taxes 

Where is ecp stored? About the electronic signature for "beginners" Instructions on the rules for handling digital signatures

The digital signature is a new step in the identification and confirmation of documents. What is she? On what principle does it work? EDS - is it difficult or not? Will he be able to master it only or will he be able to deal with it according to his strength and pensioners?

general information

First, let's deal with the terminology. What is an ECP? This is a special file that is used to confirm the eligibility of documents by certain persons. It should be noted that there are two types of digital signatures - non-qualified. In the first case, you can get an EDS at home. To do this, it is enough to use special cryptographic programs. You can use home-made props to authenticate documents and messages among friends or within a small business.

Whereas qualified digital signatures are files that are created by various organizations that have the necessary license for this. Their most important feature is the existence of legal force. So, for them there is a legislative base that allows the use of these electronic digital signatures in government and commercial structures. In addition, thanks to them, you can remotely use public services. EDS is the key to the absence of queues, fast and efficient receipt of answers and the state with a human face.

Let's say a word about certificates

What are they? An EDS certificate is a document that is issued to the owner by a certification center, which confirms the authenticity of a person. When a signature key is generated, the data about the person or legal entity is saved. In essence, an EDS certificate is something like an electronic passport.

The exchange of electronic documents with their help can be carried out only if the signature is valid. For what period is it issued? As a rule, it is created for a year or two. After the expiration date, the certificate can be renewed. It should be noted that in case of any change in the details of the owner of the key, such as a change in the name, head of the organization, etc., the file should be revoked and a new one should be issued.

Registration and renewal

To obtain an EDS, you must fill out a special form, which indicates the postal address and a lot of other information. It should be noted that the certificate can contain almost any information. But due to the limitation of a year or two, they have to be constantly updated. Why?

The fact is that the information contained in the certificate has a certain useful period of relevance. Thus, the more data entered into a file, the sooner it becomes invalid. Therefore, such a limitation of the validity period was introduced.

At the same time, you need to know that all the information that is in the signing certificate becomes publicly available. Therefore, it is recommended to include as little data as possible. Obtaining an EDS also requires the presence of a medium where the signature will be stored. As a rule, flash drives are used in this role. If you need to renew your digital signature, you should contact the relevant institution.

Who can issue an EDS?

Electronic documents can be signed with your homemade products. But in order for them to have legal force, you should contact institutions with appropriate accreditation. The most popular is the use of tax services. So, in the Russian Federation, most often they turn to the Federal Tax Service for registration of an EDS. This is due to both the general acceptance, the wide range of uses, and the fact that they provide signatures for free.

When referring to other structures, even state ones, you will have to pay several hundred or even thousands of rubles. And given the fact that obtaining an EDS will be repeated every year or two, it is not surprising that many make their choice in favor of the Federal Tax Service. By the way, if there is a desire to revoke your digital signature, then for this you need to contact the organization that issued it, with a corresponding application. When might this be needed? Here is a short list of the most popular reasons:

  1. Organization details have changed.
  2. The authorized person (owner of the signature) changed his status: resigned, went for a promotion, was transferred to another position.
  3. The medium where the key was stored has been broken and can no longer be used.
  4. The signature has been compromised.

What are the keys?

So, we already know that EDS is good. But how is the authenticity of a file verified? For this purpose, two keys (certain sequences of characters) are formed. So there is:

  1. Closed (private, secret) key. This is a unique sequence of characters that takes part in the formation of the signature. It is available only to its owner and is known exclusively to him.
  2. public key. A cryptographic tool that is available to anyone. Used to verify the digital signature.

How to apply a digital signature to a document?

And now to the main thing. How to sign the required document with an EDS? This requires a special program that will flash the required file, introducing a digital signature into it. If the document is at least somehow changed, then the EDS will be erased.

As an example, let's look at the CryptoPro line of cryptographic programs. It can be used both to create and to sign an EDS document. Thanks to this, the development, production, distribution and maintenance of cryptographically protected files is carried out.

Where to store the EDS?

For this purpose, (as reliability increases) a computer hard drive, DVD, a regular flash drive or a token can be used. But in such cases, a situation may arise when someone outsider can access the digital signature and use it for harm.

The most common is the use of a flash drive. Due to its small size, you can easily carry it with you, and use it does not take much time. A more secure but less popular storage method is a token. This is the name of a miniature device that has a complex of hardware and software, which ensures that information does not fall into the wrong hands.

Also, the token can be used to obtain secure remote access to data and protect electronic correspondence from prying eyes. Outwardly, it resembles an ordinary flash drive. Its feature is the presence of secure memory, so that a third party will not be able to read information from the token. This device can solve a whole range of security problems in the areas of authentication and cryptography.

Finally

Nowadays, when working with documents, people often use a paper form, which requires our signature in pen. But as the use of electronic files spreads, the need for EDS will increase. Over time, it will be difficult to imagine the activity and activity of a person without this tool.

