GOST 34.10 - A brief overview of Russia's DSA

GOST 34.10 is Russia’s DSA. Just as it’s U.S. counterpart, GOST is an ElGamal like signature scheme used in Schnorr mode. It is close to NIST DSA in many aspects. In our paper we will first overview GOST 34.10 and discuss the three main differences between the two algorithms. – GOST’s principal design criterion doesn’t seem to be computational efficiency: The algorithm is 1.6 times slower than the DSA and produces 512 bit signatures. This is mainly due to the usage of the modulus q which is at least 255 bit long. During verification, modular inverses are computed by exponentiation (while the Extended Euclidean algorithm is roughly 100 times faster for this parameter size) and the generation of the public parameters is much more complicate than in the DSA. This choice of the parameters makes GOST 34.10 very secure. – GOST signers don’t have to generate modular inverses as the basic signature equation is s = xr+mk (mod q) instead of s := (m+xr)/k (mod q). – GOST’s hash function (the Russian equivalent of the SHA) is the standard GOST 34.11 which uses the block cipher GOST 28147 (partially classified) as a building block. The hash function will be briefly described.