IETF Logo Mail Archive

Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Tue, 02 February 2016 19:08 UTC

Return-Path: <prvs=1840752f4a=uri@ll.mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FF6F1B2F8D for <cfrg@ietfa.amsl.com>; Tue, 2 Feb 2016 11:08:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RP_MATCHES_RCVD=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rpm4ItbqGOKC for <cfrg@ietfa.amsl.com>; Tue, 2 Feb 2016 11:08:39 -0800 (PST)
Received: from llmx2.ll.mit.edu (LLMX2.LL.MIT.EDU [129.55.12.48]) by ietfa.amsl.com (Postfix) with ESMTP id 66C2A1B2F92 for <cfrg@irtf.org>; Tue, 2 Feb 2016 11:08:39 -0800 (PST)
Received: from LLE2K10-HUB01.mitll.ad.local (LLE2K10-HUB01.mitll.ad.local) by llmx2.ll.mit.edu (unknown) with ESMTP id u12J8NCd044806; Tue, 2 Feb 2016 14:08:23 -0500
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Watson Ladd <watsonbladd@gmail.com>, Dmitry Belyavsky <beldmit@gmail.com>
Thread-Topic: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik
Thread-Index: AQHRXas+30kDskQEAUONwvQsGzEE458Y7/+AgAB2RYD//7iUgA==
Date: Tue, 02 Feb 2016 19:08:36 +0000
Message-ID: <D2D65F65.266E2%uri@ll.mit.edu>
References: <4A631584-C0F1-4AFC-A51D-155C34415413@isode.com> <D2D64C5B.61B8F%kenny.paterson@rhul.ac.uk> <CADqLbz+b-YQ10d6d5_GHN+r7ETWobQgq+skPyXQSdUGG1dBDqQ@mail.gmail.com> <CACsn0c=ErkJLja7QUbA06V7vH-KPR_MpTcPhPyrKfyV02bxq-w@mail.gmail.com>
In-Reply-To: <CACsn0c=ErkJLja7QUbA06V7vH-KPR_MpTcPhPyrKfyV02bxq-w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.9.151119
x-originating-ip: [172.25.177.51]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha256"; boundary="B_3537266905_134566142"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-02-02_11:, , signatures=0
X-Proofpoint-Spam-Details: rule=inbound_notspam policy=inbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1601100000 definitions=main-1602020308
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/0K7hBv82GL1EkHGIn3xuKZ2VGW0>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, ISE <rfc-ise@rfc-editor.org>
Subject: Re: [Cfrg] RFC 5742 conflict review for draft-dolmatov-kuznyechik
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2016 19:08:42 -0000

>>> >> Is anyone on the CFRG list aware of any cryptanalysis of the block cipher
>>> >> Kuznyechik?
>>> >>
>>> >> I realise it's a relatively new algorithm, although it seems to be a
>>> >> development of previous ciphers from the same stable, but my search
>>> engine
>>> >> of choice only turned up a couple of references.
>>> >>
>>> >> So what's the state-of-the-art here?
>> >
>> > The only reference I know is here:
>> > http://cvo-lab.blogspot.fr/2015/01/the-new-gost-standard-from-russian.html

This is better than nothing, but not by much. ;)

These two works (a paper and a presentation) might be of interest:
https://eprint.iacr.org/2015/812.pdf
http://crypto.2015.rump.cr.yp.to/1ea2c6c01144e0e7f6b14b324c5e4562.pdf

> 
> Why is there no design document comparable to that for Rijndael? Of course
> it's possible to write such a document by computing all differentials, the
> minimum distance of the linear layer, etc, but it seems strange that this
> doesn't exist.

:-)

Still, I think the RFC describing it should be published, to provide
interoperability reference within the IETF protocols for those who need that
algorithm.
Likewise, I’d expect an informational RFC describing Kalyna (Ukrainian
contest winner), which looks somewhat more appealing.

v2.23.0 | Report a Bug | By Email