${\displaystyle \mathbb {F} }$  — Cuerpo finito ${\displaystyle GF(2^{8})}$  ${\displaystyle x^{8}+x^{7}+x^{6}+x+1}$ .

${\displaystyle Bin_{8}:\mathbb {Z} _{p}\rightarrow V_{8}}$  — ${\displaystyle \mathbb {Z} _{p}}$  (${\displaystyle p=2^{8}}$ )

${\displaystyle {Bin_{8}}^{-1}:V_{8}\rightarrow \mathbb {Z} _{p}}$  — ${\displaystyle Bin_{8}}$ .

${\displaystyle \delta :V_{8}\rightarrow \mathbb {F} }$  — ${\displaystyle \mathbb {F} }$ .

${\displaystyle \delta ^{-1}:\mathbb {F} \rightarrow V_{8}}$  — ${\displaystyle \delta }$ 

Para cifrado, decifrado y generación de claves, las siguientes funciones:

${\displaystyle Add_{2}[k](a)=k\oplus a}$ , donde ${\displaystyle k}$ , ${\displaystyle a}$  son cadenas binarias de la forma ${\displaystyle a=a_{15}||}$ …${\displaystyle ||a_{0}}$  (${\displaystyle ||}$  es una cuerda concatenación).

${\displaystyle N(a)=S(a_{15})||}$ …${\displaystyle ||S(a_{0}).~~N^{-1}(a)}$  es una transformación invertida de ${\displaystyle N(a)}$ .

${\displaystyle G(a)=\delta (a_{15},}$ …${\displaystyle ,a_{0})||a_{15}||}$ …${\displaystyle ||a_{1}.}$ 

${\displaystyle G^{-1}(a)}$  — transformación invertida de ${\displaystyle G(a)}$  , ${\displaystyle G^{-1}(a)=a_{14}||a_{13}||}$ …${\displaystyle ||a_{0}||\delta (a_{14},a_{13},}$ …${\displaystyle ,a_{0},a_{15}).}$ 

${\displaystyle H(a)=G^{16}(a)}$ , where ${\displaystyle G^{16}}$  — composición de transformaciones ${\displaystyle G^{15}}$  and ${\displaystyle G}$  etc.

${\displaystyle F[k](a_{1},a_{0})=(HNAdd_{2}[k](a_{1})\oplus a_{0},a_{1}).}$ 

Transformación no lineal es dada por subtistuir S = Bin₈ S' Bin₈⁻¹.

Valores de la sustitución S' se dan como matriz S' = (S'(0), S'(1), …, S'(255)):

${\displaystyle S'=(252,238,221,17,207,110,49,22,251,196,250,218,35,197,4,77,233,}$  ${\displaystyle 119,240,219,147,46,153,186,23,54,241,187,20,205,95,193,249,24,101,}$  ${\displaystyle 90,226,92,239,33,129,28,60,66,139,1,142,79,5,132,2,174,227,106,143,}$  ${\displaystyle 160,6,11,237,152,127,212,211,31,235,52,44,81,234,200,72,171,242,42,}$  ${\displaystyle 104,162,253,58,206,204,181,112,14,86,8,12,118,18,191,114,19,71,156,}$ ${\displaystyle }$${\displaystyle 183,93,135,21,161,150,41,16,123,154,199,243,145,120,111,157,158,178,}$  ${\displaystyle 177,50,117,25,61,255,53,138,126,109,84,198,128,195,189,13,87,223,}$  ${\displaystyle 245,36,169,62,168,67,201,215,121,214,246,124,34,185,3,224,15,236,}$  ${\displaystyle 222,122,148,176,188,220,232,40,80,78,51,10,74,167,151,96,115,30,0,}$  ${\displaystyle 98,68,26,184,56,130,100,159,38,65,173,69,70,146,39,94,85,47,140,163,}$  ${\displaystyle 165,125,105,213,149,59,7,88,179,64,134,172,29,247,48,55,107,228,136,}$  ${\displaystyle 217,231,137,225,27,131,73,76,63,248,254,141,83,170,144,202,216,133,}$  ${\displaystyle 97,32,113,103,164,45,43,9,91,203,155,37,208,190,229,108,82,89,166,}$  ${\displaystyle 116,210,230,244,180,192,209,102,175,194,57,75,99,182).}$ 

${\displaystyle \gamma }$ : ${\displaystyle \gamma (a_{15},}$ …${\displaystyle ,a_{0})=\delta ^{-1}~(148*\delta (a_{15})+32*\delta (a_{14})+133*\delta (a_{13})+16*\delta (a_{12})+}$  ${\displaystyle 194*\delta (a_{11})+192*\delta (a_{10})+1*\delta (a_{9})+251*\delta (a_{8})+1*\delta (a_{7})+192*\delta (a_{6})+}$  ${\displaystyle 194*\delta (a_{5})+16*\delta (a_{4})+133*\delta (a_{3})+32*\delta (a_{2})+148*\delta (a_{1})+1*\delta (a_{0})),}$ 

Las operaciones de suma y multiplicación se realizan en el campo ${\displaystyle \mathbb {F} }$ .

algoritmo de generación de claves utiliza constante iterativa ${\displaystyle C_{i}=H(Bin_{128}(i))}$ , i=1,2,…32. Establece la clave compartida ${\displaystyle K=k_{255}||}$ …${\displaystyle ||k_{0}}$ .

Llaves iteradas

${\displaystyle K_{1}=k_{255}||}$ …${\displaystyle ||k_{128}}$ 

${\displaystyle K_{2}=k_{127}||}$ …${\displaystyle ||k_{0}}$ 

${\displaystyle (K_{2i+1},K_{2i+2})=F[C_{8(i-1)+8}]}$ …${\displaystyle F[C_{8(i-1)+1}](K_{2i+1},K_{2i}),i=1,2,3,4.}$ 

${\displaystyle E(a)=Add_{2}[K_{10}]HNAdd_{2}[K_{9}]}$ …${\displaystyle HNAdd_{2}[K_{3}]HNAdd_{2}[K_{1}](a),}$  where a — 128-bit string.

${\displaystyle D(a)=Add_{2}[K_{1}]H^{-1}N^{-1}Add_{2}[K_{2}]}$ …${\displaystyle H^{-1}N^{-1}Add_{2}[K_{9}]H^{-1}N^{-1}Add_{2}[K_{10}](a).}$ 

VeraCrypt (un fork de TrueCrypt) incluye a Kuznyechik como uno de sus algoritmos de cifrado soportados.^[5]​

https://web.archive.org/web/20160424051147/http://tc26.ru/standard/draft/PR_GOSTR-bch_v4.zip

https://web.archive.org/web/20180406230057/https://fossies.org/windows/misc/VeraCrypt_1.22_Source.zip/src/Crypto/kuznyechik.c (Enlace alternativo para el caso en el que el primer enlace no funcione.)