4. Contents of the report

Reporting form - a detailed description of the work done at each step in the electronic document (Microsoft Word). Give the structure of a key diskette. The content of the file public and private keys.

5. Test Questions

1. Share this utility HASP Envelope

2. Share this utility HASP test

3. Share this utility HASPEdit

Laboratory work №3

Certification Authorities on the basis of Certificate

Services in Windows Server 2003

introduction Work is carried out in a virtual machine. The operating systems Windows 2003 Server. Administrator password blank.Running Virtual Machine:Start the virtual machine console. Start => All Programs => Microsoft Virtual PC

4. Remove from the virtual machine console, all information

5. Add the information to the console for the virtual machine Windows 2003 Server 4. Run a virtual machine running Windows 2003 Server

Installation Certification Center.

1. In the Windows Components Wizard to add a component Update Root Certificates and Certificate Services

2. In the course of installing Certificate Services select "Stand-alone root CA"

3. Specify the name of the Certification Authority. (XXXXXX - replace) 4. Inlet installation disc will be requested of the Windows distribution. Specify the path: C: \ Distrb \ Win2003Sp1 \ I386

5.View the results of the installation. For this:a. run the management console - Start => Run => mmc,

b. The console opens, add the snap - Certification Authority

c. To view the contents created by a certification authority. View CA certificate and all the folders. Copy the CA certificate to a file.

Setting CryptoPro CSP

a. From the Control Panel run CryptoPro CSP

b. Go to the Hardware tab,

c. Customize readers, select the drive and Registry

d. Customize random number by biological DFS

5. At the Crypto CSP configuration completed

III) Request a certificate. Processing request.

a. On the desktop, open the certificate request label.

b. Open shortcut advanced certificate request

c. Open this link Create and submit a request to this CA.

d. Fill in the required fields the request and issue a certificate request.

e. Processing a certificate request

i. The management console of your Certification Authority go to the tab "RequestsPending "

ii. Edit an existing query.

iii. Go to the tab "Issued certificates". Open the issued certificate and become familiar with its contents f. Obtaining a certificate.

i. Connect to the server WEB Certification Center on the link http: // localhost / certsrv

ii.Select the action View the status of a pending certificate request iii.Select the certificate that you want to obtain and install it iv)Cancel CryptoPro CSP settings. Cancel all the settings you have entered v)removal .. Remove Center Certification Center Certification

List of recommended references

1. June J. Parsons and Dan Oja, New Perspectives on Computer Concepts 16th Edition - Comprehensive, Thomson Course Technology, a division of Thomson Learning, Inc Cambridge, MA, COPYRIGHT © 2014.

2. Lorenzo Cantoni (University of Lugano, Switzerland) James A. Danowski (University of Illinois at Chicago, IL, USA) Communication and Technology, 576 pages.

3. Craig Van Slyke Information Communication Technologies: Concepts, Methodologies, Tools, and Applications (6 Volumes). ISBN13: 9781599049496, 2008, Pages: 4288

4. Brynjolfsson, E. and A. Saunders (2010). Wired for Innovation: How Information Technology Is Reshaping the Economy. Cambridge, MA: MIT Press

5. Kretschmer, T. (2012), "Information and Communication Technologies and Productivity Growth: A Survey of the Literature", OECD Digital Economy Papers, No. 195, OECD Publishing.

Laboratory work № 4.

The study of cryptographic data protection functions Krypton Series devices

2. The objective of the work:

The aim is to study the principles of hardware and software Krypton.

Brief theoretical information

Application program interface Crypton DK - is a dynamically linked library (DLL) functions for working with cryptographic data protection (SKZD) Krypton / Crypton on Win32. It is designed for independent developers of applications requiring embedded encryption functions using encoders series Krypton / Crypton.

Crypton DK provides cryptographic functions for symmetric key system. Hardware or software encoders not included Crypton DK.

Using Crypton DK library enables companies to application developers who do not have the FSB license to distribute kriptosredstv, to implement their programs cryptographic functions.

After reading the description Crypton DK and making sure that the implemented encryption features correspond necessary software company may acquire Crypton DK and encoder - Crypton Emulator software or hardware Krypton. With Crypton DK organized challenge to the cryptographic functions in the program, which is able to encrypt the information it processed in software or hardware token.

In the subsequent dissemination of the encoder program can be supplied by the company-developer, if she has a license FSB, either directly by the Company ANKAD program users. In the latter case, the responsibility for implementing shifrosredstv not on the company's developers.

Crypton DK consists of the following elements:

• CryptAPI library implementing CryptonAPI programming interface;

• header files for programs written in C;

• programming examples in C;

• man-pages describing all CryptonAPI functions;

• dongle.

Drivers for SKZD OS Windows Crypton API supplied with SKZD

Crypton DK describes Windows-analogues of the BIOS functions to Krypton and examples

of their use. DOS-programs can call these functions interrupt 4Sh.

CryptonDK Library copy-protected by a dongle connected to the parallel port kompyutera.Takim way, independent software developers using the encryption function of the library, is automatically protected against copying. Hardware keys copy protection transparent to other devices that use a parallel port, such as printers. In addition, the keys allow you to connect them to each other, it can be used on one computer secure software products from different manufacturers. Handling Win32 application to encrypt the device:

1. Application Layer (not dependent on OS)

Win32App1.exe Win32App2.exe ... Win32AppN.exe

2.Level, which provides the application interface with the driver (not dependent on OS) CryptAPI.dll 3. The level of OS kernel (two drivers are used, depending on the OS)

CRYPTON.SYS (Windows NT) CRYPTON.VXD (Windows 95)

4. Physical Layerfee encryption

Driver encryption card encryption virtualizes fee t.e.kazhdoe Win32 application has its own virtual encryption card with your keys K1 and K2, but the K3 key and replace the node are common for all applications. Levels 3 and 4 can be emulated drayverami- emulators CRYPTONL.SYS (Windows NT) and CRYPTONL.VXD (Windows 95).

Support for DOS DOS-programs can use interrupt 0x4c in a DOS emulation mode. You can disable support for driver DOS session with the utility "DOS driver setup" (CryptDOS.exe). With the help of the same tool you can select which driver (working with the card encryption or

emulator) to be used to interrupt 0x4C. Handling DOS-application to the encryption device on Windows: When referring to a device request from the MS-DOS application goes through several levels:

1.MS-DOS application level V86App1.exe V86App2.exe ... V86AppN.exe

2. Level, which provides real-mode programming interface with protected-mode functions cryptdos.vxd 3. The level of OS kernel crypton.vxd

4. Physical Layer fee encryption

When the session starts DOS-driver cryptdos.vxd starts automatically. This driver intercepts interrupt 0x4S. When the DOS-application generates a software interrupt 0x4C, the driver passes control to the driver board crypton.vxd encryption.

Description BIOS KRYPTON is the DOS-functions in the manual programmer (file program.txt), the supplied SKZD "Krypton-4".