• Home
  •  > 
  • Office programs
  •  > 
  • What are cryptographic protection tools intended for? Means of cryptographic information protection

What are cryptographic protection tools intended for? Means of cryptographic information protection

CIPF (cryptographic information protection tool) is a program or device that encrypts documents and generates an electronic signature (ES). All operations are performed using an electronic signature key, which cannot be selected manually, since it is a complex set of characters. This ensures reliable information protection.

How CIPF works

  1. The sender creates a document
  2. Using CIPF and a private key, the electronic signature adds a signature file, encrypts the document and combines everything into a file that is sent to the recipient
  3. The file is sent to the recipient
  4. The recipient decrypts the document using CIPF and the private key of his electronic signature
  5. The recipient checks the integrity of the electronic signature, making sure that no changes have been made to the document

Types of CIPF for electronic signature

There are two types of cryptographic information protection tools: installed separately and built into the media.

CIPF installed separately is a program that is installed on any computer device. Such CIPF are used everywhere, but have one drawback: they are strictly tied to one workplace. You will be able to work with any number of electronic signatures, but only on the computer or laptop on which CIPF is installed. To work on different computers, you will have to buy an additional license for each.

When working with electronic signatures, the cryptoprovider CryptoPro CSP is most often used as the installed CIPF. The program runs on Windows, Unix and other operating systems, and supports domestic security standards GOST R 34.11-2012 and GOST R 34.10-2012.

Other cryptographic information protection systems are used less frequently:

  1. Signal-COM CSP
  2. LISSI-CSP
  3. VipNet CSP

All listed CIPFs are certified by the FSB and FSTEC and comply with security standards adopted in Russia. For full operation they also require the purchase of a license.

CIPF built into the media, are encryption tools built into the device that are programmed to work independently. They are convenient due to their self-sufficiency. Everything you need to sign an agreement or report is already on the media itself. There is no need to buy licenses or install additional software. A computer or laptop with Internet access is sufficient. Encryption and decryption of data is carried out within the media. Media with built-in CIPF include Rutoken EDS, Rutoken EDS 2.0 and JaCarta SE.

Cryptography (from the ancient Greek κρυπτος - hidden and γραϕω - I write) is the science of methods for ensuring the confidentiality and authenticity of information.

Cryptography is a set of data transformation methods aimed at making the data useless to an attacker. Such transformations allow us to solve two main issues regarding information security:

  • privacy protection;
  • integrity protection.

The problems of protecting confidentiality and information integrity are closely related, so methods for solving one of them are often applicable to solving the other.

There are various approaches to the classification of methods for cryptographic transformation of information. Based on the type of impact on the original information, methods of cryptographic transformation of information can be divided into four groups:

The sender generates the plaintext of the original message M, which must be transmitted to the rightful recipient over an insecure channel. An eavesdropper monitors the channel with the goal of intercepting and revealing the transmitted message. To prevent an interceptor from learning the contents of a message M, the sender encrypts it using a reversible transform Ek and receives the ciphertext (or cryptogram) C=Ek(M), which is sent to the recipient.

The legitimate recipient by accepting the ciphertext WITH, decrypts it using the inverse transform Dk(C) and receives the original message in plaintext M.

Conversion Ek is selected from a family of cryptographic transformations called cryptoalgorithms. The parameter by which a particular transformation is selected is called the cryptographic key TO.

The cryptosystem has different implementation options: a set of instructions, hardware, a set of programs that allow you to encrypt the plaintext and decrypt the ciphertext in various ways, one of which is selected using a specific key TO.

The encryption conversion can be symmetrical And asymmetrical regarding the decryption transformation. This important property defines two classes of cryptosystems:

  • symmetric (single-key) cryptosystems;
  • asymmetric (two-key) cryptosystems (with public key).

Symmetric encryption

Symmetric encryption, often called secret key encryption, is primarily used to ensure data confidentiality. To ensure data confidentiality, users must jointly select a single mathematical algorithm that will be used to encrypt and decrypt data. In addition, they need to select a shared (secret) key to be used with their adopted encryption/decryption algorithm, i.e. the same key is used for both encryption and decryption (the word "symmetric" means the same for both sides).

An example of symmetric encryption is shown in Fig. 2.2.

Today, widely used encryption algorithms include Data Encryption Standard (DES), 3DES (or “triple DES”), and International Data Encryption Algorithm (IDEA). These algorithms encrypt messages in 64-bit blocks. If the message is larger than 64 bits (as it usually is), you need to break it up into blocks of 64 bits each and then somehow combine them together. Such a merger typically occurs using one of the following four methods:

  • electronic code book (Electronic Code Book, ECB);
  • chains of encrypted blocks (Cipher Block Changing, CBC);
  • x-bit encrypted feedback (Cipher FeedBack, CFB-x);
  • output feedback (Output FeedBack, OFB).

Triple DES (3DES)– a symmetric block cipher created on the basis of the DES algorithm in order to eliminate the main disadvantage of the latter - the small key length (56 bits), which can be cracked by brute force. The speed of 3DES is 3 times lower than that of DES, but the cryptographic strength is much higher. The time required to cryptanalyze 3DES can be much longer than the time required to break DES.

Algorithm AES(Advanced Encryption Standard), also known as Rijndael - a symmetric block encryption algorithm - encrypts messages in blocks of 128 bits, using a key of 128/192/256 bits.

Secret key encryption is often used to maintain data confidentiality and is implemented very effectively using immutable firmware. This method can be used for authentication and maintaining data integrity.

The following problems are associated with the symmetric encryption method:

  • it is necessary to change secret keys frequently, since there is always a risk of their accidental disclosure (compromise);
  • It is quite difficult to ensure the security of secret keys during their generation, distribution and storage.

Cryptographic information protection - protection of information using its cryptographic transformation.

Cryptographic methods are currently basic to ensure reliable authentication of parties to information exchange, protection.

TO means of cryptographic information protection(CIPF) includes hardware, firmware and software that implement cryptographic algorithms for converting information for the purpose of:

Protection of information during its processing, storage and transmission;

Ensuring the reliability and integrity of information (including using digital signature algorithms) during its processing, storage and transmission;

Generating information used to identify and authenticate subjects, users and devices;

Generation of information used to protect the authenticating elements of a protected AS during their generation, storage, processing and transmission.

Cryptographic methods provide encryption and encoding of information. There are two main encryption methods: symmetric and asymmetric. In the first of them, the same key (kept secret) is used to both encrypt and decrypt data.

Very effective (fast and reliable) symmetric encryption methods have been developed. There is also a national standard for such methods - GOST 28147-89 “Information processing systems. Cryptographic protection. Cryptographic conversion algorithm."

Asymmetric methods use two keys. One of them, unclassified (it can be published along with other public information about the user), is used for encryption, the other (secret, known only to the recipient) is used for decryption. The most popular of the asymmetric ones is the RSA method, based on operations with large (100-digit) prime numbers and their products.

Cryptographic methods make it possible to reliably control the integrity of both individual pieces of data and their sets (such as a message flow); determine the authenticity of the data source; guarantee the impossibility of refusing actions taken (“non-repudiation”).

Cryptographic integrity control is based on two concepts:

Electronic signature (ES).

A hash function is a hard-to-reversible data transformation (one-way function), implemented, as a rule, by means of symmetric encryption with block linking. The result of encryption of the last block (depending on all previous ones) serves as the result of the hash function.

Cryptography as a means of protecting (closing) information is becoming increasingly important in commercial activities.


To transform information, various encryption tools are used: document encryption tools, including portable ones, speech encryption tools (telephone and radio conversations), telegraph message encryption tools and data transmission.

To protect trade secrets, various technical devices and sets of professional equipment for encryption and cryptographic protection of telephone and radio conversations, business correspondence, etc. are offered on the international and domestic markets.

Scramblers and maskers, which replace the speech signal with digital data transmission, have become widespread. Security products for teletypewriters, telexes and faxes are produced. For these purposes, encryptors are used, made in the form of separate devices, in the form of attachments to devices, or built into the design of telephones, fax modems and other communication devices (radio stations and others). To ensure the reliability of transmitted electronic messages, an electronic digital signature is widely used.

Listen... could you, for our common benefit, print out every letter that arrives at your post office, incoming and outgoing, you know, a little bit and read it: does it contain some kind of report or just correspondence... .

N.V. Gogol “The Inspector General”

Ideally, only two people should be able to read a confidential letter: the sender and the person to whom it is addressed. The formulation of such a seemingly very simple thing was the starting point of cryptographic protection systems. The development of mathematics gave impetus to the development of such systems.

