Sport

Cryptopro rutoken csp 3.6 serial number. Means of authentication and electronic signature Rutoken. How Rutoken S works

06.04.2022

CryptoPro Rutoken CSP- FSB-certified hardware and software CIPF jointly developed by CryptoPro and Aktiv, combining the capabilities of the Russian crypto provider and the Rutoken EDS identifier.

Features of CryptoPro Rutoken CSP

The main features of CryptoPro Rutoken CSP are:

  • Non-retrievability of private keys. All cryptographic operations using private keys are performed inside the CryptoPro Rutoken CSP and never leave the device itself. Due to this, high security of the user's secret key is achieved, which allows increasing the validity period of secret keys up to 3 years.
  • Use of FKN technology. The CIPF CryptoPro Rutoken CSP uses a unique FKN technology that protects the protocol of exchange between the software part and the key carrier from attacks, and also provides additional security for private keys due to a set of restrictive counters that can significantly reduce the possibility of implementing attacks related to the selection of password values ​​(PIN ).
  • Full compatibility with CryptoPro CSP 3.6 and support for all its features.
  • Full integration into the public key infrastructure PKI, based on the certification center "CryptoPro CA".

Appointment CryptoPro Rutoken CSP

CIPF CryptoPro Rutoken CSP is intended for use in Russian PKI systems, legally significant electronic document management systems and other information systems using electronic digital signature technologies.

Using CryptoPro Rutoken CSP, the following cryptographic operations are performed:

  • key generation according to GOST R 34.10-2001;
  • formation of an electronic digital signature in accordance with GOST R 34.10-2001;
  • ensuring confidentiality and control of the integrity of information through its encryption and imitation protection, in accordance with GOST 28147-89;
  • Diffie-Hellman negotiation key calculation (RFC 4357).

FKN architecture

The functional key carrier (FKN) implements a fundamentally new approach to ensuring the safe use of key information stored on a hardware carrier. In addition to the formation of an electronic signature and the generation of keys directly in the microprocessor, the key carrier allows you to effectively resist attacks associated with the substitution of the hash value or signature in the communication channel.

Advantages of the FKN architecture:

  • Increased privacy of private keys.
  • Enhanced data protection during transmission over an open channel due to the use of mutual authentication of the key carrier and the software component using the original protocol based on the EKE (electronic key exchange) procedure. In this case, it is not a PIN code that is transmitted, but a point on an elliptic curve.
  • Transferring a hash value over a secure channel that excludes the possibility of spoofing.
  • After the container is created, the user's key is not stored either in the key container or in the memory of the cryptographic provider and is not explicitly used in cryptographic transformations. Accordingly, even a successful hardware attack on a key carrier will not help to find out the key.
  • The possibility of signature substitution in the exchange protocol is excluded, the electronic signature is generated in parts: first in the key carrier, then finally in the CSP software.

Supported operating systems

CryptoPro Rutoken CSP supports the following Windows and Linux/UNIX operating systems:

  • Windows 2000/XP/2003 (ia32 platform)
  • Windows XP/2003 (platform x64, ia64)
  • Windows Vista/2008/7/2008 R2/8 (ia32, x64 platform)
  • Linux Standard Base ISO/IEC 23360 (ia32, x64 platform)
  • Alt Linux 4.0 Server (ia32, x64 platform)
  • Debian-4.0 (Etch) (ia32, x64 platform)
  • FreeBSD 7 (ia32 platform)

Certificate

CIPF CryptoPro Rutoken CSP complies with the requirements of GOST 28147-89, GOST R 34.11-94, GOST R 34.10.2001 and the requirements of the Federal Security Service of Russia for CIPF and electronic signature tools for classes KS1 and KS2. It can be used for cryptographic protection of information that does not contain information constituting a state secret.

Users of the CryptoPro data protection system often use Rutoken devices from Aktiv as a key. However, the latest models of this device do not work without the appropriate drivers in the system, and today we will tell you where you can download them and how to install them.

The procedure is performed in two stages: the installation of the Rutoken support module in CryptoPro and, in fact, the installation of drivers for the specified device.

Stage 1: Installing the support module

Before installing the utility software for the USB keys in question, you first need to add a support module to the cryptographic protection package. This is done as follows:

  1. Go to the CIPF in question, located on the official resource of Rutoken developers. Modules are presented for both the CSP and the CryptoPro JSP version, the versions of the former are also divided by bit depth. To download the desired component, simply click on its name.

  2. To continue downloading, you will need to accept the license agreement - read the document, then check the box "The terms of the License Agreement have been read and accepted in full" and click on the button "Terms accepted".

  3. Download the module installer to any suitable place, then run the executable file. Click "Further" in the first window "Install Wizard".

  4. In the next step, click "Install".

  5. Installation takes place automatically, so just wait until the end of the procedure.


    To close the installer, click the button "Ready".

This completes the first step and you can move on to the next one.

Stage 2: Driver installation

After installing the support module, you can install the drivers directly.


On this, our today's task is solved - the installation of Rutoken drivers for CryptoPro is fully completed.

Rutoken— personal devices for accessing information resources, information security, means of authentication and electronic signature.

Options:

Rutoken S

  • The main key carrier for Russian CIPF
  • Hardware implementation of GOST 28147-89
  • FSB certificate
  • FSTEC certificate
What is Rutoken S

Electronic identifier (token) Rutoken S is a compact USB device designed for secure two-factor user authentication, secure storage of encryption keys and electronic signature keys, as well as digital certificates and other information.

Rutoken S most often used as a carrier of a private key of an electronic signature for access to various resources, for electronic document management and for remote banking services. Rutoken S acts as a successful alternative to traditional "repositories" of key information, such as floppy disks or flash drives. In contrast, passwords and user certificates are stored on Rutoken S in the device's secure internal memory. Access to this data is possible only upon presentation of the PIN code.

How Rutoken S works

Rutoken S provides two-factor authentication in computer systems. Successful authentication requires the fulfillment of two conditions: the physical presence of the Rutoken USB token itself and knowledge of the PIN code for it. This provides a much higher level of security than traditional password access. basis Rutoken S make up a microcontroller that performs cryptographic data conversion, and a secure memory in which user data is stored in encrypted form: passwords, certificates, encryption keys, etc.

Rutoken S supports major industry standards, making it easy to use in existing information security systems.

Rutoken Lite

  • Key carrier for software and hardware CIPF
  • Ability to work without installing drivers
  • Protected memory for data storage
  • Working with CryptoPro without installing additional software
  • FSTEC certificate
What is Rutoken Lite

USB tokens and smart cards Rutoken Lite- these are protected carriers of private keys of electronic signature for access to various resources, for electronic document management and remote banking services. On the Rutoken Lite you can store secret keys or digital identifiers and read them, if necessary, upon presentation of the user's PIN code. Tokens and smart cards are not disk drives, so the information stored on them cannot be copied using the file system. Access to information is provided only through special tools for working with smart cards.

Rutoken Lite provides two-factor authentication in computer systems. Successful authentication requires the fulfillment of two conditions: the user's knowledge of a unique password - PIN-code and possession of a unique object - the device itself. This provides a much higher level of security than traditional password access.

Simplicity and convenience

Many software and hardware CIPFs, as well as other applications in the field of information security, do not provide for the use of the cryptographic capabilities of modern tokens. However, they need secure means to store key information. Such storage media should be significantly more reliable and secure than flash drives or the Windows registry, but more economical than tokens with a full set of cryptographic capabilities. In this case, in addition to security, the reliability of the media and ease of installation and configuration are important to users.

Electronic identifiers are usually used in combination with the corresponding software and hardware. Rutoken Lite supports major industry standards, which makes it easy to use in existing information security systems.

To work with Rutoken Lite the CCID driver is used, which is already part of modern operating systems, and it does not require the installation of any additional software, except for those cryptographic information protection tools and applications that should work with it.

Rutoken EDS

  • Support for the Russian standard of electronic signature
  • Non-retrievability of cryptographic keys
  • Hardware implementation of Russian and Western cryptoalgorithms
  • Two versions: standard and micro-token
  • FSTEC and FSB certificates, compliance with FZ-63
What is Rutoken EDS for?

Rutoken EDS is designed for secure two-factor authentication of users, generation and secure storage of encryption keys and electronic signature keys, performing encryption and the electronic signature itself "on board" the device, as well as storing digital certificates and other data.

Hardware implementation of national standards for electronic signature, encryption and hashing allows using Rutoken EDS as an intelligent key carrier and means of electronic signature in Russian PKI systems, in legally significant electronic document management systems and in other information systems using electronic signature technologies. Opportunities Rutoken EDS allow cryptographic operations to be performed in such a way that private key information never leaves the token. Thus, the possibility of key compromise is excluded and the overall security of the information system is increased.

How Rutoken EDS works

Rutoken EDS provides two-factor authentication in computer systems. Successful authentication requires the fulfillment of two conditions: the user's knowledge of the PIN code and the physical presence of the token itself. This provides a much higher level of security than traditional password access. basis Rutoken EDS consists of a modern secure microcontroller and built-in secure memory that securely stores user data: passwords, encryption and signature keys, certificates, etc.

Electronic ID Rutoken EDS supports the main Russian and international standards in the field of information security. This allows you to easily, without additional effort, embed its support into existing information systems.

Rutoken Web

  • Hardware replacement of login and password
  • Building Strong Authentication Systems on Web Resources
  • Works in all popular browsers and operating systems
  • Does not require driver installation, functions as a HID device
  • All cryptographic features Rutoken EDS
Features Rutoken Web

With the help of Trojans, phishing or traffic interception, it is impossible to steal either the hardware device itself or to forge or replace an electronic signature. Decision Rutoken Web is cross-platform and multi-browser, has a low cost of ownership and is easy to use.

The product is based on electronic signature technology and consists of three components:

  1. USB-token - an electronic key that has the ability to carry out an electronic signature. Works as a HID device, no driver installation required.
  2. Browser plugin - communicates between the USB token and the browser. Does not require administrative rights to install. It uses only APIs built into the browser and does not require the installation of additional components, frameworks and platforms such as Java, Microsoft Silverlight and others. Works with all known browsers on MS Windows, Apple OS X, GNU/Linux platforms.
  3. The server part is the implementation of electronic signature verification on the server. The mechanisms are implemented for different platforms and development tools, namely: PHP, ASP.NET, WordPress, Joomla and Bitrix.

CritoPro Rutoken CSP

  • Hardware-software CIPF based on Rutoken EDS
  • All features of CryptoPro CSP 3.6
  • Validity of the private key - 3 years
  • Unique FKN technology
  • Integration with PKI based on CryptoPro CA
What is CryptoPro Rutoken CSP

Decision CryptoPro Rutoken CSP is a joint development of the CRYPTO-PRO and Aktiv companies, based on the integration of the CryptoPro CSP crypto provider and the Rutoken EDS USB token. An important feature of the solution is the use of the cryptographic capabilities of Rutoken EDS to generate key pairs, develop approval keys, implement an electronic signature, etc. Performing these operations on board the token ensures the highest degree of security of key information.

In SKZI CryptoPro Rutoken CSP for the first time, a unique FKN technology was used, which protects the protocol of exchange between the software part and the key carrier from attacks, and also provides additional security for private keys. Decision CryptoPro Rutoken CSP is the successor of CIPF CryptoPro CSP and supports all its features. It is also fully integrated into the public key infrastructure based on the certification center "CryptoPro CA".

Purpose

CIPF CryptoPro Rutoken CSP is intended for use in Russian PKI systems, in legally significant electronic document management systems and in other information systems using digital signature technologies, for example:

  • in client-bank systems when signing payment orders,
  • in secure document management systems,
  • in reporting collection systems for submission in electronic form,
  • in government and administration at the federal and regional levels,
  • in all other cases, where it is necessary to provide increased protection of user keys.
Opportunities
  • All the functionality of CIPF CryptoPro CSP 3.6 is supported.
  • Full integration with the PKI infrastructure based on "CryptoPro CA" is provided.
  • Using the hardware resources of the Rutoken EDS, the following cryptographic operations are performed:
    • generation of key pairs GOST R 34.10-2001,
    • formation of an electronic signature in accordance with GOST R 34.10-2001,
    • Diffie-Hellman negotiation key calculation (RFC 4357).
  • Provides secure storage and use of private keys inside the key carrier without the possibility of extraction.

Rutoken for Windows

  • Turnkey solution for hardware authentication and email protection
  • All options for using Rutoken EDS and Rutoken S in Windows networks
  • Detailed step-by-step instructions for configuring the security tools of the MS Windows operating system
Scope of application

Rutoken for Windows can be used by any organizations and enterprises whose information structure is based on Microsoft Windows networks. For deployment and subsequent operation, you do not need to involve third-party specialists and purchase additional equipment and software from third parties. All necessary network settings can be performed by a full-time system administrator of the enterprise, following the detailed instructions contained in the implementation guide. Rutoken for Windows.

To get started with Rutoken for Windows, you need to purchase the Starter Kit, with which you can make all the necessary network settings. After that, it remains only to order the required number of electronic identifiers Rutoken S or Rutoken EDS.

Purpose

Product Rutoken for Windows is intended primarily for system administrators and IT-specialists of enterprises. Detailed illustrated step-by-step instructions for setting up services will save you a lot of time studying Microsoft proprietary documentation and avoid many problems that you may encounter when setting it up yourself.

The instructions included in the starter kit also contain information about the use of electronic signature and encryption in Microsoft Office applications. This allows you to quickly and efficiently train company personnel on how to securely access information resources and protect correspondence and documents, since IT specialists do not need much time to develop documentation for end users.

CryptoThree

  • CryptoPro CSP + CryptoARM + Rutoken S
  • Workplace of legally significant document flow
  • Certified solution that fully complies with Federal Law 63
  • Focused on the inexperienced user
  • Requires minimal implementation costs
What is CryptoThree

CryptoThree is a comprehensive solution for organizing secure workflow workplaces: encryption and electronic signature of documents, digital certificate management, authentication, etc.

Part CryptoThree certified products include:

  • crypto-provider "CryptoPro CSP" (company "CRYPTO-PRO");
  • software "CryptoARM" (company "Digital Technologies");
  • key carrier Rutoken S 32KB (Aktiv company).
How does CryptoThree work?

CryptoPro CSP provides the use of Russian cryptographic algorithms at the operating system kernel level. The CryptoARM client application offers a convenient interface for encryption/decryption functions performed by a crypto provider, signing and verifying the signature of an electronic document, and also has extensive capabilities for managing signature key certificates, certificate revocation lists, etc.

All keys and certificates of the signature keys are stored on a secure Rutoken S key carrier to prevent unauthorized access to secret data. For government organizations and commercial companies that use an information security policy in accordance with industry and national standards, a certified version of Rutoken S is offered.

Please note that d

To use tokens in the EGAIS system, it is necessary to purchase positions with an FSB certificate. The presented positions are delivered without FSB certificate.

* 1 set of documentation must be purchased for delivery FSTEC documentation set for Rutoken Lite

** 1 set of documentation must be purchased for delivery FSTEC documentation set for Rutoken s

*** 1 set of documentation must be purchased for delivery FSTEC PACK Rutoken documentation set

The CryptoPro Rutoken CSP solution is a joint development of the CryptoPro and Aktiv companies, which integrates the capabilities of the CryptoPro CSP crypto provider and Rutoken USB tokens. An important feature of the FKN technology is the division of cryptographic powers between the cryptographic provider CryptoPro CSP and Rutoken KP, a cryptographic USB token model specially adapted for the FKN technology, made on the basis of the Rutoken EDS.

Rutoken KP is used in the FKN technology to generate key pairs, generate approval keys, implement an electronic signature, etc. Performing these operations on board the token ensures the highest degree of security of key information. Rutoken KP is used and supplied only as part of CryptoPro Rutoken CSP, this USB token is not distributed separately.

In the new version of CryptoPro Rutoken CSP, in addition to Rutoken KP, there is support for the standard Rutoken EDS 2.0 model for generating and securely storing CryptoPro CSP key pairs and containers. Key information is stored on Rutoken EDS 2.0 without the possibility of extracting it. The use of Rutoken EDS 2.0 as part of CryptoPro Rutoken CSP provides an optimal solution configuration in terms of cost and capabilities for cases where there are no increased requirements for the level of protection of communication channels with a key carrier.

The CryptoPro Rutoken CSP solution is the successor of CryptoPro CSP CIPF and supports all its features. It is also fully integrated into the public key infrastructure based on the certification center "CryptoPro CA".

Purpose

CIPF CryptoPro Rutoken CSP is intended for use in Russian PKI systems, legally significant electronic document management systems and other information systems using digital signature technologies. Including:

  • in client-bank systems when signing payment orders;
  • in secure document management systems;
  • in reporting collection systems for submission in electronic form;
  • in government and administration at the federal and regional levels;
  • in all other cases, where it is necessary to provide increased protection of user keys.

