CC BY
222. Panov A. V., esikova T. Z., Sokolov S. L., Kosheleva I. A., Boronin A. M. Influence of soil pollution on the composition of the microbial community // Microbiology. - 2013. - T. 82. - No. 2. - P. 239-246.
3. Pikovsky Yu. I., Gennadiev A. N., Chernyavskii S. S., Sakharov G. N. The problem of diagnostics and standardization of soil pollution with oil and oil products // Soil - management. - 2003. No. 9. S. 1132-1140.
4. Trofimov S. Ya., Ammosova Ja. M., Orlov D. S., Osipova N. N., Sukha-nova N. And. The impact of oil on the soil cover and the problem of creation of normative base on the impact of Petro-pollution in soils // Vestnik Mosk. Univ. Ser.17, soil science. - 2000. - No. 2. P. 30 - 34.
ОБЗОР СОВРЕМЕННЫХ РОССИЙСКИХ КРИПТОГРАФИЧЕСКИХ АЛГОРИТМОВ ЦИФРОВОЙ ПОДПИСИ
Санчес Россель Хосе Агустин
Аспирант Института Компьютерных Технологий и Информационной Безопасности, Федеральное государственное автономное образовательное учреждение высшего профессионального образования «Южный Федеральный Университет», г. Таганрог
Аннотация. В статье рассмотрены новые российские стандарты криптографических преобразований ГОСТ Р 34.10-2012, описывающий алгоритмы формирования и проверки электронной цифровой подписи и ГОСТ Р 34.11-2012, описывающий алгоритмы и процедуры вычисления хэш-функции, которые используются в процессах создания и верификации цифровой подписи. Проанализирована их криптографическая стойкость.
Annotation. This article has to do with the new Russian standards of the cryptographic conversions of the Federal, so called GOST P 34 .11-2012 (Russian Standard Authority), which describes the algorithms of formation and verification of the electronic digital signature and the Federal Standard doc GOST P 34.11-2012, which describes the algorithms and the procedures of calculation of the hash functions that are used in the process of creation and verification of the digital signature. Their cryptographic stability
Ключевые слова: алгоритм криптографической защиты, ГОСТ Р 34.10-2012, ГОСТ Р 34.11.2012, шифрование, электронная подпись, хэш-функции.
Key words: Algorithm of cryptographic protection, GOST P 34.10-2012, GOST P 34.11.2012, encryption, electronic signature, hashing functionality.
At present the info communicative systems security support is one of the most important and priority issues of any state, alongside with the issue of enlargement and development of the state defense capacity, health care, economy and education.
The information security support is maintained by means of the cryptographic systems, i.e. that is, by a set of cryptographic conversions or algorithms meant to operate in one single network, with the purpose aim of solving a particular task of protection of the information process. For the realization of this goal, certain cryptographic functions are being used, which include: key guns, encrypting functions, pseudo-random sequence generators, calculation and verification of message and digital signature authentication codes, calculation of the value of hash-functions, and so all [1, 2].
The following article is dedicated to the analysis of the new Russian standards of the cryptographic conversions that deal with issues of the electronic digital signature and the hash function.
Digital signature. In August, 2012 a new standard was introduced in Russian Federation, which describes pattern generation and verification algorithms of the digital signature of the Standard doc GOST P 34 .10-2012 (later on, called just GOST), which contains a set of requests to curves that are being used in cryptographic protection systems [3]. The standard replaced GOST P 34.10.2001 [4]. GOST describes methods of creation and verification of the electronic digital signature based on the usage of the operation with a number of points of elliptic curve, which is defined above the final simple field. When using this scheme, the parameters are: p-module of elliptic curve (prime number)
E - elliptic curve, described with invariant J(E) or coefficients a, b e F ;
m -order of group of points of elliptic curve E ( integral number); q-order of cyclical subgroup of points of elliptic curve E (prime number), where: m=nq, neZ, 2254<q<2256 Hnn2508<q<2512
P ^ 0 - point of elliptical curve E, with coordinats (X , y ) such as qP = 0;
h (•): V ^ V - hash function, displaying messages that are binary vectors of random final length, into binary length vectors l bit.
Each user of the schemata should have the key of signature (integral, with number d, such as 0<d<q), and a key to verify the signature (point of elliptical curve Q, with coordinates (xq, yq) such as dP = Q).
