Danilo Gligoroski wrote: >> >> Now, 64-bit blocks are much bigger than 4-bit blocks, (and the secret key >> is still 256 bits i.e. much larger than the block size), but the principles >> of the codebook attack are the same.
Marsh Ray wrote: > Hmmm...there's more than proportional exponents going on here. > <snip> > > The key space contains 2^K elements, K = 256 in our examples, while the > set of possible permutations is (2^N)! . Hehe, sure - that is why I said "but the principles are the same", thinking about the same example that you are mentioning: (2^4)! ~ 2^44 << 2^256 and (2^64)! >>>>> 2^256 . But, for all cryptographic operations knowing the complete "random" permutation i.e. the cipher codebook is equivalent as possessing one (or maybe THE one) unknown key without knowing that key. OK - I should correct myself and say, their work (if correct) IS INTERESTING, from the point of view that they are capable to "compress" a random permutation of 2^64 elements produced by GOST-256, into 256 bits (the unknown key) with a complexity of 2^228 operations. 1. From complexity point of view - interesting result, 2. From security point of view - a work with false and bogus claim written in a propaganda style with CAPITAL letters in the abstract: " ... we show that GOST is NOT SECURE ..." dedicated to ISO standardization committee - nothing else. Regards, Danilo! _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
