Purchase software in the boxed version, as a rule, requires the user to visit the store or, at a minimum, meet with the courier. The convenience of acquiring electronic licenses lies primarily in the fact that you do not need to go anywhere. You can buy a license in the distributor's online store, and after a while, all necessary instructions and the key itself. The advantages of this method of distributing software products are obvious: a purchase can be made at any time of the day or night, and the order is placed in exactly the same way as when buying any other product in an online store.

The difference between boxed versions and electronic

When buying a program in a box, the user receives a physical medium with the product distribution kit (usually a CD or ) and activation keys - printed either on paper or on a special sticker. In the case of purchasing an electronic key, the user receives by mail a key generated by the manufacturer; it can be either a file with special permission or simple code. In this case, the product distribution package can simply be downloaded from the Internet: either from the vendor's website or from the digital distributor's server. Usually the seller sends a download link in the same email as the key itself. It goes without saying that programs installed from a boxed distribution or downloaded from the Internet are no different at all.

License and renewal

Purchasing an anti-virus electronic key or purchasing a boxed version of the program means that the product's anti-virus databases can be updated during the entire license term. It is very easy to make sure that the purchased one is genuine: if the antivirus, the distribution kit of which was downloaded from the manufacturer's website, accepts the key, everything is in order.

As a rule, antivirus licenses are for one year, after which the user will be prompted to purchase a license renewal. The purchase process is practically the same as the initial purchase. Some vendors, however, may ask you to provide a previous license key for the product. It is also often possible to purchase an electronic license renewal key even if the software was originally purchased "in a box".

Price

This is perhaps the most significant difference between the electronic key and the boxed version. Due to the fact that the boxed version contains a physical media with a distribution kit and, often, Additional materials(instructions, etc.), its price can be noticeably higher than when buying an electronic key. This is not surprising: the manufacturer does not have to spend money on printing boxes, disks and printed materials, does not need to rent a warehouse, does not need to deliver goods to Retail Stores. It is quite logical that for getting rid of all these worries, he is ready to provide a significant discount.

Introduction.

Educational questions (main part):

1. General information about electronic keys.

2. Diode keys.

3. Transistor keys

Conclusion

Literature:

L.15 Bystrov Yu.A., Mironenko I.V. Electronic circuits and devices, -M: graduate School. 1989 - 287s. With. 138-152,

L.19 Brammer Yu.A., Pashchuk A.V. Pulse and digital devices. - M.: Higher school, 1999, 351 p. With. 68-81

L21. F. Opadchy, O.P. Gludkin, A.I. Gurov "Analog and digital electronics", M. - Hot line - Telecom, 2000 p. 370-414

Educational and material support:

Lecture text Introduction

It is known that to ensure the operation of pulsed devices and obtain pulsed oscillations, it is necessary to switch a nonlinear element (close, open).

Such a mode of operation of a non-linear element is called a key, and the device, which includes this non-linear element, is called an electronic key.

1. General information about electronic keys.

Electronic key called a device that, under the influence of control signals, switches electrical circuits contactless way.

Assignment of electronic keys.

The definition itself contains the purpose of “Turning on - off”, “Closing - opening” of passive and active elements, power supplies, etc.

Classification of electronic keys.

Electronic keys are classified according to the following main features:

By type of switching element:

• transistor;

  trinistor, dinistor;

  electrovacuum;

  gas-filled (thyratron, tigatron);

  optocouplers.

According to the method of switching on the switching element in relation to the load.

serial keys;

Rice. 1

parallel keys.

Rice. 2

By way of management.

with an external control signal (external in relation to the switched signal);

without an external control signal (the switched signal itself is the control signal).

By the type of the switched signal.

voltage keys;

current keys.

By the nature of the input and output voltage drops.

repeating;

Rice. 3

inverting.

Rice. 4

By the state of the electronic key in the open position.

saturated (electronic key is open until saturation);

unsaturated (electronic key is in open mode).

