Introduction to Encryption and Decryption
Overview
When sending and receiving sensitive files, encryption adds an extra layer of security. Currently, Unqork supports GPG (GNU Privacy Guard) encryption and decryption for files. In addition, authentication codes add security to processes like making API (application programming interface) requests. Unqork supports making third-party API requests using HMAC (Hash-based Message Authentication Code) based authentication codes. In this article, we'll introduce GPG encryption and decryption as well as HMAC authentication. We'll also link you to articles that cover how to use these services in Unqork.
What You'll Learn
In this article, you'll learn about:
GPG Encryption and Decryption
GPG, or GnuPG, is a way to encrypt and sign communications. GPG has its roots in the PGP (Pretty Good Privacy) encryption program. GPG is simply an open-source, alternative implementation of the PGP standard. Using GPG encryption and decryption increases security when sending and receiving files via SFTP (secure file transfer protocol). You can use the GPG Encrypt a File internal service to encrypt a file before sending via SFTP. Or, you can use the GPG Decrypt a File internal service to decrypt a file received via SFTP. Beforehand, you'll need to set up an Encryption (GPG) or Decryption (GPG) service in Services Administration.
When setting up either service, you'll need to enter a key from a public/private GPG keypair. The party receiving the files is typically responsible for generating the keypair. When setting up an Encryption (GPG) service, you'll enter the public key in the GPG Public Key (Armored) field. And, when setting up a Decryption (GPG) service, you'll enter the private key.
How to use GPG Encryption and Decryption
To learn how to set up GPG encryption, go to GPG Encryption Setup.
And, to learn how to set up GPG decryption, go to GPG Decryption Setup.
HMAC Authentication
HMAC stands for hash-based message authentication code. You'll sometimes hear it called "hashing" as well. HMAC is a type of authentication that uses a keyed hash function. A hash function is a one-way algorithm that's useful for generating signatures and validating message integrity. With HMAC authentication, the hash function generates a hashed value. Then, the hashed value works as the authentication code. A common use for HMAC authentication is when an API asks you to pass a hashed value to authenticate the API call.
You can use the Create Hash of Passed String internal Unqork platform service to create a hashed value. But first, you'll have to set up an HMAC service in Services Administration, using the HMAC Private Key (Armored) field. The Create Hash of Passed String internal service can then reference the HMAC key when creating the hashed value. Unlike GPG encryption and decryption, HMAC authentication involves a singular key. With HMAC authentication, both the sender and the receiver have the same HMAC key, or shared key. HMAC authentication adds additional security and message integrity to API payloads.
How to use HMAC Authentication
For more information on HMAC authentication, view our HMAC (Hashed Key) Authentication Setup article.