Kaztoken is a personal means of authentication and digital signature generation (electronic digital signature). The device is manufactured by Digital Stream [1] .
Content
Specifications
Hardware Platform
The Kaztoken device is built on a 32-bit ARM7 microcontroller architecture.
Memory Size
The Kaztoken device has 64 KB available for storing protected information.
Software Implementation
All Kaztoken device functionality is implemented in the operating system in strict accordance with ISO / IEC 7816.
Implemented Cryptographic Algorithms
The following cryptographic algorithms are implemented in the Kaztoken device:
- EDS algorithm according to GOST 34.310-2004: key generation; formation of an electronic digital signature.
- Diffie-Hellman Negotiation Key Calculation ( RFC 4357 ).
- Hashing according to GOST 34.311-95.
- Symmetric encryption according to GOST 28147-89 (simple replacement, gamma, gamma with feedback).
- Hardware implementation of the client part of TLS.
- Elaboration of the approval key according to the El-Gamal method.
The following algorithms were not implemented in the Kaztoken device as they are considered obsolete:
- DES
- 3DES
- SHA-1
Work with private keys
The Kaztoken device is designed so that private keys never leave the device. Key generation, as well as all necessary cryptographic operations, are performed by the device itself.
Supported Operating Systems
The Kaztoken device works in the following operating systems without installing additional drivers (supported by the standard CCID driver):
- Microsoft Windows Server 2003 , Microsoft Windows Server 2008 , Microsoft Windows Vista , Microsoft Windows 7
- A variety of OS based on GNU / Linux .
- Mac OS Starting from 10.5.6 and later.
Microsoft CCID drivers are also available for other Microsoft Windows operating systems.
Application
The Kaztoken device is a hardware implementation of the Kazakhstan standard for electronic digital signature. It is intended for use as a protected key carrier in Kazakhstan systems using public key infrastructure , legally significant electronic document management systems and other information systems using electronic digital signature technologies.
Compatibility with Third Products
The Kaztoken device is compatible with the software of the Gamma Technologies company [2] . In particular, the device works correctly with the certification centers of the NUTs [3] and KISC [4] .
Certification
The Kaztoken device is certified according to the standard ST RK 1073-2007 βMeans of cryptographic information protection. General technical requirements βto the third level of security.
Notes
- β Digital Stream LLP.
- β Research Laboratory of Gamma Technologies.
- β NUTs - National Certification Authority of the Republic of Kazakhstan.
- β KISC - Kazakhstan Center for Interbank Settlements of the National Bank of the Republic of Kazakhstan.
Links
- The site dedicated to the Kaztoken device (Russian)
- The site of the R&D Gamma Technologies (rus.)
- Website of the Kazakhstan Center for Interbank Settlements of the National Bank of the Republic of Kazakhstan (Kazakh.) (Russian) (English)
- Website of the National Certification Authority Center of the Republic of Kazakhstan (Kazakh.) (Rus.) (Eng.)