Rutoken authentication and electronic signature tools. Authentication and electronic signature tools Rutoken Cryptopro Rutoken csp 3.6 serial number

CryptoPro Rutoken CSP- certified by the FSB of Russia software and hardware CIPF jointly developed by CryptoPro and Aktiv, combining the capabilities of the Russian crypto provider and the Rutoken EDS identifier.

Features of CryptoPro Rutoken CSP

The main features of CryptoPro Rutoken CSP are:

  • Non-retrieval of private keys. All cryptographic operations using private keys are performed inside the CryptoPro Rutoken CSP and never leave the device itself. Due to this, high security of the user's private key is achieved, which makes it possible to increase the validity period of secret keys up to 3 years.
  • Use of FCN technology. CryptoPro Rutoken CSP uses a unique FKN technology that protects the exchange protocol between the software part and the key carrier from attacks, and also provides additional security for private keys thanks to a set of restrictive counters that significantly reduce the possibility of implementing attacks related to the selection of password values ​​(PIN ).
  • Fully compatible with CryptoPro CSP 3.6 and support for all its features.
  • Fully integrated into infrastructure public keys PKI based on the CryptoPro UC certification center.

Purpose of CryptoPro Rutoken CSP

CIPF CryptoPro Rutoken CSP is intended for use in Russian systems PKI, in legally significant electronic document management systems and in other information systems using electronic digital signature.

The following cryptographic operations are performed using CryptoPro Rutoken CSP:

  • generation of keys in accordance with GOST R 34.10-2001;
  • formation of an electronic digital signature in accordance with GOST R 34.10-2001;
  • ensuring confidentiality and control of the integrity of information through its encryption and imitation protection, in accordance with GOST 28147-89;
  • computation of the Diffie-Hellman negotiation key (RFC 4357).

FKN architecture

Functional key carrier (FCN) implements a fundamentally new approach to ensuring safe use key information that is stored on hardware media. Besides the formation electronic signature and generation of keys directly in the microprocessor, the key carrier allows you to effectively resist attacks related to the substitution of the hash value or signature in the communication channel.

The advantages of the FCN architecture:

  • Increased confidentiality of private keys.
  • Enhanced data protection during transmission over an open channel due to the use of mutual authentication of the key carrier and the software component using the original protocol based on the EKE (electronic key exchange) procedure. In this case, not a PIN code is transmitted, but a point on an elliptic curve.
  • Transfer of the hash value over a secure channel that excludes the possibility of spoofing.
  • After the container is created, the user key is not stored in either key container, nor in the memory of the cryptographic provider and are not explicitly used in cryptographic transformations. Accordingly, even a successful hardware attack on a key carrier will not help to find out the key.
  • The possibility of signature substitution in the exchange protocol is excluded, the electronic signature is generated in parts: first in the key carrier, then finally in the CSP software part.

Supported operating systems

CryptoPro Rutoken CSP supports the following Windows and Linux / UNIX operating systems:

  • Windows 2000 / XP / 2003 (ia32 platform)
  • Windows XP / 2003 (x64, ia64 platform)
  • Windows Vista / 2008/7/2008 R2 / 8 (ia32, x64 platform)
  • Linux Standart Base ISO / IEC 23360 (ia32, x64 platform)
  • Alt Linux 4.0 Server (ia32, x64 platform)
  • Debian-4.0 (Etch) (ia32, x64 platform)
  • FreeBSD 7 (ia32 platform)

Certificate

CryptoPro Rutoken CSP CIPF complies with the requirements of GOST 28147-89, GOST R 34.11-94, GOST R 34.10.2001 and the requirements of the FSB of Russia for CIPF and electronic signatures in the KC1 and KC2 classes. It can be used for cryptographic protection of information that does not contain information constituting a state secret.

The CryptoPro Rutoken CSP solution is a joint development of CryptoPro and Aktiv, based on the integration of the CryptoPro CSP crypto provider and the Rutoken KP USB token. An important feature solution is to use the cryptographic capabilities of Rutoken KP to generate key pairs, generation of agreement keys, implementation of electronic signature, etc. Performing these operations on board the token ensures the highest degree of security of key information. Rutoken KP is a cryptographic USB-token based on Rutoken EDS, the main distinctive feature which is the implementation of the functional key carrier (FKN) technology. Rutoken KP is used and supplied only in the CryptoPro Rutoken CSP set, this key is not distributed separately. For the first time, the CryptoPro Rutoken CSP CSP uses a unique FKN technology, which protects the exchange protocol between the software part and the key carrier from attacks, and also provides additional security for private keys. The CryptoPro Rutoken CSP solution is the successor of the CryptoPro CSP CIPF and supports all its capabilities. It is also fully integrated into the public key infrastructure based on the CryptoPro UC certification center.

