220.127.116.11 Phase 1 - Suite Keys
Each authentication set can contain a list of suites corresponding to the cryptographic proposals that will be negotiated. These suites are stored in Software\Policies\Microsoft\WindowsFirewall\Phase1CryptoSet\<wszSetId>\<SuiteIndex> where the SuiteIndex is a 4 digit decimal value encoded as a string.
The suite keys represent the pPhase1Suites array field of the FW_CRYPTO_SET structure as defined in [MS-FASP] section 2.2.73.
The suites for phase 1 cryptographic sets differ from those of phase 2 authentication sets. The following sections describe how these phase 1 cryptographic suites are encoded. The semantic checks described in [MS-FASP] section 2.2.69 are also applicable to the cryptographic phase 1 suites described in this section after following the mapping of the registry values and tokens.