Purpose of CryptoPro CSP. Purpose of CryptoPro CSP Download CryptoPro version 3.6 1

CryptoPro CSP 5.0 is a new generation of crypto provider, developing three main product lines of the CryptoPro company: CryptoPro CSP (classic tokens and other passive storage of secret keys), CryptoPro FKN CSP/Rutoken CSP (non-retrievable keys on tokens with secure messaging) and CryptoPro DSS (keys in the cloud ).

All the advantages of products from these lines are not only preserved, but also multiplied in CryptoPro CSP 5.0: the list of supported platforms and algorithms is wider, faster performance, more convenient user interface. But the main thing is that working with all key media, including keys in the cloud, is now uniform. To transfer the application system in which CryptoPro CSP of any version worked to support keys in the cloud or to new media with non-removable keys, no software reworking will be required - the access interface remains the same, and work with the key in the cloud will occur exactly the same in the same way as with the classic key carrier.

Purpose of CryptoPro CSP

Formation and verification electronic signature.
Ensuring confidentiality and monitoring the integrity of information through its encryption and imitation protection.
Ensuring authenticity, confidentiality and imitational protection of connections using the and protocols.
System and application integrity monitoring software to protect it from unauthorized changes and violations of trusted functioning.

Supported Algorithms

In CryptoPro CSP 5.0, along with Russian ones, foreign cryptographic algorithms are implemented. Now users have the opportunity to use familiar key media to store RSA and ECDSA private keys.

Supported key storage technologies

Cloud token

In the cryptoprovider CryptoPro CSP 5.0, for the first time, it became possible to use keys stored on cloud service CryptoPro DSS, via the CryptoAPI interface. Now keys stored in the cloud can be easily used by any user applications, as well as most Microsoft applications.

Media with non-retrievable keys and secure messaging

CryptoPro CSP 5.0 adds support for media with non-retrievable keys that implement the protocol SESPAKE, allowing authentication without transmitting the user’s password in clear text, and establishing an encrypted channel for the exchange of messages between the crypto provider and the carrier. An attacker located in the channel between the medium and the user's application can neither steal the authentication password nor replace the signed data. When using such media, the problem is completely solved safe work with non-removable keys.

Companies Active, InfoCrypt, SmartPark and Gemalto have developed new secure tokens that support this protocol(SmartPark and Gemalto since version 5.0 R2).

Media with non-removable keys

Many users want to be able to work with non-retrievable keys, but not upgrade tokens to the FKN level. Especially for them, the provider has added support for popular key media Rutoken EDS 2.0, JaCarta-2 GOST and InfoCrypt VPN-Key-TLS.

List of manufacturers and models supported by CryptoPro CSP 5.0

List of manufacturers and models of media with non-retrievable keys supported by CryptoPro CSP 5.0

Company	Carrier
ISBC	Esmart Token GOST
Assets	Rutoken 2151
	Rutoken PINPad
	Rutoken EDS
	Rutoken EDS 2.0
	Rutoken EDS 2.0 2100
	Rutoken EDS 2.0 3000
	Rutoken EDS PKI
	Rutoken EDS 2.0 Flash
	Rutoken EDS 2.0 Bluetooth
	Rutoken EDS 2.0 Touch
	Smart card Rutoken 2151
	Smart card Rutoken EDS 2.0 2100
Aladdin R.D.	JaCarta-2 GOST
Infocrypt	InfoCrypt Token++ TLS
Infocrypt	InfoCrypt VPN-Key-TLS

Classic passive USB tokens and smart cards

Most users prefer fast, cheap and convenient key storage solutions. As a rule, preference is given to tokens and smart cards without cryptographic coprocessors. As in previous versions provider, CryptoPro CSP 5.0 retains support for all compatible media produced by the companies Active, Aladdin R.D., Gemalto/SafeNet, Multisoft, NovaCard, Rosan, Alioth, MorphoKST and SmartPark.

In addition, of course, methods for storing keys in Windows registry, on hard drive, on flash drives on all platforms.

List of manufacturers and models supported by CryptoPro CSP 5.0

List of manufacturers and models of classic passive USB tokens and smart cards supported by CryptoPro CSP 5.0

Company	Carrier
Alioth	SCOne Series (v5/v6)
Gemalto	Optelio Contactless Dxx Rx
	Optelio Dxx FXR3 Java
	Optelio G257
	Optelio MPH150
ISBC	Esmart Token
ISBC	Esmart Token GOST
MorphoKST	MorphoKST
NovaCard	Cosmo
Rosan	G&D element V14 / V15
	G&D 3.45 / 4.42 / 4.44 / 4.45 / 4.65 / 4.80
	Kona 2200s / 251 / 151s / 261 / 2320
	Kona2 S2120s/C2304/D1080
SafeNet	eToken Java Pro JC
	eToken 4100
	eToken 5100
	eToken 5110
	eToken 5105
	eToken 5205
Assets	Rutoken 2151
	Rutoken S
	Rutoken KP
	Rutoken Lite
	Rutoken EDS
	Rutoken EDS 2.0
	Rutoken EDS 2.0 3000
	Rutoken EDS Bluetooth
	Rutoken EDS Flash
	Smart card Rutoken 2151
	Smart card Rutoken Lite
	Smart card Rutoken EDS SC
	Smart card Rutoken EDS 2.0
Aladdin R.D.	JaCarta GOST
	JaCarta PKI
	JaCarta PRO
	JaCarta LT
	JaCarta-2 GOST
Infocrypt	InfoCrypt Token++ lite
Multisoft	MS_Key isp.8 Hangar
Multisoft	MS_Key ESMART use.5
SmartPark	Master's degree
	R301 Foros
	Oscar
	Oscar 2
	Magister's Rutoken

CryptoPro Tools

As part of CryptoPro CSP 5.0, a cross-platform (Windows/Linux/macOS) graphical application appeared - “CryptoPro Tools”.

The main idea is to provide users with the opportunity to conveniently solve common problems. All basic functions are available in a simple interface - at the same time, we have also implemented a mode for advanced users, which opens up additional opportunities.

Using CryptoPro Tools, the tasks of managing containers, smart cards and crypto provider settings are solved, and we have also added the ability to create and verify a PKCS#7 electronic signature.

Supported Software

CryptoPro CSP allows you to quickly and securely use Russian cryptographic algorithms in the following standard applications:

office suite Microsoft Office;
mail server Microsoft Exchange and client Microsoft Outlook;
products Adobe Systems Inc.;
browsers Yandex.Browser, Sputnik, Internet Explorer ,Edge;
application signature generation and verification tool Microsoft Authenticode;
web servers Microsoft IIS, nginx, Apache;
Remote Desktop Tools Microsoft Remote Desktop Services;
Microsoft Active Directory.

Integration with the CryptoPro platform

From the very first release, support and compatibility with all our products are provided:

CryptoPro CA;
CA Services;
CryptoPro EDS;
CryptoPro IPsec;
CryptoPro EFS;
CryptoPro.NET;
CryptoPro Java CSP.
CryptoPro NGate

Operating systems and hardware platforms

Traditionally, we work in an unrivaled wide range of systems:

Microsoft Windows;
Mac OS;
Linux;
FreeBSD;
Solaris;
Android;
Sailfish OS.

hardware platforms:

Intel/AMD;
PowerPC;
MIPS (Baikal);
VLIW (Elbrus);
Sparc.

and virtual environments:

Microsoft Hyper-V
VMWare
Oracle Virtual Box
RHEV.

Supported different versions CryptoPro CSP.

To use CryptoPro CSP with a license for workplace and server.

Interfaces for embedding

For embedding into applications on all platforms, CryptoPro CSP is available via standard interfaces for cryptographic means:

Microsoft CryptoAPI;
PKCS#11;
OpenSSL engine;
Java CSP (Java Cryptography Architecture)
Qt SSL.

Performance for every taste

Many years of development experience allows us to cover all solutions from miniature ARM boards such as Raspberry PI to multiprocessor servers on Intel based Xeon, AMD EPYC and PowerPC, perfectly scaling performance.

Regulatory documents

Complete list of regulatory documents

The crypto provider uses algorithms, protocols and parameters defined in the following documents Russian system standardization:
R 50.1.113–2016 " Information technology. Cryptographic information protection. Cryptographic algorithms accompanying the use of electronic algorithms digital signature and hashing functions" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
R 50.1.114–2016 “Information technology. Cryptographic information protection. Elliptic curve parameters for cryptographic algorithms and protocols" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
R 50.1.111–2016 “Information technology. Cryptographic information protection. Password protection of key information"
R 50.1.115–2016 “Information technology. Cryptographic information protection. "Shared Key Generation Protocol with Password Authentication" (also see RFC 8133 The Security Evaluated Standardized Password-Authenticated Key Exchange (SESPAKE) Protocol ")
Methodological recommendations TC 26 “Cryptographic information protection” “Use of sets of encryption algorithms based on GOST 28147-89 for the transport layer security protocol (TLS)”
Methodological recommendations of TC 26 “Cryptographic information protection” “Use of GOST 28147-89, GOST R 34.11 and GOST R 34.10 algorithms in cryptographic messages in CMS format”
Technical specification TC 26 “Cryptographic information protection” “Use of GOST 28147-89, GOST R 34.11-2012 and GOST R 34.10-2012 in the IKE and ISAKMP key exchange protocols”
Technical specification TC 26 “Cryptographic information protection” “Use of GOST 28147-89 when encrypting attachments in IPsec ESP protocols”
Technical specification TC 26 “Cryptographic information protection” “Use of GOST R 34.10, GOST R 34.11 algorithms in the certificate profile and certificate revocation list (CRL) infrastructure public keys X.509"
Technical specification TC 26 “Cryptographic information protection” “Extension of PKCS#11 for the use of Russian standards GOST R 34.10-2012 and GOST R 34.11-2012”

Released updated version Security Capsule SIEM v.3.0. The mechanisms of the system have been radically redesigned. A new web interface has been completely developed. We work for you, setting the trend in the SIEM systems market. Rich experience in development and implementation since 2009 makes us leaders in this segment.

