

Differential Cryptanalysis of GOST [pdf] - tetrep
http://eprint.iacr.org/2011/626.pdf

======
TheLoneWolfling
TL;DR:

> We obtain some 50 distinct attacks faster than brute force on the full
> 32-round GOST and we provide five nearly practical attacks on two major
> 128-bit variants of GOST

------
etep
Usually statements such as "This paper has some serious significance both
scientific and historical." (quoted from the article) are a flag of the exact
opposite.

I would need more context from a more trusted source to inform my own opinion
on this work.

~~~
SAI_Peregrinus
Well, it's a break of the national symmetric encryption cypher of Russia.
Changing standards like that which are used in equipment in the field is
expensive. A LOT of military equipment is going to have to be changed, and if
they're using ASICs as accelerators in it they'll have to change the hardware.
Some of their equipment will use software only, but quite a lot likely
accelerates it with hardware.

So it's certainly of historical importance. It's not often that a math paper
spurs millions of dollars of changes. As for scientific importance, it's a
near-practical break in a well-used cryptosystem. The breaking of DES was a
similar event, and that's considered of scientific importance by the
cryptography community. This isn't quite as strong a break, as building a
cracker would be quite expensive, 2^101 is quite a few operations, but it's
not so far outside the realm of possibility as to be unthinkable.

~~~
oakwhiz
It seems like military equipment could benefit from removable, modular ASICs
or FPGAs designed and programmed specifically for encryption.

~~~
brohee
Are there even tamperproof FPGA?

