New government-decreed Internet cryptography, Russian style
24 May '17
Browser developers in Russia will soon be obligated to use Russian cryptography solutions, Firrma.ru reported.
A draft government decree leaked to the press designates the year 2021 as the deadline for most of the players in Russia’s IT market to start using domestic cryptography solutions. For secure web connection, U.S.-originating security certificates are currently used—and could be revoked with a new wave of sanctions against this country.
Today, more than 60% of Internet traffic from Russia and back to Russia comes through foreign countries. This poses risks, as encrypted data could be illicitly accessed, InfoWatch president Natalia Kasperskaya believes.
Dmitry Belyavsky, a lead developer at the Internet Technical Center in Russia, is skeptical about the move. He thinks the introduction of domestic cryptography protocols will require several man-years, and breaking into browsers and email services with a closed source code may take even more time. Mr. Belyavsky believes Russia must participate in the process of Internet protocol standardization to make it possible for Russian cryptography means to join the pool of global standards.