Standardization of cryptographic mechanisms in Russia Alexander Bondarenko, Grigory Marshalko Technical committee for standardization “Cryptography and security mechanisms”, TC 26 Moscow, Russia Sergei Prokhorov S.I. Vavilov Institute for the History of Science and Technology of Russian Academy of Sciencis Moscow Institute of Physics and Technology sergei.prokhorov@gmail.com ORCID ID: 0000-0002-1874-8602 Abstract— In 1989, the State Committee for Standards and Product Quality Management (Gosstandart) published the first Soviet national standard in the field of cryptography protection. Over the next 30 years, the standardization of cryptographic mechanisms in Russia has evolved significantly in the development of information technology. This article describes how Russian cryptography standards have changed over the years to match technology development and industry requirements. Keywords: cryptography protection, standardization, GOST R, cryptography I. INTRODUCTION Information technology determines the processes, methods of search, collection, storage, processing, provision and dissemination of information. One of the main problems of information technologies implementation at the state level is their diversity. At the same time, the basis of documents of normative and technical regulation (standards) that provides for software and hardware developers a possibility to use unified approaches is a solution for the stated problem. An integral part of any system of standards in the field of information technologies are cryptography and IT- security standards. Implementation of these standards is a necessary condition for ensuring reliable and safe functioning of information systems, and in some cases a "quality mark" that determines the level of trust. In this article we consider how the Russian cryptography standards have changed over the years in order to meet the industry demands. II. FIRST GENERATION STANDARDS The first cryptography standard - Data encryption standard (DES) - was adopted in US in 1976, soon after in 1978 the development of a symmetric cipher which later in 1989 became the first Soviet cryptography standard had begun [1]. The Order of the USSR State committee for standards and product quality management of June 2, 1989 № 1409 approved and put into effect GOST 28147-89 "Information processing systems. cryptography data security. Algorithm of cryptography transformation". The document included a description of a symmetric block cipher, based on so called Feistel network [2], with an input block length of 64 bits and a key length of 256 bits, as well as a set of modes of operation of this algorithm designed to ensure data confidentiality and integrity control. The design of the cipher was extremely hardware- friendly, and made it possible very fast information cryptography protection not only on far from efficient hardware of that time, but also in the modern era of IoT devices [3]. The economic changes of the 90s of the twentieth century in the Russian Federation, supported by the development of information technologies and telecommunication networks, required the adoption of mechanisms for integrity control and confirmation of authorship of information transmitted via communication channels, which was implemented in new (at that time) Russian standards: - processes for generation and verification of electronic digital signature - GOST R 34.10-94 "Information technology. cryptography data security. Produce and check procedures of electronic digital Signature based on asymmetric cryptography algorithm"; - GOST R 34.11-94 "Information technology. cryptography data security. Hashing function». The signature scheme described in GOST R 34.10-94 was based on one of the variants of the widely known generalized El-Gamal scheme [4] implemented in the subgroup of the prime order of the multiplicative group of the finite field. The field characteristic was about 1024 bits, the order of the subgroup was 256 bits. The hash function described in the standard GOST R 34.11-94 was based on a composition of several implementations of a cipher defined in GOST 28147-89, and had a length of hash code equal to 256 bits. Till the end of the XXI century this three standards served as a basis for cryptography protection mechanisms of the Russian communication networks, and also were accepted by the Euro-Asian Council on Standardization, Metrology and Certification of the Commonwealth of Independent States as corresponding interstate standards - GOST 28147-89, GOST 34.310-95 and GOST 34.311-95 accordingly.