By the number of inputs.

single input;

Rice. 5

multi-input.

Rice. 6

Device of electronic keys.

The electronic key usually includes the following main elements:

directly non-linear element (switching element);

The principle of operation of the electronic key.

Rice. 7

Let's consider the principle of operation using the example of an ideal key.

On the image:

1. U in - voltage that controls the operation of the key;

   R is the resistance in the power circuit;

   E - supply voltage (switched voltage).

In the on state (the SA key is closed), the output voltage U out =0 (the resistance R of a closed ideal key is equal to zero).

In the off state (the key SA is open), the voltage at the output U o = E (the resistance R of an open ideal key is equal to infinity).

Such an ideal switch produces a complete opening and closing of the circuit, so that the voltage drop at the output is equal to E.

However, the real electronic key is far from ideal.

Rice. 8

It has a finite resistance in the closed state -R on deputy, and in the open state - R off at once. Those. R on lock >0, R off at once<. Следовательно, в замкнутом состоянии U вых =U ост >0 (the rest of the voltage drops on the key).

In the open state U out

Thus, for the electronic key to work, it is necessary to fulfill the condition R off at once >> R incl. deputy .

Main characteristics of electronic keys.

transfer characteristic.

This is the dependence of the output voltage U out on the input U in: U out \u003d f (U in).

If there is no external control signal, then U o =f(E).

Such characteristics show how close the electronic key is to the ideal one.

The speed of the electronic key - the switching time of the electronic key.

Open resistance R off at once and closed resistance R on vice.

Residual voltage U rest.

Threshold voltage, i.e. voltage when the resistance of the electronic key changes dramatically.

Sensitivity - the minimum signal drop, which results in uninterrupted switching of the electronic key.

Noise immunity - the sensitivity of the electronic key to the effects of interference pulses.

Voltage drop on the electronic key in the open state.

Leakage current in closed state.

Application of electronic keys.

Electronic keys are used:

In the simplest schemes of pulse formation.

To build the main types of logic elements and basic pulse devices.

Thus, electronic keys are devices that carry out switching in a non-contact way.

Where is the door

Problems of protecting software from piracy or protecting data from unauthorized copying inevitably arise all over the world, causing a lot of trouble for software manufacturers and custodians of confidential data. Naturally, the solution of these problems is not complete without additional inconvenience caused to ordinary users. Currently, all methods of protecting software or data can be divided into two main groups:

• protection using various hardware keys (miniature devices inserted into serial, parallel, USB ports, PCMCIA slots, special readers, etc.);
• protection through various software keys and data encryption.

One of the most effective and convenient methods of protection is the use of hardware keys - small microelectronic devices, without which the program will not start and the data will not be decrypted.

The principle of operation of systems that use hardware security keys (at least outwardly) is approximately the same: the program accesses a certain device and in response receives a code that allows it to run a particular function or decrypt data. In the absence of a key, the program either does not function at all, or works in demo mode (any functionality is disabled, data cannot be read, etc.). In addition, such a device may itself contain non-volatile memory in which data or code fragments are stored.

You can work with electronic "stubs" both locally and in the network version. When using a network key, there is no need to set local keys for each workplace. Licensing in this case is carried out with one key from the software server that processes requests from protected applications. For example, if a dongle and a driver serving it are installed on the server (it is convenient to register a small program that serves the dongle in Windows NT/2000/XP as a service that starts at boot, and in Windows 95/98/Me as a resident program), then any remote the program can request a license from the server and continue working only if it is received. The number of licenses for each key can be specially set, and depending on the number of simultaneously running copies the purchased program is designed for, it will either start or not. At the same time, the distribution of licenses, as a rule, is carried out according to a simple principle: “one computer - one license”. This means that if several copies of the application are running on a particular computer, then only one license will be allocated for this. Thus, there is a restriction on the number of workplaces from which simultaneous use of the program is possible.