Appointment

CryptoPro Rutoken CSP is intended for use in Russian PKI systems, in legally significant electronic document management systems and in other information systems using digital signature technologies, for example:
  • in client-bank systems when signing payment orders,
  • in secure document management systems,
  • in reporting systems for submission to in electronic format,
  • in the authorities and administration at the federal and regional levels,
  • in all other cases where it is necessary to provide increased protection of user keys.

Opportunities

  • Supports all functionality
  • Provides full integration with PKI infrastructure based on CryptoPro UC.
  • The following cryptographic operations are performed using Rutoken EDS hardware resources:
    • generation of key pairs GOST R 34.10-2001,
    • formation of an electronic signature in accordance with GOST R 34.10-2001,
    • computation of the Diffie-Hellman negotiation key (RFC 4357).
  • Provides secure storage and use of private keys inside the key carrier without the possibility of retrieval.
The order is accepted from 3 items from the provided list of items.

Users of the CryptoPro data protection system often use Rutoken devices from the Aktiv company as a key. However, the latest models of this device do not work without the presence of the appropriate drivers in the system, and today we will tell you where you can download them and how to install them.

The procedure is performed in two stages: installation of the Rutoken support module in CryptoPro and, in fact, installation of drivers for the specified device.

Step 1: Installing the helper

Before installing the utility software for the USB dongles in question, you first need to add a support module to the cryptographic protection package. This is done as follows:

  1. Go to the considered CIPF, located on the official resource of the Rutoken developers. Modules are presented for both CSP and JSP-version of CryptoPro, versions of the former are also divided by bitness. To download the required component, just click on its name.

  2. To continue downloading, you will need to accept the license agreement - read the document, then check the box "The terms of the License Agreement have been read and accepted in in full» and click on the button "Terms accepted".

  3. Download the module installer at any appropriate place and then run the executable file. Push "Further" in the first window "Installation Wizards".

  4. In the next step, click "Install".

  5. Installation takes place in automatic mode, so just wait until the end of the procedure.


    To close the installer, click the button "Ready".

This completes the first stage and you can move on to the next.

Stage 2: Installing Drivers

After installing the support module, you can install the drivers directly.


This completes our today's task - the installation of Rutoken drivers for CryptoPro is fully completed.

The CryptoPro Rutoken CSP solution is a joint development of the CryptoPro and Aktiv companies, in which the capabilities of the CryptoPro CSP crypto provider and Rutoken USB tokens are integrated. An important feature of the FKN technology is the division of cryptographic powers between the CryptoPro CSP and Rutoken KP - a cryptographic USB token model specially adapted for the FKN technology, based on the Rutoken EDS.

Rutoken KP is used in FCN technology to generate key pairs, generate agreement keys, implement electronic signatures, etc. Performing these operations on board the token ensures the highest possible degree of security of key information. Rutoken KP is used and supplied only as part of CryptoPro Rutoken CSP, this USB token is not distributed separately.

V new version CryptoPro Rutoken CSP, in addition to Rutoken KP, supports the standard Rutoken EDS 2.0 model for generating and secure storage of key pairs and CryptoPro CSP containers. Key information is stored on Rutoken EDS 2.0 and cannot be retrieved. The use of Rutoken EDS 2.0 as part of CryptoPro Rutoken CSP provides an optimal solution in terms of cost and capabilities for cases where increased requirements for the level of protection of communication channels with a key carrier are not imposed.

The CryptoPro Rutoken CSP solution is the successor of the CryptoPro CSP CIPF and supports all its capabilities. It is also fully integrated into the public key infrastructure based on the CryptoPro UC certification center.

Appointment

CryptoPro Rutoken CSP is intended for use in Russian PKI systems, in legally significant electronic document management systems and in other information systems using digital signature technologies. Including:

  • in client-bank systems when signing payment orders;
  • in secure document management systems;
  • in systems for collecting reports for submission in electronic form;
  • in the authorities and administration at the federal and regional levels;
  • in all other cases where it is necessary to provide increased protection of user keys.

