Hashing Algorithm

Keys are generated using Hashing algorithm on the data available for generating Keys.

 

Key Length Hashing Algorithm
128 MD5
256 SHA-256

 


Encryption Algorithm

AES algorithm is backbone of Ephesoft Encryption framework and it is used to encrypt and decrypt the data. Super admin has flexibility to choose between AES-128 / AES-256 bit algorithm. Ephesoft employs “AES-256” cipher which is a NSA Type 1 approved algorithm (suitable for classified national security information)”


Application Level Key- The Crux of Encryption

 

Application level key concept is very similar to a digital signature or a digital certificate which uniquely identifies an application/entity/organization/individual. Application level key in Ephesoft identifies an application belonging to a customer uniquely.

The Key (identity) provided for application key is used as a secure password for all the key stores generated through-out the process i.e. application level key is responsible for validating that the keys/key-stores being used throughout application at different stages belongs to a particular application (key/key-stores belonging to a particular application will not work on any other unauthorized application).

This key will also be responsible for authentication during the Batch XML decryption, which will not allow the Batch XML to decrypt outside the authorized application (unauthorized applications will not be able to decrypt Batch XML belonging to some other application).

 


 Levels of Secret Keys

 

Level Location Mechanism Key Length
Application <Shared-Folders>/ephesoft-key-store-file/ephesoft.keystore Can be generated only once from UI. 128
Batch Class <Batch-Class-folder>/ephesoft-key-store-file/ephesoft.keystore Configurable from UI. 128/256
Batch Instance <ephesoft-system-folder>/<Batch-Instance-ID-Folder>/ephesoft-key-store-file/ephesoft.keystore Generated dynamically using Application Level Key and Batch Class Key. Length of Batch Class Key.
Fuzzy-DB Index <Batch-Class-Folder>/<fuzzy-index-folder>/ephesoft-key-store-file/ephesoft.keystore Generated dynamically using Application Level Key and Batch Class Key. Length of Batch Class Key.
Lucene Key <Batch-Class-Folder>/<lucene-search-classification-sample>/ephesoft-key-store-file/ephesoft.keystore Generated dynamically using Application Level Key and Batch Class Key. Length of Batch Class Key.
Test KV <Batch-Class-Folder>/<test-KV-Folder >/ephesoft-key-store-file/ephesoft.keystore Generated dynamically using Application Level Key and Batch Class Key. Length of Batch Class Key.
Test Advance KV <Batch-Class-Folder>/<test-Advance-KV-Folder>/ephesoft-key-store-file/ephesoft.keystore Generated dynamically using Application Level Key and Batch Class Key. Length of Batch Class Key.
Test Classification <Batch-Class-Folder>/<test-Content-Classification-Folder>/ephesoft-key-store-file/ephesoft.keystore Generated dynamically using Application Level Key and Batch Class Key. Length of Batch Class Key.
Test Table <Batch-Class-Folder>/<test-table >/ephesoft-key-store-file/ephesoft.keystore Generated dynamically using Application Level Key and Batch Class Key. Length of Batch Class Key.

 


Error Messages

 

Example Error Messages: Probable Cause:
Key store file doesn’t exist. Any of key required for encryption/decryption doesn’t exist.
Keys required for generating the dynamic key doesn’t exist Any of the application key/ Batch Class Key required for generating the dynamic key doesn’t exist.

 


Backup and Recovery

  1. To recover the data in case application key is lost. It is recommended that user should store the application key file in a secure storage device.
  2. It is also recommended to secure the Key-Store file unique password (key_password) from encryption_key_metdata table from the DB.

 

 

< Back | Documentation Home Page |  How To Configure Batch Class Encryption >

Was this article helpful to you?

wikiadmin

Comments are closed.