With secure FTP, passwords and files are automatically encrypted for transmission without user involvement, key management, or additional encryption, such as PGP. Built-in cryptography automatically encrypts the data as the file is transferred and re-encrypts the file before it is written on the secure FTP server.

PGP utilizes public key cryptography, an encryption scheme that uses a pair of keys for encryption: a public key to encrypt data and a private key for decryption. You publish your public key to all your trading partners while keeping your private key secret.

To send encrypted data to the Clearinghouse, you must obtain the Clearinghouse’s public key to encrypt your file. Ensure the filenames you send to the Clearinghouse have the “.pgp”, “.gpg”, or “.asc” extensions. Without those extensions, delays can occur. (See the instructions below.)

For you to receive encrypted data from the Clearinghouse, you must provide the Clearinghouse with your public key, which we will use to encrypt the files we send you. Public keys are distributed in a physical file that can be emailed or downloaded via the Web. These services/reports can use the additional layer of PGP from the Clearinghouse back to the institution, which includes:

1. StudentTracker for Outreach/Educational Organizations’ reports (does not include StudentTracker for Colleges & Universities or StudentTracker for High Schools’ reports)
2. Member file/submission overlay responses
3. Weekly notification queue responses
4. Total Enrollment Reporting Process (TERP) file/submission responses
5. Weekly TERP notifications

> To encrypt your files using PGP

1. Download and install PGP from https://www.openpgp.org/software/misc/

Registrars should engage your organizational-level information technology offices for support and implementation of PGP file-level encryption. If your organization wishes to use file-level encryption, such as PGP, you will need to choose and evaluate an application that is best suited for your organization. The tools at this link offer the capability to do PGP file-level encryption, which are highly recommended, but are not mandated.

2. Download the Clearinghouse’s public keys

• DSS/Diffie-Hellman key (for PGP v5.0 and above)
• RSA key (for PGP v2.6 and above)

3. Import the Clearinghouse’s public key into your keyring

> You are now ready to encrypt your data files following these guidelines:

• Recent versions of PGP support DSS/Diffie-Hellman keys, which are preferred over RSA keys. The Clearinghouse supports both.
• For the highest level of security, choose key sizes 1024 or 2048 bits for encryption and digital signatures.
• Compression is built into the encryption algorithm, eliminating the need to zip your data files before or after encryption.

> Follow these steps to receive encrypted files:

1. Download and install PGP from https://www.openpgp.org/software/misc/

Registrars should engage your organizational-level information technology offices for support and implementation of PGP file-level encryption. If your organization wishes to use file-level encryption, such as PGP, you will need to choose and evaluate an application that is best suited for your organization. The tools at this link offer the capability to do PGP file-level encryption, which are highly recommended, but are not mandated.

2. Generate public/private keys

3. Email your public key to the Clearinghouse at secureftp@studentclearinghouse.org

As a reminder, not all services can send PGP-encrypted files back to organizations. These services/reports can use the additional layer of PGP from the Clearinghouse back to the institution, which includes:

1. StudentTracker for Outreach/Educational Organizations’ reports (does not include StudentTracker for Colleges & Universities or StudentTracker for High Schools’ reports)
2. Member file/submission overlay responses
3. Weekly notification queue responses
4. Total Enrollment Reporting Process (TERP) file/submission responses
5. Weekly TERP notifications