Michael Dillon wrote:
One of the problems with GOST is its lack of availability of
documentation/specification and the meaning, purpose and
characteristics of algorithm parameters.
A bit of Googling turned up this <http://vsegost.com/Catalog/96/9658.shtml>
with scanned GIFs of ГОСТ Р34.10-1994. There is a link to the other one,
ГОСТ Р34.10-2001 on that page as well. This does seem to document
the parameters.
Is the real problem the lack of English language documentation?
If so, I'm sure that the people who would like to use these algorithms
could arrange for translations of the two documents, and perhaps even
make that an individual submission as an Internet draft.
English translation, I don't believe, is the problem. The following
drafts are the English translations of the [GOST3410] and [GOST3411]
references:
http://tools.ietf.org/html/draft-dolmatov-cryptocom-gost341194-07
http://tools.ietf.org/html/draft-dolmatov-cryptocom-gost34102001-08
http://tools.ietf.org/html/draft-dolmatov-cryptocom-gost2814789-06
Whether and how much the -1994 version is
deprecated is also a complete mystery.
That may be explained by its use in card payment systems. As you may
know if you follow the news, a Cambridge team has just found a HUGE hole
in the UK's chip and pin payment system, but a subtext of that announcement
is that other weaknesses documented in previous years still have not been fixed.
Signature algorithms used in payment systems get embedded in all kinds
of devices, and software systems, making it hard to deprecate stuff fast.
--Michael Dillon
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf