1

WECC Security/Encryption
User Guide






2
Table of Contents



1. Installation .......................................................................................................................... 3
How do I download GPG4WIN? ............................................................................................. 3
2. Setup .................................................................................................................................. 6
3. Creating a Private Key ........................................................................................................ 7
How do I create a private key? ............................................................................................... 7
4. Entering a Passphrase ........................................................................................................ 9
5. Creating a Backup ............................................................................................................ 11
6. Download & Import the WECC Compliance Public Key .................................................... 12
Where and how do I download & import the WECC Compliance Public Key? ...................... 12
7. Encrypting Files ................................................................................................................ 15
How do I encrypt a file? ........................................................................................................ 15
8. Contact Information .......................................................................................................... 17
















3
WECC
Security/Encryption Users Guide

1. Installation

How do I download GPG4WIN?

1. Close all programs currently running on your computer

2. Download GPG4WIN 2.1.0 from http://www.gpg4win.org/

3. The installation assistant will start and ask you for the language to be used with
the installation process.




4. Confirm your language selection by [Clicking OK]
5. Afterwards you will see the welcome dialog box.




6. The next page displays the licensing agreement - it is only important if you wish
4
to modify or forward Gpg4win. If you only want to use the software, you can do
this right away, without reading the license. [Click on Next]



The page that contains the selection of components will allow you to
decide which programs you want to install. A default selection has
already been made for you. You can also install individual
components at a later time.

Moving your mouse cursor over a component will display a brief
description. Another useful feature is the display of required hard
drive space for all selected components.

The only components necessary to sign and Encrypt data with GPG4WIN are
GnuPG, Kleopatra, and GpgEX, as illustrated below. [Click on Next]






7. The system will suggest a folder for the installation, e.g.:
C:\Programme\GNU\GnuPG. You can accept the suggestion or select a
different folder for installing Gpg4win. [Click on Next]
5



8. Now you can decide which links should be installed - the system will
automatically create a link with the start menu. You can change this
link later by using the Windows dashboard settings. [Click on Next]



9. If you have selected the default setting, which links with start menu,
you can define the name of this start menu on the next page or
simply accept the name. [Click on Install]





10. During the installation process that follows, you will see a progress
bar and information about which file is currently being installed. You
can press Show details at any time to show the installation log.
Once you have completed the installation, [Click Next]
6


11. When the screen shown below appears, check the Box Root
certificate defined or skip configuration. [Click Next]

The last page of the installation process is shown once the
installation has been successfully completed.


2. Setup

1. You have the option of displaying the README file, which contains important
information on the Gpg4win version you have just installed. If you do not wish to
view this file, deactivate this option. [Click on Finish]




7
In some cases, you may have to restart Windows. In this case, you will see the
following page.



Now you can decide whether Windows should be restarted immediately or
manually at a later time.

3. Creating a Pri vate Key
How do I create a private key?

1. Open Kleopatra using the Windows start menu:




You will see the main Kleopatra screen (the certificate administration).


At the beginning, this overview will be empty, since you have
not created or imported any certificates yet. [Click on file and
select New Certificate]
8

2. When you see the following dialog, select the format for the certificate. Choose
the following: Open PGP (PGP/MIME) in the certificate option dialog, [Click on
Create personal Open PGP key pair]



3. Enter your e-mail address and name in the appropriate fields. (Name and e-
mail address will be made publicly visible later.)

You also have the option of adding a comment for the key pair. Usually, this
field stays empty, but if you are creating a key for test purposes, you should
enter "test" so you do not forget it is a test key. This comment becomes part of
your login name, and will become public along with your name and e-mail
address.

If you first wish to test your Open PGP key pair, simply enter any name and
fictional e-mail address, e.g.: Heinrich Heine heinrich@gpg4win.del

[Click on advanced settings]

Change the RSA Key from the default, 2,048 bits, to 3,072 bits. [Click
OK]
9

4. Next, you will see a list of all of the main entries and settings for review
purposes. If you are interested in the (default) expert settings, you can
view these via the Show all details option. If everything is correct, [Click
Create Key]



4. Entering a Passphrase

Now for the most important part: entering your passphrase!

1. To create a key pair, you must enter your personal passphrase. *Note: this
window may have been opened in the background and is not visible at first.


10
If the passphrase is not secure enough because it is too short or does not
contain any numbers or special characters, the system will alert you.

To ensure you did not make any typing errors, you will be prompted you to enter
your passphrase twice. Always confirm your entry by [Clicking OK]

2. Your Open PGP key pair will now be created. This may take a couple
of minutes. You can assist the creation of the required random
numbers by entering information in the lower input field. The
information entered is not important, as the characters will not be used
and only the time period between each keystroke will matter. You can
also continue working with another application on your computer,
which will also slightly increase the quality of the new key pair.





3. When the key pair creation is successful, you will see the following dialog. [Click
Finish]




The 40-digit "fingerprint" of your newly generated Open PGP
certificate will be displayed in the results text field. This fingerprint
is unique anywhere in the world (i.e., no other person will have a
certificate with the same fingerprint). Actually, even at 8 digits it
would already be quite unlikely that the same sequence would ever
occur twice. For this reason, it is often only the last 8 digits of a
fingerprint which are used or shown, and are described as the key
ID. This fingerprint identifies the certificate as well as the fingerprint
11
of a person.

However, you do not need to remember or write down the fingerprint; you can
also display it later in Kleopatra's certificate details.


5. Creating a Backup

1. To create a backup copy of your (private) certificate, enter the path under which
your full certificate containing your new key pair should be exported.



2. Kleopatra will automatically select the file type and store your certificate as
an .asc or.gpg file, depending on whether you activate or deactivate the ASCII
armor option. For Export [Click OK]


Important: If you save the file on the hard drive, you should copy the file to
another data carrier (USB stick, diskette or CD-ROM) as soon as possible, and
delete the original file without a trace. Do not leave it in the Recycle bin! Keep
this data carrier and back-up copy in a safe place.

You can also create a back-up copy later; to do this, select the following from the
Kleopatra main menu: File -> Export private certificate.

This completes the creation of your Open PGP certificate. End the Kleopatra
assistant with by [Clicking Finish]



12
6. Download & Import the WECC Compliance Public Key
Where and how do I download & import the WECC Compliance Public
Key?

1. Click on the below link below to download WECC Compliance Public Key
http://www.wecc.biz/compliance/Pages/Security.aspx



You can also download WECC Compliance Public Key by going to
http://keyserver.pgp.com and searching for compliance@wecc.biz
13


2. Click Download to download the WECC Compliance Public Encryption Key.
The Key will have an .asc file extension and you can rename the file to a name
that makes sense to you, but keep the .asc file extension.

Open Kleopatra [Click on File] and Import Certificates.






3. A window will pop up and you will need to browse to the location of the saved
WECC Compliance Public Key.asc file. [Click OK]


4. In Kleopatra, click on the Imported Certificates and you will see the
WECC Compliance Imported Key.

14



5. If you would like to verify WECCs Compliance Key Fingerprint, you can go to
the Other Certificates tab and highlight the Compliance Key and [Right Click],
then select Certificate Details.



6. WECC Compliance Key Fingerprint












15
7. Encrypting Files
How do I encrypt a file?

1. Select one or more files or folders and use the right mouse button to select the
context menu. You will choose the Sign and encrypt option.





2. In the next window, select the option Sign and Encrypt. [Click Next]




3. In the following dialog, if not already selected by default, select your key and
WECCs Public Key. [Click Add]


16

The key will appear in the bottom window.


4. Now confirm your selection by clicking Sign & Encrypt and enter your
passphrase in the pin entry dialog.



Once the signing process has completed successfully, the following window will
appear.


You have now successfully encrypted the file.



17

The file/folder that was encrypted will be copied to a single file with the
original name and extension of .GPG. Upload this file to WECC EFT Server
using your authentication credentials.
8. Contact Information

If you have questions, contact Morgan King at mking@wecc.biz or
801.819.7675



Revision History

Version Date Editor Revision Description
1 06/09/2011 Morgan King Initial Draft
2 10/12/2011 J ennifer Salisbury Inserted TOC