RESEARCH INSTITUTE OF TECHNICAL INFORMATION SECURITY - Main scientific and technological subdivisions

Navigation:

Home

ABOUT ENTERPRISE

Main scientific and technological subdivisions

Правые баннеры (en)

Products

HARDWARE-SOFTWARE IP ENCRYPTION DEVICE FOR PROCESSING INFORMATION OF LIMITED DISRIBUTION "REKA"

HARDWARE-SOFTWARE IP ENCRYPTION DEVICE

FOR PROCESSING INFORMATION OF LIMITED DISRIBUTION "REKA"

DEVICE PURPOSE

It is intended for cryptographic protection of information exchange between local networks or/and separate stations interacting under IP through data networks.

PROVIDES

connection on joints of Ethernet of the IEEE 802.3 (10/100 Mbit\s) to protected LAN and to a network equipment of a transport network on copper or optical cables;
cryptographic protection of IP packets by method of complete encapsulation; (protocol IPsec Encapsulating Security Payload);
the transparent automatic encryption/decryption of information on the encryption algorithm: GOST 28147-89, STB 34.101.31-2011, AES256;
aggregated encryption speed of 200 Mbps;
integrity control of data packets – protection against falsified data entry protection in accordance with GOST 28147-89, STB 34.101.31-2011, SHA256;
key system – a fully-connected key matrix with individual keys on each direction of exchange;
generation and recording of keys for networking using a random number sensor (based on a physical noise source) on AT88SC25616C type contact cards or CD;
checking the integrity of the cryptomodule software using the STB 34.101.31-2011 algorithm (with the possibility of replacing the algorithm);
simultaneous network operation up to 1000 IP encoders (ensuring simultaneous operation of up to 1000 virtual channels);
work through NAT;
monitoring the operation of the IP encoder on the PC connected to the control port of the IP encoder;
protection against unauthorized access when opening the case;
offline audit logging;
round-the-clock unattended work.

Access to the control functions of the IP encryptor is implemented using password protection.

The block body of the IP encryptor unit is designed to be installed on a standard 19” rack of 1U equipment (a set of installation parts is included in delivery).

On the front panel of the IP encryptor are controls and display, key input interface.

On the rear panel of the case there are 2 (two) interfaces for connecting a local network, a global network and an interface of an external remote warning device (rack-mount alarm).

The body of the product has a lid with a sealing device to limit the interface access for connecting the key information carrier.

OPERATIONAL CONDITIONS

temperature range from + 5 to + 40 ºС at relative humidity of 80% at 25 ºС;
power supply from the AC mains voltage from 90 to 260 V, frequency from 47 to 63 Hz;
power consumption no more than 15 W.

Operational features – a static IP address is required from the address space of the data network of the Internet provider.

PACKAGE CONTENTS

IP encryptor unit with U1 overall dimensions according to IEC 60297 3 101-2004;
software bundle (supplied on CD);
a set of contact smart cards such as AT88SC25616C;
operational documentation (supplied on a CD);
a set of spare parts and accessories;
a set of mounting parts for installation in a 19"rack;
packaging.

IP ENCRYPTOR TYPICAL APPLICATION SCHEME

Certificate of Conformity № BY/112 02.01.036 00126

SET OF MEASURING ANTENNAS

SET OF MEASURING ANTENNAS

Set of measuring antennas is designed to measure the intesity of sine, noise and pulse electric fields of interferences, side electromagnetic radiation in the laboratory rooms, shield chambers and in open areas with measuring receivers, spectrum analyzers, and selective microvoltmeters.

Structure:

measuring magnetic antenna;
electrical measuring antenna;
current transformer;
matching adapter;
set of connecting cables;
tripod.

Main technical characteristics:

frequency range - 100-20,000 Hz;
sensibility:

measuring magnetic antenna, uA*m ^-1Hz ^-0,5 1,5;

electrical measuring antenna, uA*m^-1Hz^-0,5 50;

current transformer, uV/mA 180;

connection of measuring transducers to the of measuring receivers with an input resistance of 50 ohms and a connector of type CP 56 262 C 4.82.

AUTOMATED MEASURING SYSTEM BASED ON GTEM-CAMERA

AUTOMATED MEASURING SYSTEM BASED ON GTEM-CHAMBER

GTEM-camera is designed for the measurement of side alectromagnetic radiation of different products in wide frequency range (9 kHz to 1 GHz and higher) under condirions simulating free space and providing protection from impact of external electromagnetic fields, which is virtually impossible to provide on test sites or anechoic chambers of other types.

Technical specifications GTEM-camera:

operating range of GTEM-camera fron 0,009 to 1,000 MHz (expandable);
shielding effectiveness GTEM-camera, dB - 60;
stading wave ratio Ku - 1.2;
wave resistance, Ohms - 50;
working area GTEM-camera, m - 1.2x1.2x1.0;
overall dimensions, m 8.0x4.0x3.0;
weight of GTEM-camera, kg - not more than 1940.

Complex structure:

GTEM-camera;
radar-absorbing material;
spectrum analyzer ("Rohde & Schwarz" or "Agilent Technologies");
managing personal computer;
monitor of CCTV system;
video camera;
rotating platform;
remote control of rotating platform;
filter unit;
scanning resceiver;
source of the acoustic test signal.

CARRIER OF KEY INFORMATION

CARRIER OF KEY INFORMATION

Purpose:

Carrier of key information (CKI) is used to identify and authenticate users on the public key certificates and other cryptographic operations.

Main parameters and characteristic:

CKI provides for the following functions:

self-test when switching on electric power supply;
calculation and verification of electronic digital signature (EDS), according to STB 1176.2, STB P 34.101.45;
calculation of hash value according to STB 34.101.31;
random number generation in accordance with STB 34.101.47 based on hardware random number generator sequences;
generation of hash values of the private key of digital signature and encryption for the generation of session (one-off) keys of EDS and encryption under scheme of Diffie-Hellman;
encruption/decryption of information in accordance with STB 34.101.31;
encruption/decryption of information in accordance with GOST 28147.

Data exchange between the CKI and the computer (HC or server) is done through the USB interface using the application programming interface PKCS11.

CKI has the following operational characteristics:

average time between failures - not less than 10000 h;
average service life - at least 3 years;
average storage time 9from the date of manufacture before commissioning0 - at least 18 months when stored according to requirements.

Comformity certificate: № BY/112 03.03.030 03053

OPTICAL MODEM AT-3011

OPTICAL MODEM AT-3011

Optical Modem AT-3011 is desingned to organize one of the primary digital channel E12 (E1) or unframed digital stream at a rate of 2048 kbit/s througt a pair of optical fiber (transmit/receive). Electrical Interface E12 (E1) corresponds to GOST 26886 and Rec. MSEC-T G.703. Line Coding - HDB-3.

Technical characteristics:

running time - not less than 24 h;
time of going into operating mode after switching on - not less than 10 sec;
operation conditions:

operating temperature range - from +5 to +40o_C;

relative humidity at +25⁰C - to 85%;

atmospheric pressure - 750+40 Mmhg;

electric power supply - ~220V/50 Hz (using network adapter);
power intake - not more than 2,5 W;
weight - not more than 0,4 kg (with network adapter);
overall dimensions - 134x68x30 mm;
power of light output - not less than minus 5 dBm;
error rate not more than 10-10 at a power level of the input optical signal - minus 30 dBm;
operating wavelength semiconductor laser radiation - 1310 Nm (from 1263 to 1360 Nm);
type of connector of optical junction - duplex LC;
joint connection type E12 (E1) - DB-9F;
joint linear code E12 (E1) - HDB-3.