TVs. Consoles. Projectors and accessories. Technologies. Digital TV

Rutoken web plugin. What is a root token plugin? Personal data protection

Rutoken Plugin is an electronic signature, encryption and two-factor authentication tool for Web and SaaS services. The product uses hardware implementation of Russian cryptographic algorithms “on board” the devices Rutoken EDS, Rutoken Web and Rutoken PINPad. Rutoken Plugin is compatible with solutions of Russian CIPF manufacturers and can be used in information systems, which use digital certificates and PKI infrastructure.

What is Rutoken Plugin

In Rutoken Plugin as a tool cryptographic protection and strict two-factor authentication is a USB token or other device in which Russian cryptographic algorithms are implemented in hardware. To work in the browser context, a cross-platform and multi-browser plugin is used - a special functionality extension supported by all browsers. Rutoken Plugin implements the following information protection mechanisms:

  • two-factor authentication in the Web service using a USB token,
  • encryption of data exchange between the browser and the Web service in accordance with GOST 28147-89,
  • electronic signature of data according to GOST R 34.10-2001,
  • data integrity control by calculating the hash function in accordance with GOST R 34.11-94,
  • restriction of access to Web service resources based on digital certificates.

To integrate with systems that use digital certificates and PKI infrastructure, the product provides support for:

  • digital certificates in X.509 format,
  • requests for PKCS#10 certificates,
  • signing and encrypting data in CMS format.

Rutoken Plugin uses only APIs built into the browser and does not require the installation of additional components, frameworks and platforms, such as Java, Microsoft Silverlight and others.

Interaction with USB devices

Rutoken Plugin supports work with Rutoken EDS, Rutoken Web and Rutoken PINPad devices. The most common is to use the plugin together with USB tokens. In this case, USB tokens work through a standard driver, which is included in modern operating systems. In order for the operating system to recognize the token, it is enough to connect it to the USB port of the computer.

Rutoken Plugin is a standard extension of browser functionality - Active X for IE and NPAPI plugin for other browsers. The plugin installation program is implemented as
one-click-installer, that is, it does not require the user to select any options. Also, no rights are required to install the plugin. system administrator. When a user visits the site, the plugin is loaded onto the Web page, and after that its functions can be called from page scripts.

When encrypting, hashing and electronically signing, the plugin accesses the token directly, and all cryptographic operations occur at the hardware level. It should be noted that the plugin has the ability to programmatically encrypt and calculate a hash function to speed up operations. Since crypto operations are performed “on board” the device, the keys are non-retrievable (not loaded into RAM computer), and they cannot be stolen without physically removing the token from the user. But even in this case, the attacker will be limited by the need to know the unique PIN code.

In addition to working with USB tokens, Rutoken Plugin supports work with Rutoken PINPad - a TrustScreen class device for remote banking, which allows you to perform the most critical transactions with their visual control in a trusted environment. Since Rutoken PINPad also performs the functions of a cryptographic token, its interaction with Rutoken Plugin is similar to the interaction between a USB token and a plugin.

Purpose

Security of remote banking systems

An important area of ​​application of the Rutoken Plugin is the security of remote banking systems (RBS). The solution provides:

  • strong client authentication when accessing personal account,
  • confirmation of payments and transactions using an electronic signature,
  • encryption of payment orders,
  • visual control of payment documents before signing in a trusted environment (when used with Rutoken PINPad),
  • secure storage of keys to the user’s personal account.

The flagship device for the banking sector is the Rutoken PINPad, which allows you to successfully resist all known attacks on client sites of remote banking systems. Rutoken PINPad combines the functions of a cryptographic token and a TrustScreen device for viewing payments before signing them, as well as for securely entering a PIN code. Rutoken Plugin allows you to integrate Rutoken PINPad into remote banking systems with a Web interface.

Personal data protection

When using the Rutoken Plugin together with the Rutoken EDS, a certified USB token acts as a means of cryptographic information protection (CIPF) and a means of protection against unauthorized access (ATD):

  • Rutoken EDS has a FSTEC certificate according to NDV4, which allows it to be used to protect information from NSD in IPDN up to class 1 inclusive in accordance with the requirements of FSTEC and the norms of Federal Law-152, as well as in information systems up to security class 1G inclusive;
  • Rutoken EDS is certified by the FSB as a cryptographic information protection system according to class KS2, which allows it to be used as encryption tool in accordance with PKZ2005 for protection confidential information and personal data;
  • Rutoken EDS is certified for compliance with 63-FZ and the requirements for electronic signature tools, approved by Order of the FSB of Russia dated December 27, 2011 No. 796, which allows it to be used as a means of qualified electronic signature when organizing legally significant electronic document flow.

