With secure FTP, passwords and files are automatically encrypted for transmission without user involvement, key management, or additional encryption, such as PGP. Built-in cryptography automatically encrypts the data as the file is transferred and re-encrypts the file before it is written on the secure FTP server. At no point is the file ever available “in the clear,” even after the transmission is complete. You can be assured that your data is safe without further encryption with PGP (although the Clearinghouse supports PGP if you opt to use it).
PGP utilizes public key cryptography, an encryption scheme that uses a pair of keys for encryption: a public key to encrypt data and a private key for decryption. You publish your public key to all your trading partners while keeping your private key secret. To send encrypted data to the Clearinghouse, you must obtain the Clearinghouse’s public key to encrypt your file. In order for you to receive encrypted data from the Clearinghouse, you must provide the Clearinghouse with your public key, which we will use to encrypt files we send you. Public keys are distributed in a physical file that can be emailed or downloaded via the Web.
> To encrypt your files using PGP
1. Install PGP from http://www.pgpi.org
2. Download the Clearinghouse’s public keys
- DSS/Diffie-Hellman key (for PGP v5.0 and above)
- RSA key (for PGP v2.6 and above)
3. Import the Clearinghouse’s public key into your keyring
> You are now ready to encrypt your data files following these guidelines:
- Recent versions of PGP support DSS/Diffie-Hellman keys, which are preferred over RSA keys. The Clearinghouse supports both.
- For the highest level of security, choose key sizes 1024 or 2048 bits for encryption and digital signatures.
- Electronically signing your files is unnecessary, but provides a higher level of security.
- Compression is built into the encryption algorithm, eliminating the need to zip your data files before or after encryption.
> Follow these steps to receive encrypted files:
1. Download and install PGP from http://www.pgpi.org
2. Generate public/private keys
3. Email your public key to the Clearinghouse at firstname.lastname@example.org