Vlad "SATtva" Miller wrote:
From: Ian G
Vlad "SATtva" Miller wrote:
This won't help much unless you also consider specifying GOST R 34.11-94
(based on GOST 28147-89 block cipher) for hash function and GOST R
34.19-2001
(based on elliptic curves) for digital signature. These are the
only permitted
algorithms for banking/government use in Russia.
Do they specify a public key encryption
algorithm?
Ok, here are results of my research on that matter. There in no
government-proposed public key encryption in Russia as there was no sex in the
USSR. :) For symmetric encryption and MACs GOSTs 28147-89 and R 34.11-94 are
being used, but as to the session key generation from public key certificates
(probably in DH key exchange), there is no such unclassified common specs, and
it's supposed that each implementation needs to be scrutinized in the
certification body (FSB currently, Russian Federal Security Service) on the
individual basis to be approved.
So it would appear that for this to be a viable
project, the ecnryption, the hash, and the digsig
in GOST form would all need to be implemented,
and a secret key exchange method chosen.
Is there a team willing to specify those in OpenPGP
form, and are there two implementations willing
to code them up and do some interop testing?
If that were the case, I suppose we could think
in terms of pencilling in the numbers, but I don't
see that there is much point in allocating them
in the draft, given our emphasis on cleaning out
cruft rather than adding it in.
I still think it's a worthwhile project to encourage
though. Perhaps the users could consider using
OpenPGP in non-standard modes while waiting
for the implementations...
( Hal, what did you think of the triple GOST idea?
Are three ghosts scarier than one? ;)
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/