PeterDocs/Docs/Encryption.md

# Encryption

One of the three primary objectives for the PeterDocs design is to
protect the data being transferred.  This objective is met by
using 7ZIP archive encryption including file names.

If the 7ZIP file were to be viewed without the password, the file names
and folders would be illegible.  Therefore content metadata leakage is
addressed.

There are two options for encryption:

1. Using a complex symmetric key
2. Using an asymmetric key as that provided by the Microsoft ```certmgr```

## SecretKey

The PeterDocs parameter labelled ```SecretKey``` is used for symmetric key
encryption.  The secret (or password) needs to be complex and at least
10 characters long.

The complex secret needs to contain lower case letter, upper case letter,
numeric digit and special symbol.

The secret is used directly on the 7ZIP compression and you can use the
secret to decrypt the archive file and check its contents.

Make a note of the secret as you will need it to decrypt the contents.

If you are transferring the archive to another person please send the
secret to your recipient via an alternate channel to that of the archive
file itself.

## RecipientKey

The PeterDocs parameter labelled ```RecipientKey``` is used for asymmetric
keys provided by the Microsoft Certificate Manager for encrypting content.

This is the most secure method for transfer as it is secured with the
certificates.  Using certificates requires:

1. your recipient to send you their public certificate
2. you to load the public certificate into your Windows Certificate Manager
3. you to specify the key name as the value for  the ```RecipientKey```

Once the archive is encrypted you will not be able to decrypt and view
its contents.  Only the recipient with the private key can decrypt the
contents.

The recipient will need to receive the archive file plus the ```.key```
file generated by PeterDocs.  Both files must be accessible to the
recipient for decrypting the contents.

### Internal process

Internally the PeterDocs process generates a long random password which
is saved into the ```.key``` file which is encrypted using the recipients
public key.

The reason for doing this process is because there are technical limitations
in encrypting large files using the certificate public keys.  The maximum
size is around 60MB when using public keys.

### Generating your Certificate

You as a recipient can generate your own key by using Microsoft Certificate
Manager or executing the below PowerShell command.

```powershell
    New-SelfSignedCertificate -Subject "CN=PeterDocs" -FriendlyName "PeterDocs"  -KeyDescription "Encryption key for PeterDocs data encipherment" -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsage KeyEncipherment,DataEncipherment, KeyAgreement -Type DocumentEncryptionCert
```

To list your current certificates use the below PowerShell command.

```powershell
   Get-Childitem -Path "Cert:\CurrentUser\My" -DocumentEncryptionCert     
```

**Note**: The certficates from above is assigned to your current logged in user and not the local machine

### Exporting your Certificate

You will need to export your public key and send it to the person who will generate the archive
file for you.  That person with your public key will need to import your public key.

On Windows, execute the command ``certmgr`` and export the certificate under "Personal\Certificates" for example.

### Certificate Backup

You should create a backup of your certificate (public and private) in case your local 
device suffers a failure.  Please secure the backup copy.

You can use the below as a sample code for exporting the default ``PeterDocs`` 
certificate is give below

```powershell
   Get-ChildItem -Path "Cert:\CurrentUser\My"  | where{$_.Subject -eq "CN=PeterDocs"}  | Export-Certificate -Type CERT -FilePath C:\Temp\PeterDocs_cert.cer -Force
```

Change the values and file name to suit your situation.  This file can be imported using the ``certmgr``