It is currently 22-10-2017 22:13

The FSB approved the procedure for the collection of encryption keys on the Internet

The FSB approved the procedure for the collection of encryption keys on the Internet

by sigismund » 2016-08-15 11:29:45


In the event of failure to provide the key to decrypt the traffic, the server owner will face a fine of 1 million rubles.


The Federal security service of the Russian Federation approved the procedure for obtaining encryption keys from online services. Recall, along with the signing of the "Spring package" on 7 July of this year, Russian President Vladimir Putin instructed the FSB to approve order of certification of encryption when transmitting messages in the Network and the transmission of encryption keys to authorized body in the sphere of ensuring security of the Russian Federation.

On 12 August, the FSB has registered and published the order № 432 from 19.07.2016 "On approval of the Procedure of submission by the organizers of the dissemination of information in information-telecommunication network "Internet" in the Federal security service of the Russian Federation information required for decoding adopted, transferred, delivered and (or) the processed electronic messages of users of the information-telecommunications network "Internet".

This order establishes the procedure for obtaining encryption keys from the owners of servers and other services. As indicated in the document, the organizer of information dissemination in the Internet provides information for decoding on the basis of a request from the competent authority. The request includes format and address the provision of encryption keys and sent by registered mail with return receipt requested. Information is transmitted on magnetic media (magnetic disks, magnetic tapes, magnetic cards, magnetic drums) by mail or email.

The competent authority of the FSB to receive the encryption keys, approved the Organizational-analytical Department of the Scientific-technical service of FSB of the Russian Federation.

In case of refusal to provide the decryption key for the HTTPS or other encrypted traffic, the server owner will face a fine of 1 million rubles.

Previously to implement the requirements of the "Spring package", the FSB has proposed to use already established on the network service provider system of operative-investigative measures (SORM).
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5