Outlook cannot encrypt by using AES when Outlook is running on Windows XP
The Advanced Encryption Standard (AES) encryption algorithm is available for S/MIME communications only on Windows Vista and on Windows 7. AES is not available for email encryption when the email client is running on Windows XP.
If you are using an email program that is running on Windows 7 and send an AES-encrypted email message to a recipient who is running Microsoft Outlook on a Windows XP workstation, the recipient receives the following error message when they try to open the encrypted email message:
Your digital ID name cannot be found by the underlying security system.
The strongest encryption algorithm available for encrypting email on a Windows XP client is triple DES (3DES). If you install Outlook on a Windows XP workstation, when you configure Outlook to use a certificate that includes AES support, AES is not available as an encryption algorithm. Outlook lists only encryption algorithms that your computer system supports. AES is not supported on Windows XP. Additionally, messages that are encrypted by using AES cannot be read on computers that are running Windows XP.
For more information about a similar limitation when you use Outlook Web App (OWA) for Exchange, go to the following Microsoft TechNet website:
Article ID: 2710636 - Last Review: 05/10/2012 20:44:00 - Revision: 4.0
Microsoft Outlook 2010, Microsoft Office Outlook 2007, Microsoft Office Outlook 2003