Already in the 17th-18th centuries, ciphers in Russia were quite sophisticated and resistant to cracking. Many Russian mathematicians worked on creating or improving encryption systems and at the same time tried to find keys to the ciphers of other systems. Currently, several Russian encryption systems can be noted, such as Lexicon Verba, Secret Net, DALLAS LOCK, Secret Disk, the Accord family of products, etc. We will talk about them. You will also get acquainted with the main software and hardware cryptographic protection complexes, learn about their capabilities, strengths and weaknesses. We hope that this article will help you make a choice of a cryptoprotection system.

Introduction

Are you concerned that important information on your computer might fall into the wrong hands? This information can be used by competitors, regulatory authorities, and simply ill-wishers. Obviously, such actions can cause you significant damage. What to do? In order to protect your information from strangers, you need to install one of the data encryption programs. Our review is devoted to the analysis of encryption systems for desktop systems. It should be noted that the use of foreign encryption systems in Russia is severely limited for a number of reasons, so government organizations and large domestic companies are forced to use Russian developments. However, medium and small companies, as well as individuals, sometimes prefer foreign systems.

To the uninitiated, encrypting information looks like a bit of black magic. Indeed, encrypting messages to hide their contents from outsiders is a complex mathematical problem. In addition, the cipher must be selected in such a way that it is almost impossible to open it without a key, but with a key - quickly and easily. Many companies and organizations find it very difficult to make the best choice when installing encryption software. The matter is further complicated by the fact that there are no absolutely secure computers and absolutely reliable encryption systems. However, there are still enough ways to repel almost all attempts to reveal encrypted information.

What's inside encryption programs?

Encryption programs differ from each other in the encryption algorithm. Once you encrypt a file, you can write it to a floppy disk, send it by email, or put it on a server on your local network. The recipient of your encryption must have the same encryption program to read the contents of the file.

If you want to send an encrypted message to several users at the same time, then your information for each recipient can be encrypted using his own key or using a shared key for all users (including the message author).

The cryptographic security system uses a secret code to turn your information into a meaningless, pseudo-random string of characters. With a good encryption algorithm, it is almost impossible to decrypt a message without knowing the secret code used for encryption. Such algorithms are called symmetric key algorithms because the same key is used to encrypt and decrypt information.

To protect your data, the encryption program creates a secret key using your password. You just need to set a long password that no one can guess. However, if you want someone else to be able to read the file, you will need to tell that person the secret key (or password it was created from). You can be sure that even a simple encryption algorithm will protect your data from the average user, say, from a work colleague. However, professionals have a number of ways to decrypt a message without knowing the secret code.

Without special knowledge, you will not be able to independently check how reliable your encryption algorithm is. But you can rely on the opinion of professionals. Some encryption algorithms, such as Triple DES (Data Encryption Standard), have been tested for many years. Based on the test results, this algorithm has proven itself well, and cryptographers believe that it can be trusted. Most new algorithms are also carefully studied, and the results are published in specialized literature.

If the program's algorithm has not been openly reviewed and discussed by professionals, if it does not have certificates and other official papers, this is a reason to doubt its reliability and refuse to use such a program.

Another type of encryption system is public key systems. For such a system to work, there is no need to provide the recipient with the secret key (or the password on the basis of which it was created). These encryption systems generate two digital keys for each user: one is used to encrypt data, the other is used to decrypt it. The first key (called the public key) can be published, but the second key can be kept secret. After this, anyone can encrypt the information using the public key, and only those who have the corresponding secret key can decrypt it.

Some encryption programs contain another important security feature - a digital signature. A digital signature certifies that the file has not been modified since it was signed and gives the recipient information about who signed the file. The algorithm for creating a digital signature is based on calculating a checksum - the so-called hash sum, or message digest. The algorithms used ensure that it is impossible to find two different files whose hash sums would match.

When the recipient receives a digitally signed file, their encryption program recalculates the hash for that file. The recipient then uses the public key published by the sender to reconstruct the digital signature. If the result matches the value calculated for the file, then the recipient can be confident that the message text has not been altered (if it had, the hash would be different) and the signature belongs to someone who has access to the sender's private key.