Opportunities

  • Supports all functionality CIPF CryptoPro CSP 3.9 .
  • Provides full integration with PKI infrastructure based on CryptoPro UC.
  • It also works with the standard Rutoken EDS 2.0 model.
  • Using the hardware resources of Rutoken KP or Rutoken EDS 2.0, the following cryptographic operations are performed:
    • generation of key pairs GOST R 34.10-2001;
    • formation of an electronic signature in accordance with GOST R 34.10-2001;
    • computation of the Diffie-Hellman negotiation key (RFC 4357).
  • Provides secure storage and use of private keys inside the key carrier without the possibility of retrieval.

Functional key carrier

The FKN architecture implements a fundamentally new approach to ensuring the safe use of key information that is stored on a hardware medium.

In addition to generating an electronic signature and generating encryption keys directly in the microprocessor, the key carrier allows you to effectively resist attacks related to the substitution of the hash value or signature in the communication channel.

The main advantages of FCN

  • The possibility of signature substitution in the exchange protocol is excluded, the electronic signature is generated in parts: first in the key carrier, then finally in the CSP software part.
  • Generation of electronic signature keys and agreement keys, as well as the creation of an electronic signature within the FKN.
  • Transfer of the hash value over a secure channel that excludes the possibility of spoofing.
  • After the container is created, the user key is not stored either in the key container or in the memory of the cryptographic provider, and is not explicitly used in cryptographic transformations.
  • Enhanced data protection during transmission over an open channel due to the use of mutual authentication of the key carrier and the software component using the original protocol based on the EKE (electronic key exchange) procedure. In this case, not a PIN code is transmitted, but a point on an elliptic curve.
  • Increased confidentiality of private keys.
  • The key can be generated by the FKN or downloaded from the outside.
  • Performing cryptographic operations on elliptic curves directly with a key carrier, supporting Russian electronic signatures.

Here you can buy products for authentication and electronic signature Rutoken, developed by our partner JSC "Active-soft".

  • Equipping smart cards with RFID tags Em-Marine, HID Prox;
  • Equipping smart cards with RFID tags Mifare Classic 1K;
  • Equipping smart cards with RFID tags Em-Marine / HID Prox + Mifare Classic 1K;
  • Equipping smart cards with HID iClass RFID tags.
  • Smart card reader ACR38U-I1;
  • Smart card reader ACR38U-H1;
  • Smart card reader ACR3901U-H3;
  • OMNIKEY (CardMan) 3021 smart card reader;
  • OMNIKEY (CardMan) 3121 smart card reader;
  • OMNIKEY (CardMan) 5421 smart card reader;
  • IDBridge CT30 smart card reader.

Rutoken KeyBox devices are designed for administration and management life cycle key carriers (USB tokens, smart cards and other devices). Designed for use in corporate networks based on Microsoft Windows technologies. Are a system that provides communication between accounts users, means of authentication, applications and information security regulations. They are certified by FSTEC of Russia.

  • License for 1 user;
  • Distribution kit Rutoken KeuVokh, certificate of FSTEC of Russia.

Rutoken devices for Windows are designed for hardware user authentication and protection of e-mails in networks based on Microsoft Windows. The solution is based on the use of built-in Windows security tools and electronic identifiers of the Rutoken family as carriers of key information.

CryptoThree is workplace legally significant document flow. It is a comprehensive boxed solution. Designed for encryption and electronic signature of documents, digital certificate management and authentication.

CryptoPro Rutoken CSP is a software and hardware CIPF that combines the capabilities of the Russian crypto provider CryptoPro CSP and the Rutoken USB token. In CryptoPro Rutoken CSP, cryptographic operations on private keys are performed inside the token, while the keys do not leave the device itself. The product implements a functional key carrier technology, which protects the exchange protocol between the software part and the token from attacks, and also provides additional security for private keys. The user's private key is valid for up to 3 years. Has a certificate of the FSB of Russia on compliance with the requirements for electronic signature tools and cryptographic information protection tools in the KC1 and KC2 classes.

  • CryptoPro Rutoken CSP license;
  • CryptoPro Rutoken CSP distribution kit.

Accessories

Products:

  • Cap for USB token;
  • Keychain with a field for a tag (4 colors to choose from);
  • Neck strap, red;
  • Extension cable for USB port.
mob_info