Changing the length of the encryption key (AES56 / AES256)

Kaspersky Endpoint Security uses the Advanced Encryption Standard (AES) encryption algorithm. Kaspersky Endpoint Security supports the AES encryption algorithm with an effective key length of 256 or 56 bits. The data encryption algorithm depends on the AES encryption library that is included in the distribution package: Strong encryption (AES256) or Lite encryption (AES56). The AES encryption library is installed together with the application.

Changing the length of the encryption key is available only for Kaspersky Endpoint Security 11.2.0 or later.

Changing the encryption key length consists of the following steps:

  1. Decrypt objects that Kaspersky Endpoint Security encrypted before you begin changing the encryption key length:
    1. Decrypt hard drives.
    2. Decrypt files on local drives.
    3. Decrypt removable drives.

    After the encryption key length is changed, objects that were previously encrypted become unavailable.

  2. Remove Kaspersky Endpoint Security.
  3. Install Kaspersky Endpoint Security from the Kaspersky Endpoint Security distribution package containing a different encryption library.

You can also change the encryption key length by upgrading the application. The key length can be changed through an application upgrade only if the following conditions are met:

To change the encryption key length, run the kes_win.msi or setup_kes.exe file from the distribution package containing the necessary encryption library. You can also remotely upgrade the application by using the installation package.

It is impossible to change the length of the encryption key using the distribution package of the same version of the application that is installed on your computer without first uninstalling the application.

Page top