It is likely that the digital signature will eventually turn into a full-fledged electronic passport, the importance of which can hardly be overestimated. But in this case, questions about data security will be acute. It should not be forgotten that the most vulnerable factor in any technical system now is a person. In order to prevent the EDS from falling into the hands of intruders who use it for harm, it is necessary to constantly increase their awareness and skills in the use of technological products.

More and more Russian enterprises are implementing electronic document management systems, already estimating the advantages of this technology for working with documents from their own experience. Electronic data exchange is carried out through information systems, computer networks, the Internet, e-mail and many other means.

And an electronic signature is an attribute of an electronic document designed to protect information from forgery.

Using an electronic signature allows you to:

  • take part in electronic trading, auctions and tenders;
  • build relationships with the population, organizations and government structures on a modern basis, more efficiently, at the lowest cost;
  • expand the geography of your business by remotely performing various operations, including economic ones, with partners from any regions of Russia;
  • significantly reduce the time spent on processing the transaction and the exchange of documentation;
  • build a corporate system for the exchange of electronic documents (being one of its elements).

With the use of an electronic signature, work according to the scheme “development of a project in electronic form - creation of a paper copy for signature - sending a paper copy with a signature - consideration of a paper copy” is a thing of the past. Now everything can be done electronically!

Varieties of electronic signature

The following types are established and regulated: a simple electronic signature and an enhanced electronic signature. At the same time, an enhanced electronic signature can be qualified and unqualified.

Table

What is the difference between 3 types of electronic signature

Collapse Show

It is very difficult to forge any electronic signature. And with an enhanced qualified signature (the most secure of the three), with the current level of computing power and the required time resources, this is simply impossible to do.

Simple and unqualified signatures on an electronic document replace a paper document signed with a handwritten signature, in cases stipulated by law or by agreement of the parties. An enhanced qualified signature can be considered as an analogue of a document with a seal (i.e. "suitable" for any occasion).

An electronic document with a qualified signature replaces a paper document in all cases, except when the law requires the document to be exclusively on paper. For example, with the help of such signatures, citizens can apply to state bodies to receive state and municipal services, and state authorities can send messages to citizens and interact with each other through information systems.

We sign with the private key, with the open key we verify the electronic signature

To be able to sign documents with an electronic signature, you must have:

  • ES key(so-called closed key) - it is used to create an electronic signature for the document;
  • ES verification key certificate (open ES key) - with its help the authenticity of the electronic signature is checked, i.e. the ownership of the electronic signature by a certain person is confirmed.

Organizations that perform the functions of creating and issuing certificates of ES verification keys, as well as a number of other functions, are called certification centers.

In the process of creating an ES verification key certificate, an ES key and an ES verification key are generated for each user. Both of these keys are stored in files. In order for no one except the owner of the signature to use the ES key, it is usually written down on secure key carrier(as a rule, together with the electronic signature verification key). It, like a bank card, is equipped with PIN code. And just like with card transactions, before using the key to create an electronic signature, you must enter the correct PIN code value (see Figure).

Secure key media are manufactured by various manufacturers and usually look like a flash card. It is the provision by the user of the confidentiality of his ES key that guarantees that attackers will not be able to sign the document on behalf of the certificate owner.

To ensure the confidentiality of the ES key, it is necessary to follow the recommendations on the storage and use of the ES key, contained in the documentation, usually issued to users in the certification center, and you will be protected from illegal actions performed with the electronic signature key on your behalf. It is best if your private key is available exclusively to you. This idea is very important to convey to every owner of the key. This is best achieved by issuing guidance materials on this account and familiarizing employees with them under signature.

Picture

The program asks for a password (PIN-code) in order to sign the document with an electronic signature using the ES key contained on the “flash drive” connected to the computer

Collapse Show

Example 1

Fragment of the Guidelines for ensuring the security of using a qualified electronic signature of Electronic Moscow OJSC

Collapse Show

When creating an electronic signature, electronic signature means must:

  1. show the person signing the electronic document the content of the information that he signs;
  2. create an electronic signature only after the person signing the electronic document confirms the operation to create an electronic signature;
  3. clearly show that the electronic signature has been created.

When verifying an electronic signature, electronic signature means must:

  1. show the content of an electronic document signed with an electronic signature;
  2. show information about making changes to an electronic document signed with an electronic signature;
  3. indicate the person using whose electronic signature key the electronic documents are signed.

The ES verification key certificate contains all the necessary information for verifying the electronic signature. The data of the certificate is open and public. Usually, certificates are stored in the storage of the operating system in the certification center that produced them indefinitely (just like a notary public stores all the necessary information about the person who performed the notarial act for him). In accordance with the provisions of Law No. 63-FZ verification Center who produced the certificate of the electronic signature verification key, is obliged to provide free of charge to any person at his request information contained in the register of certificates, incl. information about the cancellation of the certificate of the electronic signature verification key.

