CryptoPro csp version 3.6 1 or 4.0. Installation of CryptoPro. Installing and configuring CryptoPro
The solution of CryptoPro Rutoken CSP is a central branch of the companies "CryptoPro" and "Active", in which the capabilities of the CryptoPro CSP and USB-tokens Rutoken are integrated. An important feature of the PKU technology is the support of cryptographic needs between the CryptoPro CSP and Rutoken KP crypto provider - specially adapted from the PKU technology to the model of a cryptographic USB token, a wikonano based on the Rutoken EDS.
Rutoken KP will be able to use the PKU technology for the generation of key pairs, the key pairing, the activation of an electronic signature, and so on. Rutoken KP will be licensed and delivered only in the warehouse of CryptoPro Rutoken CSP, except for the USB-token is not extended.
The new version of CryptoPro Rutoken CSP, Krim Rutoken KP, has a standard model Rutoken ETSP 2.0 for generation and efficient collection of key pairs and containers in CryptoPro CSP. Klyuchova information is available for Rutoken ECP 2.0 without the possibility of using it. Vikoristannya Rutoken ETSP 2.0 in the warehouse of CryptoPro Rutoken CSP gives an optimal configuration for vipadk in terms of flexibility and possibilities, if you have moved the channel beforehand.
Rishennya KriptoPro Rutoken CSP є the offensive of the ZKZI CryptoPro CSP and seeks all your possibilities. It is also possible to integrate into the infrastructure of all critical keys, based on the security center "CryptoPro UC".
appraisal
ЗКЗІ CryptoPro Rutoken CSP is designated for registration in Russian PKI systems, in systems of legally significant electronic document management and in other information systems, as well as in digital signature technology. Including:
- in customer-bank systems when signing up for payment orders;
- in the systems of stolen documents;
- in systems for collecting visibility for receiving in the electronic viewer;
- in the authorities and administration at the federal and regional levels;
- in all other cases, it is necessary to ensure that no adjustments are made to the keys of the koristuvach.
opportunities
- I will add all the functionality ЗКЗІ CryptoPro CSP 3.9 .
- I will secure integration with PKI infrastructure, based on "CryptoPro UC".
- Pratsyu is also the standard model Rutoken ECP 2.0.
- On the basis of the hardware resources of Rutoken KP or Rutoken ECP 2.0, the following cryptographic operations will be announced:
- generation of key pairs GOST R 34.10-2001;
- the formulation of the electronic signature in accordance with GOST R 34.10-2001;
- Diffi-Hellman Usage Key Enumeration (RFC 4357).
- I will securely securely secure and secure the keys in all the middle of the key carrier without the possibility of being able to use them.
Functional key nose
The architecture of the PKU implements a fundamentally new approach until the security of the key information is secured, as it is stored on the hardware side.
Besides the formulation of the electronic signature and the generation of encryption keys without the middle in the processor, the key carrier allows effective protection against attacks, we will link the hash value to the password or the signature in the channel with a link.
Main transfers of PKU
- The possibility of writing a signature in the exchange protocol is disabled, the electronic signature is violated in parts: a copy in the key carrier, sometimes the rest in the CSP software part.
- Generation of keys for the electronic signature and keys for the management, as well as the establishment of the electronic signature in the middle of the PKU.
- Transmitting the hash value over the stolen channel, as it turns out the power of the message.
- When the container is opened, the key of the keystroke is not stored either in the key container, or in the memory of the cryptographic provider, and also does not appear in an explicit view in the cryptographic reconfigurations.
- It is possible to obtain the data when transmitting through the open channel the authorization of the mutual authentication of the key carrier and the software warehouse for the additional original protocol based on the EKE (electronic key exchange) procedure. At the same time, not a PIN-code is transmitted, but a point on the electronic curve.
- Confidentiality of encrypted keys has been adjusted.
- The key can be used to generate a PKU or to sign up for a call.
- Determination of cryptographic operations on electronic curves without the need for a key carrier, receiving a Russian electronic signature.
Secure program "CryptoPro CSP" intended to control the integrity of the system and application software security, control the key elements of the systems and in accordance with the regulations in order to acquire the owner, authorize and preserve the legal significance of electronic documents when exchanging them CryptoPro CSP includes CryptoPro TLS, CryptoPro EAP-TLS, CryptoPro Winlogon and CryptoPro Revocation Provider products.
The solution is intended for:
- authorization and protection of the legal significance of electronic documents when they are exchanged between them, and, in addition, the registration of procedures for the formulation and revision of the electronic signature (EP) is up to GOST 34.10-2012 standards. R 34.11-2012);
- security of confidentiality and control of the integrity of information for additional encryption and security, subject to GOST 28147-89;
- securing the authenticity, confidentiality and protection of data using the TLS protocol;
- control of the integrity of the system and application software security for the sake of unauthorized changes and failure of the correctness of the function;
- management of key elements of the system in accordance with the regulations for the acquisition.
implemented by algorithms
- Algorithm for wiping the value of the hash function for realizations up to and including GOST R 34.11-94 / GOST R 34.11-2012 "Information technology. Cryptographic information provider. Heshuvannya function ".
