Operations << >>

Algorithms

Use the Algorithms property page to specify the type of encryption algorithm and the security message format you want to use for your clients.

Note   The selections you make on this property page can be modified later by users on the client.

Getting to the Algorithms property page

  1. In the Administrator window, choose Configuration in the site where the KM server is located, and double-click Site Encryption Configuration.
  2. In the Key Management Server Passwords box, type the advanced security administrator password, and then choose OK (if prompted).
  3. Select the Algorithms tab.

Selecting an Encryption Algorithm

Microsoft Exchange Server supports several types of encryption algorithms for encrypting the content of messages.

Algorithms Compatible with Microsoft Exchange Server 4.0 and 5.0   Microsoft Exchange Server 4.0 and 5.0 can use one of the following encryption algorithms to encrypt the contents of a message: CAST-64, Data Encryption Standard (DES), and CAST-40. The North American version of the Microsoft Exchange Client supports all three algorithms. All other localized versions of the Microsoft Exchange Client support the CAST-40 algorithm.

Note   You can change the North America preferred encryption algorithm from CAST-64 to DES and vice versa. However, you must renew all security-enabled users in the site where the change was made for the change to take effect. After you change the encryption algorithm, users can still read messages that were encrypted using the previous algorithm.

Algorithms Compatible with S/MIME   The preferred encryption algorithms that Microsoft Exchange Server can use to encrypt the content of messages using S/MIME algorithms are DES, 3DES, RC2-40, RC2-64, and RC2-128. S/MIME adds security to messages in Multipurpose Internet Mail Extensions (MIME) format. The security services offered are authentication (using digital signatures) and privacy (using encryption).

  1. Select the Algorithms tab.
  2. Under Preferred Microsoft Exchange 4.0 and 5.0 Encryption Algorithms or Preferred S/MIME Encryption Algorithms, select an encryption method for the geographic location.

Selecting a Preferred Security Message Format

Use the Algorithms property page to select the security message format for encrypting the content of messages. The selection of a preferred security message format is based on the configuration of clients in your site. For example, if your site primarily has computers running a client on 16-bit platforms, you can set the preferred security message format to Exchange 4.0/5.0 so that users can read the content of encrypted messages.

Note   The security message formats are default preferences for a user's mail client. Users can change the default preferences using their mail client. Set the format to the one that will be used by most clients. The profiles of other clients can be changed appropriately.

  1. Select the Algorithms tab.
  2. Under Preferred Security Message Format, select an encryption message format.

Option Description
Exchange 4.0/5.0 Specifies the preferred security message format for your clients to be Microsoft Exchange Server 4.0 or 5.0. Select this option if your site primarily contains computers running the Microsoft Exchange Client on 16-bit platforms.
S/MIME Specifies the preferred security message format for Outlook to be S/MIME. This option is the preferred industry standard.