Re: [Cryptography] New Encryption Standard of the Russian Federation GOST Grasshopper

3 Jan 2015

      -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Five things

1) Please publish suggested guid(es) here in Russian and English for
how people should install and maintain Gnupg - gpg - seems like after
many years that program is not getting the support it needs - so here
is the fundraiser link again for it.  (Look at all the payment methods!)
https://www.wauland.de/en/donation.html#61

Some suggestions are in English here at only the most basic level and
not dealing with any complexities, but I suggest people start talking
about standards for how to reply to lists and forums as well as how to
communicate amongst each other just one on one for example:
https://securityinabox.org/thunderbird_main
http://futureboy.us/pgp.html#GettingStarted
http://www.g-loaded.eu/2010/11/01/change-expiration-date-gpg-key/

2) I know someone here will say "off topic" but there is nothing off
topic about having people address what needs to be addressed, like
hopefully getting more people talking about the possibilities of
learning different and better ways of strong (and hopefully easier to
use) crypto.

2.a) if you don't like seeing it here please start new thread, which
is probably a great idea.  If questions about that, please see prior
item, if that does not address the issue of OT, please see item 3 below.

3) You think this is off topic? see number 2.a above.

4) More back OT:  People will use what they want to use no matter
where they are in the world.  There are Russians using Gnupg, but it
would be not a good idea for me to say who I've observed does so.
There are Russians examining this GOST thing.  Russian Federation /
Waasenaar arrangment (a stupid idea meant to appease people who think
that gov't controls on cryptography actually have meaning or purpose)
- - involves import, export, and use.  Anyway, no matter what country
you are in, do what you want, and take care that you are not harmed in
the process, basically.  And this gets back to my push for Gnupg -
gpg.  Using that to the best of one's ability and hopefully
encouraging others to do so is going to be useful in terms of securing
communications in 2015.

Thank you and excuse the longish post.

- -O

grarpamp:
...
On Fri, Jan 2, 2015 at 1:39 PM, ianG  wrote:
...
On 2/01/2015 11:37 am, Eric Filiol wrote:
...
The Russian Federation has recently published (in Russian only)
the tchnical description of its new Encryption Standard. I have
translated the document into English and implemented this 
algorithm in C (under GPLv3). 
http://cvo-lab.blogspot.fr/2015/01/the-new-gost-standard-from-russian.html
...
*Interesting* and it would be very interesting to hear what the real
cryptographers think of the Russian cryptographer's invention!
Good work!
So there are no real Russian cryptos? Umm.
...
fair and open competition) did the net voluntarily swing to AES.
The competition was part of the swing, so was govt's saying 
AES(256) was good for TOP SECRET (not that they use it over their 
own suites), so was it's speed/hardware/simplicity.
...
What do people say?  Should GOST be supported in SSL? Is there
any merit in the "national government mandates" argument?
There are govt laws for what the govt itself will only use. (Are
you going to not sell to and profit from that govt?) There are govt
laws for what the populace will only use. (Are you going to jail
for breaking that ban, or will you bow?) There are paths between
all the laws for what obediant users can use. And rebels will use
whatever they want.
If you personally use crap ciphers, that's your own problem. If you
support (absent force of law) crap ciphers, or more than the best
few in each class such that community has no time to properly
analyze them all, that's a community problem. If you don't resist
crap law, crap ciphers, or the spawning of endless new ciphers of
the month just because, that's a community problem.
- -- 
http://abis.io ~
"a protocol concept to enable decentralization
and expansion of a giving economy, and a new social good"
https://keybase.io/odinn
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJUp0DvAAoJEGxwq/inSG8CxxkIAKAqlg9WlIQIaz6f+IYmxGg7
HDYpH9ZJBEvi2xU5eCHAP9sFoBbDG7KrrLqG3T8cMH3CodpnxKFpoTM1aySNWN+j
R6ljQ2G6Ugjl5cTGZwGTK+rQvYZoyhitX84MKd5wGCeAcQKpxYkxJANA+itRwMhQ
kp+hB0AYBUdm0uAw36Z1pZx5iDhZvMGNJo3BZtNHK8UlENiK2bQwgaX10FKzYgpi
npXFq7MJk9A2uQGh0zxAuc0jkFAGmxOn9QM5F1pO2ipTr7pE+CYA8WcLqkCpo6J9
Su8/xr41uuyDzE/jUndoWOZyhAuhyZ+SgGB2N0CDa9mJgCcqwQzl+0WVypFrddY=
=x3GJ
-----END PGP SIGNATURE-----