Opportunities

  • Supports all functionality CIPF CryptoPro CSP 3.9 .
  • Provides full integration with PKI infrastructure based on CryptoPro CA.
  • It also works with the standard model Rutoken EDS 2.0.
  • Using the hardware resources of Rutoken KP or Rutoken EDS 2.0, the following cryptographic operations are performed:
    • generation of key pairs GOST R 34.10-2001;
    • formation of an electronic signature in accordance with GOST R 34.10-2001;
    • Diffie-Hellman negotiation key calculation (RFC 4357).
  • Provides secure storage and use of private keys inside the key carrier without the possibility of extraction.

Functional key carrier

The FKN architecture implements a fundamentally new approach to ensuring the safe use of key information stored on a hardware medium.

In addition to the formation of an electronic signature and the generation of encryption keys directly in the microprocessor, the key carrier allows you to effectively resist attacks associated with the substitution of a hash value or signature in a communication channel.

The main advantages of FKN

  • The possibility of signature substitution in the exchange protocol is excluded, the electronic signature is generated in parts: first in the key carrier, then finally in the CSP software.
  • Generation of electronic signature keys and approval keys, as well as the creation of an electronic signature within the FKN.
  • Transferring a hash value over a secure channel that excludes the possibility of spoofing.
  • After the container is created, the user's key is not stored either in the key container or in the memory of the cryptographic provider, and is not used explicitly in cryptographic transformations.
  • Enhanced data protection during transmission over an open channel due to the use of mutual authentication of the key carrier and the software component using the original protocol based on the EKE (electronic key exchange) procedure. In this case, it is not a PIN code that is transmitted, but a point on an elliptic curve.
  • Increased privacy of private keys.
  • The key can be generated by the FKN or loaded from outside.
  • Performing cryptographic operations on elliptic curves directly by the key carrier, support for the Russian electronic signature.

Here you can buy Rutoken products for authentication and electronic signature, developed by our partner CJSC "Active-soft".

  • Equipping smart cards with Em-Marine, HID Prox RFID tags;
  • Equipping smart cards with Mifare Classic 1K RFID tags;
  • Equipping smart cards with Em-Marine/HID Prox + Mifare Classic 1K RFID tags;
  • Equipping smart cards with HID iClass RFID tags.
  • Smart Card Reader ACR38U-I1;
  • Smart Card Reader ACR38U-H1;
  • Smart Card Reader ACR3901U-H3;
  • OMNIKEY Smart Card Reader (CardMan) 3021;
  • OMNIKEY Smart Card Reader (CardMan) 3121;
  • OMNIKEY Smart Card Reader (CardMan) 5421;
  • IDBridge CT30 smart card reader.

Rutoken KeyBox devices are designed to administer and manage the life cycle of key media (USB tokens, smart cards and other devices). Oriented for use in corporate networks built on Microsoft Windows technologies. They are a system that provides communication between user accounts, authentication tools, applications and information security regulations. Have the certificate of FSTEC of Russia.

  • License for 1 user;
  • Distribution kit Rutoken KeuVoh, FSTEC certificate of Russia.

Rutoken devices for Windows are designed for hardware user authentication and protection of electronic correspondence in networks based on Microsoft Windows. The solution is based on the use of built-in Windows security tools and electronic identifiers of the Rutoken family as carriers of key information.

CryptoThree is a workplace of legally significant workflow. It is a complete boxed solution. Designed for encryption and electronic signature of documents, management of digital certificates and authentication.

CryptoPro Rutoken CSP is a hardware-software CIPF that combines the capabilities of the Russian crypto provider CryptoPro CSP and the Rutoken USB token. In CryptoPro Rutoken CSP, cryptographic operations on private keys are performed inside the token, while the keys do not leave the device itself. The product implements the technology of a functional key carrier, which protects the protocol of exchange between the software part and the token from attacks, and also provides additional security for private keys. The validity period of the user's private key is up to 3 years. He has a certificate of the Federal Security Service of Russia on compliance with the requirements for electronic signature tools and cryptographic information protection tools for classes KS1 and KS2.

  • License for CryptoPro Rutoken CSP;
  • Distribution kit CryptoPro Rutoken CSP.

Accessories

Products:

  • Cap for USB-token;
  • Keychain with a field for a label (4 colors to choose from);
  • Ribbon hanging around the neck, red;
  • Extension cable for USB port.