|
|
|
|
|
PGP ("Pretty Good Privacy") encryption is a popular form of public key file encryption invented by Phil Zimmerman in 1991. Although traditionally associated with email messages, this technology is also used to encrypt files for transfer over public networks like the Internet. Because the term "PGP" has recently become the trademark of a specific PGP vendor, the vendor-neutral term "OpenPGP" is used herein to refer to the original, published, interoperable PGP standard.
Starting with version 3.2.5, MOVEit Automation contains a built-in, fully integrated, OpenPGP software module with comprehensive encryption and key management capabilities. These can enable the creation and deletion of public and private keys, the import and export of private keys with other OpenPGP applications, and automatic file encryption, encryption and signing, decryption, and signature-checking by new and existing MOVEit Automation tasks.
The OpenPGP software in MOVEit Automation has been commercially licensed from Didisoft, which warrants that it is fully interoperable with all other OpenPGP applications, including PGP Command-Line[TM] by PGP Corporation.
Use of the MOVEit Automation OpenPGP capabilities is optional. Activation requires a special license key, and commercial use requires payment of a one-time license fee and an annual maintenance fee.
For more information, see
(Terminology note: Symantec Corporation holds a registered trademark on the term PGP® and sells OpenPGP products under the name PGP. so all uses of "PGP" in MOVEit Automation and this documentation are to be treated as the common abbreviation of "OpenPGP" rather than references to Symantec Corporation software except where noted.)
How Does PGP Work?
When you first install/config a piece of PGP software, the first thing you always do is create a new key pair. This is YOUR key pair (or your company's) and it consists of 1 private key and 1 public key. The private key is immediately password-protected and locked away on your machine. The public key is meant to be distributed to anyone else who needs to exchange PGP-encrypted files with you. (Normally, this key is "exported" to a small "ASCII" file and is often emailed to potential partners as an attachment.)
The second thing you generally do with a piece of PGP software is to import the keys of those people, partners and customers you want to exchange PGP-encrypted files with. Using PGP terminology, keys imported this way are said to be "on your keyring."
Finally, people generally practice exchanging files with PGP a few times before "going into production." To make this happen, the sender encrypts the file with the recipient's public key. (Remember, both sides already have the other's public key.) In addition, the sender may also "sign" the file with the sender's private key. (This provides an element of non-repudiation in a system which has no other method to authenticate the sender, such as email.) The recipient receives the file and decrypts it using the recipient's private key, and may verify the authenticity of the contents using the sender's public key.
Between large organizations where many people are sending files in this manner, PGP key management can quickly get out of hand. (In fact, many customers have opted to use MOVEit Transfer/MOVEit Automation to get out of the "key management business.") However, PGP can be a useful tool, and the built-in PGP capabilities of MOVEit Automation can help with the day-to-day transport of PGP-encrypted files.
For a discussion of the MOVEit Automation built-in features that are used to generate, import, export, and delete PGP keys, see Managing PGP Keys.