All communication between QlikView Server and Windows based clients is encrypted, when connecting through the qvp protocol (tcp/4747). QlikView Server will attempt to establish a 128-bit encrypted connection based upon the RSA algorithm when a client connects. The level of encryption may however be lowered if the operating system of the client computer does not support this strength of encryption.
QlikView will utilize the Microsoft CryptoAPI to secure communication between client and server, when a connection is established using the qvp protocol. CryptoAPI utilizes available Cryptograpic Service Providers (CSP) on the system and some may or may not be available due to export restrictions etc. It is also possible for 3rd party vendors to implement their own CSP, however QlikView will only utilize CSP's provided by Microsoft.
QlikView will always try to use the strongest cryptographic provider available, Microsoft AES Cryptographic Provider. If this fails, i.e. the provider is not present or supported on the system, Microsoft Base Cryptographic Provider will be used instead.
For a list of differences in key length etc between the two providers, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa386979(v=vs.85).aspx
For more information about Microsoft CryptoAPI, see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380255(v=vs.85).aspx