What is Non-Repudiation in File Transfers Built On?
There are a few building blocks that help define a secure end-to-end file transfer process.
Data File Encryption
Files are typically encrypted using one of several different protocols.
These protocols should be FIPS-validated encryption protocols such as 3DES or AES.
These are purely data encryption protocols and although 3DES is included, it is an older protocol.
The current gold-standard is to use AES-256.
Shutterstock/Inspiring
Unfortunately, certain file transfer solutions such as the AS2 and AS3 systems are limited to 3DES.
Secure Transport
Securely transporting data is typically done over a TLS encrypted link and not SSL.
This link will be validated by server-level certificates and utilize TLS 1.2 or the newer TLS 1.3 protocol.
There are several HMAC algorithms, such as HMAC-MD5, HMAC-SHA1, or HMAC-SHA256.
This hashing algorithm employs both a hash of the file and a shared secret key.
This allows the exchanging parties the ability to establish the authenticity of the message.
There are a few protocols and systems that help to facilitate this process.
AS4 has further enhanced interoperability with modern data pipe infrastructures by being built on SOAP and Web Services.
OFTP2
The original Odette File Transfer Protocol was developed in the mid-’80s to assist in EDI data exchanges.
In 2007 the updated version, OFTP2, was introduced with enhanced security and compression features over its predecessor.
Utilizing non-repudiation techniques in file transfers helps to secure data transfers that are core to many business processes.
