "ECDSA#C348",
        "SHS#C211"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "3196",
          "3644",
          "3651"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "3196",
          "3615",
          "3480",
          "3089",
          "3194",
          "3091",
          "3644",
          "3651"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "3196",
        "3644",
        "3651"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "3196",
          "3644",
          "3651"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "3196",
          "3615",
          "3480",
          "3089",
          "3194",
          "3091",
          "3644",
          "3651"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "3196",
        "3644",
        "3651"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 6
          },
          "ECDH": {
            "ECDH": 6
          },
          "ECDSA": {
            "ECDSA": 45
          }
        },
        "FF": {
          "DH": {
            "Diffie-Hellman": 1
          }
        },
        "RSA": {
          "RSA-OAEP": 5
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 3
        },
        "CFB": {
          "CFB": 8
        },
        "CTR": {
          "CTR": 12
        },
        "ECB": {
          "ECB": 3
        },
        "GCM": {
          "GCM": 1
        },
        "OFB": {
          "OFB": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 2
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 16,
          "P-384": 12
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#3196": 1,
          "#3644": 1,
          "#3651": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES 256": 1,
          "AES-128": 2,
          "AES-192": 2,
          "AES-256": 10,
          "HMAC- SHA384": 1,
          "HMAC-SHA-14": 2,
          "HMAC-SHA-256": 2,
          "HMAC-SHA-384": 4,
          "HMAC-SHA1": 2,
          "HMAC-SHA256": 2,
          "PKCS#1": 4,
          "RSA PKCS#1": 4,
          "SHA- 384": 1,
          "SHA-1": 14,
          "SHA-111": 1,
          "SHA-112": 1,
          "SHA-113": 1,
          "SHA-19": 1,
          "SHA-2": 2,
          "SHA-256": 18,
          "SHA-384": 16,
          "SHA1": 1,
          "SHA2": 1,
          "SHA384": 1
        }
      },
      "fips_security_level": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 14,
            "SHA1": 1
          },
          "SHA2": {
            "SHA-2": 2,
            "SHA-256": 18,
            "SHA-384": 16,
            "SHA2": 1,
            "SHA384": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 107
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 4,
          "FIPS 140-2": 7,
          "FIPS 180-4": 8,
          "FIPS 186-4": 14,
          "FIPS 197": 2,
          "FIPS PUB 198-1": 1
        },
        "NIST": {
          "NIST SP 800-56A": 1,
          "SP 800-108": 3,
          "SP 800-133": 5,
          "SP 800-56A": 1,
          "SP 800-56B": 8,
          "SP 800-90A": 5
        },
        "PKCS": {
          "PKCS#1": 4
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 25,
            "AES-128": 2,
            "AES-192": 2,
            "AES-256": 10
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 21,
            "HMAC-SHA-256": 1,
            "HMAC-SHA-384": 2
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 62,
          "Microsoft Corporation": 4
        },
        "Samsung": {
          "Samsung": 2
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/CreationDate": "D:20200721105124-04\u002700\u0027",
      "/ModDate": "D:20200721105124-04\u002700\u0027",
      "pdf_file_size_bytes": 1845781,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://windows.microsoft.com/",
          "http://creativecommons.org/licenses/by-nd-nc/1.0/",
          "https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/hyper-v-requirements",
          "http://www.trustedcomputinggroup.org/resources/tpm_library_specification",
          "http://www.microsoft.com/en-us/howtotell/default.aspx"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 35
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.InternalState",
    "module": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": null,
      "txt_hash": null
    },
    "policy": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "ca65f0635f992ff73ae46173da105917af4d904faa2a0250556385ebae7fdce7",
      "txt_hash": "d32b14af7389b82aa7dc797e3b2eea45b587f3f380b1fa0c326f61692370ddd4"
    }
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode with the modules Kernel Mode Cryptographic Primitives Library validated to FIPS 140-2 under Cert. #3196 operating in FIPS mode and Code Integrity validated to FIPS 140-2 under Cert. #3644 operating in FIPS mode or Secure Kernel Code Integrity validated to FIPS 140-2 under Cert. #3651 operating in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2020_030820_0656_signed.pdf",
    "date_sunset": null,
    "description": "The Virtual Trusted Platform Module (Virtual TPM or VTPM) is a dynamically linked library, TPMEngUM.dll, that provides TPM 2.0 cryptographic services to virtual machines that are running in guest partitions on the host Windows operating system.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A",
      "Design Assurance: Level 2"
    ],
    "fw_versions": null,
    "historical_reason": "SP 800-56Arev3 transition",
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {
      "3196": 1,
      "3644": 1,
      "3651": 1
    },
    "module_name": "Virtual TPM",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": "10.0.17763",
    "tested_conf": [
      "Windows 10 Education October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 with PAA",
      "Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7 with PAA",
      "Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 with PAA",
      "Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Pro LTE with an Intel Core i5 with PAA",
      "Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Studio with an Intel Core i7 with PAA",
      "Windows 10 Enterprise October 2018 Update (x64) running on a Samsung Galaxy Book 12\" with an Intel Core i5 with PAA",
      "Windows 10 Enterprise October 2018 Update (x64) running on an HP EliteBook x360 1030 G2 with an Intel Core i7 with PAA",
      "Windows 10 Pro October 2018 Update (x64) running on a Dell Latitude 5290 with an Intel Core i7 with PAA",
      "Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7 with PAA",
      "Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Go with an Intel Pentium with PAA",
      "Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 with PAA",
      "Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Pro LTE with an Intel Core i5 with PAA",
      "Windows 10 Pro October 2018 Update (x64) running on a Samsung Galaxy Book 10.6\" with an Intel Core m3 with PAA",
      "Windows 10 Pro October 2018 Update (x64) running on an HP Elite x2 1013 G3 Tablet with an Intel Core i7 PAA",
      "Windows 10 Pro October 2018 Update (x64) running on an HP Slimline Desktop with an Intel Pentium with PAA",
      "Windows Server 2019 Core (x64) on Hyper-V on Windows Server 2016 running on a Dell PowerEdge R740 Server with an Intel Xeon Gold with PAA",
      "Windows Server 2019 Core (x64) on Hyper-V on Windows Server 2019 running on a Dell Precision Tower 5810MT with an Intel Xeon E5 with PAA",
      "Windows Server 2019 Core (x64) running on a Dell PowerEdge R740 Server with an Intel Xeon Gold with PAA",
      "Windows Server 2019 Datacenter Core (x64) on Hyper-V on Windows Server 2019 running on a Dell Precision Tower 5810MT with an Intel Xeon E5 with PAA (single-user mode)",
      "Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R740 Server with an Intel Xeon Gold with PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2020-07-27",
        "lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Microsoft Corporation",
    "vendor_url": "http://www.microsoft.com"
  }
}