PGP Encryption
Last updated
Last updated
(c) 2024 Data Illusion Zumbrunn. All rights reserved. Reproduction strictly forbidden.
Using PGP encryption you can use a public and private key pair to encrypt your data or files. The public key will be used to encrypt the data and only the person having the private key and its passphrase will be able to decrypt that data. PGP encryption will be used for any data that has been classified as restricted.
You may easily generate your own PGP key pairs using a free online tool like https://pgpkeygen.com/
To enable PGP encryption you will need to set a PGP public on your survey. You may set different PGP public key for each of your survey adding on the way an additional layer of security.
You may set your public PGP key in the survey security tab. Once you have entered your public key you can select the restricted data classification to encrypt newly created survey respondents, text based answers or campaigns.
Decryption of encrypted PGP data can be done either locally on your machine by exporting the respondents and using a PGP decryption tool locally on your machine like gp4Win or on-demand through the administration interface using our PGP decryption tool and your private key.
On-demand decryption let you enter your private PGP key to decrypt the data from the ngSurvey administration interface.
On-demand decryption will keep your private key alive in the browser memory for 5 minutes after which the key will be cleared and data automatically obfuscated again.
Your private key IS NOT stored permanently anywhere, however note that ngSurvey may need for some operations to send over the key to your server to decrypt the data but even in that case the key is never stored anywhere on the server and only used for duration of the operation. Make sure that SSL is enabled on your server if you wish to use that option.
Here an example of a survey that has restricted encrypted field answers that can be decrypted using the on-demand decryption.
You can change the default 5 minutes key clearing time out by settings the NGSurvey:DecryptTimeout environment variable to the number of minutes of your choice. For security reasons we strongly suggest not to set a high time out.