An Improved Differential Attack on Full GOST

Courtois, Nicolas T.

doi:10.1007/978-3-662-49301-4_18

Cited by 18 publications

(34 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At first sight, this attack has only limited interest. However, a large number of very good attacks have been discovered, and more than half of them use this reflection property [12], sometimes two, three, or four times [7].…”

Section: Attacks With Symmetric Fixed Pointsmentioning

confidence: 99%

“…In one sense, we revisit this attack from [15], and propose very important variants which are based on highly non-trivial facts that are somewhat impossible to expect from [15]. We are going to deduce them from other major results on GOST [7,[9][10][11]24], even though it is safe to say that nobody would expect that these attacks could be related in any way.…”

Section: Attacks With Symmetric Fixed Pointsmentioning

confidence: 99%

“…We consider the following standard situation that has been introduced [11] and further studied in [7,[9][10][11]. Let D ¼ 0x80700700 which mask has seven active bits out of 32.…”

Section: Truncated Differential Cryptanalysis Of Gostmentioning

confidence: 99%

“…Numerous recent works have tried to understand, evaluate, and improve the resistance of GOST against differential cryptanalysis, in view of the standardization of GOST [1,17,22]. At the same time, in 2011-2012, many improved differential attacks on GOST were found, allowing finally to break full 32-round GOST faster than by brute force, see [7,[9][10][11]. We also exploit these properties in this article.…”

Section: Introductionmentioning

confidence: 97%

See 3 more Smart Citations

On Multiple Symmetric Fixed Points in GOST

Courtois¹

2015

Cryptologia

View full text Add to dashboard Cite

In this article the author revisits the oldest attack on GOST known, the Kara Reflection attack, and another totally unrelated truncated differential attack by Courtois and Misztal. It is hard to imagine that there could be any relationship between two so remote attacks which have nothing in common. However, there is one: Very surprisingly, both properties can be combined and lead the fastest attack on GOST ever found, which is nearly feasible to execute in practice.

show abstract

Section: Attacks With Symmetric Fixed Pointsmentioning

confidence: 99%

Section: Attacks With Symmetric Fixed Pointsmentioning

confidence: 99%

“…We consider the following standard situation that has been introduced [11] and further studied in [7,[9][10][11]. Let D ¼ 0x80700700 which mask has seven active bits out of 32.…”

Section: Truncated Differential Cryptanalysis Of Gostmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 97%

See 2 more Smart Citations

On Multiple Symmetric Fixed Points in GOST

Courtois¹

2015

Cryptologia

View full text Add to dashboard Cite

show abstract

“…Since 2011, some 50 distinct attacks on GOST faster than brute force have been proposed [12,14] and a few other, including advanced differential attacks [12,13,[17][18][19]34]. This is particularly interesting because differential cryptanalysis (DC) is one of the oldest classical attacks on modern ciphers.…”

Section: Introductionmentioning

confidence: 99%

Can GOST Be Made Secure Against Differential Cryptanalysis?

Courtois¹,

Mourouzis

Misztal

et al. 2015

Cryptologia

Self Cite

View full text Add to dashboard Cite

GOST is a well-known Russian government standard block cipher which was submitted to ISO in 2010 to become an international standard. A number of advanced differential attacks on GOST have been proposed including the best known single-key attack on GOST to date in 2 179 [14]. This attack, however, was designed for the oldest known set of GOST S-boxes hoping that similar attacks should exist for other versions of GOST. This claim was bitterly disputed by Russian researchers as recently as July 2012, who stated that ''S-boxes heavily affect security'' and ''with 'good' S-boxes the attack fails'' [32].Nothing can be more mistaken. In this article, the authors review 40 years of development of block ciphers in order to resist differential attacks. They study all ten known sets of GOST S-boxes. It appears that the choice of S-boxes has a limited effect on the actual security of GOST against advanced differential attacks. There is no evidence that the version of GOST submitted to ISO in 2011 is stronger than any previous version of GOST.

show abstract

Catalog and Illustrative Examples of Lightweight Cryptographic Primitives

Mileva

Dimitrova

Kara

et al. 2021

Security of Ubiquitous Computing Systems

View full text Add to dashboard Cite

The main objective of this chapter is to offer to practitioners, researchers and all interested parties a brief categorized catalog of existing lightweight symmetric primitives with their main cryptographic features, ultimate hardware performance, and existing security analysis, so they can easily compare the ciphers or choose some of them according to their needs. Certain security evaluation issues have been addressed as well. In particular, the reason behind why modern lightweight block cipher designs have in the last decade overwhelmingly dominated stream cipher design is analyzed in terms of security against tradeoff attacks. It turns out that it is possible to design stream ciphers having much smaller internal states.

show abstract

An Improved Differential Attack on Full GOST

Cited by 18 publications

References 25 publications

On Multiple Symmetric Fixed Points in GOST

On Multiple Symmetric Fixed Points in GOST

Can GOST Be Made Secure Against Differential Cryptanalysis?

Catalog and Illustrative Examples of Lightweight Cryptographic Primitives

Contact Info

Product

Resources

About