News

July 13, 2001

In an effort to streamline our processes and to enhance the privacy of your data, we are please to announce an update to our fcrypt software (see previous news item for more information).

ECSI currently provides two encryption packages.

  • The first uses a single key unique to ECSI but not to each client. This is extremely convenient for sending files that are generic across all clients. While it does use the full strength available in the encryption routines, data from one client is not protected from any other person with the encryption routines.
  • The second version provides an encryption key unique to each client. This is accomplished by creating a "custom build" of the program, including an encryption key specific to each client. As discussed at the user's conference, custom programs present several problems. It is difficult to maintain the numerous copies of the same program and the programs are not very flexible. In order to change your key, you needed to have ECSI build you a new executable.

To remedy these problems, we have released the next version of our fcrypt encryption routines. This version has several useful enhancements.

  1. Using these routines, you can create your own keys at any time. Your private key is stored in the file fcrypt.key. We only ask that you coordinate with ECSI before you generate a new key. If you change your key without coordinating it with us, we will be unable to process your files.
  2. If you are not comfortable creating your own keys, we provide a utility to help you generate keys. Fkeygen will create a key by using any file on your hard disk or network.
  3. While keys will protect your data, anyone with the key file can decode that information. This version now supports an additional 'password' parameter on the command line. Password-protected keys provide an extra layer of security. The key is useless without the password.
  4. In order to minimize problems, we have taken great lengths to ensure that the current version of the program is completely compatible with both the generic and client-specific versions. At any time, you can replace your existing program without making any changes. If you are using the ECSI key, you simply execute the command as before. With no key file on disk (fcrypt.key) and no password, the program will decode files encrypted with the ECSI key. At any time you can add a key file and/or a password.
  5. Clients using a custom build will be issued a key along with the software. This key is 100% compatible with the custom key you used prior to this version. Once you receive your package, you can contact ECSI to find out how to generate a new key or add password protection to your old or new key. All clients using a custom build will be converted prior to the month-end run. As soon as all clients are converted, we will no longer support any client-specific versions of our fcrypt program. You are free to continue to use your old version but we will not be able to provide support after August 1st.
  6. Clients who are using the standard version for encryption their data files are encouraged to upgrade to the new software and generate a unique key for your school. We will be happy to help you make this transition.

If you need assistance migrating to the new routines or have any questions or concerns, please contact webmaster@ecsi.net.