The undoubted advantages of this method of protection include its simplicity and reliability. In addition, such protection will immediately scare away inexperienced users from unauthorized actions. The disadvantage of such a system is the need to install special drivers for the dongle along with the program, while the key itself should be protected and, if necessary, carried with you. In addition, an additional restriction on this type of protection may be imposed by the presence or absence of the necessary port or smart card reader, as well as possible hardware problems with interaction with other devices that use the same port for their work.

Naturally, you should protect your program or data in this way only if their cost (or intangible value) is comparable to the price of a hardware protection key (even the most primitive such key for a parallel port costs about $10).

In addition, the truth of life is such that, in principle, it is not necessary to talk about absolute protection with any approach. And in order for the application to be impossible to hack, it would be necessary to completely exclude any access to it. Therefore, the degree of protection must be adequate to the threat. As common sense suggests, the more difficult it is to access an application or data, the less convenient it is to work with it. A well-designed security system is able to withstand hacking at the level to which it can be exposed, and no more.

What is an electronic key

A dongle is a device designed to protect programs and data from unauthorized use, copying and replication. It is, as a rule, a small microelectronic device that has two connectors: one of them is designed to connect to a parallel or serial port on a computer, and the other is used to connect a printer, modem, or other devices that work with this port. In this case, the key should not affect the operation of the port and should be completely “transparent” for devices connected through it (that is, it should not interfere with their normal operation). There are, however, other types of keys for different ports and in different designs (internal, external, in the form of a key fob, in the form of a PCMCIA or smart card, etc.). The keys can work in cascade, when several keys, including different types, are connected to the same port at the same time. The key-to-port communication protocol is typically dynamically modified, encoded, and "noisy" to protect against emulation.

Many modern types keys are equipped with electrically programmable non-volatile memory. Usually the dongle has no built-in power supply, is completely passive and retains the information written to it when disconnected from the computer. However, modifications with a built-in clock and an autonomous battery are possible, which allows building various models for selling, renting, leasing and licensing protected software. The intellectual and physical capabilities of the key are largely determined by the base on which the key is made.

Based on the hardware base, modern keys can be divided into the following types:

• using non-volatile electrically reprogrammable memory (EEPROM) chips;
• built on custom ASIC (Application Specific Integrated Circuit) configurations;
• using chips with or without memory;
• built on the basis of full-featured microprocessors (microcontrollers).

According to their external design, the most popular keys are produced in the form of key fobs for connecting to USB ports.

Additional information on the design and operation of security keys can be found on the Russian Web site (http://www.aladdin.ru/) of Aladdin Knowledge Systems (http://www.aks.com/) - the developer of the HASP security system.

Software and Data Protection

How can you protect an application with a dongle?

Such a key can provide several levels and ways of protecting the program and data. The simplest method is automatic protection, when a key is bound to ready-made programs using a special utility in just a few mouse clicks. However, the auto-defense module embedded in the program cannot form a single whole with it, so there is a danger that a hacker will be able to separate the auto-defense module and the application.

More sophisticated methods are based on the use of a specialized API supplied by dongle manufacturers to protected software developers. The functions of this API are designed to perform various operations on the interaction of the program with the dongle: searching for the required code, reading/writing the dongle memory, running dongle hardware algorithms, and converting application code and data with their help.

For additional control over software distribution, electronic keys provide storage unique numbers- this can be both a user registration number and a software version number. Moreover, the protection system can be built in such a way that only those applications whose version numbers do not exceed the value recorded in the key can work with this key, and with the help of remote programming, new information can be written into this field, which will ensure updating only legal, registered users.

In addition, keys can impose all sorts of restrictions on the use of protected applications, as a result of which it is possible to limit the time of use of programs or data, as well as the number of launches of an application or module. To do this, a special counter is organized in the dongle's memory, the value of which can decrease either at certain time intervals or at each application start. In this way it is possible to supply demo or limited application versions, and as payment is made or the terms of the contract change, remove restrictions through remote programming of keys.

