Перевести на русский или украинский.
The system Fortezza for the information protection in the INTERNET

Let us present the some details of the system Fortezza functioning. It is not enough for the users authentication assurance the only their names and passwords, because these parameters may be easily found out. Likewise in the SSL and PCT, in the system Fortezza the total information enciphering also is performing. However, unlike the SLL and PCT, where key length is only 40 bits, here is used key length, as the minimum, 56 bits that corresponds to the standard DBS (Data Encryption Standard). Enciphering algorithm that used in technology Fortezza is known as SKIPJACK. This algorithm meets the Escrowed Encryption Key Standard. SKIPJACK is the block code with the 8 bytes block size and based on symmetric keys (for enciphering and deciphering the same key is using). The enciphering algorithm SKIPJACK in system Fortezza is performed on the specialized cryptographic microprocessor CAPSTONE realized o RISC-technology. Such microprocessors perform the same functions, as microprocessors CLIPPER that used for realization of the algorithm SKIP JACK in the voice (telephone) communication devices.

For the integrity control of the transmitting messages, maintenance of authenticity and impossibility of the authorship denying the technology Fortezza realized the Digital Signature Algorithm (DSA) and hash algorithm Secure Hash Algorithm (SHA-1), corresponded to the standard NITS Digital Signature Standard (DSS).

After the calculation of message hash-function, the 20-byte hash-block is transforming using the algorithm DSA to the 40 bytes length message digital signature. It is necessary to highlight an option DSA to support an information exchange between the users of various network "domains", which can be based on different procedures of keys distribution and certification. At the moment of the technology Fortezza creation there were no governmental or industrial standards of time labels for the digital signature. The additional procedure of the hash-function calculation based on the message hash-block and current time received from a reliable source (for example, crypto-card Fortezza) is applied to "binding" the messages to the time of their creation. It is necessary to notice, that the values P, Q and G used by the algorithm DSA for the signature calculation along with using of the time labels, are common for all systems Fortezza and these numbers are saved in memory by the Fortezza supplier. Because the check of the digital signature in case of the time label using is based on the necessity to synchronize the time sources, and on the calculation of the message delivery time and also because of a number of the other complications, the using of the time labels in technology Fortezza is not obligatory.