Review of the legislation of the Russian Federation: Cryptography. Skzi - what is it? means of cryptographic information protection The most common categories of SCS

Data encryption mechanisms to ensure the information security of society are cryptographic protection of information through cryptographic encryption.

Cryptographic methods of information protection are used to process, store and transmit information on media and over communication networks.

Cryptographic protection of information during data transmission over long distances is the only reliable encryption method.

Cryptography is a science that studies and describes the information security model of data. Cryptography opens up solutions to many network security problems: authentication, confidentiality, integrity, and control of interacting participants.

The term "Encryption" means the transformation of data into a form that is not readable by humans and software systems without an encryption-decryption key. Cryptographic methods of information security provide means of information security, so it is part of the concept of information security.

The goals of information security ultimately boil down to ensuring the confidentiality of information and protecting information in computer systems in the process of transmitting information over a network between users of the system.

Confidential information protection based on cryptographic information protection encrypts data using a family of reversible transformations, each of which is described by a parameter called a "key" and an order that determines the order in which each transformation is applied.

The most important component of the cryptographic method of protecting information is the key, which is responsible for choosing the transformation and the order in which it is performed. The key is a certain sequence of characters that configures the encryption and decryption algorithm of the cryptographic information protection system. Each such transformation is uniquely determined by a key that defines a cryptographic algorithm that provides information protection and information security of the information system.

The same cryptographic information protection algorithm can operate in different modes, each of which has certain advantages and disadvantages that affect the reliability of Russia's information security and information security tools.

Symmetric or secret cryptography methodology.

In this methodology, the technical means of information protection, encryption and decryption by the recipient and the sender use the same key, which was previously agreed upon even before the use of cryptographic engineering information protection.

In the case when the key has not been compromised, the decryption process will automatically authenticate the author of the message, since only he has the key to decrypt the message.

Thus, programs for protecting information with cryptography assume that the sender and addressee of the message are the only persons who can know the key, and its compromise will affect the interaction of only these two users of the information system.

The problem of organizational information protection in this case will be relevant for any cryptosystem that is trying to achieve the goal of protecting information or protecting information on the Internet, because symmetric keys must be distributed between users safely, that is, it is necessary that information protection in computer networks where keys are transmitted, was at a high level.

Any symmetric encryption algorithm of the hardware-software information security cryptosystem uses short keys and performs encryption very quickly, despite large amounts of data, which satisfies the purpose of information protection.

Cryptosystem-based computer information security tools should use symmetric key systems in the following order:

· The work of information security begins with the fact that, first, information protection creates, distributes and stores a symmetric key of organizational information protection;

· Next, the information security specialist or the sender of the information security system in computer networks creates an electronic signature using the hash function of the text and adding the resulting hash string to the text, which must be securely transmitted to the information security organization;

· According to the doctrine of information security, the sender uses a fast symmetric encryption algorithm in a cryptographic information security tool together with a symmetric key to the message packet and an electronic signature that authenticates the user of the encryption system of the cryptographic information security tool;

· An encrypted message can be safely transmitted even over unsecured communication channels, although it is better to do this as part of the work of information security. But the symmetric key must be transmitted without fail (according to the doctrine of information security) via communication channels within the framework of software and hardware information protection;

· In the information security system throughout the history of information security, according to the doctrine of information security, the recipient uses the same symmetric algorithm to decrypt the packet and the same symmetric key, which makes it possible to restore the text of the original message and decrypt the sender's electronic signature in the information security system;

· In the information security system, the recipient must now separate the electronic signature from the text of the message;

· Now, the recipient compares the electronic signatures received earlier and now to check the integrity of the message and the absence of distorted data in it, which is called the integrity of data transmission in the field of information security.

Open asymmetric methodology for information security.

Knowing the history of information protection, one can understand that in this methodology, the encryption and decryption keys are different, although they are created together. In such an information security system, one key is distributed publicly, and the other is secretly transmitted, because once encrypted data with one key can only be decrypted with another.

All asymmetric cryptographic means of protecting information are the target of attacks by a hacker acting in the field of information security by direct enumeration of keys. Therefore, in such information security of a person or information psychological security, long keys are used to make the process of enumeration of keys such a long process that hacking the information security system will lose any sense.

It is not at all a secret even for those who make exchange rate protection of information that in order to avoid the slowness of asymmetric encryption algorithms, a temporary symmetric key is created for each message, and then only it is encrypted with asymmetric algorithms.

