Professional Documents
Culture Documents
TRNG I HC HNG HI
B MN: KHOA HO C MA Y TI NH
KHOA: CNG NGH THNG TIN
Gio trnh
AN TON V BO MT THNG TIN
TN HC PHN : An ton v bo mt Thng tin
M HC PHN : 17212
TRNH O TO : I HC CHNH QUY
DNG CHO SV NGNH : CNG NGH THNG TIN
HI PHNG - 2008
Tn hc phn: An toa
n ba
c ho c ph n:
- L p tri
nh h
ng i t ng
- C u tru
c d
li u
- Phn ti
ch, thi t k va
nh gia
thu t toa
n.
Mc ch ca hc phn:
Truyn t cho sinh vin nhng kin thc c bn v cc lnh vc ring trong an
ton bo mt my tnh:
- Cc gii thut m ha trong truyn tin.
- Cc thut ton to hm bm v ch k in t.
- Cc m hnh trao chuyn kha.
- Cc m hnh chng thc v cc giao thc mt m.
Ni dung ch yu:
G m 2 ph n:
- Ph n ly
thuy t: cung c p ca
c ly
n ma
ho
a, cc giao thc.
- Ph n l p tri
nh: ci t cc h m, vi t ca
ng du ng s
du ng ca
c h ma
m t
Ni dung chi tit ca hc phn:
Tn chng mc
Phn phi s tit
TS LT Xemine BT KT
Chng I. Gii thiu nhim v ca an ton v bo
mt thng tin.
4 3 1 0 0
1.1. Cc khi nim m u.
1.1.1. Thnh phn ca mt h thng thng tin
1.1.2. Nhng mi e da v thit hi i vi h thng
thng tin.
1.1.3. Gii php iu khin kim sot an ton bo mt
1.2. Mc tiu v nguyn tc chung ca ATBM.
1.2.1. Ba mc tiu.
1.2.2. Hai nguyn tc
1.3. Gii thiu chung v cc m hnh mt m.
1.3.1. M hnh c bn trong truyn tin v lut Kirchoff.
1.3.2. Nhng giai on pht trin ca l thuyt m ha.
1
1
1
1
Chng II. Mt s phng php m ha c in. 13 5 5 2 1
2.1. Phng php m n gin.
2.1.1. M hon v trong bng Alphabet.
2.1.2. Mt m cng tnh.
2.2.3. Mt m nhn tnh.
2.1.4. Phn tch m theo phng php thng k.
2.2. Phng php m bng phng th tn xut.
2.2.1. M vi bng th ng m.
2.2.2. M a bng th: gii thut m Vigenre v One time
pad.
2.2.3. L thuyt v s b mt tuyt i.
2.2.4. nh gi mc bo mt ca mt phng php
m ha.
Ki m tra
2
3
2
3
1
1
1
Chng III. Mt m khi. 16 8 7 1 0
3.1. Khi nim.
3.1.1. iu kin an ton cho mt m khi
3.1.2. Nguyn tc thit k.
3.2. Chu n ma
ho
a d
li u DES
3.2.1. Lch s ca DES
3.2.2. Cu trc vng lp DES.
3.2.3. Thut ton sinh kha con
3.2.4. Cu trc hm lp.
3.2.5. Thut ton gii m DES.
3.2.6. nh gi mc an ton bo mt ca DES.
3.2.7. TripleDES
3.3. Chu n ma
ho
a cao c p AES
3.3.1. Gi
i thi u v AES
3.3.2. Thu t toa
n ma
ho
a
3.3.3. Thu t toa
n gia
i ma
3.3.4. Ci t AES
3.4 Mt s ch s dng m khi.
3.4.1. Ch bng tra m in t
3.4.2. Ch m mc xch
3.4.3. Ch m phn hi
1
3
3
1
3
3
1
0,5
0,5
Chng IV. H thng m vi kha cng khai. 16 6 7 2 1
4.1. Khi nim kha cng khai.
4.1.1. c trng v ng dng ca h m kha cng khai.
4.1.2. Nguyn tc cu to h kha cng khai
4.2. Gii thiu mt s gii thut PKC ph bin.
4.1.1. H m Trapdoor Knapsack.
4.1.2. H m RSA
1
1
2
1
3
2
4.1.3. H m ElGamal
Kim tra
2 3
1
Chng V. Ch k in t v hm bm. 12 7 5 0 0
5.1. Ch k in t.
5.1.1. nh ngha.
5.1.2. ng dng ca ch k in t
5.2. Gi
i thi u m t s h ch
ky
i n t
5.2.1. H ch
ky
i n t
RSA
5.2.2. H ch
ky
i n t
ElGamal
5.2.3. Chu n ch
ky
i n t
DSA
5.3. Hm bm.
5.3.1. nh ngha.
5.3.2. Sinh ch k in t vi hm bm
5.4. M t s ha
m bm thng du ng
5.4.1. Hm bm MD5
5.4.2. Hm bm SHA1
0,5
3
0,5
3
2
1,5
1,5
Chng VI. Qun l kha trong h thng mt m 8 5 3 0 0
6.1. Qun l kha i vi h SKC
6.1.1. Gii thiu phng php qun l kha.
6.2. Qun l kha trong cc h PKC
6.2.1. Giao thc trao chuyn kha Needham Schoeder
6.2.2. Giao th
c trao i kho
a Diffie-Hellman
6.2.3. Giao th
c Kerberos
1
1
1
1
1
1
2
Chng VII. Giao thc mt m 6 3 2 0 1
7.1. Khi nim giao thc mt m
7.1.1. nh ngha giao thc mt m
7.1.2. Mc ch giao thc mt m.
7.1.3. Cc bn tham gia vo giao thc mt m
7.2. Tm hiu thit k cc giao thc mt m in hnh
7.2.1. Mt s dng tn cng i vi giao thc mt m.
7.2.2. Gii thiu mt s giao thc mt m.
7.3. Kim tra.
1
2
2
1
Nhim v ca sinh vin: Ln lp y v chp hnh mi quy nh ca Nh trng.
Ti liu hc tp:
1. Phan nh Diu. L thuyt mt m v An ton thng tin. i hc Quc Gia H
Ni.
2. Douglas R. Stinson. Cryptography Theory and practice. CRC Press. 1995.
3. A. Menezes, P. VanOorschot, and S. Vanstone. Handbook of Applied
Cryptography. CRC Press. 1996.
4. William Stallings. Cryptography and Network Security Principles and Practices,
Fourth Edition. Prentice Hall. 2005.
5. MichaelWelschenbach. Cryptography in C and C++. Apress. 2005.
Hnh thc v tiu chun nh gi sinh vin:
- Sinh vin phi lm cc bi kim tra trong qu trnh hc v thc hnh. Thi vn p.
- Sinh vin phi bo m cc iu kin theo Quy ch ca Nh trng v ca B.
Thang im : Thang im 10.
im nh gi hc phn: Z = 0,3 X + 0,7 Y.