Http://glasha.zap.to/ HASP key emulators are offered to everyone).

So if we are talking about software, to fight piracy it is much more effective to establish a good service technical support, and keep secret data in a safe ...

ComputerPress 3 "2002

(Software) and data from copying, illegal use and unauthorized distribution.

Modern electronic keys

The principle of operation of electronic keys. The key is attached to a specific computer interface. Further, the protected program sends information to it through a special driver, which is processed in accordance with the specified algorithm and returned back. If the answer of the key is correct, then the program continues its work. Otherwise, it can perform developer-defined actions, such as switching to demo mode, blocking access to certain functions.

There are special keys capable of licensing (limiting the number of copies of the program running on the network) a protected application over the network. In this case, one key is enough for the entire local network. The key is installed on any workstation or network server. Protected applications access the dongle over the local network. The advantage is that in order to work with the application within the local network, they do not need to carry a dongle with them.

On Russian market The following product lines are best known (in alphabetical order): CodeMeter from WIBU-SYSTEMS, Guardant from Aktiv, HASP from Aladdin, LOCK from Astroma Ltd., Rockey from Feitian, SenseLock from Seculab, etc.

Story

Protecting software from unlicensed use increases the developer's profit. To date, there are several approaches to solving this problem. The vast majority of software developers use various software modules that control user access using activation keys, serial numbers, etc. Such protection is a cheap solution and cannot claim to be reliable. The Internet is replete with programs that allow you to illegally generate an activation key (key generators) or block a request for a serial number / activation key (patches, cracks). In addition, do not neglect the fact that the legal user himself can make public his serial number.

These obvious shortcomings led to the creation of hardware software protection in the form of an electronic key. It is known that the first electronic keys (that is, hardware devices for protecting software from illegal copying) appeared in the early 1980s, however, for obvious reasons, it is very difficult to establish primacy in the idea and direct creation of the device.

Software protection with an electronic key

Software Development Kit

Dongles are classified as hardware-based software protection methods, but modern dongles are often defined as multiplatform hardware-software tool systems for software protection. The fact is that in addition to the key itself, companies that issue electronic keys provide an SDK (Software Developer Kit - a software development kit). The SDK includes everything you need to start using the presented technology in your own software products- development tools, complete technical documentation, support for various operating systems, detailed examples, code snippets, automatic protection tools. The SDK may also include demo keys for building test projects.

Protection Technology

The technology of protection against unauthorized use of software is based on the implementation of requests from an executable file or a dynamic library to a key with subsequent receipt and, if necessary, analysis of the response. Here are some typical queries:

• checking the presence of a key connection;
• key reading needed by the program data as a startup parameter (used mainly only when searching for a suitable key, but not for protection);
• a request for decryption of data or executable code necessary for the operation of the program, encrypted during program protection (allows for "comparison with the standard"; in the case of code encryption, execution of undecrypted code leads to an error);
• a request to decrypt data previously encrypted by the program itself (allows you to send different requests to the key each time and, thus, protect yourself from emulation of the API libraries / the key itself)
• checking the integrity of the executable code by comparing its current checksum with the original checksum read from the key (for example, by executing the digital signature of the code or other transmitted data by the key algorithm and checking this digital signature within the application; since the digital signature is always different - a feature of the cryptographic algorithm - this also helps to protect against API/key emulation);
• a request to the real-time clock built into the dongle (if any; can be performed automatically when the operating time of the hardware algorithms of the dongle is limited by its internal timer);
• etc.

It is worth noting that some modern keys (Guardant Code from Aktiv Company, LOCK from Astroma Ltd., Rockey6 Smart from Feitian, Senselock from Seculab) allow the developer to store their own algorithms or even separate parts of the application code (for example, developer-specific algorithms that receive at the entrance big number parameters) and perform them in the key on his own microprocessor. In addition to protecting software from illegal use, this approach allows you to protect the algorithm used in the program from being studied, cloned and used in its applications by competitors. However, for a simple algorithm (and developers often make the mistake of choosing an insufficiently complex algorithm to load), cryptanalysis can be performed using the "black box" analysis method.