Thus, Rutoken Plugin can be used to protect information in accordance with the requirements of regulators and legislation. The areas of its application are:

  • protection of personal data of patients of medical institutions,
  • protection of personal data of school and university students,
  • information protection in public service delivery systems and municipal services V electronic form,
  • security and giving legal significance to corporate electronic document management.

Access licensing

In some cases, Web services provide access to knowledge bases that contain a company's intellectual property. This intellectual property has a price tag, so access to it is limited and comes at a cost. The company is interested in ensuring that only one person can use one issued access license.

The use of two-factor authentication in the Web service via a USB token makes it significantly more difficult for several people to access one account, since for this they will need to constantly exchange the device itself. Unlike authentication using a login-password combination, in some cases this may turn out to be an insurmountable obstacle, and the complexity of solving the problem will lead to the purchase of additional accounts.

Architecture

Characteristics

Installation
  • Rutoken Plugin is distributed as an MSI package for Windows and
    PKG package for Mac OS X. For Linux OS the plugin is distributed in the form of binary files. For successful work, the user does not need to install any additional software, system administrator rights or configure the workplace.
Supported Platforms
  • Windows XP SP3 (x86 only), Windows Vista, Windows 7, Windows 8.
  • Mac OS X 10.6, Mac OS X 10.7, Mac OS X 10.8.
  • Ubuntu 10.04, Ubuntu 12.04, Alt Linux 6, Debian 6 Squeeze, Astra Linux, CentOS 6.2, can be used on other Linux distributions.
Supported Browsers
Supported devices
  • Rutoken EDS.
  • Rutoken Web.
  • Rutoken PINPad.
Cryptographic algorithms and formats used
  • Encryption according to GOST 28147-89.
  • Hash function calculation according to GOST R 34.11-94.
  • Electronic signature according to GOST R 34.10-2001.
  • Calculation of the agreement key according to the VKO GOST 34.10-2001 scheme.
  • X.509 digital certificate format.
  • PKCS#10 certificate request format.
  • Format of signed and encrypted CMS messages.

A solution for authentication on web resources, which is used instead of the classic “login-password” pair. The solution includes the Rutoken Web electronic identifier in a standard case, which is convenient to carry as a key fob on a key ring.

Rutoken Web micro

Rutoken Web in a micro-case is designed for use with laptops and tablet computers. Like classic models, the micro-token is equipped with an LED to indicate operating modes. In terms of dimensions, it is comparable to a USB connector and, when connected, protrudes beyond the computer by only 5 mm.

Features of Rutoken Web

Using Trojans, phishing or traffic interception, it is impossible to steal either hardware device, nor forge or replace an electronic signature. The Rutoken Web solution is cross-platform and multi-browser, has a low cost of ownership and is easy to use.

The product is based on electronic signature technology and consists of three components:

  1. USB token - electronic key, having the ability to carry out an electronic signature. Works as an HID device, does not require driver installation.
  2. Browser plugin- communicates between the USB token and the browser. Does not require administrative rights to install. Uses only APIs built into the browser and does not require the installation of additional components, frameworks and platforms such as Java, Microsoft Silverlight and others. Works with all known browser platforms Microsoft Windows, Apple macOS/OSX, GNU/Linux.
  3. Server part- implementation of electronic signature verification on the server. Mechanisms are implemented for different platforms and development tools, namely: PHP, ASP.NET, Netcat, WordPress, Joomla and Bitrix.

If the user has lost the token, he can access the site once without a USB token. For this purpose, a one-time access code is used, printed on a scratch card, which is included in the Rutoken Web delivery set. This access restoration mechanism ensures continuity of use of the web resource.

Rutoken Web is an “iron password”; its use solves the problem of cloning web service users, since it is impossible to use one token on several workstations at the same time. If Rutoken Web is used to access corporate environment, then when an employee leaves, it is enough to simply take the device itself from him.

Secure authentication mechanism

The solution is not susceptible to vulnerabilities typical for authentication based on the login-password pair. An electronic signature generated inside a USB token is used for authentication. The secret key never leaves the device. The digital signature algorithm complies with the requirements of RFC 5832. As an authentication protocol, Rutoken Web uses an adapted two-pass one-way authentication protocol with public key in accordance with ISO/IEC 9798-3.

