Jon Callas wrote:
Recently, I've been asked about adding GOST as a cipher into OpenPGP.
It's needed in Russia and parts of Eastern Europe, where they use it in
banking and government applications.
This won't help much unless you also consider specifying GOST R 34.11-94
(based on GOST 28147-89 block cipher) for hash function and GOST R 34.19-2001
(based on elliptic curves) for digital signature. These are the only permitted
algorithms for banking/government use in Russia. Don't know about other
Eastern Eaurope countries policies, though.
Ian G wrote:
It would however be a nuisance if it was "rushed in"
only to find out later that it is ... not quite right. I
gather there are rather a lot of options behind the
simple 'GOST' word? Is this the algorithm where
the S-Boxes aren't specified in the standard?
Nope, the GOST S-boxes are specified directly in russian GOST (Government
Standard) 28147-89.
Vladislav "SATtva" Miller
"PGP in Russia" project leader
http://www.pgpru.com