MUC LUC
L I NO I
U .................................................................................................................... 1
CHNG I: GI I THI U .................................................................................................. 2
1. An toa
n ba
o m t thng tin va
m t ma
ho c ................................................................. 2
2. Khai nim h thng va tai san cua h thng .............................................................. 2
3. Cac mi e doa i vi mt h thng va
ca
c bi n pha
p ngn ch n ........................... 2
4. Muc tiu va nguyn tc chung cua an toan bao mt thng tin ................................... 3
5. M t ma
ho c (cryptology) ............................................................................................ 4
6. Khai nim h ma mt (CryptoSystem) ....................................................................... 4
7. M hi
nh truy n tin c ba
n cu
a m t ma
ho c va
lu t Kirchoff ....................................... 5
8. S l c v li ch s
m t ma
ho c .................................................................................. 6
9. Phn loa i ca
c thu t toa
n m t ma
ho c ......................................................................... 8
10. M t s
ng du ng cu
a m t ma
ho c ........................................................................... 8
CHNG II: C S TOAN HOC ................................................................................... 10
1. Ly thuyt thng tin ................................................................................................... 10
1.1. Entropy ............................................................................................................. 10
1.2. T c cu
a ngn ng
n nh t ..................................................................................... 17
3.4. Vanh Z
N
(vanh ng d module N) ................................................................... 18
3.5. Ph n t
nghi ch a
o .......................................................................................... 18
3.6. Ham phi le ..................................................................................................... 19
3.7. Th ng d b c hai.............................................................................................. 19
3.8. Thu t toa
n lu
y th
a nhanh ................................................................................ 20
3.9. Thu t toa
n clit m
r ng .................................................................................. 21
3.10. Phng tri
nh ng d b c nh t 1 n .............................................................. 22
3.11. i nh ly
hi u toa
n ho c .................................................................................... 23
4.2. Thu t toa
n Soloway-Strassen ........................................................................... 25
4.3. Thu t toa
n Rabin-Miller..................................................................................... 26
4.4. Thu t toa
n Lehmann. ........................................................................................ 26
5. Bai tp ..................................................................................................................... 26
CHNG III: CAC H MA KHOA BI MT ...................................................................... 28
1. Cac h ma c in ................................................................................................... 28
1.1. H ma
hoa
Caesar .................................................................................................. 28
1.3. H ma
Affine ..................................................................................................... 29
1.4. H ma
Vigenere ................................................................................................ 30
1.5. H ma
Hill ......................................................................................................... 30
1.6. H ma
i ch (transposition cipher)................................................................. 32
2. Cac h ma khi ....................................................................................................... 34
2.1. Mt ma khi ...................................................................................................... 34
2.2. Chun ma hoa d liu DES (Data Encryption Standard) .................................. 35
2.3. Cac yu im cua DES ..................................................................................... 51
2.4. Triple DES (3DES) ............................................................................................ 52
2.5. Chu n ma
ho
a ca
c h ma
m t kho
kho
knapsack ............................................................................................... 78
3.2. H ma
RSA ....................................................................................................... 79
3.3. H ma
El Gamal ............................................................................................... 83
3.4. Cac h ma mt da trn cac ng cong Elliptic ............................................. 85
4. Bai tp ..................................................................................................................... 96
CHNG V: CH KY I N T VA HA M BM ............................................................ 101
