System cryptography: Use FIPS compliant algorithms for encryption
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
Description
Determines if the TLS/SSL Security Provider supports only the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher suite. In effect, this means that the provider only supports the TLS protocol as a client and as a server (if applicable). It uses only the Triple DES encryption algorithm for the TLS traffic encryption, only the RSA public key algorithm for the TLS key exchange and authentication, and only the SHA-1 hashing algorithm for the TLS hashing requirements.
For Encrypting File System Service (EFS), it supports only the Triple DES encryption algorithm for encrypting file data supported by the Windows NTFS File System. By default, the Encrypting File System Service (EFS) uses the DESX algorithm for encrypting file data.
Default: Disabled.
For more information, see:
| • |
