From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 14 Oct 1997 14:43:58 +0800
To: Vipul Ved Prakash <vipul@best.com>
Subject: Re: GOST
In-Reply-To: <199710131950.TAA00414@fountainhead.net>
Message-ID: <3.0.3.32.19971013233228.006e7940@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



At 07:50 PM 10/13/1997 +0000, Vipul Ved Prakash wrote:
>I am developing a product that would use GOST for encrypting data 
>streams. This is mostly because its design and simplicity hold
>considerable aesthetic value, at least for me. 
>
>Most of the related text I have read indicates
>that some SBOX sets can be cryptographically weak, and
>its a good idea to use SBOX data as key data instead. 
>Pointers? 

S-box structure is one of the critical issues in designing
Feistel-type networks; if you understand the mathematics
very very well, you can do it yourself, and if you don't,
then you don't understand it well enough to be sure
the S-boxes are secure enough, and thus you shouldn't
be selling it to customers.

An advantage of GOST for the Soviets was that they could 
use the same code, with different sets of S-boxes for the
military, civilian government, and other applications,
and the KGB could easily read things they wanted easily read
but the things that needed to be harder to read were hard.

				Thanks!
					Bill
Bill Stewart, stewarts@ix.netcom.com
Regular Key PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639