1. Ch
ky
i n t
....................................................................................................... 101
1.1. Khai nim v ch ky in t ........................................................................... 101
1.2. H ch ky RSA ............................................................................................... 102
1.3. H ch ky ElGammal ...................................................................................... 103
1.4. Chun ch ky in t (Digital Signature Standard) ......................................... 106
1.5. M hi
nh
ng du ng cu
a ch
ky
i n t
................................................................ 108
2. Ham Bm (Hash Function) .................................................................................... 109
2.1. Khai nim ....................................................................................................... 109
2.2. c tinh cua ham Bm ................................................................................... 109
2.3. Birthday attack ................................................................................................ 110
2.4. Mt s ham Bm ni ting .............................................................................. 111
2.5. Mt s
ng du ng cu
..................................................................................... 134
5. Cac dang tn cng i vi giao thc ..................................................................... 134
TAI LIU THAM KHAO.................................................................................................. 136
Danh mc hnh v
DANH MUC HI NH VE
Hnh 1.1: M hnh c ban cua truyn tin bao mt .............................................................. 5
Hnh 3.1: Chu n ma
ho
a d
li u DES ............................................................................. 36
Hnh 3.2: S ma hoa DES .......................................................................................... 38
Hnh 3.3: S mt vng DES ....................................................................................... 39
Hnh 3.4: S tao khoa con cu
a DES .......................................................................... 41
Hnh 3.5: S ham f ..................................................................................................... 43
Hnh 3.6: S ham m rng (E) ................................................................................... 44
Hnh 3.7: Triple DES ....................................................................................................... 53
Hnh 3.8: Cac trang thai cua AES .................................................................................... 56
Hnh 3.9: Thu t toan ma ha va giai ma cua AES ........................................................... 59
Hnh 3.10: Ham ShifftRows() ........................................................................................... 62
Hnh 3.11: Ham MixColumns cua AES ............................................................................ 63
Hnh 3.12: Ham AddRoundKey cua AES ......................................................................... 63
Hnh 3.13: Ham InvShiftRows() cua AES ......................................................................... 66
Hnh 3.14: C ch ECB ................................................................................................... 69
Hnh 3.15: Ch CBC ................................................................................................... 70
Hnh 3.16: Ch CFB ................................................................................................... 71
Hnh 4.1: M hi
nh s
nh s
nh
ng du ng lai ghe
p RSA v
i ca
c h ma
kh i ........................................ 83
Hnh 4.4: Cac ng cong Elliptic trn tr
ng s th c ................................................... 87
Hnh 4.5: Hnh biu din E
2
4
(g
4
, 1) .................................................................................. 92
Hnh 4.6: Phng pha
p trao i kho
nh
ng du ng cu
a ch
ky
i n t
........................................................... 108
Hnh 5.2: S ch ky s dung ham Bm ................................................................... 109
Hnh 5.3: S vng lp chinh cua MD5 ...................................................................... 112
Hnh 5.4: S mt vng lp MD5 ............................................................................... 113
Hnh 5.5: S mt vng lp cua SHA ......................................................................... 117
Danh mc bng
DANH MUC BA NG
Bang 2.1: Bang bc cua cac phn t trn Z
*
21
................................................................. 19
Bang 2.2: Bang luy tha trn Z
13
..................................................................................... 20
Bang 3.1: Bang anh s cac ch cai ting Anh ............................................................... 29
Bang 3.2: Ma hoa thay i vi tri ct ................................................................................. 32
Bang 3.3: Ma ha theo mu hnh hoc .............................................................................. 33
Bang 3.4: Vi du ma ha theo mu hnh hoc .................................................................... 33
Bang 3.5: Ma ha hoan vi theo chu ky ............................................................................ 34
Bang 3.6: Bang hoan vi IP ............................................................................................... 39
Bang 3.7: Bang hoan vi ngc IP
-1
................................................................................. 39
Bang 3.8: Bang PC-1 ...................................................................................................... 41
Bang 3.9: Bang dich bit tai cac vng lp cua DES ........................................................... 42
Bang 3.10: Bang PC-2 .................................................................................................... 42
Bang 3.11: Bang m ta ham m rng E .......................................................................... 44
Bang 3.12: Hp S
1
........................................................................................................... 45
Bang 3.13: Hp S
2
........................................................................................................... 45
Bang 3.14: Hp S
3
........................................................................................................... 45
Bang 3.15: Hp S
4
........................................................................................................... 46
Bang 3.16: Hp S
5
........................................................................................................... 46
Bang 3.17: Hp S
6
........................................................................................................... 46
Bang 3.18: Hp S
7
........................................................................................................... 46
Bang 3.19: Hp S
8
........................................................................................................... 46
Bang 3.20: Bang hoan vi P .............................................................................................. 47
Bang 3.21: Vi du v cac bc thc hin cua DES .......................................................... 50
Bang 3.22: Cac kha yu cua DES ................................................................................. 51
Bang 3.23: Cac kha na yu cua DES .......................................................................... 51
Bang 3.24: Qui
c m t s t
vi t t t va
a AES .............................................................................. 61
Bang 3.28: Bang th cho ham InvSubBytes() .................................................................. 66
Bang 4.1: T c cu
a thu t toa
n Brent-Pollard ................................................................ 81
Bang 4.2: Bi u di n cu
a t p E23(1, 1) ............................................................................. 89
Bang 4.3: Bang so sanh cac h ma ECC vi h ma RSA ................................................ 95
L
i no
i u
1
L I NO I
U
T trc cng nguyn con ngi a phai quan tm ti vic lam th nao am
bao an toan bi mt cho cac tai liu, vn ban quan trong, c bit la trong lnh vc qun
s, ngoai giao. Ngay nay vi s xut hin cua may tinh, cac tai liu vn ban giy t va
cac thng tin quan trong u c s ha va x ly trn may tinh, c truyn i trong
mt mi trng ma mc inh la khng an ton. Do yu cu v vic c mt c ch, giai
phap bao v s an toan va bi mt cua cac thng tin nhay cam, quan tro ng ngy cng
tr nn cp thit. Mt ma hoc chinh la nganh khoa hoc am bao cho muc ich nay. Kh
c th thy mt ng dung Tin ho c c ch no lai khng s dung cac thut toan ma ha
thng tin. Tai liu nay da trn nhng kinh nghim va nghin cu ma tac gia a c rt,
thu thp trong qua trnh giang day mn hoc An toan va Bao mt Thng tin tai khoa Cng
ngh Thng tin, ai hoc Hang hai Vit nam. Vi bay chng c chia thanh cac chu
khac nhau t c s toan hoc cua mt ma hoc cho ti cac h ma, cac giao thc mt ma,
hy vong s cung cp cho cac em sinh vin, cac ban c gia mt tai liu b ich. Mc d a
rt c gng song vn khng tranh khi mt s thiu st, hy vong s c cac ban b
ng nghip, cc em sinh vin, cac ban c gia gp y chn thanh ti c th hoan thin
hn na cu n sa
ch ny.
Xin gi li cam n chn thanh ti cac ban b ng nghip , nh
ng ng
i thn a
lun ng vin, gp y cho ti trong qua trnh bin soan . Xin g
i l
i ca
m n t
i Tha c sy
Nguy n i
nh Dng, ng
i a
o c va
cho nh
ng nh n xe
kho
i l
i ca
m n su s c t
i
Thac sy Pham Tun at , ng
i a
hi u i
nh m t ca
ch ky
ca
ng va
cho r t nhi u nh n xe
t
c gia tri cho ban thao cua cun sach nay . Cu i cu
ng xin g
i l
i ca
m n t
i Ban chu
nhim khoa Cng ngh Thng tin, c bi t la
Ti n sy
i thi u
2
CHNG I: GI I THI U
1. An toa
n ba
o m t thng tin va
m t ma
ho c
Trai qua nhiu th ky hang loat cac giao th
c ta o ra a
ng nhu c u an toa
n ba
no
c truy n ta
i
trn ca
c phng ti n v t ly
ng thi
ca
c mu c tiu cu
a an toa
n ba
o
m t thng tin khng th a t c n u chi
n thu n d a va
o ca
c thu t toa
n toa
n ho c va
cac giao thc, ma at c iu nay i hi cn c cac ky thut mang tinh thu tuc va
s tn tro ng ca
c i u lu t . Ch ng ha n s bi
m t cu
a ca
c b
c th tay la
do s phn pha
t
cac la th a c ng du bi mt dich vu th tin a c chp nhn . Tinh an toan v
m t v t ly
cu
a ca
c la
th la
ha n ch (n c th bi xem trm ) nn a
m ba
o s bi
m t
cua bc th phap lut a a ra qui inh : vi c xem th ma
khng c s ng y
cu
a
chu nhn hoc nhng ngi c thm quyn la pham phap va s bi trng phat . i khi
muc ich cua an toan bao mt th ng tin la i a t c nh
chinh phng ti n v t ly
mang
chng, ch ng ha n nh ti n gi y o
i ho
i pha
i c in b ng loa i m c va
gi y t t khng
bi lam gia.
