IACR News item: 01 April 2012
Journal of Cryptology
Abstract The GOST block cipher is the Russian encryption standard published in 1989. In spite of considerable cryptanalytic efforts
over the past 20 years, a key recovery attack on the full GOST block cipher without any key conditions (e.g., weak keys and
related keys) has not been published yet. In this paper, we show the first single-key attack, which works for all key classes,
on the full GOST block cipher. To begin, we develop a new attack framework called Reflection-Meet-in-the-Middle Attack. This approach combines techniques of the reflection attack and the meet-in-the-middle (MITM) attack. Then we apply it to
the GOST block cipher employing bijective S-boxes. In order to construct the full-round attack, we use additional novel techniques
which are the effective MITM techniques using equivalent keys on a small number of rounds. As a result, a key can be recovered
with a time complexity of 2225 encryptions and 232 known plaintexts. Moreover, we show that our attack is applicable to the full GOST block cipher using any S-boxes, including
non-bijective S-boxes.
- Content Type Journal Article
- Pages 1-18
- DOI 10.1007/s00145-012-9118-5
- Authors
- Takanori Isobe, Sony Corporation, 1-7-1 Konan, Minato-ku, Tokyo, 108-0075 Japan
- Journal Journal of Cryptology
- Online ISSN 1432-1378
- Print ISSN 0933-2790
Additional news items may be found on the IACR news page.