Disable Certain Cryptography algorithms in Windows Server 2019 and Windows 10 21H1

Learning_Windows 1 Reputation point

Hello everyone,

Not sure if I have been posting in the correct forum but I need some help regarding disabling certain cryptography algorithms (eg. 3DES, DES, RC4) in Windows Server 2019 and Windows 10 21H1.

Some algorithms are quite straight forward to disable, can be done by editing registry.

However, there are some algorithms I am not able to find a way to disable them after searching the internet. The following are the algorithms:

Digital Signature Standard (DSS)
RSA, only allow key-size 2048 bit and above (>2048bit)
SHA-3, only allow key-size 384 bit and above (>384 bit)

May I know how can I disable them ?

Thank you in advace

Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,778 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Limitless Technology 39,501 Reputation points

    Hello @Learning_Windows

    There is tool available named IIS Crypt from which you can disable cipher and some legacy protocols easily from GUI.

    If the reply was helpful, please don’t forget to upvote or accept as answer.

    0 comments No comments

  2. Learning_Windows 1 Reputation point


    Thank you for the tool. I have tried the tool and I would say it is very useful because you can disable those cipher and protocols within the programs.

    However, I am not able to find those options to disable those algorithms I have mentioned (Eg. Rijindael, SAFER).

    Just to check, is there any valid registry keys to disable those mentioned algorithms in Windows in the first place ?
    Because I have searched online but I am not able to find those mentioned registry keys in windows.

    Thank you again

    0 comments No comments