What is a secure data carrier (token)?

To begin with, let's recall two concepts:

EDS - electronic digital signature.

KEP - qualified electronic signature.

Yes, effective   The Law of Ukraine "On Electronic Trust Services" , i.e. from November 7, 2018, instead of the concept of EDS, KEP appeared. This innovation arose with the adoption of the Law of Ukraine "On Electronic Digital Signature"   (full entry into force took place on November 7, 2018).

A qualified electronic signature is an improved electronic signature that is created using a qualified electronic signature tool and is based on a qualified public key certificate ( clause 23, article 1 of the Law of Ukraine "On Electronic Trust Services" ).

Means of a qualified electronic signature or seal - a hardware-software or hardware device or software that implements cryptographic algorithms for generating key pairs and/or creating a qualified electronic signature or seal, and/or verifying a qualified electronic signature or seal, and/or storing a private key a qualified electronic signature or seal that meets the requirements of this Law ( clause 17 of Article 1 of the Law of Ukraine "On Electronic Trust Services" ).

Protected carrier of personal keys - a means of a qualified electronic signature or seal, which is intended for storing a personal key and has built-in hardware and software tools that ensure the protection of data recorded on it from unauthorized access, direct familiarization with the value of the parameters of personal keys and their copying ( para. 2 of the Procedure for using electronic trust services in state authorities, local self-government bodies, state-owned enterprises, institutions and organizations, approved by Resolution of the Cabinet of Ministers of Ukraine dated September 19, 2018 No. 749).

The protected carrier of private keys is the protected carrier of information (token) that is used to store the KEP.

In other words, the medium is not a medium. The carrier of a qualified electronic signature/seal is a token with a microprocessor (when inserted into a computer, the token is not displayed as a flash drive, it is "seen" only by the program that is used to sign files), and the KEP tool is a software and hardware complex that has a qualified provider for generating (creating) keys and certificates.

For reference, from the Wikipedia resource, a token (also a hardware token, a USB key, a cryptographic token) is a compact device designed to ensure the user's information security, it is also used to identify its owner, secure remote access to information resources, etc. Usually, this a physical device used to facilitate authentication.

The token outwardly resembles a USB device (flash drive) or a smart card (a plastic card with a chip), but in the classical sense it is not an information carrier. In its essence, a token (protected information medium) is a hardware and software tool of the KEP, a cryptographic processor that performs the role of signing documents.

From the analysis of Art. 17 of the Law of Ukraine "On Electronic Trust Services" and Clause 4 of the Procedure for the Use of Electronic Trust Services in State Power Bodies, Local Self-Government Bodies, State-Owned Enterprises, Institutions and Organizations, approved by Resolution No. 749 of the Cabinet of Ministers of Ukraine dated September 19, 2018 , that for now the obligation to use protected media in their activities is entrusted to state authorities, local self-government bodies, state-owned enterprises, institutions and organizations, state registrars, notaries and other entities authorized by the state to perform the functions of a state registrar.

As for the private sector , in accordance with paragraph 2, clause 1 of the CMU resolution "On the implementation of an experimental project to ensure the possibility of using improved electronic signatures and seals based on qualified public key certificates" dated March 3, 2020 No. 193, the obligation the mandatory use of KEP on a secure medium is provided for from March 5, 2022, but only after the regulation of the use of advanced electronic signatures and seals based on qualified public key certificates by the Law of Ukraine "On Electronic Trust Services" .

Register on the InstaDoc website and use the convenient electronic document management system. Add counterparties, choose a template and sign the right document right now!

Date of publication: 17.01.2022

Speak for search
Done