As follows from the above, the "heart" of the electronic key is the conversion algorithm (cryptographic or other). In modern dongles, it is implemented in hardware - this practically excludes the creation of a full key emulator, since the encryption key is never transmitted to the dongle output, which excludes the possibility of its interception.

The encryption algorithm can be secret or public. Secret algorithms are developed by the manufacturer of protective equipment, including individually for each customer. The main disadvantage of using such algorithms is the impossibility of assessing cryptographic strength. It was only possible to say with certainty how reliable the algorithm was after the fact: whether it was hacked or not. A public algorithm, or “open source”, has incomparably greater cryptographic strength. Such algorithms are not tested by random people, but by a number of experts who specialize in the analysis of cryptography. Examples of such algorithms are the widely used GOST 28147-89, AES, RSA, Elgamal, etc.

Protection with automatic means

For most families of hardware dongles, automatic tools (included in the SDK) have been developed that allow you to protect the program "with a few mouse clicks". In this case, the application file is "wrapped" in the developer's own code. The functionality implemented by this code varies depending on the manufacturer, but most often the code checks for the presence of a key, controls the license policy (set by the software vendor), implements a mechanism to protect the executable file from debugging and decompilation (for example, compressing the executable file), etc.

The important thing is that you do not need access to the application's source code to use the automatic protection tool. For example, when localizing foreign products (when there is no possibility of interfering with the source code of the software), such a protection mechanism is indispensable, but it does not allow realize and use the full potential of electronic keys and implement flexible and individual protection.

Implementing Security with API Functions

In addition to using automatic protection, the software developer is given the opportunity to independently develop protection by integrating the protection system into the application at the source code level. To do this, the SDK includes libraries for various programming languages ​​that contain a description of the API functionality for this key. The API is a set of functions designed to exchange data between the application, the system driver (and the server in the case of network dongles), and the dongle itself. API functions provide various operations with the key: searching, reading and writing memory, encrypting and decrypting data using hardware algorithms, licensing network software, etc.

skillful application this method provides a high level of application security. It is rather difficult to neutralize the protection built into the application due to its uniqueness and “fuzziness” in the body of the program. In itself, the need to study and modify the executable code of a protected application in order to bypass protection is a serious obstacle to breaking it. Therefore, the task of the security developer, first of all, is to protect against possible automated hacking methods by implementing their own protection using the key management API.

Security bypass

There was no information about the full emulation of modern Guardant dongles. Existing table emulators are only implemented for specific applications. The possibility of their creation was due to non-use (or illiterate use) of the main functionality of electronic keys by protection developers.

There is also no information about full or at least partial emulation of LOCK keys, or about any other ways to bypass this protection.

Hacking a software module

An attacker examines the logic of the program itself in order to, after analyzing the entire application code, isolate the protection block and deactivate it. Breaking programs is done by debugging (or stepping), decompiling, and dumping main memory. These methods of analyzing the executable code of a program are most often used by attackers in combination.

Debugging is carried out using a special program - a debugger, which allows you to execute any application step by step, emulating the operating environment for it. important function debugger is the ability to install stopping points (or conditions) code execution. Using them, it is easier for an attacker to track the places in the code where accesses to the key are implemented (for example, execution stops on a message like "Key is missing! Check for the presence of the key in the USB interface").

Disassembly- a way to convert the code of executable modules into a human-readable programming language - Assembler. In this case, the attacker gets a printout (listing) of what the application is doing.

Decompilation- converting the application's executable module into program code in the language high level and getting a representation of the application close to the source code. It can only be done for some programming languages ​​(in particular, for .NET applications created in C# and distributed in bytecode, a relatively high-level interpreted language).