In accordance with clause 15 of the Regulations on the certification system for information security means of the FSTEC of Russia, ITB LLC confirms the provision technical support certified information security tool “Security Capsule” until November 09, 2022.

LLC "Innovative Technologies in Business", being a developer and manufacturer, has successfully completed certification of serial production operating system EMIAS OS 1.0 automated system of the city of Moscow “Unified medical information and analytical system of the city of Moscow.”

ACTIVITY

LLC "ITB" will take part in the event "SPbSEU Career Week - 2019", held by the St. Petersburg State Economic University from November 11 to 15, 2019.

On September 18-20, 2019, specialists from ITB LLC took part in a partner event from Security Code: A sea adventure with Security Code. “Security Code” organized an exciting Sea adventure for its partners: the traditional event was held in a new format this year. For the first time, the #KB landing force was assembled outside of Russia under the gentle sun of Turkey.

From February 13 to 15, 2018, experts from ITB LLC took part in the TB Forum 2018 - the 23rd International Forum “Security Technologies”. TB FORUM has rightfully earned a reputation as one of the leading congress and exhibition events in the field of security. For more than twenty years of history, it has been and remains the only open security industry event for customers high level- state and largest corporations.

After purchasing a license in our online store, you will receive a letter by e-mail, in which you will find:

license key product
link to product distribution
link to user manual

Since no one likes to read the user manual anyway (and you wouldn’t be reading this article if you had read the manual), we only need product license key And link to distribution.

Step 1

First you need to find out whether you have installed Cryptopro CSP earlier and if installed, what version?

This can be done by carefully examining your Start menu: there should be an item CRYPTO-PRO, which has a program CryptoPro CSP.

If you don’t find it, most likely you don’t have CryptoPRO installed, so feel free to go to.

If you find it, run it CryptoPro CSP. There we see the General tab, where the license validity period and version number are indicated.

If the version number matches the version you purchased (for example, if the window says 4.0.****, and you bought CryptoPro CSP 4.0, it means it matches), then you you don't have to reinstall the program, but simply enter the license key. How to do this - look at .

Step 2

You find out that the program is not installed. This means you need to download CryptoPro CSP and install it.

Downloading it is not so easy: the crypto provider is a means cryptographic protection information, which means its distribution is subject to registration with the relevant authorities. Therefore, you will need to follow the link that came to you in the letter or go to the CryptoPro website yourself using the link http://www.cryptopro.ru/downloads and select from the list of products CryptoPro CSP.

You will see something like this:

Click on the link " Pre-registration" and fill out the form from a variety of fields. After filling out the form and registering, you will be required to agree with license agreement, and then still get the opportunity to download the distribution package of the program.

At the time of publication, the distribution selection page looks like this:

If you purchased the version CryptoPro CSP 3.6, then you will need to select a version R4- today it is the most functional.

If you purchased a license for CryptoPro CSP 3.9 be careful: CryptoPro CSP 3.9 - certified version, but does not support Windows 10, CryptoPro CSP 3.9R2 - supports Windows 10, certification planned for Q4 2015

If you bought version 4.0, then select CryptoPro CSP 4.0 accordingly (recommended for working with Windows 10, certification is planned for the third quarter of 2015).

You will need to download this file:

Step 3

You have downloaded installation file CryptoPro CSP, and now you will need to install the program itself. To do this, run the installation file; if we see a security warning, you need to allow the program to make changes on your computer. In the window that opens, click the button Install (recommended)

Installation of the program occurs automatically within a few minutes and does not require user participation.

All, Installation completed.

Step 4

Now you need to enter the license key in a special window. You can get to it this way (the path may vary slightly depending on the version of the operating system):

Start - Programs - CryptoPro - CryptoPro CSP.

Then press the button Entering a license

In the window that opens, fill in the fields in accordance with the received license.

Step 5

We rejoice! We have just installed a crypto provider. Not that hard, right?

But you need to understand that CryptoPro CSP itself cannot do anything. The next step is to install (or simply configure) programs that will interact with CryptoPro CSP and solve your problems, be it electronic signature, encryption or something else.

Usually, to carry out an electronic signature, they use or - they can be purchased from us in the online store. We tried to make the purchase as convenient as possible: electronic licenses are sent immediately after payment (even at night), a large selection of payment methods.

If you found the instructions useful - share it, you will find buttons for this right below the article.

IN following instructions I will tell, how to install CryptoPro Office Signature , CryptoARM, how to work with tokens and so on.

If you don't want to miss our articles, subscribe to us at in social networks! Links to our social media pages can be found at the very bottom of the screen.