Collapse Show

Oleg Komarsky, IT specialist

The certification center that issued the electronic signature stores the certificate of the verification key of this ES indefinitely, more precisely, during the entire time of its existence. As long as the certification authority is working, there are no problems, but since the center is a commercial organization, it may cease to exist. Thus, in the event of termination of the activities of the CA, there is a possibility of losing information about certificates, then electronic documents signed with electronic signatures issued by the closed CA may lose their legal significance.

In this regard, it is planned to create a kind of state repository of certificates (both valid and revoked). It will be something like a state notary center, where data on all certificates will be stored. But for now, such information is stored in the CA indefinitely.

What should employers consider when equipping their employees with electronic signatures?

In the ES key certificate necessarily there is information about the full name its owner, there is also the possibility including additional information such as The name of the company and position. In addition, the certificate may contain object identifiers (OIDs), defining the relations in the implementation of which an electronic document signed by an ES will have legal significance. For example, an OID may state that an employee has the right to post information on the trading floor, but cannot sign contracts. Those. with the help of OID it is possible to delimit the level of responsibility and authority.

There are subtleties in the transfer of authority upon dismissal or transfer of employees to another position. They should be taken into account.

Example 2

Collapse Show

When commercial director Ivanov, who signed documents with an electronic signature, is dismissed, a new key carrier must be ordered for a new person who replaced Ivanov in this chair to work with ES. After all, Petrov cannot sign documents with Ivanov's signature (albeit electronic).

Usually, upon dismissal, re-issuance of ES keys is organized; as a rule, for this, employees themselves visit a certification center. The organization that pays for issuing the keys is also the owner of the key, so it has the right to suspend the validity of the certificate. Thus, the risks are minimized: the situation when the dismissed employee could sign documents on behalf of the former employer is excluded.

Collapse Show

Natalia Khramtsovskaya, Ph.D., leading expert in document management of the EOS company, ISO expert, member of the GMD and ARMA International

The effective business activity of an organization depends on many factors. One of the key elements of the entire management system is the principle of employee interchangeability. You should think in advance about who will replace employees who are temporarily not performing their duties due to illness, business trips, vacations, etc. If your organization deals with the signing of documents with electronic signatures, this aspect must be considered separately. Anyone who neglects this organizational issue runs the risk of running into serious trouble.

Indicative in this sense is case No. A56-51106/2011, which was considered by the Arbitration Court of St. Petersburg and the Leningrad Region in January 2012.

How did the problem occur:

  • In July 2011, Tvernefteprodukt Sales Association LLC submitted a single application for participation in an open auction in electronic form for the supply of gasoline using fuel cards for the Upper Volga branch of the Federal State Budgetary Scientific Institution "State Research Institute of Lake and River Fisheries" (FGNU "GosNIORKh"). The auction commission of the customer decided to conclude a state contract with the only participant in the auction.
  • The draft state contract was sent by the customer to the operator of the electronic platform on July 12, 2011, and the latter transferred it to the LLC. Within the period established by law, the LLC did not send the draft contract signed by the electronic signature of the person entitled to act on behalf of the order placement participant to the operator of the electronic site, because this official was on sick leave.
  • In July 2011, the St. Petersburg Department of the Federal Antimonopoly Service (UFAS) considered the information provided by the customer about the LLC's evasion from concluding a contract and a decision was made to include it in the register of unscrupulous suppliers.

Disagreeing with the decision of the OFAS, the LLC went to court. All three courts found LLC guilty of contract evasion. And in the last instance in October 2012, it emerged that the LLC applied to the customer on August 10, 2011 and called not the illness of its employee, but his negligence, as the reason for not signing the contract.

Another interesting case occurred when a state contract was signed by an electronic signature of an unauthorized person. This case was considered by the Arbitration Court of the Kaluga Region in September 2011 (case No. A23-2637/2011).

The circumstances were:

  • In March 2011, SEL TEHSTROY LLC was declared the winner of an open auction. By this time, the LLC had a change in the general director: the former general director V. became the deputy of the new general director P. But the new general director had not yet had time to issue an EDS. Therefore, on March 14, 2011, they decided to “simplify their lives” and sign a state contract with the help of the EDS of V., who left his post. However, the main mistake was that V. signed the document as the general director of SEL TEHSTROY LLC.
  • Information about the dismissal of General Director V. and the appointment of P. as General Director, as well as the power of attorney to act on behalf of the participant in the order, issued to V. already as Deputy General Director, were posted on the website of the electronic trading platform only on March 24, 2011, t .e. after signing and sending the contract to the customer.
  • This oversight was noticed by the customer, believing that the contract was signed by an unauthorized person, and in April 2011 he turned to the OFAS. As a result, OFAS included LLC in the register of unscrupulous suppliers for a period of 2 years due to evasion from concluding a state contract.

When considering this case in the first court instance, the court noted that the new general director of the company, P., in his explanations to the OFAS, firstly, confirmed the readiness to sign the state contract, and secondly, admitted the mistake, without disputing the authority of V., indicated in power of attorney. In addition, the fact that the power of attorney was posted on the official website of the electronic platform, albeit belatedly, was regarded by the court as active actions by the company to eliminate the mistake made. As a result, the Arbitration Court ordered the OFAS to exclude LLC from the register of unscrupulous suppliers. In December 2011, the Twentieth Arbitration Court of Appeal upheld the position of the court of first instance.

But the Federal Arbitration Court of the Central District in March 2012 judged otherwise. In his opinion, on March 14, 2011, V. used the EDS in violation of the provisions of Art. 4 of the Federal Law "On Electronic Digital Signature" and the conditions specified in the signature key certificate (after all, an electronic document with an EDS that does not comply with the conditions included in the certificate has no legal significance). As a result, the court concluded that the state contract was signed by an unauthorized person and recognized the decision of the OFAS to recognize LLC as an unscrupulous supplier as legitimate.

Similar cases are often heard by the courts. Then the director, who has an ES key certificate and has the right to sign documents on behalf of the company, quits, and the new director does not have time to make an ES for himself and sign a contract on time. They try to sign documents with the signature of an employee who has already left (or transferred to another position in the same organization). Then there are problems with the negligence of employees or their illness (as in the first of the described cases), and again they do not have time to delegate authority to another person and issue him an ES. And the result is the same - the organization falls into the list of unscrupulous suppliers and loses the right to conclude contracts financed from the budget.

The receipt by an employee of an organization of an ES key, ensuring its safety and actions with it are usually regulated by an order for an organization with the approval of instructional materials. They define the procedure for using ES keys for signing documents, obtaining, replacing, revoking the ES verification key certificate, as well as actions performed when the ES key is compromised. The latter are similar to the actions performed when a bank card is lost.

How to choose a certification authority?

Law No. 63-FZ provides for the division of certification centers into those that have passed and those that have not passed the accreditation procedure (now it is carried out by the Ministry of Telecom and Mass Communications of the Russian Federation). An accredited certification center is issued an appropriate certificate, and in order to obtain a qualified certificate of the ES verification key, it is necessary to apply to such a CA. Non-accredited CAs can only issue other types of signatures.

When choosing a CA, it should be taken into account that not every one of them uses all possible crypto providers. That is, if partners organizing electronic document management need electronic signatures generated using a specific cryptographic provider, then you should choose a certification center that works specifically with this cryptographic information protection tool (CIPF).

The procedure for obtaining an EP and the necessary documents

To organize the exchange of electronic documents between organizations, you must perform the following steps:

  • determine the goals and specifics of the document flow between your and another organization. This should be formalized in the form of an agreement or agreement that defines and regulates the operations and composition of documents with an electronic signature transmitted electronically (such standard agreements are signed, for example, by banks with clients, allowing them to use the client-bank system);
  • to exchange certificates of ES verification keys of persons whose signatures will be transferred between organizations. It is clear that partners can receive such certificates not only from each other, but also from the certification authority that issued these certificates;
  • issue internal instructions regulating the procedure for transferring and receiving electronic documents to another organization, including the procedure for verifying the electronic signature of received documents and actions in case of detecting the fact of making changes to the document after signing it with an electronic signature.

For the production of electronic signature keys and certificates of ES verification keys, users must submit application documents, documentation confirming the accuracy of the information to be included in the ES verification key certificate, as well as appropriate powers of attorney to the certification center.

To ensure the proper level of user identification, the procedure for obtaining certificates of ES verification keys requires the personal presence of its owner.

True, there are exceptions. For example, today, for employees of state and budgetary organizations, as well as employees of executive authorities of the city of Moscow, the certification center of Electronic Moscow JSC has developed a system for the mass issuance of certificates of electronic signature verification keys (SKKEP), which, while maintaining a high level of reliability of user identification, makes it possible to make visiting certification center by each employee personally, which significantly reduces the organization's financial and time costs in comparison with the issuance of SCPE, organized according to the traditional scheme.

How much does an electronic signature cost?

It is a mistake to think that a certification center simply sells media for storing keys and certificates, the service is complex, and the media with key information is one of the components. Price full package of electronic signature depends on:

  • region;
  • pricing policy of the certification center;
  • types of signature and its scope.

Typically, this package includes:

  • services of a certification center for the production of an ES verification key certificate;
  • transfer of rights to use the corresponding software (CIPF);
  • providing the recipient with the necessary software for work;
  • supply of a secure key carrier;
  • technical user support.

On average, the cost varies from 3,000 to 20,000 rubles for a complete package with one carrier of key information. It is clear that when an organization orders a dozen or hundreds of key certificates for its employees, the price per one "signer" will be significantly lower. Reissue of keys is carried out in a year.

Currently, in Russia, the circulation of electronic documents using an electronic signature is rapidly gaining momentum. The electronic signature is widely implemented both in state organizations and in private businesses. At the same time, it should be taken into account that different types of ES have different prices, that a document certified by an ES is legally significant, so the transfer of key carriers along with a PIN code to other persons is unacceptable.

