Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at http://www.ucl.ac.uk/finance/research/post_award/post_award_contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
First Differential Attack On Full 32-Round GOST
  • Publication Type:
  • Authors:
    COURTOIS N, Misztal M
  • Publisher:
  • Published proceedings:
    Proceedings of ICICS'11 Thirteenth International Conference on Information and Communications Security, Beijing, China
  • Volume:
  • Series:
    Lecture Notes in Computer Science
  • Status:
  • Name of conference:
    ICICS'11 Thirteenth International Conference on Information and Communications Security
  • Conference place:
    Beijing, China
  • Conference start date:
  • Conference finish date:
  • Keywords:
    Block ciphers, GOST, differential cryptanalysis, sets of differentials, aggregated differentials, iterative differentials
  • Publisher URL:
GOST 28147-89 is a well-known block cipher and the official encryption standard of the Russian Federation. A 256-bit block cipher considered as an alternative for AES-256 and triple DES, having an amazingly low implementation cost and thus increasingly popular and used. Until 2010 researchers have written that: "despite considerable cryptanalytic efforts spent in the past 20 years, GOST is still not broken", and in 2010 it was submitted to ISO 18033 to become a worldwide industrial encryption standard. In 2011 it was suddenly discovered that GOST is insecure on more than one account. There is a variety of recent attacks on GOST. We have reflection attacks, attacks with double reflection, and various attacks which do not use reflections. The final key recovery step in these attacks is in most cases a software algebraic attack and sometimes a Meet-In-The-Middle attack. In this paper we show that GOST is NOT SECURE even against (advanced forms of) differential cryptanalysis (DC). Previously Russian researchers postulated that GOST will be secure against DC for as few as 7 rounds out of 32 and Japanese researchers were already able to break about 13 rounds. In this paper we show a first advanced differential attack faster than brute force on full 32-round GOST.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by