Ease of use

The user does not need to remember multiple logins and passwords to access different resources: they just need to have a token and know its PIN code. The Rutoken Web USB key does not require driver installation to operate. The Rutoken Web browser plugin does not require system administrator rights for installation. The solution is compatible with most browsers and operating systems and does not require special knowledge to work with it. If the token is lost, access to the web resource can be restored without specifying personal data during registration.

Technologies

The Rutoken Web USB token works using the HID protocol, which is supported in most common operating systems. The browser plugin supports NPAPI and Microsoft ActiveX specifications and therefore works in most browsers. Signature verification on the server is implemented both in the form of a PHP application, which is convenient for PHP sites, and in the form of binary modules for other Linux and Windows configurations.

Purpose

The Rutoken Web solution can be used in public Internet services, remote service systems, Intranet systems, when distance learning, at remote workplaces, in corporate Internet services, in systems for interaction with partners and contractors.

Cryptographic capabilities

  • Hardware generation of key pairs with quality checking according to the GOST R 34.10-2001 algorithm.
  • Hardware hashing according to GOST R 34.11-94 standard.
  • Hardware generation of an electronic signature according to the GOST R 34.10-2001 algorithm.
Owner authentication options
  • Two-factor authentication: by presenting the identifier itself and by presenting a unique PIN code.
  • Possibility to restore access to your account upon presentation secret code from a scratch card printed under a protected layer.
Interfaces
  • USB HID Profile: Rutoken Web works without installing drivers.
Supported OS
  • Microsoft Windows.
  • Apple macOS/OSX.
  • Ubuntu/Debian/Fedora/RedHat/CentOS.
Supported Browsers
  • Internet Explorer.
  • Mozilla Firefox.
  • Google Chrome.
  • Opera.
  • Safari.
General characteristics
  • Modern secure microcontroller.
  • Dimensions 58x16x8mm (micro token 17.8x15.4x5.8mm).
  • Weight 6.3g (micro-token 1.6g).

Rutoken Plugin is a solution for electronic signature, encryption and two-factor authentication for Web and SaaS services. The plugin uses hardware implementation of Russian cryptographic algorithms for electronic identifiers and smart cards of the family Rutoken EDS 2.0, EDS PKI and Rutoken PINPad . Rutoken Plugin is compatible with solutions of Russian CIPF manufacturers and can be used in information systems that use digital certificates and PKI infrastructure. Certified FSTEC of Russiaas part of PAK Rutoken.

Rutoken Plugin uses a USB token or other device in which Russian cryptographic algorithms are implemented in hardware as a means of cryptographic protection and strict two-factor authentication. To work in the context of a browser, cross-platform and multi-browser technologies are used, which make it equally convenient to work with an electronic signature in a browser, regardless of the operating system used.

Rutoken Plugin allows you to implement the following information security mechanisms:

  • two-factor authentication in a Web service via hardware media;
  • encryption of data exchange between the browser and the Web service in accordance with GOST 28147-89;
  • electronic signature according to GOST R 34.10-2001 and GOST R 34.10-2012 (256 and 512 bits) and RSA;
  • hash function calculation according to GOST R 34.11-94 and GOST R 34.11-2012 (256 and 512 bits);
  • restriction of access to Web service resources based on digital certificates.

To integrate with systems that use digital certificates and PKI infrastructure, the product provides support for:

  • digital certificates in X.509 format,
  • requests for PKCS#10 certificates,
  • signing and encryption of data in CMS format, including for multiple recipients.

Rutoken Plugin is installed and works with user rights and uses only the capabilities and API built into the browser. Rutoken Plugin does not require installation of proxy tools and additional components, frameworks and platforms, such as Java, Microsoft Silverlight, etc.

The Rutoken Plugin installation program is implemented as a simple one-click-installer, that is, it does not require administrator rights or user selection of any options. When a user visits a secure site, the Rutoken Plugin is automatically loaded onto the Web page, and after that its functions can be called from page scripts.

Interaction with USB devices

Rutoken Plugin works with hardware identifiers and smart cards of the Rutoken EDS 2.0 family, EDS PKI and Rutoken PINPad. All these devices operate through standard drivers, which are included in all modern operating systems. In order for Rutoken Plugin to recognize the device, you just need to connect it to the USB port of your computer or insert a smart card into the reader.

When hashing and electronically signing, the Plugin accesses the token directly, and cryptographic operations occur at the hardware level. The plugin also has the ability to programmatically calculate a hash function to speed up the operation. Due to the fact that the electronic signature operation is performed “on board” the devices, the private key is never loaded into the computer’s RAM. This allows you to work with guaranteed non-retrievable and non-copyable private keys, created inside devices.

