Book page

How to encrypt / decrypt a file in EDAMIS 4?

The EDAMIS 4 Portal can automatically encrypt files when a public key is available. EDAMIS 4 uses a library called ‘OpenPGP.js’ (a JavaScript implementation of the OpenPGP standard) to encrypt data on your web browser. Using OpenPGP is a good choice because it is used widely in the world and it has been thoroughly tested to prevent security issues.

In order to have EDAMIS 4 Portal encrypt the file, select the “EDAMIS” option in the "Encrypt by" field prior to sending the file:

Image of Encrypt by with EDAMIS option selected

The automatic encryption provided by the Portal is performed in the browser and is therefore subject to the memory limits of the browser. These can depend on the browser you are using, the operating system, the machine being used etc. As a result, the encryption can fail for big files if not enough memory is available. If encryption fails due to insufficient memory, you will get an "Out of Memory" error similar to the one below:

Example of Out of Memory error

In case this happens, we can suggest the following solutions for the encryption of large files:

  • Use the Portal (Encrypt by: EDAMIS), but with a more powerful browser / operating system. Using a 64-bit browser on a newer operating system may increase the memory available and thus make encryption in the browser possible for the kinds of files you are sending. Google Chrome or Microsoft EDGE are the ones to be considered for this operation
  • Use the Portal (Encrypt by: User), but do the encryption yourselves: Eurostat applies the PGP standard for encryption. You can encrypt outgoing files yourselves using Gpg4win for Windows and then submit them through the EDAMIS 4 Portal. This will allow you to avoid relying on the browser-side encryption facilities of the EDAMIS 4 Portal, which have the memory limitations outlined above. The public key used for the encryption can be downloaded from EDAMIS by following the steps described on the How to download a public key page.

Please bear in mind that, while the OpenPGP standard allows for data files to be either raw binary or ASCII-armored, Eurostat currently only accepts ASCII-armored files. In addition, the manually encrypted file needs to have the following extension: “.[Original extension].pgp/gpg/asc”

Besides the EDAMIS 4 Portal, EDAMIS offers another transmission method which provides encryption support: the ESDEN Client. You may therefore ask your National Transmission Coordinator if this additional transmission method is available in your organisation.

  • How to encrypt a file with Gpg4win (Kleopatra version Gpg4win-4.1.0)?

Step by step guide to download and set-up Kleopatra for encryption:

  1. Download and install Gpg4win for Windows OS.
  2. After installation launch the application (Kleopatra.exe).
  3. Go to Settings >> Configure Kleopatra
  4. Click on Crypto Operations (on the left)
  5. Select the option "Create signed or encrypted files as text files"
  6. Click Apply to save the changes
  7. Click OK to close the Settings window

To encrypt files with Kleopatra please follow the steps below (applies to version Gpg4win-4.1.0):

  1. Download the public key (if you have not done it already) Here you will find information on how to download the public key
  2. Click Import and select the downloaded public key(s) from EDAMIS
  3. On the following window select "Do not ask again" and click No. We don't need this option because we are using a public key provided by Eurostat.
  4. Click Sign/Encrypt button and select the file that you want to encrypt
  5. On the Sign / Encrypt Files window, remove (deselect) the "Sign as" and "Encrypt for me" checks.
  6. Make sure the "Encrypt for other" is checked. Press the add user button (on the right) and select the downloaded public key.
  7. Click Sign/Encrypt
  8. Click on Continue in the "Encrypt-To-Self Warning" window. You can also choose not to show this window again
  9. Click Finish
  10. Locate the encrypted file and check if the extension is correct. It should be “.[Original extension].pgp/gpg/asc” .
  • How to decrypt a file with Gpg4win (Kleopatra)?

A PGP key pair (public and private key) is used to encrypt/decrypt files. The sender of the file encrypts the file with the public key and the receiver decrypts it with the private key. The decryption will work only if the private key is from the same key pair as the public key used for the encryption.

To decrypt files with Kleopatra please follow the steps below.

  1. Launch Kleopatra
  2. Click on "Import" and select your private key
  3. In the following window ("You have imported a Secret Key") press "Yes" then "OK"
  4. Click on "File" and select "Decrypt/Verify"
  5. Locate the encrypted file on your system
  6. Select the output folder for the decryption and click on "Decrypt/Verify"

In case you have any questions / doubts about the use of the EDAMIS 4 Portal’s encryption / decryption facilities, please do not hesitate to get in touch with us by writing an email to ESTAT-DATA-METADATA-SERVICES@ec.europa.eu