Conditions
-
- Operating system: Windows 10 version 2004
- Patch level: Latest patches installed, as of 16.12.2020
- Hardening configuration: Windows 10 hardened according to MS Security
- Baselines, CIS and DISA. FIPS compliance is also configured
- Deltra OrgaMax version: 21.00.01.001
Problem
Orgamax is simply terminated shortly after starting. An entry in the Windows event log indicates that an algorithm that is no longer recommended is being used.
Assumption
Rjiandael as an algorithm is deactivated in the “FIPS compliance” configuration and the use of the algorithm is prevented.
However, Orgamax apparently uses this algorithm for various (internal) encryption routines.
Solution approach
Overview
Ideally, the manufacturer should update its product to use state-of-the-art algorithms. However, as long as this is not the case, one of the following options will help.
Option 1: Disable FIPS compliance
In the “Local Security Policies”, the option “System cryptography: Use FIPS compliant settings for encryption, hashing and signing” is deactivated.
Links / References
-
- Disabling FIPS Complaint Encryption on Windows – Knowledge Base on CivilGEO
- Why we no longer recommend “FIPS mode” – Microsoft Tech Community
- Why you should not enable “FIPS compliant” encryption on Windows (howtogeek.com)