Purpose of CryptoPro CSP. Purpose of CryptoPro CSP Integration into application and business systems

💖 Do you like it? Share the link with your friends
0


As a rule, the idea to download Cryptopro 3.9 R2 for Windows 10 appears among entrepreneurs with a lot of paperwork. However, the product is also suitable for everyday purposes, because electronic signatures are increasingly becoming part of the life of an ordinary person.

Peculiarities

Cryptopro 3.9 R2 is a multifunctional cryptographic software. The latest, most current version is used on any Windows 10 device, including tablets. The scope of application of this program is very extensive:
  • Protection of the authorship of documents;
  • Ensuring secure document flow;
  • Working with electronic signatures;
If you care about the security of your document flow, then downloading Cryptopro 3.9 R2 will be the right decision. This is a domestic development, and although it deals with very complex issues in technical terms, working with the program is very simple. Of course, if you have little idea what Cryptopro is, then it’s better to first study the documentation and only then get started.

The installation takes place in several stages, but to avoid mistakes, download the correct version - x32/x64 bits. And if your computer is running without , then even the most powerful cryptographic protection of documents will not protect you from possible penetration. Therefore, we recommend installing

CryptoPro CSP 5.0 is a new generation of crypto provider, developing three main product lines of the CryptoPro company: CryptoPro CSP (classic tokens and other passive storage of secret keys), CryptoPro FKN CSP/Rutoken CSP (non-retrievable keys on tokens with secure messaging) and CryptoPro DSS (keys in the cloud ).

All the advantages of products from these lines are not only preserved, but also multiplied in CryptoPro CSP 5.0: the list of supported platforms and algorithms is wider, performance is higher, and the user interface is more convenient. But the main thing is that working with all key media, including keys in the cloud, is now uniform. To transfer the application system in which CryptoPro CSP of any version worked to support keys in the cloud or to new media with non-removable keys, no software reworking will be required - the access interface remains the same, and work with the key in the cloud will occur exactly the same in the same way as with the classic key carrier.

Purpose of CryptoPro CSP

  • Formation and verification electronic signature.
  • Ensuring confidentiality and monitoring the integrity of information through its encryption and imitation protection.
  • Ensuring authenticity, confidentiality and imitational protection of connections using the and protocols.
  • Monitoring the integrity of system and application software to protect it from unauthorized changes and violations of trusted functioning.

Supported Algorithms

In CryptoPro CSP 5.0, along with Russian ones, foreign cryptographic algorithms are implemented. Now users have the opportunity to use familiar key media to store RSA and ECDSA private keys.

Supported key storage technologies

Cloud token

In the cryptoprovider CryptoPro CSP 5.0, for the first time, it became possible to use keys stored on cloud service CryptoPro DSS, via the CryptoAPI interface. Now keys stored in the cloud can be easily used by any user applications, as well as most Microsoft applications.

Media with non-retrievable keys and secure messaging

CryptoPro CSP 5.0 adds support for media with non-retrievable keys that implement the protocol SESPAKE, allowing authentication without transmitting the user’s password in clear text, and establishing an encrypted channel for the exchange of messages between the crypto provider and the carrier. An attacker located in the channel between the medium and the user's application can neither steal the authentication password nor replace the signed data. When using such media, the problem is completely solved safe work with non-removable keys.

The companies Active, InfoCrypt, SmartPark and Gemalto have developed new secure tokens that support this protocol (SmartPark and Gemalto starting from version 5.0 R2).

Media with non-removable keys

Many users want to be able to work with non-retrievable keys, but not upgrade tokens to the FKN level. Especially for them, the provider has added support for popular key media Rutoken EDS 2.0, JaCarta-2 GOST and InfoCrypt VPN-Key-TLS.

List of manufacturers and models supported by CryptoPro CSP 5.0

List of manufacturers and models of media with non-retrievable keys supported by CryptoPro CSP 5.0
Company Carrier
ISBC Esmart Token GOST
Assets Rutoken 2151
Rutoken PINPad
Rutoken EDS
Rutoken EDS 2.0
Rutoken EDS 2.0 2100
Rutoken EDS 2.0 3000
Rutoken EDS PKI
Rutoken EDS 2.0 Flash
Rutoken EDS 2.0 Bluetooth
Rutoken EDS 2.0 Touch
Smart card Rutoken 2151
Smart card Rutoken EDS 2.0 2100
Aladdin R.D. JaCarta-2 GOST
Infocrypt InfoCrypt Token++ TLS
InfoCrypt VPN-Key-TLS

Classic passive USB tokens and smart cards

Most users prefer fast, cheap and convenient solutions for storing keys. As a rule, preference is given to tokens and smart cards without cryptographic coprocessors. As in previous versions provider, CryptoPro CSP 5.0 retains support for all compatible media produced by the companies Active, Aladdin R.D., Gemalto/SafeNet, Multisoft, NovaCard, Rosan, Alioth, MorphoKST and SmartPark.