Protecting important or confidential information requires more than just a good encryption program. You need to take a number of measures to ensure information security. If your password is weak (experts recommend using eight or more characters) or if an unencrypted copy of sensitive information is stored on your computer, then even the best encryption system will be powerless.

System "Lexicon-Verba"

The Lexikon-Verba system is a means of organizing secure electronic document flow both within the corporate network and between different organizations. Lexicon-Verba uses two modifications of the cryptography system: the Verba-W system is intended for government agencies (protection of confidential information, in particular chipboard; signature keys are public, encryption keys are private), the Verba-OW system is for commercial organizations (protection of trade secrets; signature and encryption keys are public).

There are quite a few global encryption standards, but only a small part of them have certificates from the Federal Agency for Government Communications and Information (FAGSI), which makes it impossible to use uncertified solutions in Russia. The Verba-W system has FAPSI certificate No. SF/114-0176. System "Verba-OW" - FAPSI certificate No. SF/114-0174.

Lexikon-Verba provides encryption and electronic digital signature in accordance with the requirements of GOST 28147-89 “Information processing systems. Cryptographic protection" and GOST R34.10-94 "Information technology. Cryptographic information protection. Procedures for developing and verifying an electronic digital signature based on an asymmetric cryptographic algorithm.”

The program is certified by the State Technical Commission under the President of the Russian Federation. It is expected to receive a certificate from the Russian Ministry of Defense in July.

The system's cryptographic protection is based on the public key encryption technique. Each key that identifies a user consists of two parts: a public key and a private key. The public key can be distributed freely and is used to encrypt a given user's information. To decrypt a document, the user who encrypted it needs to have your public key and, when encrypting it, indicate you as having access to the document.

To decrypt a document, you need to use the private key. The private key consists of two parts, one of which is stored on a smart card or touch-memory, and the other on your computer's hard drive. Thus, neither the loss of a smart card nor unauthorized access to a computer provides, individually, the ability to decrypt documents.

The initial key set, which includes complete information about the user’s public and private keys, is created at a specially equipped secure workplace. The floppy disk with key information is used only at the stage of preparing the user's workstation.

The Lexikon-Verba system can be used within two main systems for organizing secure document flow:

  • as an independent solution. If your organization has a local network, the system can be installed not on all computers, but only on those that require working with confidential documents. This means that a subnetwork for the exchange of classified information arises within the corporate network. At the same time, participants in the closed part of the system can exchange open documents with other employees;
  • as an integral part of document flow. Lexikon-Verba has standard interfaces for connecting external functions to perform the operations of opening, saving, closing and sending documents, which makes it easy to integrate this system into both existing and newly developed document management systems.

It should be noted that the properties of the Lexicon-Verba system make it not only a means of providing information protection from external penetrations, but also a means of increasing internal corporate confidentiality and sharing access.

One of the important additional resources for increasing the level of information security control is the ability to maintain an “event log” for any document. The document history recording function can be enabled or disabled only during system installation; when enabled, this log will be maintained regardless of the user’s wishes.

The main advantage and distinctive feature of the system is the simple and intuitive implementation of information security functions while maintaining the user's traditional work environment for word processors.

The cryptography unit performs encryption, as well as installation and removal of electronic digital signatures (EDS) of documents.

Auxiliary functions of the block include loading a secret key, exporting and importing public keys, setting up and maintaining a directory of system subscriber keys.

Thus, each person who has access to the document can only put his own signature, but remove any of the previously signed ones.

This reflects the accepted procedure for office work, when, as the document undergoes approval, it may be subject to corrections at different stages, but after that the document must be endorsed again.

When you try to make changes to a document by means other than Lexikon-Verba, the digital signature is damaged, and as a result, the message “Damaged” will appear in the “Signature Status” field.

Office

As the number of system users increases, entering each public key onto each computer becomes difficult. Therefore, to organize the work of the office, centralized administration of the directory of public keys is organized. This is done as follows:

1) “Lexicon-Verba” is installed on the administrator’s computer in local mode. This creates a directory of public keys, into which the administrator adds each key used in the office;

2) on all other computers the system is installed in network mode. In this mode, the directory of public keys located on the administrator's computer is used;

3) each new user added to the directory by the administrator becomes “visible” to all users connected to the directory. From this moment on, they are able to transfer encrypted documents to him.

Administration of the directory becomes centralized, but this does not affect the level of security of the system, since providing access to public keys is a kind of “introduction” to users, but it does not provide access to any documents. In order for a user to be able to decrypt a document, it is necessary that his public key not only be in the directory, but also be explicitly indicated as having access to the document.

1.1. This Policy for the use of cryptographic information protection means ( further - Policy ) determines the procedure for organizing and ensuring the functioning of encryption ( cryptographic) means intended to protect information that does not contain information constituting a state secret ( further – CIPF, crypto-means ) if they are used to ensure the security of confidential information and personal data during their processing in information systems.

1.2. This Policy has been developed in pursuance of:

  • Federal Law "About personal data" , regulations of the Government of the Russian Federation in the field of ensuring the security of personal data;
  • Federal Law No. 63-FZ "About electronic signature" ;
  • Order of the FSB of the Russian Federation No. 378 "On approval of the composition and content of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems using cryptographic information protection tools necessary to fulfill the requirements established by the Government of the Russian Federation for the protection of personal data for each level of security";
  • FAPSI Order No. 152 “ On approval of the Instructions on organizing and ensuring the security of storage, processing and transmission via communication channels using means of cryptographic protection of information with limited access that does not contain information constituting a state secret»;
  • Order of the FSB of the Russian Federation N 66 " On approval of the Regulations on the development, production, sale and operation of encryption (cryptographic) information security means (PKZ-2005 Regulations) »;

1.3. This Policy applies to crypto tools designed to ensure the security of confidential information and personal data when processed in information systems;

1.4. Cryptographic means of information protection ( further – CIPF ), implementing encryption and electronic signature functions are used to protect electronic documents transmitted over public communication channels, for example, the public Internet, or via dial-up communication channels.

1.5. To ensure security, it is necessary to use CIPF, which:

  • allow integration into technological processes for processing electronic messages, ensure interaction with application software at the level of processing requests for cryptographic transformations and issuing results;
  • are supplied by the developers with a full set of operational documentation, including a description of the key system, rules for working with it, as well as justification for the necessary organizational and staffing support;
  • support the continuity of the processes of logging the operation of the CIPF and ensuring the integrity of the software for the CIPF operating environment, which is a set of hardware and software tools with which the normal functioning of the CIPF occurs and which can affect the fulfillment of the requirements for the CIPF;
  • certified by an authorized state body or have permission from the FSB of Russia.

1.6. CIPF used to protect personal data must have a class of at least KS2.

1.7. CIPF are implemented on the basis of algorithms that comply with the national standards of the Russian Federation and the terms of the agreement with the counterparty.

1.8. CIPF, licenses, accompanying key documents, instructions for CIPF are purchased by the organization independently or can be obtained from a third party that initiates secure document flow.

1.9. CIPF, including installation media, key documents, descriptions and instructions for CIPF, constitute a trade secret in accordance with the Regulations on Confidential Information.

  1. Procedure for using CIPF

2.1. Installation and configuration of cryptographic information protection tools is carried out in accordance with operational documentation, instructions of the FSB of Russia and other organizations participating in secure electronic document flow. Upon completion of installation and configuration, the readiness of the CIPF for use is checked, conclusions are drawn up on the possibility of their operation, and the CIPF is put into operation.

The placement and installation of CIPF, as well as other equipment operating with crypto-assets, in secure premises should minimize the possibility of uncontrolled access of unauthorized persons to these funds. Maintenance of such equipment and change of crypto keys are carried out in the absence of persons not authorized to work with CIPF data. It is necessary to provide organizational and technical measures to exclude the possibility of using CIPF by unauthorized persons. The physical placement of CIPF must ensure the security of CIPF and prevent unauthorized access to CIPF. Access of persons to the premises where protective equipment is located is limited in accordance with official needs and is determined by a list approved by the director.

The embedding of crypto funds of class KS1 and KS2 is carried out without control by the FSB of Russia ( if this control is not provided for in the terms of reference for the development (modernization) of the information system).

The embedding of cryptocurrencies of class KS3, KB1, KB2 and KA1 is carried out only under the control of the FSB of Russia.

Embedding of crypto-tools of class KS1, KS2 or KS3 can be carried out either by the user of the crypto-tool himself if he has the appropriate license from the FSB of Russia, or by an organization that has the appropriate license from the FSB of Russia.

The embedding of cryptocurrencies of class KV1, KV2 or KA1 is carried out by an organization that has the appropriate license from the FSB of Russia.

Decommissioning of CIPF is carried out subject to procedures that ensure guaranteed removal of information, the unauthorized use of which may harm the business activities of the organization, and information used by information security tools, from permanent memory and from external media ( with the exception of archives of electronic documents and protocols of electronic interaction, the maintenance and preservation of which for a certain period are provided for by the relevant regulatory and (or) contractual documents) and is formalized by the Act. CIPF is destroyed ( dispose of) by decision of the owner of the crypto-fund, and with notification of the organization responsible in accordance with the organization of copy-by-instance accounting of crypto-funds.

Destined for destruction ( recycling) CIPF are subject to removal from the hardware with which they functioned. In this case, crypto-tools are considered removed from the hardware if the procedure for removing the software of crypto-tools, provided for in the operational and technical documentation for CIPF, has been completed and they are completely disconnected from the hardware.

General-purpose hardware components and parts suitable for further use, not specifically designed for hardware implementation of cryptographic algorithms or other CIPF functions, as well as equipment working together with crypto-tools ( monitors, printers, scanners, keyboards, etc.), may be used after the destruction of CIPF without restrictions. In this case, information that may remain in the equipment memory devices ( for example, in printers, scanners), must be securely removed ( erased).

2.2. The operation of CIPF is carried out by persons appointed by order of the director of the organization and who have been trained to work with them. If there are two or more CIPF users, responsibilities are distributed between them, taking into account personal responsibility for the safety of crypto assets, key, operational and technical documentation, as well as for assigned areas of work.

Users of crypto funds are obliged to:

  • not disclose information to which they are authorized, including information about CIPF and other protection measures;
  • do not disclose information about key documents;
  • do not allow copies to be made of key documents;
  • prevent key documents from being displayed ( monitor) personal computer or printer;
  • do not allow extraneous information to be recorded on the key media;
  • do not allow installation of key documents on other personal computers;
  • comply with the requirements for ensuring the security of information, the requirements for ensuring the security of CIPF and key documents thereto;
  • report on attempts by outsiders that have become known to them to obtain information about the CIPF used or key documents for them;
  • immediately notify about the facts of loss or shortage of CIPF, key documents to them, keys to premises, storage facilities, personal seals and other facts that may lead to the disclosure of protected information;
  • submit CIPF, operational and technical documentation for them, key documents upon dismissal or removal from duties related to the use of cryptocurrencies.

The security of information processing using CIPF is ensured by:

  • compliance by users with confidentiality when handling information that is entrusted to them or has become known through their work, including information about the functioning and procedure for ensuring the security of the CIPF used and key documents to them;
  • accurate compliance by CIPF users with information security requirements;
  • reliable storage of operational and technical documentation for CIPF, key documents, limited distribution media;
  • timely detection of attempts by unauthorized persons to obtain information about the protected information, about the CIPF used or key documents to them;
  • immediate adoption of measures to prevent the disclosure of protected information, as well as its possible leak when facts of loss or shortage of CIPF, key documents for them, certificates, passes, keys to premises, storage facilities, safes are identified ( metal cabinets), personal seals, etc.

If it is necessary to transmit restricted access service messages over technical communication means concerning the organization and operation of CIPF, these messages must be transmitted only using crypto-means. Transfer of cryptokeys via technical means of communication is not permitted, with the exception of specially organized systems with a decentralized supply of cryptokeys.

CIPF are subject to accounting using indices or conventional names and registration numbers. The list of indices, code names and registration numbers of crypto-assets is determined by the Federal Security Service of the Russian Federation.

CIPF used or stored, operational and technical documentation for them, key documents are subject to copy-by-copy recording. The form of the CIPF Logbook is given in Appendix No. 1, the Key Media Logbook in Appendix No. 2 to this Policy. In this case, software cryptographic information protection systems must be taken into account together with the hardware with which their normal operation is carried out. If hardware or hardware-software CIPFs are connected to the system bus or to one of the internal hardware interfaces, then such cryptocurrencies are also taken into account together with the corresponding hardware.

The unit of copy-by-copy accounting of key documents is considered to be a reusable key media, a key notepad. If the same key medium is used repeatedly to record crypto keys, then it should be registered separately each time.

All received copies of crypto-assets, operational and technical documentation for them, and key documents must be issued against receipt in the appropriate copy-by-instance journal to users of crypto-assets who bear personal responsibility for their safety.

The transfer of CIPF, operational and technical documentation for them, and key documents is allowed only between users of crypto-assets and (or) the responsible user of crypto-assets against a receipt in the appropriate journals of each instance. Such transfer between users of crypto funds must be authorized.

Storage of CIPF installation media, operational and technical documentation, key documents is carried out in cabinets ( boxes, storage) for individual use under conditions that preclude uncontrolled access to them, as well as their unintentional destruction.

The hardware with which the CIPF operates normally, as well as hardware and hardware-software CIPF, must be equipped with means of control over their opening ( sealed, sealed). Place of sealing ( sealing) cryptocurrencies, hardware must be such that it can be visually monitored. If it is technically possible, during the absence of users of crypto funds, these funds must be disconnected from the communication line and placed in sealed storage.

Changes to the CIPF software and technical documentation for the CIPF are carried out on the basis of received from the CIPF manufacturer and documented updates with recording of checksums.

Operation of CIPF requires maintaining at least two backup copies of software and one backup copy of key media. Restoring the functionality of the CIPF in emergency situations is carried out in accordance with the operational documentation.

2.3. The production of key documents from the initial key information is carried out by responsible users of CIPF, using standard crypto-tools, if such a possibility is provided for in the operational and technical documentation in the presence of a license from the FSB of Russia for the production of key documents for crypto-tools.

Key documents can be delivered by courier ( including departmental) communication or with specially designated responsible users of crypto funds and employees, subject to measures to prevent uncontrolled access to key documents during delivery.

To send key documents, they must be placed in durable packaging that excludes the possibility of physical damage and external influence. The packaging indicates the responsible user for whom the packaging is intended. Such packages are marked “Personally”. The packages are sealed in such a way that it is impossible to remove the contents from them without breaking the packages and seals.

Before initial deportation ( or return) the addressee is informed in a separate letter of the description of the packages sent to him and the seals with which they can be sealed.

To send key documents, a covering letter is prepared, which must indicate: what is being sent and in what quantity, document registration numbers, as well as, if necessary, the purpose and procedure for using the item being sent. The covering letter is included in one of the packages.

The received packages are opened only by the responsible user of the crypto funds for which they are intended. If the contents of the received package do not correspond to what is specified in the cover letter or the packaging itself and the seal do not correspond to their description ( imprint), and also if the packaging is damaged, resulting in free access to its contents, then the recipient draws up a report, which he sends to the sender. Key documents received with such shipments are not permitted to be used until instructions are received from the sender.

If defective key documents or crypto keys are discovered, one copy of the defective product should be returned to the manufacturer to establish the causes of the incident and eliminate them in the future, and the remaining copies should be stored until additional instructions are received from the manufacturer.

Receipt of key documents must be confirmed to the sender in the manner specified in the cover letter. The sender is obliged to control the delivery of his items to the recipients. If the appropriate confirmation is not received from the addressee in a timely manner, the sender must send him a request and take measures to clarify the location of the items.

The order for the production of the next key documents, their production and distribution to places of use for the timely replacement of existing key documents is made in advance. The instruction to put into effect the next key documents is given by the responsible user of crypto funds only after receiving confirmation from them that the next key documents have been received.

Unused or deactivated key documents must be returned to the responsible user of crypto funds or, at his direction, must be destroyed on site.

Destruction of crypto keys ( initial key information) can be done by physically destroying the key media on which they are located, or by erasing ( destruction) crypto keys ( initial key information) without damaging the key media ( to ensure its reusability).

Cryptokeys ( initial key information) are washed using the technology adopted for the corresponding key reusable media ( floppy disks, compact discs (CD-ROM), Data Key, Smart Card, Touch Memory, etc.). Direct actions to erase crypto keys ( initial key information), as well as possible restrictions on the further use of the corresponding reusable key media are regulated by the operational and technical documentation for the relevant CIPF, as well as instructions from the organization that recorded the crypto keys ( initial key information).

Key media are destroyed by causing irreparable physical damage to them, excluding the possibility of their use, as well as by restoring key information. Direct actions to destroy a specific type of key media are regulated by the operational and technical documentation for the relevant CIPF, as well as instructions from the organization that recorded the crypto keys ( initial key information).

Paper and other combustible key media are destroyed by burning or using any paper cutting machines.

Key documents are destroyed within the time limits specified in the operational and technical documentation for the relevant CIPF. The fact of destruction is recorded in the corresponding copy-by-instance journals.

Destruction according to the act is carried out by a commission consisting of at least two people. The act specifies what is destroyed and in what quantity. At the end of the act, a final record is made (in numbers and in words) about the number of items and copies of key documents being destroyed, installation media for CIPF, operational and technical documentation. Corrections in the text of the act must be agreed upon and certified by the signatures of all members of the commission who took part in the destruction. About the destruction carried out, notes are made in the appropriate journals for individual records.

Cryptokeys that are suspected of being compromised, as well as other cryptokeys operating in conjunction with them, must be immediately taken out of action, unless a different procedure is specified in the operational and technical documentation of the CIPF. In emergency cases, when there are no crypto keys to replace compromised ones, it is allowed, by the decision of the responsible user of crypto funds, agreed with the operator, to use compromised crypto keys. In this case, the period of use of compromised crypto keys should be as short as possible, and the protected information should be as valuable as possible.

About violations that may lead to compromise of cryptokeys, their components or transmitted ( stored) with their use of data, users of crypto funds are obliged to inform the responsible user of crypto funds.

Inspection of reusable key media by unauthorized persons should not be considered as a suspicion of compromise of crypto keys, if this excludes the possibility of their copying ( reading, reproduction).

In cases of shortage, non-presentation of key documents, as well as uncertainty of their location, the responsible user takes urgent measures to find them and localize the consequences of compromising key documents.

  1. Key system management procedure

Registration of persons with rights to manage keys is carried out in accordance with the operational documentation for the CIPF.

Key management is an information process that includes three elements:

— key generation;

— accumulation of keys;

— distribution of keys.

Organizational information systems use special hardware and software methods for generating random keys. As a rule, pseudo random number sensors are used ( further - PSCH ), with a fairly high degree of randomness in their generation. Software key generators that calculate the PFR as a complex function of the current time and ( or) number entered by the user.

The accumulation of keys refers to the organization of their storage, accounting and removal.

Private keys must not be written explicitly on a medium that can be read or copied.

All information about the keys used must be stored in encrypted form. Keys that encrypt key information are called master keys. Each user must know master keys by heart; storing them on any tangible media is prohibited.

To ensure information security, it is necessary to periodically update key information in information systems. In this case, both regular keys and master keys are reassigned.

When distributing keys, the following requirements must be met:

— efficiency and accuracy of distribution;

— secrecy of distributed keys.

An alternative is for two users to obtain a shared key from a central authority, the Key Distribution Center (KDC), through which they can communicate securely. To organize the exchange of data between the CRC and the user, the latter is allocated a special key during registration, which encrypts messages transmitted between them. Each user is allocated a separate key.

KEY MANAGEMENT BASED ON PUBLIC KEY SYSTEMS

Before using a public key cryptosystem to exchange regular private keys, users must exchange their public keys.

Public keys can be managed through an online or offline directory service, and users can also exchange keys directly.

  1. Monitoring and control of the use of CIPF

To increase the level of security when operating CIPF, monitoring procedures should be implemented in the system that record all significant events that took place during the exchange of electronic messages and all information security incidents. The description and list of these procedures must be established in the operational documentation for the CIPF.

Control over the use of cryptographic information protection provides:

  • monitoring the compliance of the setup and configuration of information security tools, as well as hardware and software that can affect the fulfillment of the requirements for information security tools, regulatory and technical documentation;
  • monitoring compliance with the rules for storing restricted access information used in the operation of information security tools ( in particular, key, password and authentication information);
  • control of the possibility of access of unauthorized persons to information security means, as well as to hardware and software that can affect the fulfillment of the requirements for information security means;
  • monitoring compliance with the rules for responding to information incidents ( about facts of loss, compromise of key, password and authentication information, as well as any other information of limited access);
  • control of compliance of hardware and software tools of CIPF and documentation for these tools with reference samples ( supplier guarantees or control mechanisms that allow you to independently establish such compliance);
  • monitoring the integrity of the hardware and software of CIPF and documentation for these tools during storage and commissioning of these tools ( using both control mechanisms described in the documentation for CIPF, and using organizational).

Download ZIP file (43052)

If the documents were useful, please give them a “like”: