OpenPGP

This section describes how to set up OpenPGP encryption and authentication in Voyager. OpenPGP provides a secure method to encrypt, decrypt, sign, and verify attachments and files that you transmit and receive over Internet, intranet, and network connections. You can use OpenPGP in Voyager to authenticate files and data that you share and exchange with others. It uses public-keys, in combination with symmetric cryptography and “hashing” functions, to provide secure data and message communications.

Digital signatures

You can use a digital signature to verify the identity (author/creator) and validate the authenticity of a message or file. Digital signatures ensure that the received message or file has not been altered in any way, either accidentally via a faulty transmission channel, or intentionally (with or without malicious intent). Signing only applies to the private key.

Public-key encryption

Public key cryptography is an asymmetric process. This type of encryption requires two separate keys, one public and one private. The public key can be used to encrypt and lock plain text or code, which only the associated private key can decrypt and unlock. The two parts of the keypair differ, but are mathematically linked. The public key can be distributed without compromising the security of the private key, which must be protected. Neither key can perform both encryption and decryption functions. You can also use the private key to generate the associated public key (for example, in cases where the public key has been lost or damaged).

OpenPGP procedures

Using OpenPGP, you can perform the following procedures on a message or file:

l	Sign, without encrypting

l	Sign and encrypt

l	Encrypt only, without signing

OpenPGP setup in Voyager is designed to be used in conjunction with Task Runner to schedule and run encryption, decryption, and signing tasks. For more information, see “Setting Up Tasks Using the OPENPGP Step Template” in the Service Manager Installation and Setup Guide. The following settings and options are determined by the requirements of your financial institutions and other data receivers, including security, auditing standards, communications protocols (ftp/sftp), and other security procedures used in your organization. For more information about using OpenPGP with Voyager, contact Yardi technical support. For more information about data-encryption and secure-communications requirements for your organization and financial institutions, contact your database and financial administrators.