2 questions about encryption method used in CA SSO