Candle MQSecure's and Microsoft Message Queue Server's
approaches to security are quite different. To hide
message contents and preserve message authenticity,
MQSecure uses RSA's RC2
technology, while MSMQ uses Microsoft's own
Crypto
API. Neither offered the aged, moldy Data Encryption
Standard or its more recent incarnation, Triple-DES.
RC2
is a variable key-size block cipher designed as a drop-in replacement
for DES, the encryption block cipher developed by IBM and endorsed
as an official standard by the U.S. government in 1977. A symmetric
cryptosystem, DES requires that the encoder and decoder know the
same secret key. DES has a 64-bit block size and uses a 56-bit
key during encryption. DES has been successfully hacked on several
occasions. RC2 has a 64-bit block size and is about two to three
times faster than DES in software. Like DES, it's a symmetric
encoding scheme. Some vendors have obtained permission to export
RC2.
Microsoft
Crypto API, the foundation for the company's Internet Security
Framework, incorporates cryptographic algorithms licensed from
RSA. Its open architecture, however, provides for the drop-in
addition of other encoding technologies. Microsoft terms these
implementations of encoding schemes cryptographic service providers
(CSP), of which RSA's algorithm was the first. Microsoft
designed its scheme to be exportable, but this status depends
on which CSP a particular implementation uses.
Theoretically,
RC2 is more secure than the default encryption built into MSMQ.