For parameters of schemata, there should be a condition pt^1 (mod q), for all integrals t = 1, 2, ... B, where B = 31, with 2254 < q < 2256, B=131, with 2508 < q < 2512; invariant of curve should meet the condition J(E) ^0,1728, and also inequationm should be correct.
During the process of creation and verification of the digital signature, the following equivalence is set up between incoming information, introduced as integral numbers, and binary vectors, with the length of l bit. Let's look at the binary vector with the length of l bit, in which senior bits are to the left, and junior are to the right:
h = (al_1,...,ao), h eV„ (1)
whereai, i=0,.., l-1 equals 1 or 0.
If the following equality is correct
Then number a eZ should be put in accordance with binary vector h,
Forbinaryvectors h and h2:
h = ft, 3)
That correspond to integral numbersa, ¡3, operation of adding (joining) should be defined as:
hi\\ h2 = ial_l'...,ao'fil_l'...'(4)
As a result of joining, there is a binary vector being formed, with the length of 2l bit, which is derived from the vector hi and h2 values.
So, the formulas [3] and [4] are setting the method of introducing the binary vector h, with the length of 2l bit as two vectors with the length of l bit, which is being the result of their joining.
For the successful implementation of the processes it is necessary that the user has the key of signature d, and the key of verification the signature
Q( x, yq).
The first data for the verification process is the message M with digital signature Z and verification key of signature Q, and out coming result correctness certificate of that signature.
Hash function. Algorithms and procedures of hash function calculation, which are used in the process of creation and verification of digital signature GOST are specified by a new standard GOST P 34.11-2012 [5].
The necessity of standard development was called upon by the urgency of creation the hash function, which meets the modern requirements of cryptographic unbreakability and necessary requirements of new standard for electronic digital signature. This hashing function is used during implementation of digital signature systems, based on asymmetric cryptographic algorithm.
Short description of GOST hash function operation: a message is being send to the input of hash function with unspecified size which then is being divided into 512-bit units. In case it cannot be divided by 512, message is being added till the necessary amount of bit. Then, iteratively, the function of compression is being used (as a result, the inner state of hash function is being upgraded):
g = y xV ^V NeV
ON r 512 r 512 r r 512>IV ^ r 512
The value of which is calculated by formula:
gn (h, m) : E(LPS(h © N), m) © h © m (6)
where
E(K,m) = X[K13]LPSX[K12]..LPSX[K2]LPSX[Kx](m) . (7)
The selection of the key of each round of unit cipher is an important parameter. Keys for each of the 13 rounds are generated by a ciphering function.
The basic ciphering algorithm implements changing places of the elements of multitude V128depending on values of iterative keys^i e V128, i=1,2,...,10.
The encryption algorithm implements conversion of multitude V128 according to equality
EKi ^ (a) = X[KJLSX[K9 ].. .LSX[K2]LSX[K1](a), (8)
whereae V128.
Algorithm of deciphering implements conversion of multitude V128 according to equality
(a) = X[KJS-1L~1X[K2]...S LX[K9]S 1L1X[K10](a), (9)
wherea e V128.
Values Ki eV512, i = 1,.. .13 are calculated as:
K = k .
K = LPS(K© C-x), i = 2,..,13. (10)
Similar to that, calculation of reverse bit number takes place, as well as control sum of units. As the end total, if all the units of original message were processed, there is a process of compressing the unit with general length of the message and control sum.
Fig.1 shows unit drawing of hash function creation algorithm
Cryptanalysis. Cryptographic unbreakability of digital signature is based on unbreakability of ciphering, and hash function unbreakability.
Unbreakability of ciphering algorithm of GOST standard is based on difficulty, which occurs during solving of a task of discreet logarithmation in group of points in elliptical curve. The task is: we have elliptical curve E above the field GF(p),provided that p - is a simple number; in a group of points of curve E, point P is chosen with simple order q. Knowing the value of point dP, we need to acquire the value of natural number d.
At present time, science and technology still haven't found the method of solution of this task, at least with subexponential complexity. The fastest work-
ing algorithms, while solving these type of tasks, with the best selection of necessary parameters, are p-method and l-method of Pollard. So, while using the improved p-method of Pollard, complexity of solving it, from the point of view of the time spent on calculation, is being evaluated as:
l . (3)
The evaluation of calculation complexity of the task can be found in the table 1.
