Crypto Sun X sunrise

Main article: Cryptography

2021: Extension of application of KryptoVS X SCSI

On October 6, 2021 FSAU Research Institute "Sunrise" , it was announced that its developers had modernized the software and hardware complex, the cryptographic information protection CryptoVS X tool. They made the second version of the desktop server and execution, which passed certification the requirements of the Regulator and received a Certificate of Compliance.

CryptoBC X allows you to work with documents that have an electronic medium (microcircuit), and performs all the main cryptographic operations both on domestic and foreign cryptographic algorithms.

Added functions: using time the TSP label when checking and executing authentication the protocol for establishing a connection with the base (password PACE) based on foreign cryptographic, algorithms as well as using the SESPAKE protocol based on GOST R 34.10-2012 and GOST R  34.11-2012 and exchanging protected with the integrated circuit. In addition, this version of the product performs the extended access control protocol (EAC) in accordance with GOST R 34.10-2012 and GOST R 34.11-2012 and performs secure exchange with the integrated circuit.

The product created in the Research Institute "Sunrise" provides a high level of protection information in the class KS3, as evidenced by the certificate. FSB of Russia The main feature of CryptoBC X is that this SKZI provides support for basic and extended access control protocols, taking into account the requirements the national and international standards in the field of cryptographic information protection (to ensure interaction with documents and electronic media).

Compact dimensions of the desktop "Crypto VS X" (80 × 79 × 27) allow you to place the device directly at the user's workplace and connect both through the USB port and Ethernet through. At the same time, you do not need to make changes computer to and install additional hardware modules that are required by the software CSI of a similar protection class.

The desktop CryptoVS X is already used in the CryptoBioCab at the MFC and makes it possible to issue foreign passports to citizens directly to the MFC using a small inexpensive device.

According to the information company, as of October 2021, there are no small-sized SKZI on the market, certified in the class of protection of KS3 and at the same time supporting this set of capabilities.

"Given the development of information technologies, there is an inevitable appearance of additional threats. One of our key tasks is to ensure a sufficient level of information protection, reduce the risks of cybercrime. If you compare our product with other market analogues, then on average it allows you to reduce costs by one and a half to two times, " noted acting director of the research institute "Sunrise" Natalya Egorova.

Main functions of CryptoBC X

• Generate a pseudorandom sequence.
• Encryption according to the algorithms GOST 28147-89, GOST R 34.12-2015 (Magma, Grasshopper) and 3DES.
• Imitation protection as per GOST 28147-89, GOST R 34.12-2015 ("Magma," "Grasshopper") in simulated delivery mode, CBC-MAC based on 3DES.
• Formation of electronic signature on algorithms GOST R 34.10-2012, GOST R 34.10-2001, ECDSA.
• Check of electronic signature on algorithms GOST R 34.10-2012, GOST R 34.10-2001, RSA, ECDSA.
• Calculation of hash function values on algorithms GOST R 34.11-2012, GOST R 34.11-94, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512.
• Performing Password-Based Authentication Connection Protocols (PACE) based on foreign cryptographic algorithms, using the SESPAKE protocol based on GOST R 34.10-2012 and GOST R 34.11-2012, basic access control (BAC) and extended access control (EAC) based on domestic (GOST R 34.10-2001, GOST R 34.10-2012, GOST R 34.11-94 and GOST R 34.11-2012) and foreign cryptographic algorithms and secure exchange with the integrated circuit.
• Verifies the TSP timestamp when the message is verified.
• Making a key pair.
• TLS protocol interaction (in certified server version. Desktop execution with this feature is certified).

2020: FSB certificate at SKZI "Crypto VS X" based on the Elbrus processor

On June 8, 2020, it became known that SKZI CryptoVS X, developed at the Voskhod Research Institute, received a certificate from the FSB of Russia, which confirms that this development meets the requirements for CS3 class information protection tools, as well as the requirements for electronic signature tools and can be used for cryptographic protection of data that do not contain state secrets.

