Geodesic
Key-recovery security of keyed hash functions based on GOST 34.11-2018 (“Streebog”)
Prikladnaya Diskretnaya Matematika. Supplement, no. 16 (2023), pp. 96-98 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

Keyless hash function GOST 34.11-2018 (“Streebog”) is used in many keyed cryptoalgorithms, including HMAC-Streebog and Streebog-K. Using the provable security approach, we obtain the upper bounds on the probability of recovering the secret key for the two algorithms mentioned. We also propose a sandwich-like method of converting “Streebog” to the keyed cryptoalgorithm (conventionally called Streebog-S) without changing the hash function itself. Streebog-S is a secure pseudorandom function and a secure message authentication code. Unlike HMAC-Streebog and Streebog-K, the only key-recovery method for Streebog-S is straightforward guessing. This statement holds under the assumption that the similar is true for the underlying iteratively applied compression function.
Mots-clés : Streebog
Keywords: HMAC, provable security. 
@article{PDMA_2023_16_a23,
     author = {A. M. Sergeev and V. A. Kiryukhin},
     title = {Key-recovery security of keyed hash functions based on {GOST} 34.11-2018 {({\textquotedblleft}Streebog{\textquotedblright})}},
     journal = {Prikladnaya Diskretnaya Matematika. Supplement},
     pages = {96--98},
     year = {2023},
     number = {16},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/PDMA_2023_16_a23/}
}
TY  - JOUR
AU  - A. M. Sergeev
AU  - V. A. Kiryukhin
TI  - Key-recovery security of keyed hash functions based on GOST 34.11-2018 (“Streebog”)
JO  - Prikladnaya Diskretnaya Matematika. Supplement
PY  - 2023
SP  - 96
EP  - 98
IS  - 16
UR  - http://geodesic.mathdoc.fr/item/PDMA_2023_16_a23/
LA  - ru
ID  - PDMA_2023_16_a23
ER  - 
%0 Journal Article
%A A. M. Sergeev
%A V. A. Kiryukhin
%T Key-recovery security of keyed hash functions based on GOST 34.11-2018 (“Streebog”)
%J Prikladnaya Diskretnaya Matematika. Supplement
%D 2023
%P 96-98
%N 16
%U http://geodesic.mathdoc.fr/item/PDMA_2023_16_a23/
%G ru
%F PDMA_2023_16_a23
A. M. Sergeev; V. A. Kiryukhin. Key-recovery security of keyed hash functions based on GOST 34.11-2018 (“Streebog”). Prikladnaya Diskretnaya Matematika. Supplement, no. 16 (2023), pp. 96-98. http://geodesic.mathdoc.fr/item/PDMA_2023_16_a23/

[1] R 50.1.113 2016 — Informatsionnaya tekhnologiya. Kriptograficheskaya zaschita informatsii. Kriptograficheskie algoritmy, soputstvuyuschie primeneniyu algoritmov elektronnoi tsifrovoi podpisi i funktsii kheshirovaniya, Standartinform, M., 2016

[2] Kiryukhin V. A., “Keyed Streebog is a Secure PRF and MAC”, CTCrypt 2022 (June 6–9, Novosibirsk, Russia), 2022 https://eprint.iacr.org/2022/972 | MR | Zbl

[3] Bellare M. and Rogaway P., Introduction to Modern Cryptography, University of California at Davis, 2005 https://web.cs.ucdavis.edu/r̃ogaway/classes/227/spring05/book/main.pdf

[4] Dinur I. and Leurent G., “Improved generic attacks against hash-based MACs and HAIFA”, LNCS, 8616, 2014, 149–168 | MR | Zbl

[5] Yasuda K., ““Sandwich” is indeed secure: How to authenticate a message with just one hashing”, LNCS, 4586, 2007, 355–369 | Zbl

[6] Repozitorii «Klyuchevoi Stribog», https://gitflic.ru/project/vkir/streebog