Paper 2019/540

A chosen key attack against the secret S-boxes of GOST

Markku-Juhani O. Saarinen


I am making this work from August 1998 available for historical reasons. It has been cited as an ``unpublished manuscript'' more than two dozen times over the years -- even though it has not been publicly available anywhere for almost 20 years. The short memo describes a simple non-intrusive reverse engineering technique against Russian GOST chips. The technique is based on a slide attack. This may be historically interesting since slide attacks had not been ``invented yet'', at least in formal sense. The brief original abstract: We show that a simple ``black box'' chosen-key attack against GOST can recover secret S-boxes with approximately $2^{32}$ encryptions.

Note: The August 1998 memo is included in its original form, prefaced by some historical notes.

Available format(s)
Secret-key cryptography
Publication info
Preprint. MINOR revision.
GOSTMagmaSlide Attack
Contact author(s)
mjos @ iki fi
2019-05-22: received
Short URL
Creative Commons Attribution


      author = {Markku-Juhani O.  Saarinen},
      title = {A chosen key attack against the secret S-boxes of GOST},
      howpublished = {Cryptology ePrint Archive, Paper 2019/540},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.