Table 1
Order of field p, and order of q of base point P (in Lp
types)
128 1,63 x 1019
256 3,02 x 1038
512 1,03 x 1077
1028 1,19 x 10154
1536 1,38 x 10231
2048 1,59 x 10308
While using 256-type values of parameters q and p, the workload of breaking the new GOST standard is being estimated as 3,02 x1038.Based on those estimations, the digital signature diagram has a high level of cryptic security, and at present era of development of computing power ensures a reliable protection of important information.
In 2013 a real need of replacing the old standard of acquiring hash function GOST P 34.11.94 [6] occurred, because of the theoretical threat of being broken. As a replacement, there was a hash function GOST (Stribog) standard accepted, with the output data size 512/256 bit, which was mentioned above.
Against AES algorithm, which serves as a base of "Stribog" function, integral cryptanalysis showed it's relevance and justification, which made the research group under the supervision of RihamAlTawy and Amr M. Youseff from Concordia University performed their work in that field [7]. They have found 4-round straight and 3.5-round reverse integral discriminator, which is being used in the function of compressing GOST. While using start attacks in the middle and combination of two found integrals, they find 6.5 and 7.5-round discriminator for internal rearrangement, and 6 and 7-round discriminator for compressing function.
The result of this research of using this type of attack, acquires values from264 till2120incoming or medium-round values, with different conditions of state of discriminator.
A group of researchers Jian Guo, Jeremy Jean, Thomas Peyrin, Lei Wang and GaetanLeurent, in their work [8] state that the Russian standard of acquiring hash function "Striborg" contains an error, while using the meter.
Trivial error of using the meter allowed the researchers to implement the attack on full-round function "Striborg" (full theoretical break), however it con-
sisted not in finding collisions, but in finding for a particular message N random message N', which will have identical hash-messages (attack of finding a second prototype).
Without this error, in order to find the second prototype while using 512-bit hash function there would be necessary to make 2n or 2512 steps.
In case of attack based on error, it is necessary to make n*2n/2 or 2266 steps. However, in order to perform this kind of attack in real life, this value remains unreachable.
Conclusion
1. The new Russian cryptographic algorithms of GOST are pretty simple in implementation, convenient in operation, and have a high efficiency level.
2. The security of ciphering algorithm of the new Russian standard GOST is based on complexity of task solving discreet logarithmation in a group of poins in elliptic curve. At present time, there is no particular method to solve this problem, even with subexponential complexity.
3. In order to perform an attack on full-round «Striborg» function (theoretical break) it is necessary to make 2266 steps, which makes it an impossible value to carry out such an attack in real life.
4. For the higher efficiency of information security of Bolivarian Republic of Venezuela, it seems reasonable to integrate new Russian crypto algorithms into info communicative state structures with the aid of build in program module, developed on their basys.
Literature
1. Shalgin V.F. «Protection of computer information. Effective methods and means.» M:ID «Forum» INFRA-M-2010. Page 544
2. Babenko L.K., Ishukova E.A. «Modern algorithms of unit ciphering and methods of their analysis. Moscow, «Gelias ARV, 2006, p.376
3. Cryptographic protection of information. Processes of formation and verification of electronic digital signature.GOST P P 34.10-2012. M:
Standartinform 2012, p.38.
4. Information technology. Cryptographic protection information. Processes of formation and verification of electronic digital signature. GOST P 34.10-2001. M.: Standartinform, 2001. - p.16
5. Information technology. Cryptographic protection information. Hash function. GOST P 34.11-2012. M.: Standartinform, 2012. - p38.
6. Information technology. Cryptographic protection information. Hash function. GOST P 34.11-94. M.: Gosstandard Russia, 1994. - p23.
7. R. R. 2. 2. h. Riham AlTawy and Amr M. Youssef. Integral Distinguishers for Reduced-round Stribog. Cryptology ePrint Archive.
8. Jian Guo and Jeremy Jean and Gaetan Leurent and Thomas Peyrin and Lei Wang.The Usage of Counter Revisited: Second-Preimage Attack on New Russian Standardized Hash Funct. Cryptology ePrint Archive, Report 2014/675, 2014. http://eprint.iacr.org/2014/675.
