Courtois, Nicolas T;
Gawinecki, Jerzy A;
Song, Guangyan;
(2012)
Contradiction Immunity and Guess-Then-Determine Attacks on Gost.
Tatra Mountains Mathematical Publications
, 53
(1)
65 - 79.
10.2478/v10127-012-0039-3.
Preview |
Text
0114113604CuGaSo.pdf Download (286kB) |
Abstract
GOST is a well-known government standard cipher. Since 2011 several academic attacks on GOST have been found. Most of these attacks start by a so called “Complexity Reduction” step [Courtois Cryptologia 2012] the purpose of which is to reduce the problem of breaking the full 32-round GOST to a low-data complexity attack on a reduced-round GOST. These reductions can be viewed as optimisation problems which seek to maximize the number of values inside the cipher determined at given “cost” in terms of guessing other values. In this paper we look at similar combinatorial optimisation questions BUT at the lower level, inside reduced round versions of GOST. We introduce a key fundamental notion of Contradiction Immunity of a block cipher. A low value translates to working software attacks on GOST with a SAT solver. A high value will be mandatory for any block cipher to be secure. We provide some upper bounds for the Contradiction Immunity of GOST.
Type: | Article |
---|---|
Title: | Contradiction Immunity and Guess-Then-Determine Attacks on Gost |
Location: | Slovakia |
Open access status: | An open access version is available from UCL Discovery |
DOI: | 10.2478/v10127-012-0039-3 |
Publisher version: | http://dx.doi.org/10.2478/v10127-012-0039-3 |
Language: | English |
Additional information: | This is an Open Access article distributed under Degruyter licence agreement, which permits use, distribution, and reproduction in any medium, provided that that reuse is restricted to non-commercial purposes, i.e. research or educational use, and the original work is properly cited (https://creativecommons.org/licenses/by-nc-nd/4.0/). |
Keywords: | Block ciphers, cryptanalysis, GOST, DES, low-data complexity attacks, guess-then-determine, meet in the middle, combinatorial optimization, SAT Solvers |
UCL classification: | UCL UCL > Provost and Vice Provost Offices UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
URI: | https://discovery.ucl.ac.uk/id/eprint/1395015 |
Archive Staff Only
View Item |