VPN-Key-TLS

VPN-Key-TLS is the general name of family of the certified personal USB devices used to secure remote access to web services in the concept of absolutely "thin" client. Besides, devices implement the qualified digital signature as certain structured data in information systems, and separate user files.

The main characteristics of devices (for September, 2018)

• Processor: Atmel family, ARM architecture
• Operating system: own
• Secure memory of EEPROM
• Flash disk
• Form factor of VPN-Key-TLS and VPN-Key-TLS Touch: USB token
  • Sizes: length is 60 mm, width is 16 mm, height is 7 mm.
  • Weight: 7 gr.

• VPN-Key-TLS Screen form factor: a-la navigator or smartphone
  • Sizes: length is 95 mm, width is 85 mm, height is 15 mm.
  • Weight: 140 gr.

• Implementation of interactive functions
  • VPN-Key-TLS Touch: touch confirmation of the executed transaction
  • VPN-Key-TLS Screen: touchscreen

Basic opportunities (for September, 2018)

• Access to key data and cryptographic functions on presentation of the PIN code
• Placement up to 5 key containers protected by different PIN codes
• Generation of key information on the device, issue of a request for the certificate
• Ensuring the entrusted delivery of a request for the certificate to Certification Center
• Hardware implementation of function of the electronic digital signature (EDS) including qualified
• Hardware protocol implementation of TLS 1.1 (including enciphering of traffic)
• Functions of subscriber enciphering and EDS of files
• The protected entrusted storage of certificates:
  • Loading of the certificate only after verification of its signature on one of the certificates which are already stored on the device
  • Loading and processing of CRL
  • Support of the mechanisms reducing risk of a compromise of a key of Certification Center

• Possibility of safe updating of a microcode (with verification of the signature of the producer and/or operator)

Advantages

• Let's combine with any standard personal computer with the USB interface
• Is the device of a standard class of CCID and works with use of the built-in drivers operating systems Windows XP Windows Vista, Windows 78//10
• Web – the interface to all user and application functions eliminates need for installation of the additional software and facilitates embedding in Web applications. Use of Java applets or ActiveX-elements is not required that is important for absolutely "thin" clients
• The functionality can be complemented to the "fat" client through the special libraries providing the increased performance of cryptographic functions and integration with the third-party applied systems through the developed program API.
• Functioning is based on standard Internet technologies
• The browser by default is used