Event ID - 2175

Event Id2175
SourceMSMQ
DescriptionMessage Queuing will use an encryption key with an effective length of 40 bits when sending messages encrypted with the RC2 encryption algorithm.
Event Information According to Microsoft :

Cause :

This event is logged when Message Queuing will use an encryption key with an effective length of 40 bits when sending messages encrypted with the RC2 encryption algorithm.

Resolution :

Delete keys that force 40-bit RC2 encryption

As a result of a bug in CryptoAPI (in Windows NT 4.0 Service Pack 2 (SP2) through Service Pack 5 (SP5)), enhanced RC2 keys were created with an effective length of 40 bits (instead of 128 bits). This bug was fixed in Windows Server 2003, Windows XP Service Pack 1 (SP1), and Windows 2000 Service Pack 4 (SP4).

If you use enhanced RC2 encryption with the following operating systems, the message cannot be decrypted unless a registry key is set on the sender.

From :

Windows Server 2003
Windows XP SP1 and SP2

To :

Windows XP
Windows 2000 (up to Service Pack 3 (SP3))
Windows NT 4.0

The fix for Windows 2000 SP4 uses a registry key as well but defaults to compatibility with earlier service packs.

To enable backward compatibility and enhance security, the following registry values were added to all platforms.

Windows XP Service Pack 1, Windows Server 2003
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSMQ\Parameters\Security\SendEnhRC2With40 : The default value is 0; use an effective length of 128 bits. A nonzero value reverts to Windows 2000 behavior, where the key is created with an effective length of 40 bits.
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSMQ\Parameters\Security\RejectEnhRC2IfLen40 : The default value is 0; all key lengths are accepted. To enhance security so that messages that use an effective length of 40 will be rejected, set this value to 1.
Windows 2000 Service Pack 4
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSMQ\Parameters\Security\SendEnhRC2With128 : The default value is 0; use an effective length of 40 bits. A nonzero value forces an effective length of 128 bits. This improves security but might not be compatible with other computers.
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSMQ\Parameters\Security\RejectEnhRC2IfLen40 : The default value is 0; all key lengths are accepted. To enhance security so that messages that use an effective length of 40 will be rejected, set this value to 1.
If your enterprise no longer has computers running Message Queuing (also known as MSMQ) on Windows NT 4.0, Windows 2000 Server below SP4, or Windows XP below SP1, consider the following registry modifications:
  • On all computers, eliminating the SendEnhRC2With40 key, if it is present. This key needlessly weakens security by forcing computers that can use a 128-bit key to use a 40-bit key instead. For more information, see the "Delete registry key" section.
  • Adding SendEnhRC2With128 keys to your Windows 2000 SP4 computers, with the value 1. This enhances security by making it possible for these computers to use a 128-bit key instead of a 40-bit key for compatibility. For more information, see the "Add registry key" section.
  • Adding RejectEnhRC2IfLen40 keys to all of your computers, with the value 1. This enhances security by requiring that incoming messages using enhanced RC2 encryption have a 128-bit key. For more information, see the "Add registry key" section, modifying for this key, as necessary.
Delete a registry key

To delete a registry key:

Caution : Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data.

Open Registry Editor. To open Registry Editor, click Start . In the search box, type regedit , and then press ENTER.
  • Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSMQ\Parameters\Security\RejectEnhRC2IfLen40 , and then delete the registry key. Add a registry key

    To add a registry key (Windows 2000 SP4):

    Caution : Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data.
    1. Open Registry Editor. To open Registry Editor, click Start . In the search box, type regedit , and then press ENTER.
    2. Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSMQ\Parameters\Security .
    3. Right-click Security , point to New , and then click Add .
    4. Set the value to 1 .
    If you continue to get this error, note any details in the event message, and then contact Microsoft Customer Service and Support (CSS).

    Verify :

    Verify that the MSMQ Service is installed and running.

    To perform this procedure, you must have membership in Administrators , or you must have been delegated the appropriate authority.

    To verify that the MSMQ Service is installed and running:
    1. Open the Services snap-in. To open Services, click Start . In the search box, type services.msc , and then press ENTER.
    2. Locate the Message Queuing service, and then confirm that the value in the Status column is Started .
  • Reference LinksEvent ID 2175 from MSMQ

    Catch threats immediately

    We work side-by-side with you to rapidly detect cyberthreats
    and thwart attacks before they cause damage.

    See what we caught

    Did this information help you to resolve the problem?

    Yes: My problem was resolved.
    No: The information was not helpful / Partially helpful.