Most importantly, an electronic signature significantly saves time, eliminating paperwork, which is extremely important in a highly competitive environment and when partners are located remotely.

The problem so far remains only in the plane of confirming the authenticity of such a signature and a document with it throughout its long period of storage.

Footnotes

Collapse Show


The regulation was developed taking into account:

    Federal Law "On Electronic Digital Signature"

    "Temporary regulation on digital electronic signature (EDS) in the system of interregional electronic payments of the Central Bank of the Russian Federation during the experiment", approved on August 16, 1995 by the First Deputy Chairman of the Central Bank of the Russian Federation A.V. Voilukov

    Temporary requirements of the Central Bank of the Russian Federation No. 60 dated April 03, 1997 "On ensuring the security of the technology for processing electronic payment documents in the system of the Central Bank of the Russian Federation"

    Regulations of the Central Bank of the Russian Federation No. 20-P dated March 12, 1998 "On the rules for the exchange of electronic documents between the Bank of Russia, credit institutions (branches) and other clients of the Bank of Russia when making settlements through the settlement network of the Bank of Russia" as amended by the Directive of the Bank of Russia No. 774- U dated April 11, 2000

2. General provisions

2.1. This Regulation has been developed for operators, subscribers and authorized subscribers of information cryptographic protection systems (CIPF) that carry out electronic interactions with third parties using key information carriers (KKI).

2.2. This Regulation includes:

    organizational arrangements for work with NCI;

    the procedure for using NCI in the system of electronic interactions;

    the procedure for the manufacture, accounting, registration of EDS keys and encryption keys in the system of electronic interactions;

    procedures for compromising key materials;

    the procedure for ensuring the safety regime when working with NCI.

2.3. Basic terms:

    Carrier of key information– information carrier (floppy disk, flash memory, and other media) on which an electronic key is stored, designed to protect electronic interactions.

    CCMS- the key systems control center, the place of manufacture of the NCI key information carrier.

    Secret (private) signing key- a key intended for the formation of an electronic digital signature of electronic documents.

    Open (public) signing key- a key that is automatically generated during the production of a secret signature key and uniquely dependent on it. The public key is designed to verify the correctness of the electronic digital signature of an electronic document. A public key is considered to belong to a participant in electronic interactions if it has been certified (registered) in accordance with the established procedure.

    Encryption key- a key designed to close an electronic document during electronic interactions.

    Encryption- a specialized method of protecting information from third parties getting acquainted with it, based on encoding information according to the GOST 28147-89 algorithm using the appropriate keys.

    Compromise of key information- loss, theft, unauthorized copying or suspicion of copying the carrier of the NCI key information or any other situations in which it is not known for certain what happened to the NCI. The compromise of key information also includes the dismissal of employees who had access to key information.

    Key certification- the procedure for certifying (signing) the public part of the registered key with an electronic digital signature.

    Application for key registration- a service message containing a new public key, signed with an electronic digital signature.

3. Organization of work with carriers of key information

Persons having access to carriers of key information bear personal responsibility for it. The list of persons having access to diskettes with key information is compiled by the Head of the Information Security Department and recorded in the order for the Bank.

In order to ensure the identification of senders and recipients of information, protect it from unauthorized access:

3.1. The Chairman of the Board of the Bank appoints those responsible for electronic interactions with third-party organizations from among the heads of departments and empowers the responsible employees with the right to set the electronic signature of documents sent by order of the Bank.

3.2. The Head of the Information Security Department, in agreement with the Head of the Information Technology Department, appoints the IT staff responsible for installing the appropriate means for ensuring electronic interactions and cryptographic information protection at the workstations of the responsible employees appointed in clause 2.1.

3.3. The FIB staff, together with the IT staff, appointed in clause 2.2. must conduct training for responsible employees of departments involved in electronic interactions with third-party organizations, work with electronic document management tools and CIPF.

3.4. Control over electronic interactions and the use of key information carriers is carried out by employees of the Information Security Department, the Internal Control Service and the Economic Protection Department.

4. The order of commissioning, storage and use of media of key information

4.1. The procedure for the manufacture, accounting and use of carriers of key information

4.2.1. The procedure for the manufacture and accounting of carriers of key information

A personal key medium (most often a floppy disk) is usually made in a key systems control center (MCC). If the CCMS is serviced by a third-party organization, then the key floppy disks are received by an employee of the Information Security Department or by an authorized CIPF subscriber assigned by order for the bank. In the case when key diskettes are made in the Bank, this is done on the basis of an application signed by the head of the NCI user's department.

The generation of unique key information and its recording on a floppy disk is carried out on a specially equipped stand-alone “key generation workstation”, the software of which performs the functions regulated by the technological process of generating electronic digital signature keys, by authorized employees of the information technology department in the presence of the NCI user himself, is marked, recorded in "Journal of accounting of NCI" and is issued to him against signature. The equipment of the “key generation workstation” should ensure that the unique secret key information of the performer is recorded only on his personal medium.

To ensure the possibility of restoring the key information of the NCI user in case of failure of the key diskette, its working copy is usually created. In order to ensure that when copying from the original to the working copy of the key floppy, its contents do not end up on any intermediate medium, copying should be carried out only on the “key generation workstation”.

Key floppy disks must have the appropriate labels, which reflect: the floppy disk registration number (according to the NCI Record Book), the date of manufacture and the signature of an authorized employee of the information security unit who made the diskette, the type of key information - a key diskette (original) or a key diskette ( copy), last name, first name, patronymic and signature of the owner-performer.

4.2.2. The procedure for using carriers of key information

Each employee (executor) who, in accordance with his functional duties, has been granted the right to put a digital signature on an ED, in accordance with clause 2.1., is issued a personal carrier of key information (for example, a floppy disk), on which unique key information is recorded (“electronic digital signature secret key” ), belonging to the category of restricted information.

Personal key floppy disks (working copies) must be kept by the user in a special case sealed with a personal seal.

In the subdivision, accounting and storage of personal key diskettes of performers should be carried out by the person responsible for information security (in his absence, by the head of the subdivision) or by the performer himself (if he has a safe or a metal cabinet). Key floppy disks should be kept in the safe of the department responsible for information security or the contractor in individual cases sealed with the personal seals of the performers. Pencil cases are removed from the safe only at the time of receipt (issuance) of working copies of key diskettes to performers. The original key diskettes of the performers are stored in the Department of Information Security in a sealed case and can only be used to restore the working copy of the key diskette in the established order in case of failure of the latter. The presence of the original key floppy disks in the cases is checked by the OIB employees at each opening and sealing of the case.

Control over the security of the technology for processing electronic documents, including the actions of NCI users who perform their work using personal key diskettes, is carried out by the departments responsible for information security within their competence and employees of the Information Security Department.

"Open" EDS keys of performers are registered in the prescribed manner by the specialists of the Center for Management of Control and Communications and Information Technologies in the directory of "open" keys used when verifying the authenticity of documents according to the EDS installed on them.

5. Rights and obligations of the user of key information carriers

5.1. Key information media user rights

The user of the NCI should have the right to contact the person responsible for information security of his department for advice on the use of a key floppy disk and on issues of ensuring the information security of the technological process.

The NCI user has the right to demand from the department responsible for information security and from his immediate supervisor the creation of the necessary conditions for fulfilling the requirements listed above.

The user of the NCI has the right to submit his proposals for improving the protection measures in his area of ​​work.

5.2. Responsibilities of the key media user

The user of the NCI, who, in accordance with his official functions, has been granted the right to put a digital signature on the ED, is personally responsible for the safety and correct use of the key information entrusted to him and the content of the documents on which his EDS stands.

The user of key information carriers is obliged to:

    To be personally present during the production of your key information (if the keys are produced in the IB at the "key generation workstation") in order to be sure that the content of its key diskettes (original and copy) is not compromised.

    Get a working copy of the key floppy disk against signature in the NCI Record Book, make sure that it is correctly labeled and write-protected. Register (take into account) them with the department responsible for information security, put them in a pencil case, seal it with your personal seal and transfer the pencil case for storage to the information security officer in the established order or put it in your safe.

    Use only a working copy of your key floppy for work.

    In the case of storage of NCI with the unit responsible for information security, at the beginning of the working day, receive, and at the end of the working day hand over your key floppy disk to the person responsible for information security. At the first opening of the pencil case, both of them are obliged to verify the integrity and authenticity of the seal on the pencil case. If the seal on the pencil case is broken, then the floppy disk is considered compromised.

    If a personal key floppy is stored in the performer's safe, take the key floppy out of the safe if necessary, and when opening the case for the first time, make sure that the seal on the case is intact and authentic. If the seal on the pencil case is broken, then the floppy disk is considered compromised.

    IT IS STRICTLY FORBIDDEN to leave the key floppy in the computer. After using a personal key floppy for signing or encryption, the performer must put the floppy disks in a safe, and if the NCI is stored at the department responsible for information security, hand over his personal key floppy for temporary storage to the department responsible for information security.

    At the end of the working day, put the key floppy in the case, which must be sealed and put away in the safe.

    In case of damage to the working copy of the key floppy disk (for example, in the event of an error reading the floppy disk), the contractor is obliged to transfer it to an authorized employee of the information security system, who must, in the presence of the user of the NCI or the department responsible for information security, make a new copy of the key diskette from the original available in the information security system and issue it to the latter instead of the old one. (corrupted) key floppy.

    A damaged working copy of the key floppy must be destroyed in the prescribed manner in the presence of the performer. All these actions must be recorded in the NCI Record Book.

5.3. The user of key information carriers is prohibited from

    leave a personal key floppy without personal supervision anywhere;

    transfer your personal key floppy disk to other persons (except for storage in a sealed pencil case to the person responsible for information security);

    make unaccounted copies of the key diskette, print or copy files from it to another storage medium (for example, a PC hard disk), remove write protection from the diskette, make changes to files located on the key diskette;

    use a personal key floppy disk on a knowingly faulty disk drive and/or PC;

    sign any electronic messages and documents with your personal "secret EDS key", except for those types of documents that are regulated by the technological process;

    inform someone outside of work that he is the owner of the "secret EDS key" for this technological process.

6. Procedure for compromising carriers of key information

The events associated with the compromise of key information should include the following events:

    loss of key diskettes;

    loss of key floppy disks with subsequent detection;

    dismissal of employees who had access to key information;

    the emergence of suspicions of information leakage or its distortion in the communication system;

    non-decryption of incoming or outgoing messages from subscribers;

    violation of the seal on the safe or container with key floppy disks.

The first three events should be treated as an unconditional compromise of valid EDS keys. The following three events require special consideration in each particular case. When compromising the EDS keys and encryption of the Participant in the exchange of electronic documents, the following measures are provided:

    Participant in the exchange of electronic documents immediately:

    • stops the transmission of information using compromised EDS keys or encryption;

      reports the fact of compromise to the Information Security Department.

    An employee of the Information Security Department, based on the notification of the ED Exchange Participant, excludes the compromised EDS key from the electronic database of public keys or excludes the cryptographic number of the Electronic Documents Exchange Participant from the list of subscribers.

    In case of emergency, the Participant in the exchange of electronic documents after the compromise can continue to work on backup keys, which is recorded in the "Journal of registration of NKI".

    A participant in the exchange of Electronic Documents submits an application for the production of a new key and receives new EDS and encryption keys with registration in the NKI Register.

    Test messages are exchanged using new EDS and encryption keys.

7. Ensuring information security when working with carriers of key information

The order of placement, special equipment, security and regime in the premises in which there are means of cryptographic protection and carriers of key information:

    cryptographic protection means for servicing key information carriers are located in the premises of the Server Bank and the Information Security Department;

    placement, special equipment and regime in the premises where the means of cryptographic protection and carriers of key information are located, ensure the security of information, means of cryptographic protection and key information, minimizing the possibility of uncontrolled access to means of cryptographic protection, viewing the procedures for working with means of cryptographic protection by strangers persons;

    the procedure for admission to the premises is determined by the internal instructions, which are developed taking into account the specifics and conditions for the operation of the Credit Institution;

    the windows of the premises are equipped with metal bars and burglar alarms preventing unauthorized access to the premises. These rooms have solid entrance doors with reliable locks;

    for the storage of key diskettes, regulatory and operational documentation, installation diskettes, the premises are provided with safes;

    the established procedure for the protection of premises provides for periodic monitoring of the technical condition of security and fire alarms and compliance with the security regime;

    placement and installation of cryptographic protection means is carried out in accordance with the requirements of the documentation for cryptographic protection means;

    system blocks of computers with means of cryptographic protection are equipped with means of controlling their opening.

The procedure for ensuring the safety of storage of key diskettes:

    all encryption keys, EDS keys and installation diskettes are taken in the Bank for copy-by-copy accounting in the “NCI Accounting Journal” and “CIPF Accounting Journal” allocated for these purposes;

    accounting and storage of encryption key carriers and installation diskettes, direct work with them is entrusted to the employees of the IIB or responsible employees appointed by order of the Bank. These employees are personally responsible for the safety of encryption keys;

    registration of encryption keys made for users, registration of their issuance for work, return from users and destruction is carried out by an employee of the IIB;

    storage of encryption keys, EDS keys, installation diskettes is allowed in the same storage with other documents under conditions that exclude their unintentional destruction or other use not provided for by the rules for using cryptoprotection systems;

    along with this, it provides for the possibility of secure separate storage of working and backup keys intended for use in case of compromise of working keys in accordance with the rules for using cryptographic protection tools;

    a valid EDS private key recorded on a magnetic medium (diskette) must be stored in a personal, sealed safe (container) of the responsible person. The possibility of copying and unauthorized use of the EDS by an unauthorized person should be excluded;

    the backup EDS key must be stored in the same way as the current one, but always in a separate sealed container.

Requirements for employees involved in the operation and installation (installation) of cryptographic protection tools and key information carriers:

    to work with cryptographic protection means and carriers of key information only employees who know the rules of its operation, have practical skills in working on a PC, have studied the rules of use and operational documentation for cryptographic protection means;

    the employee must be aware of the possible threats to information during its processing, transmission, storage, methods and means of protecting information.

Destruction of key information and diskettes:

    the destruction of key information from floppy disks should be done by double unconditional reformatting of the diskette with the DOS command "FORMAT A: / U";

    the destruction of a key floppy disk that has become unusable should be done by melting on fire (burning) or grinding a floppy magnetic disk removed from the case.

As you know, if a third party has access to the private key of your electronic signature, the latter can install it on your behalf, which, in terms of possible consequences, is similar to forging a signature on a paper document. Therefore, it is necessary to ensure a high level of protection of the private key, which is best implemented in specialized storages. By the way, an electronic signature is not a picture saved in the form of a file with your squiggles, but a string of bits obtained as a result of cryptographic transformation of information using a private key, which allows you to identify the owner and establish the absence of information distortion in an electronic document. An electronic signature also has a public key - a code that is available to everyone, with which you can determine who signed the electronic document and when.

Now the most common option for storing a private key is on a computer hard drive. But it has a number of disadvantages, including:

Now back to specialized storages. At the moment, in some electronic document management systems, the possibility of using storages, such as e-Token and Rutoken, is implemented. What is an e-Token or Rutoken (often referred to simply as a "token")? This is a secure key storage in the form of USB key fobs and smart cards, access to which is carried out only by pincode. If you enter an incorrect pin code more than three times, the storage is locked, preventing attempts to access the key by guessing the value of the pin code. All operations with the key are performed in the storage memory, i.e. the key never leaves it. Thus, interception of the key from the RAM is excluded.

In addition to the above advantages when using secure storage, the following can be distinguished:

  • the safety of the key is guaranteed, including in case of loss of the carrier for the time required to revoke the certificate (after all, the loss of the ES must be urgently reported to the certification center, as reported to the bank in case of loss of a bank card);
  • there is no need to install a private key certificate on each computer from which the user works;
  • The "token" can be simultaneously used for authorization when logging into the computer's operating system and into the EDMS. That is, it becomes a personal means of authentication.

If the EDMS has integration solutions with specialized storages for private keys, then all the advantages are manifested when working with the system.

Let's consider the option when the user stores the key in a specialized storage, while actively working from a laptop. Then, even if the mobile workplace is lost (provided that the “token” is saved), you can not worry that someone will gain access to the EDS from a laptop or be able to copy the private key and sign electronic documents on behalf of this user.

The use of specialized vaults involves additional costs, but at the same time, the level of security of your key and the system as a whole is significantly increased. Therefore, experts recommend using such devices in work, but the choice, of course, is always yours.

Alena, I certainly understand that the article is somewhat "general informational" in nature, but still it is worth highlighting the list of "advantages and disadvantages" of each solution more widely. I'm not in the least refuting the final conclusion that smartcards are more reliable, but potentially they create much more difficulties than the banal "involves additional costs."

By keys on the local computer

This is not true. The default RSA cryptographic provider in Windows stores uses the C:\Users\ folder to store private keys \AppData\Roaming\Microsoft\Crypto\RSA.

Those. places them in the roaming part of the profile, which means that if the user works on different machines within the corporate network, it will be enough for him to set up a roaming profile and there is no need to install certificates on each machine.

By using tokens

Here you need to understand that different manufacturers implement this functionality in different ways. For some, the PIN code keypad is located directly on the device itself, for others, specialized software is used on the computer.

In the first case, the device turns out to be more cumbersome, but more protected from interception of the PIN code, which can be read by installing a software or hardware keylogger on the user's machine, if input software is used.

In particular, Rutoken uses software for entering PIN codes, which means it is potentially vulnerable.

That's right, you don't need to install certificates, but you do need to install device drivers, cryptographic providers, and other modules.

And this is additional low-level software with its own specific features and problems.

Yes, this is true, but only on the condition that you use the crypto functions of the device itself (i.e. all encryption and signing is done by the token itself).

This is the safest option, but it has a number of limitations:

  • released algorithms. For example, the same Rutoken (judging by their documentation) only supports GOST 28147-89 in hardware. All other algorithms, apparently, are already implemented in software, i.e. with the extraction of the private key from the repository.
  • interface speed. Simple smartcards implement, as a rule, not the fastest hardware interfaces (most likely in order to simplify and reduce the cost of the device), for example, USB 1.1. And since you need to transfer the entire file to the device for signing / encryption, this can cause unexpected "brakes".

However (again, judging by the Rutoken documentation), tokens can also act simply as encrypted storage. For example, this is how they work in conjunction with CryptoPro CSP. Well, then the conclusion is obvious - since one software can access the keys, then another can do it.

Additional questions

To the list above, we need to add some more questions that should also be considered when deciding whether to switch to tokens:

  • How are certificates updated? For example, neither on the Rutoken website (in the general sections and the forum), nor in the documentation did I find any mention of Rutoken's support for the Active Directory Key Distribution Service. If this is the case (and Rutoken itself does not provide other mechanisms for mass updating keys), then all keys need to be updated through administrators, which creates its own problems (because the operation is not trivial).
  • what software used in the enterprise and requiring crypto functions:
    • can work through a crypto provider (some software uses its own implementation of crypto algorithms and requires only access to keys)
    • can use cryptographic providers other than the standard ones
  • what additional software (in addition to token drivers) will need to be installed on workstations and servers. For example, the standard Microsoft certificate authority does not support generating keys for GOST algorithms (and the token may not work with others).