Contradiction Immunity and Guess-Then-Determine Attacks on Gost

Nicolas T. Courtois, Jerzy A. Gawinecki, Guangyan Song
2012 Tatra Mountains Mathematical Publications  
GOST is a well-known government standard cipher. Since 2011 several academic attacks on GOST have been found. Most of these attacks start by a so called "Complexity Reduction" step [Courtois Cryptologia 2012] the purpose of which is to reduce the problem of breaking the full 32-round GOST to a low-data complexity attack on a reduced-round GOST. These reductions can be viewed as optimisation problems which seek to maximize the number of values inside the cipher determined at given "cost" in
more » ... of guessing other values. In this paper we look at similar combinatorial optimisation questions BUT at the lower level, inside reduced round versions of GOST. We introduce a key fundamental notion of Contradiction Immunity of a block cipher. A low value translates to working software attacks on GOST with a SAT solver. A high value will be mandatory for any block cipher to be secure. We provide some upper bounds for the Contradiction Immunity of GOST. c 2012 Mathematical Institute, Slovak Academy of Sciences. 2010 M a t h e m a t i c s S u b j e c t C l a s s i f i c a t i o n: 94A60, 68P25, 90C27. K e y w o r d s: block ciphers, cryptanalysis, GOST, DES, low-data complexity, guess-then--determine, meet in the middle, combinatorial optimization, SAT Solvers. Partly supported by the Polish Ministry of Science as a project n0. 0 R00 0111 12 in 2012.
doi:10.2478/v10127-012-0039-3 fatcat:jgjtys6ujncq3fcv5jzsc3qk5q