Geodesic
Meet-in-the-middle attacks on reduced-round GOST
Matematičeskie voprosy kriptografii, Tome 5 (2014) no. 2, pp. 117-125 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

The block cipher GOST (GOST 28147-89) is a Russian standard for encryption and message authentication that is included in OpenSSL 1.0.0. In this paper, we present meet-in-the-middle attacks on several block ciphers, each consisting of 22 or fewer rounds of GOST. Our $22$-round attack on rounds 10–31 requires only 5 known plaintexts and a computational effort equivalent to testing about $2^{223}$ keys for a success probability of $1-2^{-65}$. This attack is the best (going by the number of rounds) low data complexity key-recovery attack on GOST. 
@article{MVK_2014_5_2_a13,
     author = {G. Sekar and N. Mouha and B. Preneel},
     title = {Meet-in-the-middle attacks on reduced-round {GOST}},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {117--125},
     year = {2014},
     volume = {5},
     number = {2},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/MVK_2014_5_2_a13/}
}
TY  - JOUR
AU  - G. Sekar
AU  - N. Mouha
AU  - B. Preneel
TI  - Meet-in-the-middle attacks on reduced-round GOST
JO  - Matematičeskie voprosy kriptografii
PY  - 2014
SP  - 117
EP  - 125
VL  - 5
IS  - 2
UR  - http://geodesic.mathdoc.fr/item/MVK_2014_5_2_a13/
LA  - en
ID  - MVK_2014_5_2_a13
ER  - 
%0 Journal Article
%A G. Sekar
%A N. Mouha
%A B. Preneel
%T Meet-in-the-middle attacks on reduced-round GOST
%J Matematičeskie voprosy kriptografii
%D 2014
%P 117-125
%V 5
%N 2
%U http://geodesic.mathdoc.fr/item/MVK_2014_5_2_a13/
%G en
%F MVK_2014_5_2_a13
G. Sekar; N. Mouha; B. Preneel. Meet-in-the-middle attacks on reduced-round GOST. Matematičeskie voprosy kriptografii, Tome 5 (2014) no. 2, pp. 117-125. http://geodesic.mathdoc.fr/item/MVK_2014_5_2_a13/

[1] Pieprzyk J., Tombak L., Soviet Encryption Algorithm, , 1994 http://freeworld.thc.org/root/phun/stego-challenge/gost-spec.pdf

[2] OpenSSL Software Foundation OpenSSL version 1.0.0, , 2010 http://www.openssl.org/

[3] National Institute of Standards and Technology FIPS PUB 46-3: Data Encryption Standard (DES), 1999, Supersedes FIPS 46-2

[4] Isobe T., “A single-key attack on the full GOST block cipher”, FSE, Lect. Notes Comput. Sci., 6733, 2011, 290–305 | DOI | MR

[5] Seki H., Kaneko T., “Differential cryptanalysis of reduced rounds of GOST”, Selected areas in cryptography, Lect. Notes Comput. Sci., 2012, 2005, 315–323 | DOI | MR

[6] Biham E., Dunkelman O., Keller N., “Improved Slide Attacks”, FSE, Lect. Notes Comput. Sci., 4593, 2007, 153–166 | DOI | Zbl

[7] Kara O., “Reflection cryptanalysis of some ciphers”, INDOCRYPT, Lect. Notes Comput. Sci., 5365, 2008, 294–307 | DOI | MR | Zbl

[8] Dinur I., Dunkelman O., Shamir A., Improved attacks on full GOST, Cryptology ePrint Archive, Report 2011/558, http://eprint.iacr.org/

[9] Sekar G., Mouha N., Velichkov V., Preneel B., “Meet-in-the-middle attacks on reduced-round XTEA”, CT-RSA, Lect. Notes Comput. Sci., 6558, 2011, 250–267 | DOI | MR | Zbl

[10] Shannon C. E., “Communication theory of secrecy systems”, Bell System Technical Journal, 28 (1949), 656–715 | DOI | MR | Zbl

[11] Biryukov A., Wagner D., “Advanced slide attacks”, EUROCRYPT, Lect. Notes Comput. Sci., 1807, 2000, 589–606 | DOI

[12] Saarinen M.-J., A chosen key attack against the secret S-boxes of GOST, , 1998 http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.41.5532