Developers: | Crypto-Pro |
Last Release Date: | 2021/07/15 |
Technology: | Information Security - Encryption Tools |
Content |
CryptoPro CSP crypto provider is designed for:
- authorization and ensuring the legal significance of electronic documents when exchanging them between users, by using procedures for the formation and verification of an electronic digital signature (EDS) in accordance with domestic standards GOST R 34.11-94/GOST R 34.11-2012 and GOST R 34.10-2001/GOST R 34.10-2012;
- ensuring confidentiality and control of information integrity by means of its encryption and imitation protection, in accordance with GOST 28147-89;
- Ensure authenticity, confidentiality, and simulation of TLS connections
- monitoring the integrity of the system and application software to protect it from unauthorized changes and malfunctions;
- management of key elements of the system in accordance with the regulations of protective equipment.
2022
Based on PayControl GOST
On December 20, 2022, the company SafeTech announced that Cryptomissile defense it had expanded the capabilities of the flagship solution with the company. PayControl Now the solution works certified CIPF using CryptoPro CSP and, which JCP allows us to implement the formation and verification of enhanced unqualified electronic signature in accordance state with the standards of GOST R 34.11-2012 and GOST R 34.10-2012. More. here
Support for the browser plugin in the Aurora OS
OS Aurora In appeared mobile electronic signature in. browser This was announced on July 19, 2022 by the company. Crypto-Pro
This became possible thanks to the pre-installed extension, which supports work with the CryptoPro CSP 5.0 R3 CIPI kit. Read more here.
2021
Compatibility of CryptoPro CSP 5.0 R2 with Red OS
The companies Crypto-Pro"" and "" Red Soft have confirmed the compatibility of cryptographic information protection the CryptoPro tool CSP version 5.0 R2 and, operating system RED OS including on. processor Baikal-M Red Soft announced this on July 15, 2021. The general work on ensuring compatibility is aimed at creating domestic complex competitive solutions within the program. import substitution
The compatibility of RED OS and CryptoPro CSP is fundamental. CryptoPro CSP provides transmission protection data in most state agencies and state corporations. countries An example of the interaction of our companies allows us to talk about import substitution without ON risk for, - commented, information securityRustamov Rustam Deputy General Director of RED SOFT. |
The active development of RED OS and CIPI CryptoPro CSP with compatibility allows you to create application information systems that allow you to solve the most important government tasks with the provision of a consistently high level of information security. And of course, by joint efforts this practice will continue, - added Pavel Lutsik, director of business development and work with partners of CryptoPro. |
FSB certification "CryptoPro CSP" 5.0 R2 by KS1, KS2 and KS3 protection class
On July 7, 2021, Astra Linux and CryptoPro announced the successful certification of the FSB CIPTpro CSP 5.0 R2.
Crypto provider supports current domestic algorithms enciphering ones from GOST R 34.12-2015 (GOST 34.12-2018), including in protocols CMS TLS and 1.2, and meets all the regulator's requirements CIPF for KS1, KS2 and KS3 protection classes. If earlier it was possible to implement the maximum degree of security corresponding to the KS3 class only in the environment, now MS Windows this feature has become available to users of the OS, Astra Linux Special Edition a domestic operating platform that is allowed to be used on systems with this protection class.
To ensure security data by KS3 class, it is possible to use not any individual solution, but a whole set of software and hardware. In addition to the CIPF of the appropriate level, a specialized one is needed ON to create and control a closed program environment, for example, from the Astra Linux Special Edition, as well as a device where the CIPF operating conditions are implemented that allow you to fulfill all the requirements provided for by this protection class. One of these hardware platforms is created in the domestic Design Bureau " CAD tablet computer PKZ 2020," compatible with Astra Linux OS and CIPZ "CryptoPro CSP" 5.0 R2. The device is equipped with a certified FSBRussia hardware trusted boot module "" AMDZ chord based on the "Accord-GXM.2" controller, corresponding to the "1B" protection class. The software stack is also compatible with domestic "." processorsElbrus
IT systems with KS3 class protection are suitable for processing and storing personal data and other confidential information that do not constitute a state secret. Thus, the domestic technological stack, including Astra Linux Special Edition, "CryptoPro CSP" 5.0 R2 and the "Accord AMDZ" module, can be used by organizations that implement an import substitution strategy, for example, medical institutions, social protection bodies of citizens, etc.
The use of CryptoPro CSP 5.0 R2, along with the closed-loop integrity controls implemented in Astra Linux Special Edition, allows data security even if the attacker has physical access to the system. In addition, our OS includes an electronic signature service developed earlier together with experts from CryptoPro, and this serves as an additional means of protecting against unauthorized access to information and from its leakage, - said Roman Mylitsyn, director of innovations at Astra Linux GC. |
The emergence of the possibility of ensuring the protection of information by KS3 class using the CryptoPro technology bundle CSP 5.0 R2 and the Russian operating system Astra Linux Special Edition is a really big step towards digital sovereignty and, in general, to increase the level of information security of companies operating in the Russian market. - added Pavel Lutsik, Director of Business Development and Partner Relations at CryptoPro. |
Compatibility of Rutoken EDS 3.0 NFC and Rutoken EDS 2.0 3000 with CryptoPro CSP version 5.0 R2
As part of many years of technological cooperation, Aktiv and Crypto-PRO conducted testing that confirmed the compatibility of smart cards and Rutoken tokens with the cryptographic information protection tool CryptoPro CSP version 5.0 R2. This was announced by "Asset" on March 15, 2021. Read more here.
2020
CIPZ "CryptoPro CSP" version 5.0 as part of the SOW "HSM Signature Module"
On December 2, 2020, it became known that the FSB of Russia approved the conclusion based on the results of the work on assessing the impact of the HSM Signature Module on the regular functioning of CryptoPro CSP version 5.0 and PAKM CryptoPro HSM version 2.0 (package 1, version 1) and No. 149/3/2/2/2487, 2020. Read more here.
Compatibility of CIPZ "CryptoPro CSP" 5.0 and chromium-guest browser with Red OS
The companies Crypto-PRO and RED SOFT, within the framework of a technological partnership, tested for compatibility of their products. The developers confirmed the correctness of the CryptoPro CSP version 5.0 and the chromium-ghost browser (manufactured by CRYPTO-PRO) with the RED OS operating system (manufactured by RED SOFTWARE). The test results are reflected in a two-sided certificate of compatibility. Red Soft announced this on July 22, 2020.
{{quote 'Qualitative interaction of domestic developers is key for the development of the industry. Together with colleagues from CRYPTO-PRO, we regularly conduct tests to ensure product compatibility, which allows users to offer an expanded range of functions on the Russian RED OS operating system, "comments Rustamov Rustam, Deputy General Director of RED SOFT. }}
The technological partnership of Russian developers aimed at testing the compatibility of application and system software is an important stage towards the creation of comprehensive import-independent information systems that allow solving the abmicious range of tasks, including protecting confidential information in government agencies and organizations, adds Pavel Lutsik, Sales and Business Development Director of CRYPTO-PRO. |
Integration with Astra Linux Special Edition
On March 30, 2020, the Astra Linux group of companies announced the inclusion in the functionality of the Astra Linux Special Edition operating system of an electronic signature (EP) service, developed jointly with CryptoPro. Read more here.
2019
Support for Rutoken media with unrecoverable electronic signature keys
On September 3, 2019, the company Aktiv"" announced that as part of a technological partnership with Cryptomissile defense"," testing was carried out that confirmed the compatibility usb of -token smart cards Rutoken and with cryptographic information protection the CryptoPro CSP tool version 5.0.
As noted in "Asset," the tests confirm the correctness of the joint operation of Rutoken devices and cryptographic information protection tools CryptoPro CSP 5.0. In particular, CryptoPro CSP in secure key storage mode works with Rutoken S and Rutoken Lite, as well as micro-versions for laptops. The use of these devices allows crypto provider users to secure key information from unauthorized use. Keys and certificates are stored in the Rutoken secure file system.
The updated version of the crypto provider supports working with the internal Rutoken crypto kernel. In the "active computer" mode, the keys of the CryptoPro container are created immediately in the protected memory of the device. Signing documents is also possible on unrecoverable hardware keys. This mode prevents the key from being extracted into the computer's memory at the time of signing, emphasized in "Aktiv."
As of September 2019, work with non-extractable keys is possible with the following models:
- Rutoken EDS 2.0 (micro);
- Rutoken EDS 2.0 2100;
- Rutoken EDS 2.0 Flash/Touch;
- Rutoken EDS Bluetooth;
- Rutoken EDS 2.0 2100 smart cards;
- Rutoken EDS PKI;
- Rutoken EDS SC Smart Cards.
In addition, according to the developer, the fifth version of the crypto provider has support for the SESPAKE protocol (FKN), implemented in the certified Rutoken EDS 2.0 3000 model. This protocol allows authentication without transmitting the user's PIN in clear text, and establishes an encrypted channel for exchanging messages between the crypto provider and the media.
Testing by Rutoken and crypto provider was performed in operating systems WindowsLinuxmacOS///. FreeBSD Rutoken EDS Bluetooth also works with/. iOSAndroid Rutoken Lite microSD - exclusively with Android.
CryptoPro CSP and Rutoken are widely used in various information systems in our country. Over the course of many years of cooperation with CryptoPro, we have always tried to make the latest versions of our products work smoothly. Customers using popular certified CIPFs should have no questions or difficulties in operating our joint solutions, " |
"In CryptoPro CSP 5.0, we have expanded integration with the popular key media of Rutoken of Aktiv. A protocol has been implemented and certified that provides additional protection of key user information "CryptoPro CSP," |
JaCarta SF/GOST compatibility
On July 30, 2019, Aladdin RD announced that it had tested for compatibility with the latest versions of its software products together with CRYPTO-PRO.
Tests conducted by the company's specialists confirmed the operability and correctness of the joint functioning of the protected machine storage medium (ZMNI) JaCarta SF/GOST cryptographic information protection and the CryptoPro CSP tools versions 4.0 R3, 4.0 R4 and 5.0.
Testing was performed operating systems Windows 7 in (32/64-bit), (Windows 8 32/64-bit), Windows 8.1 (32/64-bit), (Windows 10 32/64-bit), (Windows Server 2003 32/64-bit), (Windows Server 2008 32/64-bit), Windows 2008 Server R2,, Windows Server 2012 Windows 2012 Server R2,, Windows Server 2016 Linux Linux Standard Base/IEC 23360 v4.x distributions ISO, (x86-64) Astra Linux Special Edition and 8 JVs (for Viola CryptoPro CSP versions 4.0 R4 and 5.0) using CIPT support library "CryptoPro CSP" versions 3.6.407 or higher (for 4.0 R3 and 4.0 R4) and 5.0.0 or higher (for 5.0).
Starting from version 5.0 of the cryptographic information protection tool "CryptoPro CSP," hardware key generation on the GOST JaCarta-2 token is supported. Previously, only the key container was stored. Now users can be sure that when CryptoPro CSP works with these tokens, the private key will not leave the device, which provides an increased level of security.
JaCarta Electronic Key Compatibility
On July 5, 2019, Aladdin R.D. announced that, together with CRYPTO-PRO, they completed test tests for the compatibility of their products.
Compatibility certificates issued as a result of testing confirm the operability and correctness of the joint functioning of JaCarta electronic keys and cryptographic information protection tools "CryptoPro CSP" versions 4.0 R4 and 5.0.
The specialists of the companies experimentally established the compatibility of CIPZ "CryptoPro CSP" versions 4.0 R4 and 5.0. with USB tokens and smart cards of JaCarta GOST, JaCarta PKI, JaCarta PRO, JaCarta PKI/GOST, JaCarta PRO/GOST, JaCarta PKI/BIO, JaCarta PKI/BIO/GOST, JaCarta-2 GOST, JaCarta-2 PKI/GOST, JaCarta-2 PRO/GOST, JaCarta-2 PKI/BIO/GOST, JaCarta LT and also the JaCarta GOST/Flash, JaCarta PKI/Flash and JaCarta PKI/GOST/Flash keys.
Testing was held operating systems Windows 7 in (32/64-bit), Windows 8 (32/64-bit), Windows 8.1 (32/64-bit, Windows 10 (32/64-bit), Windows 2003 Server (32/64-bit), Windows 2008 Server (32/64-bit), Windows 2008 Server R2, Windows 2012 Server Windows 2012 Server R2, Windows 2016 Server the distribution kits Linux satisfying ISO to the Linux Standard Base / IEC 23360 standard of the version of LSB 4.x (for versions "CSP Cryptomissile Defence" 4.0 R4 and 5.0) Windows 2019 Server and (64-bit), X Mac OS 10.9/10.10/10.11/10.12/10.13/10.14 (x64), Apple iOS 8/9/10/11/12 (ARMv7, ARM64) (for versions "CSP Cryptomissile Defence" 5.0).
Starting from version 5.0 of the cryptographic information protection tool "CryptoPro CSP," hardware key generation on the GOST JaCarta-2 token is supported. Previously, only the key container was stored. Now users can be sure that when CryptoPro CSP works with these tokens, the private key will not leave the device, which provides an increased level of security.
Compatibility with Astra Linux on Elbrus and Baikal processors
On January 24, 2019, ASTRALINUX announced that the CryptoPro CSP electronic signature tool was certified for use in the Russian Astra Linux operating system for the Elbrus and Baikal processor architecture (MIPS). Read more here.
2016: CryptoPro CSP runs on Baikal-T1
On September 27, 2016, the companies CryptoPro "Asset" announced support for Baikal-T1 the CryptoPro CSP crypto provider, tokens and smart cards with a dual-core processor. Rutoken
Baikal-T1 is the development of Baikal Electronics. Engineering samples of the processor were presented in May 2015.
The compound solution of Rutoken and Crypto Pro CSP is a synergy of cryptographic products. According to the developers, the use of the CryptoPro CSP and Rutoken bundle on the Baikal-T1 platform ensures secure authentication, storage of encryption keys and electronic signatures when working with confidential information. A high level of security is achieved due to the guaranteed absence of Baikal-T1 software bookmarks in the processors.
Information protection issues - at the software and hardware levels - are now more relevant than ever, and during the development of the Baikal-T1 processor, we paid close attention to them. So our product is based on the recognized and industry-supported MIPS processor architecture, contains the Warrior P-class core with hardware virtualization technology. Baikal-T1 uses virtualization to create discrete secure domains in which applications and operating systems can reliably work independently of each other. These built-in capabilities are complemented by third-party solutions. The pair of CryptoPro and Rutoken have established themselves as a reliable comprehensive solution for protecting confidential data, and I am glad that this solution is now available on the Baikal-T1 platform. |
Today, CryptoPro and Rutoken solutions are the only bundle of crypto provider and alienable media running on a modern Russian processor. It allows you to build workplaces that meet advanced safety requirements. |
More and more government customers are paying attention to Russian hardware platforms, so we cannot stand aside and provide a version of the crypto provider assembled for Baikal-T1. |