Share via


Security Method

Applies To: Windows Server 2008

Encryption Algorithm

AES-256, AES-192, and AES-128

The Advanced Encryption Standard (AES) specifies a cryptographic algorithm approved by the Federal Information Processing Standard (FIPS) that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information in data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256 bits.

Note

These algorithms are supported only by computers running this version of Windows. If you are encrypting communications with an earlier version of Windows or a computer with an operating system that does not support these algorithms, you must use the 3DES (recommended) or DES algorithm.

3DES

Internet Protocol security (IPsec) policies allow the choice of a strong encryption algorithm, 3DES, which provides stronger encryption than DES for higher security. 3DES is a block cipher that uses a three-step encryption process that is much more secure than DES. A block cipher is an encryption algorithm that operates on a fixed size block of data.

DES

DES is a block cipher that uses a 56-bit key. A block cipher is an encryption algorithm that operates on a fixed size block of data. DES encrypts data in 64-bit blocks using a 64-bit key. The key appears to be a 64-bit key, but one bit in each of the 8 bytes is used for error checking, resulting in 56 bits of usable key.

Cipher block chaining (CBC) is also used to hide patterns of identical blocks of data within a packet. An initialization vector (an initial random number) is used as the first random block to encrypt and decrypt a block of data. Different random blocks are used in conjunction with the secret key to encrypt each successive block. This ensures that identical sets of unsecured data (plaintext) result in unique, encrypted data blocks.

Warning

This algorithm is no longer considered secure and should only be used for testing purposes or in cases in which the remote computer cannot use a more secure algorithm.

Integrity Algorithm

SHA1

Secure Hash Algorithm 1 (SHA1) was developed by the National Institute of Standards and Technology, as described in FIPS PUB 180-1. The SHA process is closely modeled after MD5. The SHA1 computation results in a 160-bit hash that is used for the integrity check. Because longer hash lengths provide greater security, SHA is stronger than MD5.

MD5

Message Digest 5 (MD5) is based on RFC 1321. It was developed in response to a weakness found in MD4. MD5 completes four passes over the data blocks (MD4 completes three passes), using a different numeric constant for each word in the message on each pass. The number of 32-bit constants used during the MD5 computation equates to 64, ultimately producing a 128-bit hash that is used for the integrity check. While MD5 is more resource-intensive, it provides stronger integrity than MD4.

Warning

The MD5 algorithm is no longer considered secure because the key can be computationally derived.

Additional references

Advanced Key Exchange Settings