One of the main features of the Crypto VS X SKZI is the ability to work with documents containing a chip (chip) with information in electronic form. For example, the product of the Voskhod Research Institute, in which special cryptographic protocols are implemented, can work with latest-generation passport and visa documents and passports with an electronic medium.

In addition, CryptoVS X allows you to perform all the main encryption operations both on domestic and foreign cryptoalhorms, to use external key media, including functional ones. Also, the Voskhod Research Institute implements an application program interface (API) and a web-based administration interface with cryptographic authentication, which allows you to configure and manage the key storage of the SCSI. The cryptographic transformation server CryptoBC X uses a domestic processor with the Elbrus architecture under the control of the operating system of the same name .

SKZI, created by order of Ministry of Digital Development, Communications and Mass Media Russia specialists of the Voskhod Research Institute, will solve problems import substitution in the field of information security and technological independence of ours states thanks to the implementation on the basis of the domestic processor and the Elbrus operating system. Confirmation of this is the certificate of compliance of the FSB of Russia received by our institute. CryptoBC X minimizes the risks of unauthorized interference in the work, including with documents of the latest generation containing electronic media, noted the head of the information security department of the Voskhod Research Institute Andrei Pyanchenko.

2019

Presentation of SKZI "Crypto AC X"

On August 12, 2019 FSBI Research Institute "Sunrise" , he announced the development of the software and hardware of cryptographic information protection the Crypto VS X SKZI in a desktop version.

All the main cryptographic functions are implemented in SKZI taking into account the requirements of modern national standards in the field of cryptographic information protection, GOST R 34.10.2012, GOST R 34.11.2012 and GOST R 34.12.2015, as well as BAC and EAC mechanisms. This makes it possible to ensure safe interaction with Russian and foreign travel documents, identity documents, as well as latest generation driver's licenses.

In addition, SKZI meets the "Requirements for cryptographic information protection tools designed to protect information that does not contain information constituting state secrets" in class KC3 and "Requirements for means" electronic signature in class KS3 (certificate of compliance FSB Russia No. SF/124-3656 dated March 20, 2019 is valid until March 20, 2022).

This device can be used:

• as part of the Information Systems Users AWS;
• as part of home and office PCs;
• as part of specialized small-sized solutions;
• in places where the installation of CSI servers or software CSI is impossible or economically impractical.

The created product will allow employees of the MFC and other interested departments to work with an updated document format (with an embedded electronic chip), using not a large-scale industrial solution, but a small inexpensive device. In the future, we also plan to work on the appearance of the device, which will allow it to be used directly at the workplace of employees working with citizens,

Features and Characteristics

The main functions of the CSI (as of August 2019):

• generating a pseudorandom sequence;
• encryption according to algorithms GOST 28147-89, GOST R 34.12-2015 "Magma" and 3DES;
• imitation protection as per GOST 28147-89, GOST R 34.12-2015 "Magma" in simulated setting mode, CBC-MAC based on 3DES;
• formation and verification of electronic signature on algorithms GOST R 34.10-2012, GOST R 34.10-2001, ECDSA, RSA;
• calculation of hash function value on algorithms GOST R 34.11-2012, GOST R 34.11-94, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512;
• making a key pair.

Key Features:

• ensuring secure interaction with BAC, EAC document chips, taking into account the requirements of national and international standards;
• performing all the main cryptographic operations on both domestic and foreign cryptographic algorithms;
• possibility of using external key media, including functional ones;
• interaction with PC by TCPIP protocol/via interfaces USB or; Ethernet
• Application software interface (API) for flexible embedding
• having a web-based administration interface with cryptographic authentication, which allows you to configure, manage the key storage and monitor the operation of the CSI.

Advantages of using a desktop CSI:

• small dimensions (51 × 51 × 51mm) and a convenient form factor that allow you to place the device on the workplace or use it as an embedded solution inside the hardware and software complex;
• Connectivity via both USB and Ethernet
• There is no need to make changes to the PC, including the installation of additional hardware modules required for software RMS of similar protection class;
• Support of BAC and EAC protocols, taking into account the requirements of modern national standards in the field of cryptographic protection of information to ensure interaction with travel documents and identity documents.