- Algorithms for the formulation and conversion of the electronic signature are implemented according to the requirements of GOST R 34.10-2001 / GOST R 34.10-2012 "Information technology. Cryptographic information provider. Process the formulation and revision of the electronic digital signature. "
- Algorithm for encryption / decryption of data and calculation of imitated insertion is realized according to GOST 28147-89 “Information processing systems. Zakhist cryptographic ".
In the case of generation of closed and very critical keys, the possibility of generation with different parameters is prevented according to GOST R 34.10-2001 / GOST R 34.10-2012.
When the value of the hash function is violated and encrypted, the possibility of registration of small universities is not guaranteed to be changed to GOST R 34.11-94 and GOST 28147-89.
Pidtrimuvani types of key noses
- floppy disks 3.5;
- smart-pictures from the readers of smart-card readers, which will adapt the PC / SC protocol;
- Touch-Memory tablets DS1993 - DS1996 with Akord 4+ attachments, electronic lock "Sable", "Krypton" or attachments for reading Touch-Memory DALLAS tablets (only in Windows version);
- electronic keys with USB interface (USB-tokens);
- changeable media with USB interface;
- Windows OS registry;
- Solaris / Linux / FreeBSD OS files.
| CSP 3.6 | CSP 3.9 | CSP 4.0 | CSP 5.0 | |
|---|---|---|---|---|
| Windows Server 2016 | x64 * | x64 ** | x64 | |
| Windows 10 | x86 / x64 * | x86 / x64 ** | x86 / x64 | |
| Windows Server 2012 R2 | x64 | x64 | x64 | |
| Windows 8.1 | x86 / x64 | x86 / x64 | x86 / x64 | |
| Windows Server 2012 | x64 | x64 | x64 | x64 |
| Windows 8 | x86 / x64 | x86 / x64 | x86 / x64 | |
| Windows Server 2008 R2 | x64 / itanium | x64 | x64 | x64 |
| Windows 7 | x86 / x64 | x86 / x64 | x86 / x64 | x86 / x64 |
| Windows Server 2008 | x86 / x64 / itanium | x86 / x64 | x86 / x64 | x86 / x64 |
| Windows Vista | x86 / x64 | x86 / x64 | ||
| Windows Server 2003 R2 | x86 / x64 / itanium | x86 / x64 | x86 / x64 | x86 / x64 |
| Windows Server 2003 | x86 / x64 / itanium | x86 / x64 | x86 / x64 | x86 / x64 |
| Windows XP | x86 / x64 | |||
| Windows 2000 | x86 |
Functionality of the module "CryptoPro CSP"
- allowing you to create a call in the electronic viewer in the state organization;
- I will take part in the electronic auction;
- organizovuє legally significant document circulation;
- viroblya zahist of confidential information at the time of transmission.
Yak vstanoviti "CryptoPro 4.0"
The remaining current version of the CryptoPro CSP module is the fourth, which functions on the basis of new signature algorithms according to GOST R 34.10-2012. "CryptoPro CSP 4.0" can be applied in Windows 10 OS. Since the beginning of the period, the module is not certified, but the distributor plans to certify the 4th version of their product at the very next hour.Dali is described by how to install "CryptoPro 4.0".
The official Internet resource of the CRYPTO-PRO development company, after the completion of the previous restructuring, we have the opportunity to add files, distribution kits, and update them. Programs "CryptoPro CSP".
After the end of the review, the license will appear. The rules and the minds need to be aware of the situation and because of them, to cling to "I am fit." There will be a transfer to the side of the blocked files.
In order to secure the distribution kit, you need a download of the vibration "CryptoPro CSP 4.0 for Windows and UNIX (not certified)"
Yak to install "CryptoPro 4.0". If the installation is completed, you need to start it only by downloading the program file "CSPSetup.exe". At the window, about the upgrade of the systems and security, in order to allow the program to make changes to the computer, you need to click on the "So" button. In the distance, vibrate "Install (recommended)".
The installation of the "CryptoPro CSP 4.0" module will be easier without the front, it will take only a few seconds.
After the installation of the CryptoPro CSP 4.0 module on the computer is completed, the robot can be repaired with it.
Memo:
- Behind the minds of the license please є interchange the term of the demo version of "CryptoPro CSP 4.0", as it becomes 90 days from the moment the product is installed without prior installation;
- The demo version of the module "CryptoPro CSP 4.0" will only work when you first install the product, if you re-install the program in the demo mode, it will not work.
A new window of "CryptoPro CSP" appears, and the information about the license (serial number, instructions in the general communication, and the name of the owner; name of the authorization; type of license; type of license; The first installation is installed, etc.). You can immediately purchase a license online and enter a serial number.
The robot of the "CryptoPro CSP 4.0" module will work after the license period. If the term of the flow-line license is over, then it is necessary to buy the right to a new one. The price can be revived in any hour. Renewal of the license key (i.e. Yogo serial number) go to the specified email address immediately after the payment is due.
For the introduction of a new serial number, it is necessary to write on the "License Entry". Look in the window, in which in the item "Serial number" after adding the license key and then press on "OK".
After the completion of all stages of the installation of the "CryptoPro CSP 4.0" program, I am ready to start working.