The encryption algorithm is specified here as used by the SCEP protocol (Simple Certificate Enrollment Protocol). Both the certification authority (CA) and the certificate holder (client) must support the algorithm. A number of methods are available:
Note: If possible you should employ one of the last methods (3DES, BLOWFISH, AES) if the certification authority (CA) and all the clients support it. The default value here is DES encryption to ensure interoperability.
- SNMP ID:
- 2.39.1.14.4
- Console path:
- Setup > Certificates > SCEP-Client > CAs
- Possible values:
- DES
- Data Encryption Standard: The DES algorithm uses a 64-bit key. This is the SCEP standard encryption. DES is an algorithm developed by the National Bureau of Standards (NBS) in the USA. The DES algorithm uses a 64-bit key which allows combinations of a substitution cipher, transposition cipher and exclusive-OR (XOR) operations. The 64-bit block size consists of an effective key length of 56 bits and 8 parity bits. The algorithm is based on the Lucifer cipher.
- 3DES
- Triple-DES: This is an improved method of DES encryption using two keys of 64-bits in length.
- BLOWFISH
- The BLOWFISH algorithm works with a variable key length of between 32 and 448 bits. It is a fast and highly secure algorithm. It has major advantages over other symmetrical methods such as DES and 3DES.
- AES
- Advanced Encryption Standard: The AES algorithm has a variable block size of 128, 192 or 256 bits and a variable key length of 128, 192 or 256 bits, providing a very high level of security.
- Default:
- DES
