Starting with LumenVox version 11.3.100, users can encrypt response files as part of our commitment to allowing users to secure speech data. In order to tune encrypted response files, the person doing the tuning must have access to the private key that corresponds to one of the public certificates that was used when the files were encrypted.
Importing Encrypted Files
Encrypted response files can be loaded into the Speech Tuner as normal, by dragging them into the Tuner window or by using File > Open Callsre File(s). When an encrypted file is imported into the Tuner, the Tuner will display the public certificates that were used in the encryption process and prompt the user for the corresponding private keys:
To provide the appropriate private key, click the [...] icon to bring up the Open Key File... dialog box, select the appropriate key, and press Open:
If your private key file is secured by a passphrase, you will be prompted to enter it.
If the .callsre file was encrypted using multiple public certificates, you will need to select the public certificate before supplying a private key. You only need one private key to decrypt a file encrypted against multiple public certificates, e.g. if the file was encrypted with your own personal public certificate and also the LumenVox public certificate, you would only need the private key corresponding to one of those public keys to decrypt the file.
You can then click Decrypt and open the files as normal.
Managing Certificates and Keys
Once a key pair has been imported, it will remain valid for as long as the Tuner is open. If the Tuner is closed, you will be prompted to provide private keys the next time it is opened and encrypted files are loaded or otherwise used.
The Tuner supports multiple key pairs being active at once. This is useful if you are tuning files that were encrypted against different public certificates, or if you are tuning files that were encrypted against multiple certificates.
At any time you can manage the active key pairs in the Tuner by selecting Edit > Settings from the file menu and then choosing the Security tab:
If you would like to remove a certificate from the current instance of the Tuner, you may by clicking on Remove selected Certificate. This will clear it from the currently running Tuner instance.
A Note about Encryption and the Tuner
There are two potential hazards security-conscious users should be aware of when using the Tuner with encrypted files:
- The Tuner database (the interactions file), is not encrypted and contains information such as decoded text and transcripts that may be potentially sensitive. This file must be secured outside of the standard LumenVox encryption framework.
- If you use the Tuner to run tests, and the Tuner is set to save .callsre files (in its client_property.conf file), then whenever you run a test, new .callsre files are saved. Unless you have enabled encryption and specified public certificates in the Tuner's client_property.conf, these files will not be encrypted.
