Count Orlov LLC, being a Russian company operating in the Russian Federation, pays special attention to the methods and methods of electronic security used in its activities. Among the many modern crypto protection systems, the company uses the CryptoPro crypto provider:
- CryptoPro CSP is a Russian crypto provider used for encryption and electronic signature operations. It supports GOST encryption and electronic signature standards, which makes it possible to use CryptoPro CSP for submitting reports to the state. bodies, building systems for secure electronic document management and legally significant signatures, as well as in personal data protection systems.
- CryptoPro CSP for servers, including CryptoPro TLS — a network authentication support module that implements the Transport Layer Security protocol (TLS v. 1.0, RFC 2246), using Russian cryptographic standards. The TLS protocol is designed to provide cryptographic means of authenticating the sender (client) — addressee (server), control the integrity and encryption of information exchange data.
- authorization and ensuring the legal significance of electronic documents when exchanging them between users, through the use of procedures for the formation and verification of an electronic digital signature (EDS) in accordance with domestic standards GOST R 34.11-94, GOST R 34.10-2001, GOST P 34.11-2012, GOST P 34.10-2012
- ensuring confidentiality and control of the integrity of information through its encryption and imitation protection, in accordance with GOST 28147-89; ensuring the authenticity, confidentiality and imitation protection of TLS connections;
- control of the integrity of system and application software to protect it from unauthorized changes or violation of the correct functioning;
- management of key elements of the system in accordance with the regulations of protective equipment.
- The algorithm for generating the value of the hash function is implemented in accordance with the requirements of GOST R 34.11 94, GOST P 34.11-2012 “Information technology. Cryptographic information protection. Hash function «.
- Algorithms for generating and verifying EDS are implemented in accordance with the requirements: GOST R 34.10-2001 and GOST R 34.10-2012 “Information technology. Cryptographic information protection. Processes of Formation and Verification of Electronic Digital Signatures ”.
- The data encryption / decryption algorithm and the calculation of the imitating insert are implemented in accordance with the requirements of GOST 28147 89 “Information processing systems. Cryptographic protection «.
- When generating private and public keys, it is possible to generate with different parameters in accordance with GOST R 34.10-2001 and GOST R 34.10-2012. When generating the value of the hash function and encryption, it is possible to use various replacement nodes in accordance with GOST R 34.11-94 and GOST 28147-89.
From January 1, 2019, it is prohibited to generate an electronic signature using ES keys GOST R 34.10-2001. According to the document of the FSB of Russia No. 149/7/1 / 3-58 dated January 31, 2014 «On the procedure for switching to the use of new EDS standards and the hashing function», the use of the GOST R 34.10-2001 signature scheme to generate a signature after December 31, 2018 is not allowed.