Such keys cannot be stolen without physically removing the token from the user, but even then the attacker will be limited by the need to know the device's unique PIN code. Additional level of security and protection against remote control provides the use of additional functionality for signature confirmation in Rutoken EDS 2.0 Touch.

And the interaction of the Rutoken Plugin with the Rutoken PINPad device allows, among other things, to enter a secret PIN code directly on the device (protection from keyloggers) and protect transactions from spoofing by displaying them on the screen of a trusted device.

Security of remote banking systems

The security of remote banking systems (RBS) is the most important area of ​​​​application of the Rutoken Plugin. Linking Rutoken Plugin with Rutoken EDS 2.0 or Rutoken PINPad provides:

  • strict client authentication when accessing your personal account,
  • confirmation of payments and transactions using a qualified or enhanced electronic signature,
  • encryption of payment orders,
  • visual control of payment documents before signing in a trusted environment (when used with Rutoken PINPad).

The ideal scenario for using Rutoken Plugin in the banking sector is the simultaneous introduction of electronic identifiers or smart cards Rutoken EDS 2.0 (Touch) for a mass user with significant restrictions on payments and a small number of Rutoken PINPad for VIP users with a significantly increased payment limit or no payment at all him..

Personal data protection

Rutoken Plugin can be used to protect information in accordance with the requirements of regulators and legislation.

Common areas of application of Rutoken Plugin are:

  • protection of personal data of patients of medical institutions,
  • protection of personal data of school and university students,
  • protection of information in systems for providing government services and municipal services in electronic form,
  • giving legal significance and security to corporate electronic document management.

Access licensing

In some cases, Web services provide access to knowledge bases that contain a company's intellectual property. This intellectual property has a certain price, so access to it is limited and provided for a fee. Often companies are interested in ensuring that only one licensee can physically use one issued license.

Using two-factor authentication in a Web service via a USB token or smart card can significantly complicate access to one account by several people, since for this they will need to constantly exchange the device itself. Unlike authentication using a login-password combination, this may turn out to be an insurmountable obstacle, and the complexity of solving this problem will lead dishonest users to do nothing other than purchase additional accounts.

Rutoken Plugin is compatible with solutions of Russian CIPF manufacturers and can be used in information systems that use digital certificates and PKI infrastructure.

Russia for the software and hardware complex for authentication and information storage “Rutoken” version 4, including the Rutoken Plugin. Read more.

2017

Rutoken Plugin 4.0

Using Rutoken Plugin 4.0 does not require modification of the existing information system and will allow you to quickly and painlessly switch to the use of new GOSTs.

Rutoken Plugin is a convenient tool for embedding tokens of the Rutoken EDS 2.0 family and trustscreen devices Rutoken PINPad. Sharing These products allow you to implement all the necessary scenarios for working with electronic signatures in remote service systems (RS). The updated product has retained the familiar interface and has full backwards compatible With previous versions Plugins 1.x and 2.x.

Rutoken Plugin developers closely monitor changes in major browsers and release the necessary updates in advance. The plugin works in popular browsers (Internet Explorer, Chrome, Firefox, Opera, Safari on macOS and Firefox ESR on Linux) and operating systems. To install it on the system, administrative rights are not required, and it does not conflict with other applications and security systems, the developers assured.

The old electronic signature standards are valid until January 1, 2019. It is important for us as developers to update products in advance and inform our partners about this. The prompt transition of end users to Rutoken products with support for new GOSTs guarantees banks cost savings when replacing outdated CIPF. And all financial transactions in remote service channels will be protected by the triad Rutoken Plugin, Rutoken EDS 2.0 and Rutoken PINPad,” emphasized Kirill Meshcheryakov, director of the Rutoken product line of the Aktiv company.

Rutoken Plugin 2.8.9

The Aktiv company has released a version of Rutoken Plugin and an extension for the Firefox browser for the Windows operating system, which allows you to work without NPAPI through Native Messaging. Mozilla previously announced the abandonment of NPAPI technology in Firefox browser, starting with version 52. As of mid-April 2017, plugins that use NPAPI are no longer supported in Firefox.

Rutoken Plugin version 2.8.9 supports work via NPAPI and Native Messaging. This version adds support for the RSA algorithm and fixes some bugs.

2015: Rutoken Plugin

Rutoken Plugin- a technological solution for organizing electronic signatures, encryption and two-factor authentication for web and SaaS services.

