Complex hardware proposal – Kommersant
[ad_1]
The developers of cybersecurity tools suggested that the authorities implement domestic cryptographic standards in subscriber devices by 2030. Now Russian cryptography is used mainly in state information systems. The transition to Russian cryptography in cellular networks will require hardware changes to devices, market participants warn. Support for cryptography according to GOST at the application level can also be implemented programmatically, but full integration will be possible only with Russian operating systems, experts explain.
A Kommersant source in the cybersecurity market said that the working group on information security proposed the government commission on digital development, which oversees the preparation of the “Strategy for the development of the communications industry in the Russian Federation for 2024-2035”, to include in the document a requirement to introduce into the architecture of subscriber devices by 2030 Russian cryptographic protection standards. The proposal should be considered at the next strategic session of the government commission. The Ministry of Digital Transformation told Kommersant that the initiative was proposed by the working group on cybersecurity and “requires discussion.”
Now domestic cryptography standards are used mainly in state information systems, and their widespread implementation is hindered by the fact that Russian developments are not represented in international standards for telecommunication protocols, a Kommersant source explains. He points out that the required degree of power of attorney for communication networks cannot be achieved even by replacing foreign equipment with Russian ones, since “only the software component is localized, and not the logic of work embedded in the hardware.” It is “practically impossible” to completely replace the existing equipment, including due to the lack of personnel in the areas of development, research, implementation and technical support, the source explains. Rostelecom, MTS, VimpelCom, MegaFon and Tele2 declined to comment.
The preliminary text of the strategy already mentions the idea of introducing “digital SIM cards” into consumer devices and industrial equipment using Russian encryption standards. Back in 2020, the now abolished Rossvyaz ordered testing the use of domestic encryption algorithms in eSIM virtual SIM cards (see Kommersant dated February 20, 2020). Work on the creation of physical SIM cards with Russian cryptography has been going on since 2013, now the Ministry of Digital Development wants to speed up their implementation (see Kommersant dated May 12).
The authors of the strategy probably meant the introduction of GOST encryption in mobile browsers and applications, which does not require hardware changes to devices, F + tech Group said: “It will be enough for Russian application developers to add such support, but full integration can only be obtained on Russian assemblies of operating systems. But, as Alexei Rogdev, general director of the Internet Technical Center, explains, cryptography in mobile devices is also used for authentication in the operator’s network and data protection. According to him, adding support for domestic standards implies at least a flashing of communication modules and adding Russian certificates to them.
Russian cryptographic standards are partially supported at the application level, for example, to check the integrity of the program code, but it is “quite difficult” to implement them for the functions of the communication network, Mr. Rogdev said: “Such an implementation may require refinement not only of the software, but also of the hardware.”
A Kommersant source in the mobile device development market notes that the proposal of the working group is not formulated specifically enough: “Depending on the answer to the question of what exactly is planned to be protected, it will be clear whether support for Russian cryptography is needed at the hardware level or is a software crypto provider enough.” The development of crypto providers with Russian algorithms is carried out by CryptoPRO, InfoTeKS, etc. For general civil use, according to him, there are “more than enough” software solutions, the expert notes.
The session to finalize the strategy “will take place in the near future,” Kommersant was told in the office of the relevant Deputy Prime Minister Dmitry Chernyshenko: “It will consider the proposals and initiatives of the working groups, together with the industry, a decision was made to include them in the strategy.”
[ad_2]
Source link
