applied cryptography - protocols, algorithms, and source code in c

1 initialize first the p array and then the four s

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: er than the fixed S-boxes in DES, their secrecy adds to GOST’s resistance against differential and linear attacks. Also, both of these attacks depend on the number of rounds: the more rounds, the more difficult the attack. GOST has twice as many rounds as DES; this alone probably makes both differential and linear cryptanalysis infeasible. The other parts of GOST are either on par or worse than DES. GOST doesn’t have the same expansion permutation that DES has. Deleting this permutation from DES weakens it by reducing the avalanche effect; it is reasonable to believe that GOST is weaker for not having it. GOST’s use of addition instead is no less secure than DES’s XOR. The greatest difference between them seems to be GOST’s cyclic shift instead of a permutation. The DES permutation increases the avalanche effect. In GOST a change in one input bit affects one S-box in one round, which then affects two S-boxes in the next round, three the round after that, and so on. GOST requires 8 rounds before a single change in an input affects every output bit; DES only requires 5 rounds. This is certainly a weakness. But remember: GOST has 32 rounds to DES’s 16. GOST’s designers tried to achieve a balance between efficiency and security. They modified DES’s basic design to create an algorithm that is better suited for software implementation. They seem to have been less sure of their algorithm’s security, and have tried to compensate by making the key length very large, keeping the S-boxes secret, and doubling the number of iterations. Whether their efforts have resulted in an algorithm more secure than DES remains to be seen. 14.2 CAST CAST was designed in Canada by Carlisle Adams and Stafford Tavares [10,7]. They claim that the name refers to their design procedure and should conjure up images of randomness, but note the authors’ initials. The example CAST algorithm uses a 64-bit block size and a 64-bit key. The structure of CAST should be familiar. The algo...
View Full Document

This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.

Ask a homework question - tutors are online