The product uses hardware implementation of Russian cryptographic algorithms “on board” the Rutoken EDS, Rutoken Web and Rutoken PINPad devices.

Rutoken Plugin is compatible with the technologies of Russian CIPF manufacturers and can be used in information systems that use digital certificates and PKI infrastructure.

Technological Protection Tools (2014)

A USB token or other device in which Russian cryptographic algorithms are implemented in hardware acts as a means of cryptographic protection and two-factor authentication. To work in the browser context, a cross-platform and multi-browser plugin is used - a special functionality extension supported by all browsers.

Rutoken Plugin performs information security functions:

  • two-factor authentication in the web service using a USB token,
  • encryption of data exchange between the browser and web service in accordance with GOST 28147-89,
  • electronic signature of data according to GOST R 34.10-2001,
  • data integrity control by calculating the hash function in accordance with GOST R 34.11-94,
  • restriction of access to web service resources based on digital certificates.

To integrate with systems that use digital certificates and PKI infrastructure, the product provides support for:

  • digital certificates in X.509 format,
  • requests for PKCS#10 certificates,
  • signing and encrypting data in CMS format.

Rutoken Plugin uses only APIs built into the browser and does not require the installation of additional components, frameworks and platforms.

Purpose

The scope of application of Rutoken Plugin is the security of remote banking systems (RBS).

The product provides:

  • strict client authentication when accessing your personal account,
  • confirmation of payments and transactions using an electronic signature,
  • encryption of payment orders,
  • visual control of payment documents before signing in a trusted environment (when used with Rutoken PINPad),
  • secure storage of keys to the user’s personal account.

Rutoken Plugin uses a USB token or other device in which Russian cryptographic algorithms are implemented in hardware as a means of cryptographic protection and strict two-factor authentication. To work in the context of a browser, cross-platform and multi-browser technologies are used, which make it equally convenient to work with an electronic signature in a browser, regardless of the operating system used.

Rutoken Plugin allows you to implement the following information security mechanisms:

  • two-factor authentication in a Web service via hardware media;
  • encryption of data exchange between the browser and the Web service in accordance with GOST 28147-89;
  • electronic signature according to GOST R 34.10-2001 and GOST R 34.10-2012 (256 and 512 bits) and RSA;
  • hash function calculation according to GOST R 34.11-94 and GOST R 34.11-2012 (256 and 512 bits);
  • restriction of access to Web service resources based on digital certificates.

To integrate with systems that use digital certificates and PKI infrastructure, the product provides support for:

  • digital certificates in X.509 format;
  • PKCS#10 certificate requests;
  • signing and encryption of data in CMS format, including for multiple recipients.

Rutoken Plugin is installed and works with user rights and uses only the capabilities and API built into the browser. Rutoken Plugin does not require installation of proxy tools and additional components, frameworks and platforms, such as Java, Microsoft Silverlight, etc.

The Rutoken Plugin installation program is implemented as a simple one-click-installer, that is, it does not require administrator rights or user selection of any options. When a user visits a secure site, the Rutoken Plugin is automatically loaded onto the Web page, and after that its functions can be called from page scripts.

Interaction with USB devices

Rutoken Plugin works with hardware identifiers and smart cards of the Rutoken EDS 2.0 family, EDS PKI and Rutoken PINPad. All these devices operate through standard drivers, which are included in all modern operating systems. In order for Rutoken Plugin to recognize the device, you just need to connect it to the USB port of your computer or insert a smart card into the reader.

When hashing and electronically signing, the Plugin accesses the token directly, and cryptographic operations occur at the hardware level. The plugin also has the ability to programmatically calculate a hash function to speed up the operation. Due to the fact that the electronic signature operation is performed “on board” the devices, the private key is never loaded into the computer’s RAM. This allows you to work with guaranteed non-retrievable and non-copyable private keys created within devices.

Such keys cannot be stolen without physically removing the token from the user, but even then the attacker will be limited by the need to know the device's unique PIN code. An additional level of security and protection from remote control is provided by the use of additional signature confirmation functionality in Rutoken EDS 2.0 Touch.

And the interaction of the Rutoken Plugin with the Rutoken PINPad device allows, among other things, to enter a secret PIN code directly on the device (protection against keyloggers) and protect transactions from spoofing, thanks to their display on the screen of a trusted device.

Certification

Software Rutoken Plugin is certified by FSTEC of Russia as part of PAK Rutoken.

