Contradiction immunity and guess-then-determine attacks on GOST

Rok, strany: 2012, 65 - 79

GOST is a well-known government standard cipher. Since 2011 several academic attacks on GOST have been found. Most of these attacks start by a so called ``Complexity Reduction'' step [Courtois Cryptologia 2012] the purpose of which is to reduce the problem of breaking the full 32-round GOST to a low-data complexity attack on a reduced-round GOST. These reductions can be viewed as optimisation problems which seek to maximize the number of values inside the cipher determined at given ``cost'' in terms of guessing other values. In this paper we look at similar combinatorial optimisation questions BUT at the lower level, inside reduced round versions of GOST. \par We introduce a key fundamental notion of Contradiction Immunity of a block cipher. A low value translates to working software attacks on GOST with a SAT solver. A high value will be mandatory for any block cipher to be secure. We provide some upper bounds for the Contradiction Immunity of GOST.

ISO 690:

Courtois, N., Gawinecki, J., Song, G. 2012. Contradiction immunity and guess-then-determine attacks on GOST. In Tatra Mountains Mathematical Publications, vol. 53, no.3, pp. 65-79. 1210-3195.

APA:

Courtois, N., Gawinecki, J., Song, G. (2012). Contradiction immunity and guess-then-determine attacks on GOST. Tatra Mountains Mathematical Publications, 53(3), 65-79. 1210-3195.