From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 28 Nov 1995 04:12:19 +0800
To: cypherpunks@toad.com
Subject: Re: GOST for sale
Message-ID: <199511271952.LAA26668@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 03:43 AM 11/24/95 +0100, Mats Bergstrom <asgaard@sos.sll.se> wrote:
>According to a short article in a Swedish newspaper (DN)
>with the title 'Spy Code of KGB can make computers safe', 
>JETICO INC., located in Finland (Tammerfors), introduced
>a new crypto system on the world market last week. It's 
>based on GOST, the Russian federal standard algorithm.
>This product, called BestCrypt, is implemented at least
>partly in hardware. Alledgedly it uses 'GOST 28147-89',
>whatever that stands for.
>
>GOST is probably very secure - a huge keyspace (256 bits) and
>KGB would not have left a trapdoor for NSA to take advantage
>of, would they?

>From what I've read of GOST, it's really a family of cyphers with
different sets of S-boxes - routine military gets one set, top secret
gets another, civilian govt another, etc.  Aside from possible
differences in security level for the S-boxes, one motivation is
that you can't take civilian govt decryptors and use them to read
or forge top secret military crypto, etc.  If this is correct,
then some sets of S-boxes probably do have trapdoors (at least
susceptibility to differential cryptanalysis_; how good are the
ones that Jetico is selling, what credentials do they have to
convince us their cryptanalysis is good enough, and why are they
doing parts of it in hardware?
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281