When using the Rutoken Plugin together with devices of the Rutoken EDS 2.0, EDS PKI and Rutoken PINPad family, a hardware device acts as a means of cryptographic information protection (CIPF) and a means of protection against unauthorized access (NSD):

  • Rutoken EDS 2.0, EDS 2.0 Flash, EDS 2.0 Touch and Rutoken EDS PKI - devices are certified by FSTEC according to NDV4, which allows them to be used to protect information from NSD in IPDN up to class 1 inclusive in accordance with the requirements of FSTEC and the standards of Federal Law-152, and also in information systems up to security class 1G inclusive;
  • Rutoken EDS 2.0, EDS 2.0 Flash, EDS 2.0 Touch and Rutoken PINPad are certified by the FSB as CIPF in classes KS1 and KS2, which allows them to be used as an encryption tool in accordance with PKZ2005 to protect confidential information and personal data;
  • Rutoken EDS 2.0, EDS 2.0 Flash, EDS 2.0 Touch and Rutoken PINPad are certified in accordance with 63-FZ and the requirements for electronic signature tools, approved by Order of the FSB of Russia dated December 27, 2011 No. 796, which allows them to be used as a means of qualified electronic signature when organizing legally significant electronic document flow.

Security of remote banking systems

The security of remote banking systems (RBS) is the most important area of ​​​​application of the Rutoken Plugin. Linking Rutoken Plugin with Rutoken EDS 2.0 or Rutoken PINPad provides:

  • strict client authentication when accessing your personal account;
  • confirmation of payments and transactions using a qualified or enhanced electronic signature;
  • encryption of payment orders;
  • visual control of payment documents before signing in a trusted environment (when used with Rutoken PINPad).

The ideal scenario for using the Rutoken Plugin in the banking sector is the simultaneous introduction of electronic identifiers or smart cards Rutoken EDS 2.0 (Touch) for a mass user with significant restrictions on payments and a small number of Rutoken PINPad for VIP users with a significantly increased payment limit or no payment at all him.

Personal data protection

Rutoken Plugin can be used to protect information in accordance with the requirements of regulators and legislation.

Common areas of application of Rutoken Plugin are:

  • protection of personal data of patients in medical institutions;
  • protection of personal data of school and university students;
  • protection of information in systems for providing government services and municipal services in electronic form;
  • giving legal significance and security to corporate electronic document management.

Access licensing

In some cases, Web services provide access to knowledge bases that contain a company's intellectual property. This intellectual property has a certain price, so access to it is limited and provided for a fee. Often companies are interested in ensuring that only one licensee can physically use one issued license.

Using two-factor authentication in a Web service via a USB token or smart card can significantly complicate access to one account by several people, since for this they will need to constantly exchange the device itself. Unlike authentication using a login-password combination, this may turn out to be an insurmountable obstacle, and the complexity of solving this problem will lead dishonest users to do nothing other than purchase additional accounts.

Installation

  • MSI package for Windows.
  • pkg package for Apple macOS.
  • binary files for Linux OS.
Supported Platforms
  • Microsoft Windows 10/8.1/8/7/Vista/XP/2003.
  • Apple macOS 10.13/10.12/10.11/10.10/10.9/10.8.
  • Ubuntu, Mint, Debian, AltLinux, Astra Linux, Goslinux, ROSA, Fedora, CentOS and others.
Supported Browsers
  • Mozilla Firefox.
  • Google Chrome
  • Internet Explorer (version 7 and higher).
  • Apple Safari.
  • Yandex, Sputnik and others based on Chromium.
  • Opera Blink and Vivaldi.
Supported devices
  • Rutoken EDS 2.0 and EDS 2.0 Flash.
  • Rutoken EDS 2.0 Touch and EDS 2.0 Flash Touch.
  • Rutoken PINPad.
  • Rutoken EPC PKI (limited support).
  • Rutoken Web (limited support).
Supported cryptographic algorithms and formats
  • Electronic signature according to GOST R 34.10-2001, GOST R 34.10-2012 (256 and 512 bits) and RSA.
  • Hash function calculation according to GOST R 34.11-94 and GOST R 34.11-2012 (256 and 512 bits).
  • Calculation of the agreement key according to the VKO GOST scheme 34.10-2001 and 34.10-2012 (256 and 512 bits).
  • Encryption according to GOST 28147-89.
  • X.509 digital certificate format.
  • PKCS#10 certificate request format.
  • Signed and encrypted message format CMS and PKCS#7, including for multiple recipients.


Share with friends:
Related publications