TT Password Encryption
What is it?
To increase network security, user passwords are automatically encrypted using Diffie-Hellman (DH) encryption. DH encryption allows the client workstation (such as X_TRADER) and the Gateway to establish a shared secret key which is used to authenticate the client and Gateway and to encrypt the password. Trading data is not encrypted by the DH parameters.
How TT Implements TT Password Encryption/Decryption
The TT Gateway Server and client workstation create a public and private key pair based on a common set of parameters. This set of base parameters resides in the DH parameters file located on the server. The server and the client exchange private keys, and each creates a secret key that it uses to perform encryption and decryption.When the client sends login information to the Gateway, it encrypts the password and includes the public key. The server then decrypts the password using the secret key.
DH Parameters File
The DH parameters file is an encrypted file that contains the common parameters used to calculate the secret keys. After installing a Gateway, if you have not already generated a DH Parameters file (after a previous TT Gateway install), you must do so. A TT Gateway does not function until a DH Parameters file is generated. For more information about Generating a DH Parameters File, refer to the Guardian Online Help.