[Cryptography] New Encryption Standard of the Russian Federation GOST Grasshopper
ianG
iang at iang.org
Fri Jan 2 13:39:46 EST 2015
On 2/01/2015 11:37 am, Eric Filiol wrote:
> Hi to all
>
> The Russian Federation has recently published (in Russian only) the
> tchnical description of its new Encryption Standard.
> I have translated the document into English and implemented this
> algorithm in C (under GPLv3).
> For anyone interested, go to
> http://cvo-lab.blogspot.fr/2015/01/the-new-gost-standard-from-russian.html
*Interesting* and it would be very interesting to hear what the real
cryptographers think of the Russian cryptographer's invention! Good work!
Germane also to current applied cryptography debates.
Let me set the scene. Over in IETF they run a WG that is responsible
for a little thing called SSL, now in its TLS 1.3 guise. This protocol
is markedly successful in the marketplace.
It has however some agreed drawbacks, one of which is its 350 or so
(opinions differ) suites or combos for ciphers. Some people defend
that, others say it is too many but choice is important.
In opposition, there are the crazy radicals who call for the one true
cipher suite. One is good enough for all uses, assuming certain things.
One -- just one -- of the arguments defending the 350 suite smorgasbord
approach is that *national governments mandate ciphers* which then have
to be used in protocols. That is, SSL must support GOST else SSL is in
effect banned for the Russian public sector. Approximately, in short.
I call foul. I do not believe that we as an Internet promote the
legislative or standardised suites of any nation. Or should do.
One argument here is that if NIST/NSA were to mandate some algorithm for
any communications, we'd not bow down to them. Only if it is voluntary
would we accept their suggestion, and only because of historical
circumstances (a fair and open competition) did the net voluntarily
swing to AES.
A second argument here is the futility of supporting N suites where N is
the number of government mandates. Nobody cares what the French say.
Nor what the North Koreans say. Why care what the FSB says?
What do people say? Should GOST be supported in SSL? Is there any
merit in the "national government mandates" argument?
iang
ps; this argument as to the number of cipher suites bounces in and out
of the IETF lists from time to time. But I'd also like to stress that
there are people who know stuff that do not participate there. Their
voice can and should be heard.
More information about the cryptography
mailing list