Support for outdated versions of CryptoPro CSP 4.0 officially ended in January 2026.
From April 1, the Federal Tax Service of Russia is transitioning to the use of new standards for cryptographic information protection — GOST 34.12-2018 and GOST 34.13-2018. Support for encryption algorithms according to GOST 28147-89 is being discontinued.
The agency emphasized that the new security standards, stipulated by the legislation on electronic signatures, are only supported by modern FSB-certified cryptographic protection software and hardware key carriers.
Encryption according to GOST 34.12-2018 and GOST 34.13-2018 is possible using hardware cryptographic mechanisms of an active key carrier (PKCS#11 format), as well as with the help of cryptographic protection software, for example, CryptoPro CSP version 5.0 R2 and higher (a less secure scenario for working with an electronic signature).
To implement encryption using hardware mechanisms and the use of non-extractable electronic signature keys, it is necessary to use "Rutoken" EDS version 3.0 and higher. If the private key is written on "Rutoken" EDS 2.0, it will not meet the new security requirements. The Federal Tax Service emphasized:
To ensure the possibility of uninterrupted submission of reports to tax authorities, as well as the exchange of documents with counterparties, it is necessary to check in advance the version of CryptoPro CSP installed on your work computer, as well as the model of your USB token. If the version of CryptoPro CSP is lower than 5.0, update the program. If you are using Rutoken EDS 2.0 in non-extractable key mode, you need to replace the active key carrier with a new one.
