Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

OpenPGP and Russian Cryptography


Published on

Implementation of Russian cryptography algorithms into OpenPGP standard.

Published in: Software, Technology, Education
  • Login to see the comments

OpenPGP and Russian Cryptography

  1. 1. Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. Qt is a registered trade mark of Digia Plc and/or its subsidiaries. All other trademarks mentioned in this document are trademarks of Dmitry Eremin Solenikov OpenPGP and Russian Cryptography
  2. 2. OpenPGP vs X.509 Both are public key infrastructures. Both provide a way to bind a public key to a designated person. ● PKIX ● Absolute trust to preselected CAs by participants ● Hard to cope with CA incidents ● OpenPGP ● WoT provides transitive trust relationship ● It is easy to deal with misbehaving parties 2/6
  3. 3. OpenPGP history ● In 1991 Phil Zimmerman published PGP (Pretty Good Privacy) version 1.0 for secure messaging and file transfer through BBS ● OpenPGP IETF Working Group was formed in 1997 ● RFC 2440 – first formal specification was published in November 1998 ● Replaced by RFC 4880 in November 2007 ● Two optional updates are published (incl. NIST ECC) ● No known vulnerabilities 3/6
  4. 4. Supporting GOST algorighms ● Symmetric cipher ● This part is postponed due to several open issues ● Message digests ● Easy part ● Public Key algorithms ● Several decision points, but easy otherwise ● KDF ● KeyWrap ● VKO/ECDH 4/6
  5. 5. Implementation Status ● Initial algorithms implementation for libgcrypt – GnuPG cryptographic core library ● Proving implementation correctness by implementing RFC 4490 (GOST CMS) in GPG/SM ● Preparing draft of an Internet-Draft (covering signatures and PK) for wider community discussion ● There are still some open discussion points in Public Key algorithms 5/6
  6. 6. Questions? Thank you! 6/6