Systems of information psychological security and information security of a person use the following procedure for using asymmetric keys:

· In the field of information security, asymmetric public keys are created and publicly distributed. In the information security system of the individual, the secret asymmetric key is sent to its owner, and the public asymmetric key is stored in the database and administered by the certificate issuing center of the information security system, which is controlled by the information security specialist. Then, information security, which cannot be downloaded for free anywhere, implies that both users must trust that such an information security system securely creates, administers and distributes keys that are used by the entire information protection organization. Even more so, if at each stage of information protection, according to the basics of information protection, each step is performed by different persons, then the recipient of the secret message must believe that the creator of the keys destroyed their copy and did not provide these keys to anyone else so that someone still could download the protection of information transmitted in the system of information protection tools. This is how any information security professional works.

· Further, the basics of information security provide that an electronic signature of the text is created, and the resulting value is encrypted with an asymmetric algorithm. Then all the same information security basics assume that the sender's secret key is stored in a character string and it is added to the text that will be transmitted in the information security and information security system, because an electronic signature in information security and information security can create an electronic signature!

· Then the information protection systems and means solve the problem of transferring the session key to the recipient.

· Further in the information security system, the sender must receive the asymmetric public key of the certificate issuing authority of the organization and information security technology. In a given organization and information security technology, the interception of unencrypted requests for a public key is the most common attack by crackers. That is why in the organization and technology of information security, a system of certificates confirming the authenticity of the public key can be implemented.

Thus, encryption algorithms involve the use of keys, which allows you to 100% protect data from those users who do not know the key.

Information protection in local networks and information protection technologies along with confidentiality are required to ensure the integrity of information storage. That is, the protection of information in local networks must transmit data in such a way that the data remains unchanged during transmission and storage.

In order for the information security of information to ensure the integrity of data storage and transmission, it is necessary to develop tools that detect any distortion of the original data, for which redundancy is added to the original information.

Information security in Russia with cryptography solves the issue of integrity by adding some kind of checksum or check pattern to calculate the integrity of the data. So again the information security model is cryptographic - key dependent. According to the assessment of information security based on cryptography, the dependence of the ability to read data on the secret key is the most reliable tool and is even used in state information security systems.

As a rule, an audit of the information security of an enterprise, for example, the information security of banks, pays special attention to the probability of successfully imposing distorted information, and cryptographic protection of information makes it possible to reduce this probability to a negligible level. A similar information security service calls this probability a measure of the imitation resistance of a cipher, or the ability of encrypted data to withstand an attack by a hacker.

Information protection against viruses or economic information protection systems must necessarily support user authentication in order to identify a regulated user of the system and prevent an intruder from entering the system.

Verification and confirmation of the authenticity of user data in all areas of information interaction is an important integral problem of ensuring the reliability of any information received and the information security system in the enterprise.

The information security of banks is particularly acute in the problem of distrust of the parties interacting with each other, where the concept of information security of IS includes not only an external threat from a third party, but also a threat to information security (lectures) from users.

Digital signature

information security protection unauthorized

Sometimes IP users want to repudiate previously accepted obligations and try to change previously created data or documents. The doctrine of information security of the Russian Federation takes this into account and stops such attempts.

Protecting confidential information using a single key is impossible in a situation where one user does not trust the other, because the sender can then refuse that the message was transmitted at all. Further, despite the protection of confidential information, the second user can modify the data and attribute authorship to another user of the system. Naturally, whatever the software protection of information or engineering protection of information, the truth cannot be established in this dispute.

A digital signature in such a system of information protection in computer systems is a panacea for the problem of authorship. The protection of information in computer systems with a digital signature contains 2 algorithms: for calculating the signature and for verifying it. The first algorithm can be executed only by the author, and the second one is in the public domain so that everyone can check the correctness of the digital signature at any time.

The idea for this article was born when EFSOL specialists were tasked with analyzing information security risks in the restaurant business and developing measures to counter them. One of the significant risks was the possibility of seizing management information, and one of the countermeasures was the encryption of accounting databases.

I will immediately make a reservation that consideration of all possible crypto products or solutions based on specific accounting systems is not within the scope of this article. We are only interested in a comparative analysis of personal encryption tools, for which we have chosen the most popular free open source solution and a couple of the most promoted commercial analogues. Let inexperienced users not be afraid of the phrase "open source" - it only means that a group of enthusiasts are engaged in development who are ready to accept anyone who wants to help them.

So why did we take this approach? The motivation is extremely simple.

Different companies use their own accounting system, so we choose encryption tools that are not tied to a specific platform - universal.
It is more reasonable to use personal cryptoprotection in small enterprises where 1-5 users work with the accounting program. For large companies, the removal of management information will entail larger financial losses - therefore, security solutions will cost much more.
Analysis of many commercial information encryption products makes no sense: it is enough to evaluate a few of them to form an understanding of price and functionality for yourself.

Let's move on to comparing products, which is convenient to do on the basis of a pivot table. I deliberately left out many technical details (such as support for hardware acceleration or multithreading, multiple logical or physical processors) in the analysis that give the average user a headache. Let us dwell only on the functionality from which we can really highlight the benefits.

pivot table

	TrueCrypt	Secret Disc	Zecurion Zdisk
Latest version at the time of review	7.1a	4	There is no data
Price	For free	From 4 240 rub. for 1 computer	From 5250 rub. for 1 computer
Operating system	Windows 7, Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008: (32-bit and 64-bit); Windows Server 2008 R2; Windows 2000 SP4; Mac OS X 10.7 Lion (32-bit and 64-bit); Mac OS X 10.6 Snow Leopard; Mac OS X 10.5 Leopard; Mac OS X 10.4 Tiger; Linux (32-bit and 64-bit, kernel 2.6 or compatible)	Windows 7, Windows Vista, Windows XP: (32-bit and 64-bit)	Windows 98; Windows Me; Windows NT Workstation; Windows 2000 Professional; Windows XP; Windows Vista
Built-in encryption algorithms	AES Serpent Twofish	Not	Not
Using Cryptographic Providers (CSPs)	Not	Microsoft Enhanced CSP: Triple DES and RC2 Secret Disk NG Crypto Pack: AES and Twofish; CryptoPro CSP, Signal-COM CSP or Vipnet CSP: GOST 28147-89	rc5, AES, KRYPTON CSP: GOST 28147-89
XTS encryption mode	Yes	Not	Not
Cascading Encryption	AES-Twofish-Serpent; Serpent-AES; Serpent-Twofish-AES; Twofish Serpent	Not	Not
Transparent Encryption	Yes	Yes	Yes
System partition encryption	Yes	Yes	Not
Authentication before OS boot	Password	Pin + token	Not
Disk partition encryption	Yes	Yes	Not
Creating container files	Yes	Yes	Yes
Creating hidden partitions	Yes	Not	Not
Creating a hidden OS	Yes	Not	Not
Portable Drive Encryption	Yes	Yes	Yes
Working with portable drives	Yes	Not	Not
Networking	Yes	Not	Yes
Multiplayer mode	By means of NTFS	Yes	Yes
Password-only authentication	Yes	Not	Not
Keyfile authentication	Yes	Not	Not
Support for tokens and smart cards	Supporting PKCS #11 2.0 protocol or higher	eToken PRO/32K USB key (64K); eToken PRO/72K USB dongle (Java); Smart card eToken PRO/32K (64K); Smart card eToken PRO/72K (Java); Combination key eToken NG-FLASH eToken NG-OTP Combined Key eToken PRO Anywhere	Rainbow iKey 10xx/20xx/30xx; ruToken; eToken R2/Pro
Emergency Disable Encrypted Drives	Hotkeys	Hotkeys	Hotkeys
Duress password protection	Not	Yes	Yes
Ability to use "Plausible Deniability"	Yes	Not	Not
Contents of delivery	No boxed version - the distribution is downloaded from the developer's site	eToken PRO Anywhere USB key with a license to use the product; Quick guide in printed form; CD-ROM (distribution kit, detailed documentation, MBR boot part; Packing DVD box	License; USB key and USB extension cable; Distribution disk; Documentation in printed form; ACS-30S Smart Card Reader/Writer

Following the laws of the genre, it remains only to comment on individual points and highlight the advantages of a particular solution. Everything is clear with product prices, as well as with supported operating systems. I will only note the fact that versions of TrueCrypt for MacOS and Linux have their own nuances of use, and installing it on server platforms from Microsoft, although it provides certain advantages, is completely incapable of replacing the huge functionality of commercial data protection systems in a corporate network. Let me remind you that we are still considering personal cryptoprotection.

Built-in algorithms, crypto providers, XTS and cascading encryption

Crypto providers, unlike built-in encryption algorithms, are separately plug-in modules that determine the encoding (decoding) method used by the program. Why do commercial solutions use packages of crypto providers? The answers are simple, but financially justified.

