[Cryptography] New Encryption Standard of the Russian Federation GOST Grasshopper
beldmit at gmail.com
Sat Jan 3 05:31:15 EST 2015
I try to respond. I'm one of persons who provided the implementation of
GOST to openssl in ssl.
On Fri, Jan 2, 2015 at 9:39 PM, ianG <iang at iang.org> wrote:
> On 2/01/2015 11:37 am, Eric Filiol wrote:
>> Hi to all
>> The Russian Federation has recently published (in Russian only) the
>> tchnical description of its new Encryption Standard.
>> I have translated the document into English and implemented this
>> algorithm in C (under GPLv3).
>> For anyone interested, go to
> *Interesting* and it would be very interesting to hear what the real
> cryptographers think of the Russian cryptographer's invention! Good work!
> One -- just one -- of the arguments defending the 350 suite smorgasbord
> approach is that *national governments mandate ciphers* which then have to
> be used in protocols. That is, SSL must support GOST else SSL is in effect
> banned for the Russian public sector. Approximately, in short.
No. The TLS will not be banned. It will not be regarded as good-enough
protection for communuications with goverment-related resources.
So in fact the implementors use current specification and use GOST
algorithms for PRF, cipher, MAC and auth. Most all are used according to
specifications, though sometimes there are some specific changes which are
to be hard-coded.
> I call foul. I do not believe that we as an Internet promote the
> legislative or standardised suites of any nation. Or should do.
> One argument here is that if NIST/NSA were to mandate some algorithm for
> any communications, we'd not bow down to them. Only if it is voluntary
> would we accept their suggestion, and only because of historical
> circumstances (a fair and open competition) did the net voluntarily swing
> to AES.
> A second argument here is the futility of supporting N suites where N is
> the number of government mandates. Nobody cares what the French say. Nor
> what the North Koreans say. Why care what the FSB says?
> What do people say? Should GOST be supported in SSL? Is there any merit
> in the "national government mandates" argument?
In most cases the IANA registry is a solution good enough for solving this
SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography