Re: Encryption > access denied after importing key with Certificate

From: Roger Abell [MVP] (mvpNOSPAM@asu.edu)
Date: 09/25/02 

From: "Roger Abell [MVP]" <mvpNOSPAM@asu.edu>
Date: Wed, 25 Sep 2002 07:32:20 -0700

"martin" <martin_26@optusnet.com.au> wrote in message
news:608901c26375$4a7e4d70$37ef2ecf@TKMSFTNGXA13...
> Hi Roger,
>
> I stumbled accross this article on win2000 security news
> group on Sept 11 2002 "Does Enhanced CSP support AES"
>
> These are the notes ?
>
> Question ?
> I'd like to know if the MS Enhanced Provider does support
> the AES symetric algo(using PROV_RSA_AES type?) and if not
> which CSP does support it? Thanks Eric
>
> Reply
>
> There is an AES provider type that ships in Windows .NET
> in the Microsoft CSPs - but this is not available on
> current platforms
>
> Question?
>
> so there is no chance to use AES algo onto Win2k system?
>
> Reply
>
> Not using the Microsoft CSPs currently, no.
>
>
> Am i correct in saying that as each OS uses different
> algo's that they are incompatible with one another ?
>
>
> Robert mentioned earlier on that XP uses by default AES
> algo & he also advised me that i would get garble when
> decrypting a file on a NON SP1 XP machine ( if the
> original would have being encryped on XP SP1 ( TO which
> he was absolutely correct)
>
> what are your views on the notes from the win2000
> newsgroup ?
>
> Kindest regards
> Martin.s

Hi Martin,

That all sounds fully consistent with what Robert has
said in this thread. AES is available in XP at SP 1 and
in Windows .Net Server 2003. You would need to
adjust the registry key so that behaviors reverted to
those of W2k/XPgold in order to have an XP SP1
encrypt so that there is "at least a chance" they would
transport to W2k or pre-SP1 XP. 

--
Roger Abell
MS MVP (Security, Windows), MCDBA,  MCSE both
Associate Expert - Windows XP ExpertZone
http://www.microsoft.com/windowsxp/expertzone

Relevant Pages

  • Re: Does SQL Server 2005 SP1 or later support AES on Windows XP SP1/SP
    ... Windows XP only since AES is only available to Windows XP SP1 or ... I remember trying to get AES working with SQL Server 2005 Dev on XP SP2 for certificates and asymmeteric encryption keys and having it do nothing but fail. ... that AES must be supported in SQL Server 2005 SP1 or later based on ... Do you have an XP Sp2 machine to test on? ...
    (microsoft.public.sqlserver.security)
  • Re: Kerberos Authentication and Computer Account Logon problem
    ... but last I knew XP Sp1 will default ... to using AES 256, of which W2k is currently in the dark. ...
    (microsoft.public.win2000.security)
  • Re: AES with constant key
    ...  But if the message file you encrypt say with straight AES ECB mode ... And thats if AES is perfect which is not likely. ... to trick people into using weak crypto so that the big 3 letter ... My Compression codehttp://bijective.dogma.net/ ...
    (sci.crypt)
  • RE: AES Symmetric Key Secure Storage
    ... private key - both stored in a CAPI container. ... Now if you use PER USER AES key than the best is to protect the key (ie. ... encrypt it) with a key pair stored in the user's container. ...
    (microsoft.public.platformsdk.security)
  • Re: Need secure block cipher for 96 bits of block size
    ... AES need 128 bits data blocks. ... If you need to send exactly 96 bits of ciphertext for 96 bits of plaintext ... Encrypt the first 64 bits of plaintext to give a first 64-bit block. ... To decrypt you first decrypt the second block, and append the last 32 bits ...
    (sci.crypt)