Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at http://www.ucl.ac.uk/finance/research/post_award/post_award_contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
Advanced Differential Cryptanalysis and GOST Cipher
  • Publication Type:
  • Authors:
    Courtois N, Mourouzis T
  • Publisher:
  • Publication date:
  • Pagination:
    1, 6
  • Published proceedings:
    IMA Mathematics in Defence
  • Status:
  • Name of conference:
    3rd IMA Conference on Mathematics in Defence
  • Conference place:
    Malvern, UK
  • Conference start date:
  • Conference finish date:
  • Language:
  • Keywords:
    Block ciphers, GOST, differential cryptanalysis, sets of differentials, truncated differentials, non-linearity, S-boxes
Differential Cryptanalysis (DC) is one of the oldest known attacks on block ciphers and there is no doubt that it has influenced the design of encryption algorithms very deeply, ever since the 1970s. DC is based on tracking of changes in the differences between two messages as they pass through the consecutive rounds of encryption. However DC remains poorly understood. In this paper we survey some of our research on the differential cryptanalysis of GOST. GOST cipher is the official encryption standard of the Russian federation. It has military-grade 256-bit keys and until recently it had a very solid reputation. It is also an exceptionally economical cipher implemented in OpenSSL and by some large banks. In 2010 it was submitted to ISO to become a global industrial standard. In his textbook written in the late 1990s Schneier wrote that against differential cryptanalysis, GOST is “probably stronger than DES”. In fact Knudsen have soon proposed more powerful advanced differential attacks however to this day most people get it wrong. In the most recent survey paper about advanced differential cryptanalysis and specifically in the context of ciphers with small blocks such as GOST, [Albrecht-Leander 2012] we read: “Truncated differentials, [...] in some cases allow to push differential attacks one or two rounds further”. In fact we can gain not 2 but much closer to 20 rounds. For the default set of S-boxes our best differential attack on GOST has complexity of 2^179 which is also the best single key attack on GOST cipher ever found. For other S-boxes the adaptation is possible but not straightforward.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by