Re: [Cfrg] Fwd: Request for comments on GOST documents

[Paul Hoffman <paul.hoffman at vpnc.org>]

>Based on some of the comments on the CFRG mailing list, the RFC
>Editorial Board is considering the need for a commentary RFC to be
>published at the same time, discussing security flaws or weaknesses of
>the GOST algorithms. If you have an interest in writing such a document,
>or have input for such a document, please let us know.  Jim Schaad has
>indicated a willingness to be lead author.

I think the "some comments" was two comments pointing to cryptographic research showing weaknesses in the hash algorithm. One person pointed to some papers, and another (one of the authors on the papers) summarized the contents as:

  To cut a long story short: We looked at the alleged GOST hash (using
  a unofficial translations and help from people knowing Russian), and
  found both collision and preimage attacks, suggesting that the GOST
  hash function is less secure than one would expect from a "good" hash
  function.

  Note that none of the attacks we propose is practical. Still, no such
  attacks are known on any of the SHA-2 hash functions.

If the "some comments" is limited to that, it might be better to just ask the author to add those pointers to the Security Considerations section of the hash algorithm document. That would be a lot less work for Jim, and would have the advantage of not forcing the reader to find an additional RFC when looking at the specs.

--Paul Hoffman, Director
--VPN Consortium