GOST

From The ECRYPT Hash Function Website

Jump to: navigation, search

Contents

1 Specification

  • digest size: 256 bits
  • compression function: 256-bit message block, 256-bit chaining variable
  • Specification:


2 Cryptanalysis

2.1 Best Known Results

The best collision attack on GOST was published by Mendel et al. It has complexity of 2105 compression function evaluations. The best preimage and second preimage attack has complexity of 2192 compression function evaluations.


2.2 Generic Attacks


2.3 Collision Attacks

Florian Mendel, Norbert Pramstaller, Christian Rechberger, Marcin Kontak, Janusz Szmidt - Cryptanalysis of the GOST Hash Function
In Proceedings of CRYPTO, LNCS 5157, pp. 162-178, Springer, 2008
[Electronic Edition] [Bibtex]
Author : Florian Mendel, Norbert Pramstaller, Christian Rechberger, Marcin Kontak, Janusz Szmidt
Title : Cryptanalysis of the GOST Hash Function
In : In Proceedings of CRYPTO -
[Abstract]

2.4 Second Preimage Attacks


2.5 Preimage Attacks

Florian Mendel, Norbert Pramstaller, Christian Rechberger - A (Second) Preimage Attack on the GOST Hash Function
In Proceedings of FSE, LNCS 5086, pp. 224-234, Springer, 2008
[Electronic Edition] [Bibtex]
Author : Florian Mendel, Norbert Pramstaller, Christian Rechberger
Title : A (Second) Preimage Attack on the GOST Hash Function
In : In Proceedings of FSE -
[Abstract]

2.6 Others

Praveen Gauravaram, John Kelsey - Linear-XOR and Additive Checksums Don't Protect Damg{\aa}rd-Merkle Hashes from Generic Attacks
In Proceedings of CT-RSA, LNCS 4964, pp. 36-51, Springer, 2008
[Electronic Edition] [Bibtex]
Author : Praveen Gauravaram, John Kelsey
Title : Linear-XOR and Additive Checksums Don't Protect Damg{\aa}rd-Merkle Hashes from Generic Attacks
In : In Proceedings of CT-RSA -
[Abstract]
Personal tools