Noel Chiappa wrote: > > > From: Dmitry Burkov <dburk@xxxxxxxxxxxxx> > > > I think that it is not a constructive way to discuss this issue > > following some conspiracy theories. > > Understood, but at the same time there may be some value to being curious as > to why the Russian authorities have mandated the use of a local standard. The problem is that the explanation given is so universal that it can only be wrong. There may be a mandate for specific algorithms for particular uses, but it is completely unbelievable that it is _as_universal_as_stated_. And since the problem that is quoted is a political or contractual one, and _NOT_ a technical one, it makes no sense to discuss technical solutions for a presumably completely misunderstood political or contractual issue. Pretty much all of the software from outside of russia contains implementations of some cryptographic algorithms. And a lot of software uses these algorithms, i.e. most software vendors (Microsoft, Unix players, Linux Distros and network gear (Cisco?) use it for the distribution of their software. > > Is it just some sort of 'not invented here', or some other similar cause > (which is, I agree, not very interesting); or is there a desire to use a > different algorithm because there some sort of weakness to the standard > algorithm most countries are using, a weakness which has only been detected > by some entity somewhere in Russia? I assume it is the fear about backdoors. They know that nobody else besides themselves was given the a chance to plant back doors into their algorithms, for design flaws it is a level playing field for all, and for attacks, they currently have the same "nice" advantage that firefox has over MSIE with regards to probability of attacks. So from pure a risk management perspective mandating GOST provides some benefit, in theory. Their symmetric cipher with a blocksize of 64 bits and a key size of 256 bits is less convincing (because of the small blocksize). -Martin _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf