My apologies for the delay, I had forgotten the draft message.
--------------------------------------------------
From: "Alexander Klimov" <alser...@inbox.ru>
Subject: Attacks against GOST? Was: Protocol Construction
On Sun, 2 Aug 2009, Joseph Ashwood wrote:
> So far, evidence supports the idea that the stereotypical Soviet
> tendency to overdesign might have been a better plan after all,
> because the paranoia about future discoveries and breaks that
> motivated that overdesign is being regularly proven out.
And that is why Kelsey found an attack on GOST
Do you want to say that the GOST (28147-89) block cipher is broken? I
have never heard of an attack against it that is faster than the
exhaustive search.
I just said there are attacks, the situation is open for interpretation
because of the nature of the attacks and the unknown S-box. Kelsey and
Schneier published the first related key attack in 1996, in 1997 Kelsey
enhanced the attack. My point was that the proposed method of boosting
security (increased key size and rounds) does not necessarily correlate to
increased security and since GOST was given as an example of how to do it
"right" the attacks by Kelsey, et al mattered.
By the way, it was not "overdesign" (IMO it is simpler even than DES),
nor it was an example of "the stereotypical Soviet..." According to an
informed source [1], it was specifically made to be not like military
ciphers: its only purpose was to make something for non-military
cryptography that would not betray any Soviet cryptographic know-how
(this is why they chose to do something very similar to DES).
Good to know, I didn't remember that part.
Joe
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
