This week Windows Phone 8 reached an important new security milestone, earning a key government accreditation called FIPS 140-2.
What is FIPS 140-2 you ask?
It’s a U.S. government security standard used to accredit the cryptographic algorithms that protect sensitive data inside products like smartphones. This is important news particularly for our U.S. and Canadian government customers, as well as other industries that value FIPS 140-2 validation.
In all, Windows Phone 8 received accreditation for nine cryptographic certificates (listed below). The accreditation was awarded by the Cryptographic Module Validation Program, a joint effort of the U.S. National Institute of Standards and Technology and the Communications Security Establishment Canada, the country’s national cryptologic agency.
In other news, this month we’ve also updated our Windows Phone 8 Security Guide to cover more security topics related to Windows Phone such as policy and EAS firewall settings. You can download a copy of the updated guide here.
Here’s the full list of accredited certificates:
- Kernel Mode Cryptographic Primitives Library (CNG.SYS)
- Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)
- Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)
- Enhanced Cryptographic Provider (RSAENH.DLL)
- Boot Manager
- BitLocker Windows OS Loader (WINLOAD)
- Code Integrity (CI.DLL)
- BitLocker Windows Resume (WINRESUME)
- BitLocker Dump Filter (DUMPFVE.SYS)