There is no need to make changes to the program to add certain algorithms (to pay for the work of programmers) - just create a new module or connect third-party solutions.
All over the world, international standards are being developed, tested and implemented, but for Russian government agencies it is necessary to comply with the requirements of the FSTEC and the FSB. These requirements imply licensing the creation and distribution of information security tools.
Crypto providers are the means of data encryption, and the programs themselves do not require development and distribution certification.

Cascading encryption is the ability to encode information with one algorithm when it has already been encoded with another. This approach, although it slows down the work, allows you to increase the resistance of protected data against hacking - the more the “opponent” knows about encryption methods (for example, the algorithm used or the key character set), the easier it is for him to disclose information.

XTS encryption technology (XEX-based Tweaked CodeBook mode (TCB) with CipherText Stealing (CTS)) is a logical development of the previous XEX and LRW block encryption methods, in which vulnerabilities were discovered. Since read/write operations on storage media are performed sector-by-sector in blocks, the use of streaming encoding methods is unacceptable. Thus, on December 19, 2007, the XTS-AES encryption method for the AES algorithm was described and recommended by the international standard for protecting stored information IEEE P1619.

This mode uses two keys, the first of which is used to generate the initialization vector, and the second is to encrypt the data. The method works according to the following algorithm:

generates a vector by encrypting the sector number with the first key;
adds the vector with the original information;
encrypts the addition result with the second key;
adds a vector with the encryption result;
multiplies the vector by the generating polynomial of the finite field.

The National Institute of Standards and Technology recommends using XTS to encrypt device data with a block internal structure because it:

described by international standard;
has high performance due to the performance of preliminary calculations and parallelization;
allows processing an arbitrary sector block by computing an initialization vector.

I also note that IEEE P1619 recommends using the XTS method with the AES encryption algorithm, however, the mode architecture allows it to be used in conjunction with any other block cipher. Thus, if it is necessary to certify a device that implements transparent encryption in accordance with the requirements of Russian legislation, it is possible to use XTS and GOST 28147-89 jointly.

Emergency shutdown of drives, password entry "under duress", denial of involvement

Emergency disabling of encrypted disks is an undeniably necessary feature in situations that require an instant response to protect information. But what happens next? The “opponent” sees a system on which crypto protection is installed and a disk that is not readable by system tools. The conclusion about the concealment of information is obvious.

There comes a stage of "coercion". "Opponent" will use physical or legal measures to force the owner to disclose information. The domestic well-established solution “entering a password under duress” from the category of “I will die, but I will not betray” becomes irrelevant. It is impossible to delete information that the "opponent" previously copied, and he will do it - do not hesitate. Removing the encryption key only confirms that the information is really important, and the spare key is necessarily hidden somewhere. And even without a key, information is still available for cryptanalysis and hacking. I won't elaborate on how much these actions bring the owner of the information closer to a legal fiasco, but I'll talk about the logical method of plausible deniability.

The use of hidden partitions and a hidden OS will not allow the "opponent" to prove the existence of information that is protected. In this light, disclosure requirements become absurd. TrueCrypt developers recommend to further obfuscate the traces: in addition to hidden partitions or operating systems, create encrypted visible ones that contain deceptive (fictitious) data. The “opponent”, having discovered visible encrypted sections, will insist on disclosing them. By disclosing such information under duress, the owner does not risk anything and relieves himself of suspicion, because real secrets will remain invisible on hidden encrypted partitions.

Summarizing

There are a great many nuances in protecting information, but the lighted ones should be enough to sum up the intermediate results - everyone will make the final decision for himself. The advantages of the free program TrueCrypt include its functionality; the opportunity for everyone to participate in testing and improvement; an excessive amount of open information on the application. This solution was created by people who know a lot about the secure storage of information and are constantly improving their product, for people who need a really high level of reliability. The disadvantages include the lack of support, high complexity for the average user, the lack of two-level authentication before starting the OS, the inability to connect modules from third-party crypto providers.

Commercial products are full of user care: technical support, excellent packaging, low cost, certified versions, the ability to use the GOST 28147-89 algorithm, multi-user mode with delimited two-level authentication. Only limited functionality and naivety in maintaining the secrecy of storing encrypted data upsets.

Updated: June 2015.

Although TrueCrypt 7.1a was released on February 7, 2011, it remains the last fully functional version of the product.

The mysterious story with the termination of development of TrueCrypt is curious. On May 28, 2014, all previous versions of the product were removed from the developers' site and version 7.2 was released. This version can only decrypt previously encrypted disks and containers - the encryption feature has been removed. From that moment on, the site and the program are calling for the use of BitLocker, and the use of TrueCrypt is called insecure.

This caused a wave of gossip on the Internet: the authors of the program were suspected of setting a “bookmark” in the code. Fueled by information from former NSA employee Snowden that intelligence agencies are deliberately weakening cryptographic tools, users began raising funds to audit the TrueCrypt code. Over $60,000 was raised to test the program.

The audit was fully completed by April 2015. Code analysis did not reveal any bookmarks, critical architecture flaws or vulnerabilities. TrueCrypt has been proven to be a well-designed cryptographic tool, although not perfect.

Now the developers' advice to switch to Bitlocker is seen by many as "evidence of a canary". TrueCrypt authors have always ridiculed Bitlocker and its security in particular. Using Bitlocker is also unreasonable due to the closed nature of the program code and its inaccessibility in the "younger" editions of Windows. Because of all of the above, the Internet community tends to believe that developers are being influenced by intelligence agencies, and they are hinting at something important by their silence, insincerely recommending Bitlocker.

Let's recap

TrueCrypt continues to be the most powerful, reliable and functional cryptography tool. Both the audit and the pressure of the special services only confirm this.

Zdisk and Secret Disk have FSTEC certified versions. Therefore, it makes sense to use these products to comply with the requirements of the legislation of the Russian Federation in the field of information protection, for example, the protection of personal data, as required by the Federal Law 152-FZ and its subordinate regulations.

For those who are seriously concerned about the security of information, there is a comprehensive solution "Server in Israel", in which comprehensive approach to data protection enterprises.

System integration. Consulting

The term "cryptography" comes from the ancient Greek words for "hidden" and "writing". The phrase expresses the main purpose of cryptography - it is the protection and preservation of the secrecy of the transmitted information. Information protection can occur in various ways. For example, by restricting physical access to data, hiding the transmission channel, creating physical difficulties in connecting to communication lines, etc.

Purpose of cryptography

Unlike traditional cryptographic methods, cryptography assumes the full availability of the transmission channel for intruders and ensures the confidentiality and authenticity of information using encryption algorithms that make information inaccessible to outside reading. A modern cryptographic information protection system (CIPF) is a software and hardware computer complex that provides information protection according to the following main parameters.

Confidentiality- the impossibility of reading the information by persons who do not have the appropriate access rights. The main component of ensuring confidentiality in CIPF is the key (key), which is a unique alphanumeric combination for user access to a specific CIPF block.
Integrity- the impossibility of unauthorized changes, such as editing and deleting information. To do this, redundancy is added to the original information in the form of a check combination calculated by a cryptographic algorithm and depending on the key. Thus, without knowing the key, adding or changing information becomes impossible.
Authentication- confirmation of the authenticity of the information and the parties sending and receiving it. Information transmitted through communication channels must be uniquely authenticated by content, time of creation and transmission, source and recipient. It should be remembered that the source of threats can be not only an attacker, but also the parties involved in the exchange of information with insufficient mutual trust. To prevent such situations, CIPF uses a system of timestamps to make it impossible to resend or return information and change its order.

Authorship- confirmation and impossibility of refusal of actions performed by the user of information. The most common way to authenticate is the EDS system consists of two algorithms: to create a signature and to verify it. When working intensively with the ECC, it is recommended to use software certification authorities to create and manage signatures. Such centers can be implemented as a means of cryptographic information protection, completely independent of the internal structure. What does this mean for the organization? This means that all transactions with are processed by independent certified organizations and forgery of authorship is almost impossible.

Encryption algorithms

Currently, among the CIPF, open encryption algorithms using symmetric and asymmetric keys with a length sufficient to provide the desired cryptographic complexity prevail. The most common algorithms:

symmetric keys - Russian Р-28147.89, AES, DES, RC4;
asymmetric keys - RSA;
using hash functions - Р-34.11.94, MD4/5/6, SHA-1/2.

Many countries have their own national standards. In the USA, a modified AES algorithm with a key of 128-256 bits is used, and in the Russian Federation, the electronic signature algorithm R-34.10.2001 and the block cryptographic algorithm R-28147.89 with a 256-bit key. Some elements of national cryptographic systems are prohibited for export outside the country, activities for the development of CIPF require licensing.

Hardware crypto protection systems

Hardware CIPF are physical devices containing software for encrypting, recording and transmitting information. Encryption devices can be made in the form of personal devices, such as ruToken USB encryptors and IronKey flash drives, expansion cards for personal computers, specialized network switches and routers, on the basis of which it is possible to build completely secure computer networks.