The essence of the attack memory dump is to read the contents of RAM at the moment when the application started to execute normally. As a result, the attacker receives the working code (or the part of interest to him) in "pure form" (if, for example, the application code was encrypted and is only partially decrypted during the execution of one or another section). The main thing for an attacker is to choose the right moment.

Note that there are many ways to counteract debugging, and security developers use them: non-linear code, (multithreading), non-deterministic execution sequence, code “littering” (useless functions that perform complex operations in order to confuse an attacker), using the imperfections of the debuggers themselves, and others

Hello! In this article we will talk about electronic digital signature.

Today you will learn:

1. What is an EDS and in what areas can it be applied;
2. On the legal force of a signature of this format;
3. About the benefits that its presence provides.

EDS has been a tool for some time, thanks to which the movement of documentation is simplified. And this happens not only within the company, but also outside it. How to become its owner, consider today.

EDS - what is it in simple words

Everyone knows that any document is signed by a person who has such authority. This is done in order to give the document legal force. Thanks to modern technologies, the entire workflow goes into electronic form. And it turned out to be extremely convenient!

What is EDS in simple terms?

EDS – this is an analogy to a conventional signature, which is used to give legal effect to documentation located on an electronic medium.

It is usually stored on a flash drive.

Advantages:

1. Simplifies and speeds up the process of data exchange (when there is cooperation with foreign companies);
2. Reducing the costs associated with document management;
3. Increasing the level of security for information of a commercial nature.

Terms related to EDS

Two other concepts are closely related to this concept: key And certificate electronic signature .The certificate confirms that the ES belongs to a specific person. It is strong and ordinary. An enhanced certificate is issued either by a certification authority or by the FSB.

The key is the characters in the sequence. They are usually used in pairs. The first is the signature itself, the other confirms that it is genuine. To sign each newly created document, a new key is generated.

The information that is received at the CA is not a digital signature, it is a means to create it.

A bit of history

The first EPs began to be used in Russia in 1994. And the law to regulate their use was adopted in 2002. It was extremely vague and ambiguous in its terminology. The issue of obtaining a signature was also practically not covered in it.

Starting from 2011 on electronic document management have crossed state structures. And all officials received an EDS.

In 2012, this process took on a global scale, and thanks to this, we can now become the owners of universal modern signatures.

How to get an electronic digital signature

Consider a situation in which a person has evaluated all the advantages of this tool and a decision has been made to obtain an EDS. So, the question arose: what needs to be done for this? Let's talk about this in more detail.

To obtain an electronic digital signature, you need to go through several important steps:

• Decide on the type of signature;
• Select a certification authority;
• Fill out an application;
• Pay the invoice;
• Collect required package documentation;
• Get an EDS.

Now we will discuss each step in detail.

Step 1. Choose the type of signature that best suits you.

Over the past period of time, the number of those who want to receive an enhanced electronic signature has increased. This is due to the fact that it can confirm not only the identity of the sender of the document, but is also protected to the maximum. According to a number of experts, simple EDS will soon cease to exist completely.

Let's present in the form of a table in which areas they are used different kinds signatures.

Step 2 Select a certification authority.

If you need to get an EDS in order to submit reports, choose a qualified one, but if you just keep a document flow, then a simple one.

Let us clarify that the CA is a legal entity, the purpose of which is the formation and issuance of an EDS.

In addition, the UC carries out the following activities:

• Verifies that the signature is valid;
• If necessary, blocks the EDS;
• Acts as a mediator if a conflict situation suddenly arises;
• Provides technical support;
• Provides required software to clients.

There are about 100 UTs in the Russian Federation. It is better to choose the one that suits your location and capabilities. You can first check if there are any in your city. It's easy to do: just look at the information on the official website.

Step 3. Making an application.

To do this, either visit the office of the center, or fill it out online. The remote method allows you to avoid a personal visit to the CA, that is, save a certain amount of time.

