The Secret Structure of the S-Box of Streebog, Kuznechik and Stribob
نویسندگان
چکیده
The last hash function and block cipher standardized by the Russian standardization body (GOST) both use the same S-Box. It is also used by an independent CAESAR candidate. This transformation is only specified as a look up table and the reason behind its choice is unknown. We managed to reverse-engineer this S-Box and describe its unpublished structure. Our decomposition allows a much more efficient hardware implementation but the choice of the components used is puzzling from a cryptographic perspective. This extended abstract does not explain how we found this decomposition. We will describe our process in an extended version of this paper.
منابع مشابه
STRIBOB: Authenticated Encryption from GOST R 34.11-2012 LPS Permutation
Authenticated encryption algorithms protect both the confidentiality and integrity of messages in a single processing pass. In this note we show how to utilize the L◦P ◦S transform of the Russian GOST R 34.11-2012 standard hash “Streebog” to build an efficient, lightweight algorithm for Authenticated Encryption with Associated Data (AEAD) via the Sponge construction and BLNK padding. The propos...
متن کاملReverse-Engineering the S-Box of Streebog, Kuznyechik and STRIBOBr1
The Russian Federation’s standardization agency has recently published a hash function called Streebog and a 128-bit block cipher called Kuznyechik. Both of these algorithms use the same 8-bit S-Box but its design rationale was never made public. In this paper, we reverse-engineer this S-Box and reveal its hidden structure. It is based on a sort of 2-round Feistel Network where exclusive-or is ...
متن کاملImpossible Differential Properties of Reduced Round Streebog
In this paper, we investigate the impossible differential properties of the underlying block cipher and compression function of the new cryptographic hashing standard of the Russian federation Streebog. Our differential trail is constructed in such a way that allows us to recover the key of the underlying block cipher by observing input and output pairs of the compression function which utilize...
متن کاملA NEW SECRET SHARING SCHEME ADVERSARY FUZZY STRUCTURE BASED ON AUTOMATA
In this paper,we introduce a new verifiable multi-use multi-secretsharing scheme based on automata and one-way hash function. The scheme has theadversary fuzzy structure and satisfy the following properties:1) The dealer can change the participants and the adversary fuzzy structure without refreshing any participants' real-shadow. 2) The scheme is based on the inversion of weakly invertible fin...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2015 شماره
صفحات -
تاریخ انتشار 2015