I am developing a product that would use GOST for encrypting data streams. This is mostly beacuse its design and simplicity hold considerable aesthetic value, atleast for me. Most of the related text I have read indicates that some SBOX sets can be cryptographically weak, and its a good idea to use SBOX data as key data instead. Pointers? -- Powell lingered. "How's Earth?" It was a conventional enough question and Muller gave the conventional answer, "Still spinning." -- "Reason", Asimov. ================================================================== Vipul Ved Prakash | - Electronic Security & Crypto vipul@best.com | - Web Objects 91 11 2233328 | - PERL Development 198 Madhuban IP Extension | - Linux & Open Systems Delhi, INDIA 110 092 | - Networked Virtual Spaces
At 07:50 PM 10/13/1997 +0000, Vipul Ved Prakash wrote:
I am developing a product that would use GOST for encrypting data streams. This is mostly because its design and simplicity hold considerable aesthetic value, at least for me.
Most of the related text I have read indicates that some SBOX sets can be cryptographically weak, and its a good idea to use SBOX data as key data instead. Pointers?
S-box structure is one of the critical issues in designing Feistel-type networks; if you understand the mathematics very very well, you can do it yourself, and if you don't, then you don't understand it well enough to be sure the S-boxes are secure enough, and thus you shouldn't be selling it to customers. An advantage of GOST for the Soviets was that they could use the same code, with different sets of S-boxes for the military, civilian government, and other applications, and the KGB could easily read things they wanted easily read but the things that needed to be harder to read were hard. Thanks! Bill Bill Stewart, stewarts@ix.netcom.com Regular Key PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Bill Stewart wrote:
S-box structure is one of the critical issues in designing Feistel-type networks; if you understand the mathematics very very well, you can do it yourself, and if you don't, then you don't understand it well enough to be sure the S-boxes are secure enough, and thus you shouldn't be selling it to customers.
Thanks, I shall look up Feistel-type networks. Nope, I don't understand the mathematics very very well, and that's why I asked. While I haven't seen the official GOST specs but all the reference I could find indicates that GOST specs don't discuss the process of generating SBOX permutations and GOST sboxes are not mathematically understood. Regarding the developer's ethical responsibilities with experimental technology I rather have the consumer decide (and of course document the limitations). Thanks, Vipul -- Powell lingered. "How's Earth?" It was a conventional enough question and Muller gave the conventional answer, "Still spinning." -- "Reason", Asimov. ================================================================== Vipul Ved Prakash | - Electronic Security & Crypto vipul@best.com | - Web Objects 91 11 2233328 | - PERL Development 198 Madhuban IP Extension | - Linux & Open Systems Delhi, INDIA 110 092 | - Networked Virtual Spaces
participants (2)
-
Bill Stewart -
Vipul Ved Prakash