> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tesouro.com/llms.txt
> Use this file to discover all available pages before exploring further.

# File encryption

> Generate a PGP key pair with RSA 4096-bit encryption to decrypt report files published to your SFTP location by Tesouro.

Tesouro encrypts your files before publishing them to the [SFTP](/acquiring/reporting/sftp-configuration) location, so you will need a PGP key pair to decrypt the files.

### Steps for generating a PGP key pair

1. Choose the following algorithm and key size:
   * Algorithm: RSA
   * Key Size: 4096 bits

2. Securely store the private key and employ it for decrypting files received from Tesouro, as well as for verifying the signature
   of webhook requests.

3. Coordinate to securely send the public key to Tesouro. Tesouro will use the public key to encrypt the report file and sign
   the message sent to the webhook endpoint.

<Info>
  Please note that you would need to regenerate a new key pair before the current key pair expires
  to ensure that the communication between Tesouro's servers and yours are always secure.
</Info>
