What is GostCrypt?
The Gostcrypt project has been launched at the end of 2013 as fork of the (late) Truecrypt project.
It intends to go farther than ever. Since the late 70s, most of the algorithms used (not to say all) are UKUSA encryption systems that have been chosen, promoted and standardized under the control of the USA and its satellite countries.
The GOST 28147-89 block cipher uses 256-bit keys for encryption or decryption. Internally, this key is divided into eight 32-bit subkeys. In the process of setting the GOST 28147-89 key in preparation for encryption and decryption, the S-Box is modified based on the supplied key, providing a first degree of diversification of the algorithm (and thus provides resistance to known attacks).
For this process, the 'GOST R 34.11-94 CryptoProParamSet' S-Box from RFC 4357 is used as initial S-Box. The 256-bit encryption key is hashed using the GOST R 34.11-2012 hash function, which produces a 512-bit digest. As both the initial S-Box and the digest contain 512 bits of information, a bitwise addition modulo two is used on of the 4-bit S-Box entries (see the diagram below). The resulting key-dependent S-Box is used for encryption and decryption. During encryption and decryption, the GOST 28147-89 block cipher is used with the XTS mode of operation. The data unit number, a disk offset used in the XTS algorithm, is combined with the GOST 28147-89 key using bitwise addition modulo two. This operation ensures that a different key is used for each 512-byte section of the disk. Given how small changes in the used key result in large changes in the resulting ciphertext, this mechanism provides an additional challenge for a potential adversary.
No updates since 2012. See http://www.gostcrypt.org/news_and_changelog.php
Comments and Reviews
Said about GostCrypt as an alternative
- different cryptographic algorith : no container (.tc files) compatibility
- Similar graphic interface
- quite same cross platform compatibility (windows+linux rpm deb+Mac OS X 10.9)
- Same "reasonable deniabilty" with hidden volumes
Allows the mounting of encrypted drives without Admin rights