About Encryption
EDI Exchange supports the Private Key Infrastructure (PKI) encryption method. This type of encryption is the most generally accepted method of protecting EDI Files from being pried upon by unauthorized persons. Without going further into the details of PKI, Public-key encryption is a cryptographic technique which enables users to securely communicate on an insecure public network, and reliably verify the identity of a user via digital signatures. Read more in Private Key Infrastructure.
A public-key infrastructure (PKI) is a system for the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity. The PKI creates digital certificates which map public keys to entities, securely stores these certificates in a central repository, and revokes them if needed.
A PKI consists of:
| • | A certificate authority (CA) that both issues and verifies the digital certificates. |
| • | A registration authority which verifies the identity of users requesting information from the CA. |
| • | A central directory is a secure location to store and index keys. |
| • | A certificate management system. |
EDI Exchange relies on other software to establish the PKI. It only uses the capabilities of these programs through their Application Programming Interface (API). You need to separately install either PGP Desktop or the open source GPG4Win programs and set them up with the public keys of your trading partners and your own private key.
No questions yet.
Setting up Encryption
EDI Exchange allows you to set up the encryption for your EDI files. Follow the steps below.
| 1. | Access the "Encryption Setup" window by selecting "Encryption Setup" under the "EDI Exchange" menu. The encryption setup menu |
| 2. | The following window will appear. The encryption setup screen |
| 3. | In this window define the following options: General Encryption Options |
| • | Original Unencrypted Outbound Files |
| • | Keep a Copy in an 'Unencrypted' Folder — When the HIPAAsuite program creates an EDI file for a trading partner that has selected encryption, you can keep an unencrypted copy in the "Outbox/[trading partner]/Unencrypted" folder. This is useful when you need to go back to the file and check on problems. |
Note: Once you encrypt a file with the public key of your trading partner, you will not be able to open it again. Only the owner of the private key can decrypt it and read it.
| • | Delete the Original File — If you do not want to keep the unencrypted copy, select this option. |
| • | Key Pair Information |
| • | Name (e-mail) for Public Key — Enter name or e-mail that will be used to encrypt files for you by your trading partners. |
| • | Pass Phrase for Private Key — Enter passphrase here to decrypt files encrypted previously with the pass phrase. |
Note: The keys are identified by the email address of their owner.
| • | Crypto Program |
| • | GnuPG — Select this option if you have already installed the GnuPG software and want to use it. The configuration using GnuPG |
Note: When you select GnuPG, the program checks if the executable gpg.exe/gpg2.exe is present on your computer. If it is not found, you will have to specify the path manually or install the program first.
| • | PGP Desktop — Select this option if you have already installed the PGP Desktop program and want to use it. You will see a different lower half of the screen, where you can indicate the location of the keys. PGP Desktop uses "key rings" — encrypted folders that contain all your keys. The location of these two files is very important for PGP Desktop. The configuration using PGP Desktop |
| 4. | Once the settings are done, click the "Save" button.  The "Save" button |
| 5. | The following notification will appear. Click the "OK" button. Notification window |
No questions yet.
Using PGP Desktop
Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, e-mails, files, directories and whole disk partitions to increase the security of e-mail communications. PGP and similar products follow the OpenPGP standard (RFC 4880) for encrypting and decrypting data. For more information, see How PGP works.
EDI Exchange supports PGP encryption and works seamlessly with PGP Desktop and open source Gpg4Win applications.
PGP Desktop (Symantec’s encryption solutions) is a comprehensive suite of encryption applications which provides flexible, multi-layered encryption by bundling Drive Encryption to secure the files stored on local hard drives, and Desktop Email Encryption to secure confidential data in email. For more information, see PGP Desktop documentation.
PGP Desktop key features:
| 1. | Hard drive encryption software locks down the entire contents of a laptop, desktop, external drive, or USB flash drive, including boot sectors, system, and swap files. |
| 2. | Enables encrypted email and secure AIM® Instant Messages. |
| 3. | Creates storage-independent encrypted containers for transport and sharing of specific files using included utilities; PGP Self-Decrypting Archive, PGP Virtual Disk, and PGP Zip. |
| 4. | Includes PGP Shredder which can completely destroy unwanted disk-based files and folders. |
| 5. | Drive Encryption can be centrally deployed and managed by Symantec Encryption Management Server. |
PGP Desktop key benefits:
| 1. | Secures email without burdening users, to improve compliance with policies and regulations without hindering productivity. |
| 2. | Allows users to easily and transparently share encrypted files and folders, improving data security without impacting user productivity. |
| 3. | Management by Encryption Management Server centralizes creation, deployment and management of data security policies and reporting. |
PGP Desktop bundles the following products:
| 1. | Drive Encryption. See System Requirements. |
| 2. | Desktop Email Encryption. See System Requirements. |
| 3. | Encryption Management Server. See System Requirements. |
No questions yet.
Using GnuPG
GnuPG is an Open Source project for the implementation of the OpenPGP (Pretty Good Privacy) protocols of encryption. GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. Front-end applications and libraries are also available. Version 2 of GnuPG also provides support for S/MIME.
GnuPG is a free software, so it can be freely used, modified and distributed under the terms of the GNU General Public License.
We recommend Gpg4Win for encrypting of your files and emails. Gpg4Win supports both relevant cryptography standards, OpenPGP and S/MIME (X.509), and is the official GnuPG distribution for Windows. Gpg4Win contains Kleopatra as one of its Free Software components. For more information, see Gpg4Win documentation available both in PDF and HTML versions.
Kleopatra, a certificate manager for OpenPGP and X.509 (S/MIME) and common crypto dialogs
With Kleopatra, it is easy to manage your certificates and create your own ones. It seamlessly integrates with GnuPG. You can manage the key that you receive from your trading partners, because there is a screen to view the details of a key.
Certificate details with Kleopatra
No questions yet.