Hardware CIPF are quickly installed and operate at high speed. Disadvantages - high, in comparison with software and hardware-software CIPF, cost and limited upgrade options.

It is also possible to refer to hardware blocks of CIPF built into various devices for recording and transmitting data, where encryption and restriction of access to information is required. Such devices include car tachometers that record the parameters of vehicles, some types of medical equipment, etc. For full-fledged operation of such systems, a separate activation of the CIPF module by the supplier's specialists is required.

Systems of software cryptoprotection

Software CIPF is a special software package for encrypting data on storage media (hard and flash drives, memory cards, CD / DVD) and when transmitted over the Internet (emails, files in attachments, secure chats, etc.). There are quite a lot of programs, including free ones, for example, DiskCryptor. Software CIPF also includes secure virtual information exchange networks operating "on top of the Internet" (VPN), an extension of the HTTP Internet protocol with support for HTTPS encryption and SSL - a cryptographic information transfer protocol widely used in IP telephony systems and Internet applications.

Software cryptographic information protection tools are mainly used on the Internet, on home computers and in other areas where the requirements for the functionality and stability of the system are not very high. Or as in the case of the Internet, when you have to create many different secure connections at the same time.

Software and hardware cryptoprotection

Combines the best qualities of hardware and software CIPF systems. This is the most reliable and functional way to create secure systems and data transmission networks. All user identification options are supported, both hardware (USB-drive or smart card) and "traditional" ones - login and password. Software and hardware cryptographic information protection tools support all modern encryption algorithms, have a large set of functions for creating a secure workflow based on digital signature, all the required state certificates. CIPF installation is carried out by qualified personnel of the developer.

Company "CRYPTO-PRO"

One of the leaders of the Russian cryptographic market. The company develops a full range of information protection programs using digital signatures based on international and Russian cryptographic algorithms.

The company's programs are used in the electronic document management of commercial and government organizations, for the submission of accounting and tax reporting, in various city and budget programs, etc. The company has issued more than 3 million licenses for the CryptoPRO CSP program and 700 licenses for certification centers. "Crypto-PRO" provides developers with interfaces for embedding cryptographic protection elements into their own and provides a full range of consulting services for the creation of CIPF.

Cryptoprovider CryptoPro

When developing the cryptographic information protection system CryptoPro CSP, the cryptographic architecture of Cryptographic Service Providers built into the Windows operating system was used. The architecture allows you to connect additional independent modules that implement the required encryption algorithms. With the help of modules working through the CryptoAPI functions, cryptographic protection can be carried out by both software and hardware CIPF.

Key carriers

Various private keys can be used, such as:

smart cards and readers;
electronic locks and readers working with Touch Memory devices;
various USB keys and removable USB drives;
Windows, Solaris, Linux system registry files.

Functions of a crypto provider

CIPF CryptoPro CSP is fully certified by FAPSI and can be used for:

2. Complete confidentiality, authenticity and integrity of data using encryption and imitation protection in accordance with Russian standards for encryption and the TLS protocol.

3. Checking and monitoring the integrity of the program code to prevent unauthorized changes and access.

4. Creation of a system protection regulation.

Cryptographic means of protection are special means and methods of information transformation, as a result of which its content is masked. The main types of cryptographic closure are encryption and coding of the protected data. At the same time, encryption is a type of closure in which each character of the data being closed is subjected to independent transformation; when encoding, the protected data is divided into blocks that have a semantic meaning, and each such block is replaced by a numeric, alphabetic or combined code. In this case, several different encryption systems are used: substitution, permutation, gamma, analytical transformation of encrypted data. Combined ciphers are widely used, when the source text is sequentially converted using two or even three different ciphers.

Principles of operation of the cryptosystem

A typical example of an image of a situation in which the task of cryptography (encryption) arises is shown in Figure 1:

Rice. №1

In Figure 1, A and B are legitimate users of protected information, they want to exchange information over a public communication channel.

P - an illegal user (opponent, hacker) who wants to intercept messages transmitted over a communication channel and try to extract information of interest to him from them. This simple scheme can be considered a model of a typical situation in which cryptographic methods of protecting information or simply encryption are used.

