GOST

1 Specification

• digest size: 256 bits
• compression function: 256-bit message block, 256-bit chaining variable
• Specification:

2 Cryptanalysis

2.1 Best Known Results

2.2 Generic Attacks

• Generic Attacks on the Merkle-Damgaard Construction

2.3 Collision Attacks

Florian Mendel, Norbert Pramstaller, Christian Rechberger, Marcin Kontak, Janusz Szmidt - Cryptanalysis of the GOST Hash Function

CRYPTO 5157:162-178,2008

http://dx.doi.org/10.1007/978-3-540-85174-5_10
Bibtex

Author : Florian Mendel, Norbert Pramstaller, Christian Rechberger, Marcin Kontak, Janusz Szmidt
Title : Cryptanalysis of the GOST Hash Function
In : CRYPTO -
Address :
Date : 2008

2.4 Second Preimage Attacks

2.5 Preimage Attacks

Florian Mendel, Norbert Pramstaller, Christian Rechberger - A (Second) Preimage Attack on the GOST Hash Function

FSE 5086:224-234,2008

http://dx.doi.org/10.1007/978-3-540-71039-4_14
Bibtex

Author : Florian Mendel, Norbert Pramstaller, Christian Rechberger
Title : A (Second) Preimage Attack on the GOST Hash Function
In : FSE -
Address :
Date : 2008

2.6 Others

Praveen Gauravaram, John Kelsey - Linear-XOR and Additive Checksums Don't Protect Damg{\aa}rd-Merkle Hashes from Generic Attacks

CT-RSA 4964:36-51,2008

http://dx.doi.org/10.1007/978-3-540-79263-5_3
Bibtex

Author : Praveen Gauravaram, John Kelsey
Title : Linear-XOR and Additive Checksums Don't Protect Damg{\aa}rd-Merkle Hashes from Generic Attacks
In : CT-RSA -
Address :
Date : 2008