ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Encryption Desktop encrypts messages with the Triple DES cipher even though it is not the preferred cipher

book

Article ID: 172636

calendar_today

Updated On:

Products

Desktop Email Encryption

Issue/Introduction

When encrypting an email message with Symantec Encryption Desktop, the message is encrypted with the Triple DES cipher, even though the encryption key's preferred cipher is, for example, AES-256.

The recipient of the encrypted message will see this in the Encryption Desktop log:

Decrypting TripleDES-encrypted message

The recipient of the encrypted message should see this in the Encryption Desktop log if AES-256 encryption is used:

Decrypting AES256-encrypted message

Cause

The preferred cipher is ignored. Triple DES is the only supported cipher that is always enabled.

Environment

Encryption Desktop 10.4.0 to 10.4.2

Resolution

Upgrade to Encryption Desktop 10.4.2 MP1 or above. This release respects the preferred cipher.

Note that this issue only affects Encryption Desktop, not Encryption Management Server.