MORE INFORMATION
The Groove cryptographic provider architecture enables the
concurrent use of different cryptographic algorithms. Groove currently supports
the following three message digest algorithms:
For export reasons, you cannot insert additional cryptographic algorithms. This feature is disabled. United States export laws prevent the Cryptographic Interface from being opened. At higher layers,
algorithms that are used by accounts, identities, and workspaces can be
configured and customized in XML templates.
You may not be up-to-date
on cryptography research, and you are not required to make a selection from the
various algorithms. The Groove client implements strong default values for its
algorithms and key strengths. These default values are more than sufficient for most
of our customers. Therefore, customization by using XML is generally not
required. As new cryptoanalysis and cryptographic enhancements are made, and new
standards are agreed upon by the research community, Groove will continue to
improve the default values. The following is a summary of the current default algorithms that
are implemented in Groove Workspace 2.x and in Groove Virtual Office 3.x.
| Crypto Operation | Default Algorithm | Default Key Length in bits |
| Public-Key Signature | RSA | 2048
(Asymmetric) |
| Public-Key Encryption | ElGamal | 2048
(Asymmetric) |
| Public-Key Signature in a Shared
Space | ESIGN | 1536 (Symmetric) |
| Secret-Key Encryption | AES | 192
(Symmetric) |
| Secret-Key Integrity Protection | HMAC-SHA1 | 192
(Symmetric) |
| Passphrase-Derivation | PBKDF2 | 2048 |
Advanced Encryption Standard (AES) is the new
government-approved standard for a symmetric encryption algorithm. This standard replaces
DES. The original name for AES is Rijndael, and was developed by two Belgian
cryptographers. For more information, visit the following Web
site:
Efficient digital Signature (ESIGN) is a
royalty-free, public-key signature algorithm that was developed in Japan. It is much
faster than previous signature algorithms. With this algorithm, each data packet can be digitally signed with negligible performance affect. It is still being
standardized by IEEE. For more information, visit the following Web site:
RSA represents for Rivest, Shamir, and Adleman. These are the names of the three
cryptographers who invented the first practical commercial public key
cryptosystem. It is the most frequently used public key algorithm today. The
RSA patent officially expired and entered the public domain on September 20,
2000, although RSA Security preemptively waived their patent rights on
September 6, 2000. For more information, visit the following Web site:
ElGamal
is another public key encryption algorithm that provides an alternative to
RSA.
Password-based key derivation function #2 (PBKDF2) is defined in
RFC2898 and in RSA's standard Password-Based Cryptography Standard (PKCS) #5 v2.0. This algorithm provides a standard
mechanism for deriving a secret key from a password. It uses salts and
iteration counts to increase the complexity of attack. For more information,
visit the following Web site:
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.