Historically, some military words have been entrenched in cryptography (enemy, attack on the cipher, etc.). They most accurately reflect the meaning of the corresponding cryptographic concepts. At the same time, the widely known military terminology based on the concept of a code (naval codes, codes of the General Staff, code books, code designations, etc.) is no longer used in theoretical cryptography. The fact is that over the past decades, a theory of coding has been formed - a large scientific direction that develops and studies methods for protecting information from random distortions in communication channels. Cryptography deals with methods of transforming information that would not allow an adversary to extract it from intercepted messages. At the same time, it is no longer the protected information itself that is transmitted over the communication channel, but the result of its

transformations with the help of a cipher, and for the adversary there is a difficult task of breaking the cipher. Opening (cracking) a cipher is the process of obtaining protected information from an encrypted message without knowing the cipher used. The adversary may try not to receive, but to destroy or modify the protected information in the process of its transmission. This is a very different type of threat to information than eavesdropping and breaking the cipher. To protect against such threats

develop their own specific methods. Therefore, on the way from one legitimate user to another, information must be protected in various ways, resisting various threats. There is a situation of a chain of different types of links that protects information. Naturally, the enemy will seek to find the weakest link in order to get to the information at the lowest cost. This means that legitimate users should also take this circumstance into account in their protection strategy: it makes no sense to make some link very strong if there are obviously weaker links ("the principle of equal strength of protection"). Coming up with a good cipher is hard work. Therefore, it is desirable to increase the lifetime of a good cipher and use it to encrypt as many messages as possible. But at the same time, there is a danger that the enemy has already guessed (opened) the cipher and reads the protected information. If the network cipher has a replaceable key, then by replacing the key, it can be done so that the methods developed by the enemy no longer have an effect.

Means of cryptographic protection of information, or CIPF for short, are used to provide comprehensive protection of data that is transmitted over communication lines. To do this, it is necessary to comply with the authorization and protection of the electronic signature, authentication of the communicating parties using the TLS and IPSec protocols, as well as protection of the communication channel itself, if necessary.

In Russia, the use of cryptographic information security tools is mostly classified, so there is little publicly available information on this topic.

Methods used in CIPF

Authorization of data and ensuring the safety of their legal significance during transmission or storage. To do this, algorithms for creating an electronic signature and its verification are used in accordance with the established RFC 4357 regulations and use certificates according to the X.509 standard.
Protection of data confidentiality and control of their integrity. Asymmetric encryption and imitation protection are used, that is, counteraction to data spoofing. Complied with GOST R 34.12-2015.
Protection of system and application software. Tracking unauthorized changes or malfunctions.
Management of the most important elements of the system in strict accordance with the adopted regulations.
Authentication of the parties exchanging data.
Connection protection using the TLS protocol.
Protection of IP connections using IKE, ESP, AH protocols.

The methods are described in detail in the following documents: RFC 4357, RFC 4490, RFC 4491.

CIPF mechanisms for information protection

The confidentiality of stored or transmitted information is protected by the use of encryption algorithms.
When establishing a connection, identification is provided by means of electronic signature when used during authentication (as recommended by X.509).
The digital document flow is also protected by means of an electronic signature together with protection against imposition or repetition, while the reliability of the keys used to verify electronic signatures is monitored.
The integrity of information is ensured by means of a digital signature.
Using asymmetric encryption features helps protect data. In addition, hashing functions or imitation protection algorithms can be used to check the integrity of the data. However, these methods do not support determining the authorship of a document.
Replay protection occurs by cryptographic functions of the electronic signature for encryption or imitation protection. At the same time, a unique identifier is added to each network session, long enough to exclude its accidental coincidence, and validation is implemented by the receiving party.
Protection against imposition, that is, from penetration into communication from outside, is provided by means of electronic signature.
Other protection - against bookmarks, viruses, operating system modifications, etc. - is provided through various cryptographic tools, security protocols, antivirus software and organizational measures.

As you can see, electronic signature algorithms are a fundamental part of the means of cryptographic information protection. They will be discussed below.

Requirements when using CIPF

CIPF is aimed at protecting (by verifying an electronic signature) open data in various public information systems and ensuring their confidentiality (by verifying an electronic signature, imitation protection, encryption, hash verification) in corporate networks.

A personal means of cryptographic information protection is used to protect the user's personal data. However, special attention should be given to information relating to state secrets. By law, CIPF cannot be used to work with it.

Important: before installing the CIPF, the first step is to check the CIPF software package itself. This is the first step. Typically, the integrity of the installation package is verified by comparing checksums received from the manufacturer.

After installation, you should determine the level of threat, on the basis of which you can determine the types of cryptographic information protection necessary for use: software, hardware and hardware-software. It should also be borne in mind that when organizing some CIPF, it is necessary to take into account the location of the system.

Protection classes

According to the order of the FSB of Russia dated July 10, 2014, number 378, which regulates the use of cryptographic means of protecting information and personal data, six classes are defined: KS1, KS2, KS3, KB1, KB2, KA1. The protection class for a particular system is determined from the analysis of data on the model of the intruder, that is, from an assessment of possible ways to hack the system. Protection in this case is built from software and hardware cryptographic information protection.

AC (actual threats), as can be seen from the table, there are 3 types:

Threats of the first type are associated with undocumented features in the system software used in the information system.
Threats of the second type are associated with undocumented features in the application software used in the information system.
The threat of the third type is called all the rest.

Undocumented features are functions and features of the software that are not described in the official documentation or do not correspond to it. That is, their use may increase the risk of violating the confidentiality or integrity of information.

For clarity, consider the models of violators, for the interception of which one or another class of cryptographic information protection tools is needed:

KS1 - the intruder acts from the outside, without helpers inside the system.
KS2 is an insider, but does not have access to the CIPF.
KS3 is an insider who is a user of the CIPF.
KV1 is an intruder that attracts third-party resources, such as cryptographic information protection specialists.
KV2 is an intruder behind whose actions is an institute or laboratory working in the field of studying and developing cryptographic information protection tools.
KA1 - special services of states.

Thus, KS1 can be called the basic protection class. Accordingly, the higher the protection class, the fewer specialists capable of providing it. For example, in Russia, according to data for 2013, there were only 6 organizations that had a certificate from the FSB and were able to provide class KA1 protection.

Used algorithms

Consider the main algorithms used in cryptographic information protection tools:

GOST R 34.10-2001 and updated GOST R 34.10-2012 - algorithms for creating and verifying an electronic signature.
GOST R 34.11-94 and latest GOST R 34.11-2012 - algorithms for creating hash functions.
GOST 28147-89 and newer GOST R 34.12-2015 - implementation of data encryption and imitation protection algorithms.
Additional cryptographic algorithms are in RFC 4357.

Electronic signature

The use of cryptographic information protection tools cannot be imagined without the use of electronic signature algorithms, which are gaining more and more popularity.

An electronic signature is a special part of a document created by cryptographic transformations. Its main task is to detect unauthorized changes and determine authorship.

An electronic signature certificate is a separate document that proves the authenticity and ownership of an electronic signature by its owner using a public key. The certificate is issued by certification authorities.

The owner of the electronic signature certificate is the person in whose name the certificate is registered. It is associated with two keys: public and private. The private key allows you to create an electronic signature. The public key is intended to verify the authenticity of the signature due to the cryptographic relationship with the private key.

Types of electronic signature

According to Federal Law No. 63, an electronic signature is divided into 3 types:

regular electronic signature;
unqualified electronic signature;
qualified electronic signature.

A simple ES is created using passwords imposed on opening and viewing data, or similar means that indirectly confirm the owner.

An unqualified ES is created using cryptographic data transformations using a private key. This allows you to confirm the person who signed the document and to establish the fact that unauthorized changes have been made to the data.

Qualified and unqualified signatures differ only in that in the first case, the certificate for the ES must be issued by a certification center certified by the FSB.

Scope of electronic signature

The table below discusses the scope of EP.

ES technologies are most actively used in the exchange of documents. In the internal workflow, the ES acts as an approval of documents, that is, as a personal signature or seal. In the case of external document management, the presence of an ES is critical, as it is a legal confirmation. It is also worth noting that documents signed by ES can be stored indefinitely and not lose their legal significance due to factors such as erasable signatures, damaged paper, etc.

Reporting to regulatory authorities is another area in which electronic document management is growing. Many companies and organizations have already appreciated the convenience of working in this format.

According to the law of the Russian Federation, every citizen has the right to use ES when using public services (for example, signing an electronic application for authorities).

Online trading is another interesting area in which electronic signature is actively used. It is a confirmation of the fact that a real person is participating in the auction and his proposals can be considered reliable. It is also important that any contract concluded with the help of ES acquires legal force.

Electronic signature algorithms

Full Domain Hash (FDH) and Public Key Cryptography Standards (PKCS). The latter is a whole group of standard algorithms for various situations.
DSA and ECDSA are US digital signature standards.
GOST R 34.10-2012 - the standard for creating electronic signatures in the Russian Federation. This standard replaced GOST R 34.10-2001, which was officially terminated after December 31, 2017.
The Eurasian Union uses standards that are completely similar to those in Russia.
STB 34.101.45-2013 - Belarusian standard for digital electronic signature.
DSTU 4145-2002 - the standard for creating an electronic signature in Ukraine and many others.