Is DPAPI FIPS compliant? RRS feed

  • Question

  • I realize the question has been asked before, but nobody has answered it. I'd really appreciate if a Microsoft employee would give a definitive answer to this question. Specifically, are CryptProtectData and CryptUnprotectData FIPS compliant?

    Another question has to do with the implementation of BCrypt and NCrypt. Functionally, they seem to perform very similar tasks, but were they meant to be used together or was NCrypt meant to supersede BCrypt? E.g., is BCrypt meant to perform encryption key generation and encryption/decryption/hash/etc functions, while NCrypt is meant to be used as a means to persist encryption keys? Or was NCrypt meant to perform all cryptography operations instead of BCrypt?

    • Edited by smbrown3706 Thursday, August 1, 2013 11:47 AM
    Monday, July 29, 2013 12:56 PM

All replies

  • I managed to stumble upon this article, it doesn't specifically answer my question but it looks somewhat related. 
    • Edited by smbrown3706 Wednesday, August 7, 2013 5:43 PM
    Wednesday, August 7, 2013 5:38 PM