home
  
home · products · support · search · checkout · contact   
 
  Privacy.FILE Help       

 Shopping cart
0 Product(s) in cart
Total US$0.00
> Checkout

UPS Tracking...

 

- File Encryption
- Access Security
- SDK Security Toolkit
- Contact Smart Cards
- All Products
- Browse Categories

 

Copyright © 2004 2007
Smartcard Biometric, Inc.
Add to Favorites

  
Using Privacy.FILE

Frequently Asked Question and Updated Information

This page is dedicated to issues, questions, workarounds, general hints and information for the Digital Privacy's Privacy.FILE version 5.01 (or greater) software product.

How to use this page.  
Look over the topic to find the area you need addressed, if you do not find and information that satisfies your needs, please use our suggestion form to submit your issue as it relates to this product and we will do our best to post it to this page as soon as possible.

  
   

 Topics
  • Known Issues
    Sorry, no Issues Posted at this time
 
1. How do I export and then import keys?  
All exporting or importing of a encryption key for Privacy.FILE is done in the Key List dialog that is presented each time you select the Encrypt File... option off the Explorer file menu, or by selecting the Key Administration... option from the Privacy.FILE Administration Utility running on your toolbar tray.  You can start the administration Utility (if present) from your start menu, by going to Start->Programs->Digital Privacy->Privacy.FILE and selecting Privacy.FILE Administration.
 
Note: The administration utility is not present in some cases until an application is run or accessed for the first time, or when the administration utility is configured to not start by default, or removed by an administrator for security reasons.

Things to know
Many applications require you to share a key with another person. To accomplish this, the key needs to be "exported" into a hard-drive file, sent to the person who wants to decrypt the email - who then "imports" the key into their database. 

The creator of the key(s) is the called the Owner.  Anybody who imports the key is considered a Guest.  The exported key is a duplicate copy of the Owner's key.  Once the Owner and the Guest(s) have a copy of the key, they can share data with one another while preventing intruders from accessing their information.

When exporting a key, the Owner supplies a question and answer which only the Owner and Guest know.  In order to import the key, the Guest must know the answer to the question.
The exported key is in the form of a file (i.e., .eik) which you select when importing and exporting.  An .eik file can be transmitted via email.
Keys duplicated with the Export/Import utilities always maintain their security level. You can only import a "level 1 key" into a "level 1 database", etc.

Note: When using RSA PUB/PRV keys, you should only export your Public Key.

Exporting
From the Key List dialog, select the key or keys you wish to export, then select the Export Selected Key(s) option from the Keys menu option on the key List dialog shown below.  A save as dialog will appear, select an appropriate location and name, then press save.  Before the export/import file is actually created, a Set Question and Answer dialog will appear.  This final stage is crucial, this is where you password protect the file from unauthorized use.  Take the time to create an appropriate question and answer that the receiving party can answer, or pass the answer to your question on the receiving party via email, phone, etc..  With those few steps completed, you have successfully exported your keys.  Note: All exported keys will have the file extension of ".eik", which stands for Export/Import Key(s).

Importing
Importing keys that have been exported by the procedure mentioned above, require access to the key list dialog as well.  (Please refer to the top of this section for information on how to open the key list dialog.)

Importing a key is very straight forward.  Once in the Key List dialog shown above, select the database you wish to import the keys to, or first create a new database with the options under the Databases menu option.  In the example above, you would set the cursor bar on 'eosmann' and then select the Import  Key option from the Keys menu.  A open dialog will be presented from which you can either navigate to the .eik file you are importing, or simply key in the location to the file directly.  When you press open, the question that was given when the key(s) were exported will be presented to you.  Once answered correctly, the keys will appear in your key list under the database select, ready for use.

Note: Always backup your database keys before importing foreign keys to protect your keys.  Use the backup and restore option under the key list database menu option.

  

top of page

  
2. How does transmitting encrypted files work?  
To transmit encrypted files between Privacy.FILE users you must first share an encryption key with that user. Once you have the other person's key, you can encrypt a file with that key using File Encryption and email the encrypted file to that person. The other person can then decrypt the document using Manual Decryption.

You only need to share the key once. After you have imported the other person's key, you can use that key an unlimited number of times (although some keys have expiration options). Normally you will import the other person's Public Key and use that to encrypt the document, but you can use DES, RC5 or other key types as well.

Note: You cannot use Directory Protection to encrypt the files for secure transmission; you must use File Encryption.

There will be two types of files involved: the exported key file (*.eik file name extension) which you only need to transmit once, and the encrypted document. The encrypted document will reside in the same directory as the original and have the same name as the original document, except it will have a .fed (stands for "File Encrypted Data") file extension appended to it.

Note: Be sure to mail the file with the .fed file extension, not the original document!

* The following is a sample scenario of how to accomplish this:

There are two people in different parts of the country who wish to share confidential information using the Internet. In this example, their names are Bill and Hillary. Both Bill and Hillary are using the Privacy.FILE product.

1. Bill creates a Public/Private key pair on his computer.

2. Bill then exports his Public key and secures it with a userid and password.

3. Bill then emails that .eik file to Hillary who imports the key into a database on her computer (NOTE: do not send the userid/password in the same email message).

4. Hillary creates a Public/Private key pair on her computer.

5. Hillary then exports her Public key and secures it with a userid and password.

6. Hillary then emails that .eik file to Bill who imports the key into a database on his computer (NOTE: do not send the userid/password in the same email message).

At this point, they each have their own private keys and the other person's public key.

7. Bill has his File Encryption Option set to sign using his private key. He then encrypts a file using Hillary's Public key. Bill then emails the .fed file to Hillary.

8. Hillary decrypts the file using the File Encryption Decrypt Files function. Note that the software automatically finds the key to decrypt the file. 

9. Hillary then looks in the log file to verify that the signature was valid for the file that she just decrypted. If the file was tampered with in any way, the signature will not be valid. 

At this point, the file has been securely transmitted using the Internet to Hillary and can now be used. Hillary then makes changes to the file and wishes to send it back to Bill.

10. Hillary has her File Encryption Option set to sign using her private key. She then encrypts the file using Bill's Public key. Hillary then emails the .fed file to Bill.

11. Bill decrypts the file using the File Encryption Decrypt Files function. Note that the software automatically finds the key to decrypt the file. 

12. Bill then looks in the log file to verify that the signature was valid for the file that he just decrypted. If the file was tampered with in any way, the signature will not be valid.

At this point, the file has been securely transmitted back to Bill using the Internet.

Note: Always backup your database keys before importing foreign keys to protect your keys.  Use the backup and restore option under the key list database menu option.

  

top of page

  


When using Privacy.FILE, use should always backup you key database to another storage media to ensure you can always recover your keys in case of an emergency - failing to do so could prevent you from ever retrieving your encrypted data in the case of a lost or stolen smart card.

 


See Also
Installing..
Using..
Configuring..


Digital Privacy, Inc.
PO Box 3524
Evergreen, CO. 80437
 
home | products | support | downloads | search | checkout | contact