Categories of cryptographic means
|Principal legal acts|
|Obtaining permits for importation of cryptographic means:
Other related services:
What are encryption (cryptographic) means?
Encryption (cryptographic) means (hereafter – ECM) are hardware and software tools, devices and systems that utilize algorithms of cryptographic transformation of information and are intended for protection of information against unauthorized access during its transmission, processing or storage.
Categories of ECM
Cryptographic means are listed in the article 2.19 of annex 2 to the Decision of the Board of the Customs Union Commission No 30 of April 21, 2015. However, according to the Regulation notification can only be registered for those pertinent to one (or some) of the twelve categories. These categories are listed and explained in the table below.
|Number of category||Description||Comments|
|1||Products that include encryption (cryptographic) means that contain any of the following:
||EMC falls into this category if the length of the cryptographic key is short (56 bits).
Using short cryptographic key is easier to implement but insecure.
|2||Products that include encryption (cryptographic) means and have the following restricted functions:
||Password-protected, key or token protected products.
Authentication implies confirmation of identity of entered password or other key data to the information stored in the device’s memory.
|3||Encryption (cryptographic) means included in software operating systems, cryptographic functions of which cannot be altered by users, designed to be installed by users themselves without significant further manufacturer’s support and technical specification (description of cryptographic transformation algorithms, interaction protocols, declarations of interfaces, etc.) for which is freely available to the users.||This category includes software operating systems and products using them.
|4||Personal smart cards:
||Personal smart cards are plastic cards with a microchip embedded. Most smart cards have a microprocessor and an operational system that controls the device and access to the data stored in the device’s memory.
|5||Receivers for radio broadcasting, commercial TV or similar commercial equipment for broadcasting to limited audience without encryption of the digital signal, with exception of encryption being used only for video and audio channels management, delivery of invoices or sending the information related to the program back to the broadcast provider.||This category includes radio, TV and IPTV signal receiving products that are also intended for providing access to pay TV and radio channels.
|6||Equipment with cryptographic capabilities inaccessible to user that is purposely designed and restricted for use in any of the following ways:
||Any device or storage media capable of cryptographic copy protection or digital rights management (DRM).
|7||Encryption (cryptographic) equipment purposely designed for and restricted to use for banking or financial operations.
Note. Financial operations include transport fees and credit.
|Examples: cash machines (ATMs), points-of-sale, terminals, etc.
Note: bank cards fall into category No 4.
|8||Portable or mobile civil radio-electronic devices (for example, designed for use in civil commercial cellular radio communication) not capable of end-to-end encryption (user-to-user).||This category includes cellphones (and other cellular devices, e.g. tables, some laptops, modes etc.) that use GSM, GPRS, EDGE, UMTS, LTE and other cellular standards, as well as certain radio sets.
The main requirement is lack of end-to-end encryption capacity, so that communication between users is possible only through a retransmitting device that decrypts (and re-encrypts) the data.
|9||Wireless radio-electronic equipment encrypting information only in radio channel with maximum range of wireless coverage less than 400m without amplification and retransmission according to manufacturer’s specifications.||This category includes radio-electronic devices with short range of wireless coverage that use encryption to protect the transmitted information.
Namely, these wireless technologies fall into this category: Wi-Fi, Bluetooth, NFC. It is worth noting that cellular standards (GSM, etc.) fall into category No 8.
|10||Encryption (cryptographic) means used for protection of technological channels of information and telecommunication systems and communication networks.||This category includes special network devices that perform certain management and service functions. These devices may use encryption to securely receive network administrator commands and protect provided information about network state and configuration.
|11||Products with cryptographic functions blocked by the manufacturer.||Any product may be included in this category provided that some (or all) cryptographic capabilities are permanently disabled by the manufacturer and are not accessible to the end user.|
|12||Other products that contain encryption (cryptographic) means different from those described in clauses 1-11 of this list that:
||Products with cryptographic function not listed above.
Requirements of this category must be met and be verifiable, e.g.:
FSS performs thorough check of the product and its documentation and usually prolongates registration period to do that.
- Notification for importation of cryptographic devices
- FSS notification
- 2.19. Encryption (cryptographic) means
- Regulation on Notification
IFCG Encyclopedia is an open knowledge base intended to help EAEU importers and experts in international trade.
Particularly, we can obtain FSS Notification for importation of goods with cryptographic abilities.
We also provide other services related to importation of electronic goods: