Abstract
The block cipher GOST 28147-89 was the Russian Federation encryption standard for over 20 years, and is still one of its two standard block ciphers. GOST is a 32-round Feistel construction, whose security benefits from the fact that the S-boxes used in the design are kept secret. In the last 10 years, several attacks on the full 32-round GOST were presented. However, they all assume that the S-boxes are known. When the S-boxes are secret, all published attacks either target a small number of rounds, or apply for small sets of weak keys. In this paper we present the first practical-time attack on GOST with secret S-boxes. The attack works in the related-key model and is faster than all previous attacks in this model which assume that the S-boxes are known. The complexity of the attack is less than 227 encryptions. It was fully verified, and runs in a few seconds on a PC. The attack is based on a novel type of related-key differentials of GOST, inspired by local collisions. Our new technique may be applicable to certain GOST-based hash functions as well. To demonstrate this, we show how to find a collision on a Davies-Meyer construction based on GOST with an arbitrary initial value, in less than 210 hash function evaluations.
Original language | English |
---|---|
Title of host publication | Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings |
Editors | Helena Handschuh, Anna Lysyanskaya |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 177-208 |
Number of pages | 32 |
ISBN (Print) | 9783031385476 |
DOIs | |
State | Published - 2023 |
Event | Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings - Santa Barbara, United States Duration: 20 Aug 2023 → 24 Aug 2023 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 14083 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings |
---|---|
Country/Territory | United States |
City | Santa Barbara |
Period | 20/08/23 → 24/08/23 |
Bibliographical note
Publisher Copyright:© 2023, International Association for Cryptologic Research.
Funding
O. Dunkelman—Supported in part by the Center for Cyber, Law, and Policy in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office and by the Israeli Science Foundation through grants No. 880/18 and 3380/19. N. Keller and A. Weizmann—Supported by the European Research Council under the ERC starting grant agreement n. 757731 (LightCrypt) and by the BIU Center for Research in Applied Cryptography and Cyber Security in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office. A. Weizmann—Supported by the President Scholarship for Ph.D. students at the Bar-Ilan University.
Funders | Funder number |
---|---|
European Commission | 757731 |
Bar-Ilan University | |
Israel Science Foundation | 880/18, 3380/19 |
Keywords
- GOST
- Local collision
- Related-key differential cryptanalysis