Key Management
As a user of the PHT, the Desktop App is required to perform certain processes in the User Interface. The desktop app allows you to sign a train and decrypt results using an existing key pair or with a generated pair in the Desktop App.
The desktop app can be downloaded from the following link for Mac, Linux and Windows on GitHub.
Generation
The first thing you need from the Desktop APP is an RSA-key-pair. For this, follow these steps.
- Start the application.
- From the Homepage click on Settings on the left hand side.
- Click on the KeyPair-button of the RSA box.
- Specify the directory where the keys should be saved.
- Specify the filename of the private and the public key on the right side.
- Select a passphrase for your private key. (If you press enter, an empty passphrase will be used)
- Click on the Generate-button.
Load
If you already have made a key-pair, you can load them into the Desktop APP. For this, follow these steps.
- Start the application.
- From the Homepage click on Settings on the left hand side.
- Click on the KeyPair-button of the RSA box.
- Specify the directory where the keys are saved.
- Specify the Passphrase for the key.
- Click on the Load-button.
Upload
Log into the Central-UI with either the identity provider from your organization or an account that your realm admin set up. In the admin guide, you can find how the user management and configuration of identity providers is done. After signing in for the first time, you should register the public key you generated in the Desktop APP in the Central Services. In the Home section press Settings in the menu on the left-hand side and then press Secrets.
You can define the public key
- type: You can choose between an RSA-key and a Paillier-key. The Paillier-key is not needed in the base case. For more information, look at the "Train With Homomorphic Encryption" chapter.
- name: The preferred name for this specific key.
Furthermore, you do have two options for loading the key into the system:
- Load the key via the file path (through the Browse option)
- Copy and paste the whole key into the Content-section.
On the right side, you will then find each already stored keys with specific name as list below the Overview and the search bar (where you can filter for a specific key in the list).