256 bit standardized crypto for 650 GE – GOST revisited
Date of Issue2010-08
School of Physical and Mathematical Sciences
The former Soviet encryption algorithm GOST 28147-89 has been standardized by the Russian standardization agency in 1989 and extensive security analysis has been done since. So far no weaknesses have been found and GOST is currently under discussion for ISO standardization. Contrary to the cryptographic properties, there has not been much interest in the implementation properties of GOST, though its Feistel structure and the operations of its round function are well-suited for hardware implementations. Our post-synthesis figures for an ASIC implementation of GOST with a key-length of 256 bits require only 800 GE, which makes this implementation well suitable for low-cost passive RFID-tags. As a further optimization, using one carefully selected S-box instead of 8 different ones -which is still fully compliant with the standard specifications!- the area requirement can be reduced to 651 GE.
Lecture notes in computer science
© 2010 International Association for Cryptologic Research. This is the author created version of a work that has been peer reviewed and accepted for publication by Lecture Notes in Computer Science, Springer on behalf of International Association for Cryptologic Research. It incorporates referee’s comments but changes resulting from the publishing process, such as copyediting, structural formatting, may not be reflected in this document. The published version is available at: http://dx.doi.org/10.1007/978-3-642-15031-9_15