In addition, of course, methods for storing keys in Windows registry, on hard drive, on flash drives on all platforms.

List of manufacturers and models supported by CryptoPro CSP 5.0

List of manufacturers and models of classic passive USB tokens and smart cards supported by CryptoPro CSP 5.0
Company Carrier
Alioth SCOne Series (v5/v6)
Gemalto Optelio Contactless Dxx Rx
Optelio Dxx FXR3 Java
Optelio G257
Optelio MPH150
ISBC Esmart Token
Esmart Token GOST
MorphoKST MorphoKST
NovaCard Cosmo
Rosan G&D element V14 / V15
G&D 3.45 / 4.42 / 4.44 / 4.45 / 4.65 / 4.80
Kona 2200s / 251 / 151s / 261 / 2320
Kona2 S2120s/C2304/D1080
SafeNet eToken Java Pro JC
eToken 4100
eToken 5100
eToken 5110
eToken 5105
eToken 5205
Assets Rutoken 2151
Rutoken S
Rutoken KP
Rutoken Lite
Rutoken EDS
Rutoken EDS 2.0
Rutoken EDS 2.0 3000
Rutoken EDS Bluetooth
Rutoken EDS Flash
Smart card Rutoken 2151
Smart card Rutoken Lite
Smart card Rutoken EDS SC
Smart card Rutoken EDS 2.0
Aladdin R.D. JaCarta GOST
JaCarta PKI
JaCarta PRO
JaCarta LT
JaCarta-2 GOST
Infocrypt InfoCrypt Token++ lite
Multisoft MS_Key isp.8 Hangar
MS_Key ESMART use.5
SmartPark Master's degree
R301 Foros
Oscar
Oscar 2
Magister's Rutoken

CryptoPro Tools

Cross-platform (Windows/Linux/macOS) appeared as part of CryptoPro CSP 5.0 graphic application- “CryptoPro Tools”.

The main idea is to provide users with the opportunity to conveniently solve common problems. All basic functions are available in a simple interface - at the same time, we have also implemented a mode for advanced users, which opens up additional possibilities.

Using CryptoPro Tools, the tasks of managing containers, smart cards and crypto provider settings are solved, and we have also added the ability to create and verify a PKCS#7 electronic signature.

Supported Software

CryptoPro CSP allows you to quickly and securely use Russian cryptographic algorithms in the following standard applications:

  • office suite Microsoft Office;
  • mail server Microsoft Exchange and client Microsoft Outlook;
  • products Adobe Systems Inc.;
  • browsers Yandex.Browser, Sputnik, Internet Explorer ,Edge;
  • application signature generation and verification tool Microsoft Authenticode;
  • web servers Microsoft IIS, nginx, Apache;
  • Remote Desktop Tools Microsoft Remote Desktop Services;
  • Microsoft Active Directory.

Integration with the CryptoPro platform

From the very first release, support and compatibility with all our products are provided:

  • CryptoPro CA;
  • CA Services;
  • CryptoPro EDS;
  • CryptoPro IPsec;
  • CryptoPro EFS;
  • CryptoPro.NET;
  • CryptoPro Java CSP.
  • CryptoPro NGate

Operating systems and hardware platforms

Traditionally, we work in an unrivaled wide range of systems:

  • Microsoft Windows;
  • Mac OS;
  • Linux;
  • FreeBSD;
  • Solaris;
  • Android;
  • Sailfish OS.

hardware platforms:

  • Intel/AMD;
  • PowerPC;
  • MIPS (Baikal);
  • VLIW (Elbrus);
  • Sparc.

and virtual environments:

  • Microsoft Hyper-V
  • VMWare
  • Oracle Virtual Box
  • RHEV.

Supported different versions CryptoPro CSP.

To use CryptoPro CSP with a license for workplace and server.

Interfaces for embedding

For embedding into applications on all platforms, CryptoPro CSP is available via standard interfaces for cryptographic means:

  • Microsoft CryptoAPI;
  • PKCS#11;
  • OpenSSL engine;
  • Java CSP (Java Cryptography Architecture)
  • Qt SSL.

Performance for every taste

Many years of development experience allows us to cover all solutions from miniature ARM boards such as Raspberry PI to multiprocessor servers based on Intel Xeon, AMD EPYC and PowerPC, perfectly scaling performance.

Regulatory documents

Complete list of regulatory documents

  • The crypto provider uses algorithms, protocols and parameters defined in the following documents of the Russian standardization system:
  • R 50.1.113–2016 " Information technology. Cryptographic protection information. Cryptographic algorithms, accompanying use electronic digital signature algorithms and hashing functions" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
  • R 50.1.114–2016 “Information technology. Cryptographic information protection. Elliptic curve parameters for cryptographic algorithms and protocols" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
  • R 50.1.111–2016 “Information technology. Cryptographic information protection. Password protection of key information"
  • R 50.1.115–2016 “Information technology. Cryptographic information protection. "Shared Key Generation Protocol with Password Authentication" (also see RFC 8133 The Security Evaluated Standardized Password-Authenticated Key Exchange (SESPAKE) Protocol ")
  • Methodological recommendations TC 26 “Cryptographic information protection” “Use of sets of encryption algorithms based on GOST 28147-89 for the security protocol transport layer(TLS)"
  • Methodological recommendations TC 26 “Cryptographic information protection” “Use of GOST 28147-89, GOST R 34.11 and GOST R 34.10 algorithms in cryptographic messages in CMS format”
  • Technical specification TC 26 “Cryptographic information protection” “Use of GOST 28147-89, GOST R 34.11-2012 and GOST R 34.10-2012 in the IKE and ISAKMP key exchange protocols”
  • Technical specification TC 26 “Cryptographic information protection” “Use of GOST 28147-89 when encrypting attachments in IPsec ESP protocols”
  • Technical specification TC 26 “Cryptographic information protection” “Use of GOST R 34.10, GOST R 34.11 algorithms in the certificate profile and certificate revocation list (CRL) of the X.509 public key infrastructure”
  • Technical specification TC 26 “Cryptographic information protection” “Extension of PKCS#11 for the use of Russian standards GOST R 34.10-2012 and GOST R 34.11-2012”

CryptoTree is a comprehensive solution for organizing secure document management workplaces: encryption and electronic digital signature of documents, management digital certificates, authentication, etc.

The CryptoTree software product has a certificate of state registration with Rospatent.

The product is designed to provide a technical component when building legally protected significant systems(electronic document management, Internet applications, electronic archives, CRM and ERP systems, etc.).

The cryptoprovider CryptoPro CSP, which implements certified cryptographic algorithms, and the CryptoARM client application for performing encryption and electronic signature operations are installed at the user’s workplace. Keys and digital certificates are stored on the Rutoken electronic identifier to enhance the protection of secret data.

CryptoTree will be of interest to organizations deploying a PKI system, as well as using the services of third-party Certification Authorities. The CryptoTri product allows you to reduce the cost of creating jobs in PKI and reduce the time it takes for users to perform crypto operations, ensuring simplicity and ease of configuration. CryptoTri supports working with various PKI elements. This includes working with digital certificates and requests, as well as Trusted Time Stamp Services (TSA) and Current Status Services (OCSP).

Benefits of use

  • The cost of the CryptoTree software product is significantly lower than the amount spent when purchasing its component products separately.
  • Reducing the time for the purchase procedure itself: buying CryptoTree is faster and easier than contacting different companies for each product separately.
  • All software collected in a single distribution file. Installation is done with one click of the mouse. During installation, the necessary operations are performed to configure the software modules.
  • Work with certified cryptographic algorithms.
  • Compliance with the requirements of the Federal Law of the Russian Federation No. 1-FZ of January 10, 2002 “On Electronic Digital Signature”.
  • Support for international standards and recommendations in the field of information security (X.509, PKCS, CMS).
  • Key information in the Rutoken protected memory remains safe even if the USB token is lost.
  • The standard delivery of CryptoTree includes document templates (regulations) that allow the customer to independently generate a complete package of documentation necessary to establish legally significant electronic document flow.
  • There is a positive conclusion from the Central Security Service of the FSB of Russia on the correctness of integrating CryptoPro CSP into CryptoARM.

Integration into application and business systems

CryptoTri can be used both to organize a workplace in PKI and as a basis for embedding crypto algorithms into application and business systems. WITH minimal costs can be built into electronic document management systems. Implements the requirements to ensure legal significance. Additionally, consulting work can be carried out on the creation of regulations.

Product delivery

The CryptoTree software product comes in several different packages:

Basic equipment:

  • Key media Rutoken 32Kb;
  • Packaging (DVD box).

Basic equipment with a certified token:

  • License for the CryptoTri software product (includes activation numbers for CryptoPro CSP 3.6 and CryptoARM 4.X);
  • Brochure on legally significant electronic document management in printed form;
  • CD with solution distribution, presentation and regulation templates in electronic form;
  • CIPF form CryptoPro CSP (version 3.6);
  • Key media Rutoken 32Kb ndv3;
  • Certificate of authenticity/copy of FSTEC certificate of conformity;
  • Technical specifications (TU) for Rutoken 32Kb ndv3;
  • Packaging (DVD box).


tell friends
Twitter
It's getting warm...
Next article
Read also
The phone gets very hot when locked or while charging, is this normal?
The phone gets very hot when locked or while charging, is this normal?
2023-10-17 00:04:10
Switching the SATA interface to AHCI mode on an existing OS
Switching the SATA interface to AHCI mode on an existing OS
2023-10-17 00:04:10
How to gain subscribers on YouTube: I share paid and free methods How famous YouTube bloggers gained subscribers
How to gain subscribers on YouTube: I share paid and free methods How famous YouTube bloggers gained subscribers
2023-10-16 00:04:34
YouTube affiliate Yoola VSP Group
YouTube affiliate Yoola VSP Group
2023-10-16 00:04:34