As soon as the submission of the application is completed, the CA specialist contacts the client to clarify the data specified in it. You can ask questions and get advice.

Step 4. We pay.

You will have to pay for the service in advance. As soon as the application is accepted, all the details are agreed, the client is billed. The cost may vary, as it depends on the region where the client lives, on the company itself and on what kind of EDS you want to receive.

Moreover, the price range is quite large - from 1500 to 8000 rubles.

Documents for EDS

When collecting documents, an important nuance is the following: EDS is needed for individual, EDS for a legal entity or for an individual entrepreneur. Therefore, we will characterize the documentation separately.

To obtain a signature, individuals must collect the following set of documentation:

• Completed application form;
• Passport with photocopy;
• SNILS;
• Receipt confirming the payment of the invoice.

If the recipient has confidant, it can handle the filing of documents. The only thing you need is a power of attorney to perform such actions.

Legal entities need to prepare:

• Completed application;
• Certificate of OGRN;
• Certificate of TIN;
• (not overdue);
• Passport with a copy of the person who will use the EDS;
• Payment receipt;
• SNILS of the person who will use the EDS;
• If the signature will be used by the director, an order must be provided on the basis of which he holds this position;
• For other employees, powers of attorney are required so that they can use the EDS.

IP provide:

• Completed application;
• Certificate of OGRNIP;
• Certificate of TIN;
• An extract from the register of entrepreneurs, which is not more than 6 months old (a copy is possible);
• Receipt confirming payment.

If the application was submitted remotely, required documents sent to the CA by mail, if personally, then along with the application.

Electronic signature for individuals

For individuals, there are 2 types of signatures: qualified and unqualified. The procedure for obtaining, when compared with legal entities, is much simpler.

Individuals usually use ES to sign certain papers.

Currently, such systems have been developed for its application, such as:

• Unified portal of public services;
• ESIA network, for various information.

Enough for ESIA simple type ES, but for the portal of public services, a qualified one is used.

To obtain an EDS, a citizen also applies to the CA, with all the documents and an application. You also need to have a flash drive with you, on which the private part of the key, known only to the owner, will be written.

The procedure looks like this:

• Apply to the CA for a certificate and to obtain an EDS key;
• Choose a password;
• Filling out forms for obtaining keys;
• Submission of all documents;
• Obtaining a certificate for keys.

Electronic signature for legal entities

The receipt algorithm is practically the same as obtaining a signature by an individual. In the same way, a CA is selected, all the necessary documents are collected, and the invoice is paid. The only thing to remember is that the extract from the Unified State Register of Legal Entities must be received on time, since the process of its preparation takes about 5 days.

Hash function: why you need it

hash function is a unique number that is obtained from the document by converting it using an algorithm.

It has an increased sensitivity to various kinds of distortions of the document, if at least one character in the original document changes, most of the characters of the hash value will be distorted.

The hash function is designed in such a way that it is impossible to restore the original document by its value, and it is also impossible to find 2 different electronic documents, which have the same hash value.

To form an EDS, the sender calculates the hash function of the document and encrypts it using a secret key.

talking in simple words, it is designed to facilitate the exchange of data between users. This key tool for data protection.

The file being signed goes through the hashing process. And the recipient will be able to verify the authenticity of the document.

Legal force of EDS

An EDS has the same legal force as an ordinary signature in a paper version of a document, if it was applied without violations. If deviations were found, the document is not valid. The state regulates the process of using EDS by Federal law.

EDS validity period

The EDS is valid for 12 months from the day it was received. As soon as this period ends, it is extended or another one is received.

Summing up. EDS use brings the greatest benefit large companies and businesses. Thanks to it, the document flow becomes cheaper, wide horizons for business open up.

It is also beneficial for ordinary citizens to have it. No need to stand in lines, order the state. services without leaving home. EDS is a modern, convenient and profitable tool.