V m t y
ng vi c lu gi
thng tin la
khng co
nhi u thay i a
ng k qua th
i
gian. Ngay xa thng tin thng c lu va vn chuyn trn giy t , trong khi gi
y
chng c lu di dang s ha va c vn chuyn bng cac h thng vin thng
ho c ca
ng k n
y chi
nh la
kha
nng sao che
p va
i ta co
th ta o ra ha
ng nga
n m u tin gi ng nhau
va khng th phn bit c n vi ban gc . V
i ca
c ta
i li u lu tr
va
v n chuy n trn
gi y i u na
y kho
va
v n chuy n trn ca
c phng ti n i n t
chi
nh la
ca
c phng ti n
a
m ba
o an toa
n ba
o m t thng tin c l p v
i ca
c phng ti n lu tr
va vn chuyn vt
ly cua n . Phng ti n o
chi
nh la
m t ma
ho c , m t nga
nh khoa ho c co
li ch s
lu
i
d a trn n n ta
ng ca
c thu t toa
n toa
m t t p h p ca
c ma
y ti
nh g m ca
c tha
nh ph n
ph n c
ng, ph n m m va
li u la
m vi c c ti
ch luy
qua th
i gian.
Tai san cua h thng bao gm:
- Ph n c
ng
- Ph n m m
- D
li u
- Cac truyn thng gia cac may tinh cua h thng
- Mi tr
ng la
m vi c
- Con ng
i
3. Cc mi e doa i vi mt h thng va cc bin php ngn chn
Co 3 hinh thc chu yu e doa i vi h thng:
Chng I: Gi
i thi u
3
- Pha hoai: ke th pha hng thit bi phn cng hoc phn mm hoat ng trn h
th ng.
- S
y th
ng la
m cho h
th ng khng la
m u
ng ch
c nng cu
a no
. Ch ng ha n nh thay i m t kh u,
quy n ng
i du
ng trong h th ng la
m ho khng th truy c p va
o h th ng
lam vic.
- Can thi p : Tai san bi truy cp bi nhng ngi khng c thm quyn . Cac
truy n thng th c hi n trn h th ng bi ngn ch n, s
a i.
Cac e doa i vi mt h thng thng tin c th n t nhiu ngun va c thc
hi n b
i ca
c i t ng kha
nh
ng ng
i co
quy n truy c p
h p pha
p i v
i h th ng , nh
ng i t ng bn ngoa
i h th ng (hacker, cracker),
th
ng ca
c i t ng na
y t n cng qua nh
ng
ng k t n i v
i h th ng nh Internet
ch ng ha n, va th
ba la
ca
ng co
3 bi n pha
p ngn ch n:
- i u khi n thng qua ph n m m : d a va
o ca
c c ch an toa
n ba
o m t cu
a h
th ng n n (h i u ha
c chi
nh sa
ch cu
a t ch
c : ban ha
nh ca
c qui i nh cua t
ch
c nh m a
m ba
o ti
nh an toa
n ba
o m t cu
a h th ng.
Trong mn ho c na
y chu
ng ta t p trung xem xe
t ca
c thu t toa
n m t ma
ho c nh la
m t phng ti n c ba
a an toa
n ba
o m t thng tin
Ba mu c tiu cu
a an toa
n ba
o m t thng tin:
Tinh bi mt: Tai san cua h thng ch c truy cp bi nhng ngi c thm
quy n. Cac loai truy cp gm c : o c (reading), xem (viewing), in n (printing), s
du ng
chng tri
nh, ho c hi u bi t v s t n ta i cu
a m t i t ng trong t ch
c .Tinh bi mt c
th c ba
o v nh
vi c ki m soa
c nhau ) ho c nh
ca
c
thu t toa
n ma ha d liu. Ki m soa
t truy c p chi
co
th c th c hi n v
i ca
c h th ng
ph n c
ng v t ly
a an toa
n ba
o m t thng tin:
Chng I: Gi
i thi u
4
Vi c th m i nh v ba
o m t pha i la
kho
va
c n ti
nh t
i t t ca
ca
c ti
nh hu ng ,
kha nng tn cng c th c thc hin.
Tai san c bao v cho ti khi ht gia tri s dung hoc ht y ngha bi mt.
5. M t ma
ho c (cryptology)
M t ma hoc bao gm hai lnh vc : ma ha (cryptography) va tham ma
(cryptanalysis-codebreaking) trong o
:
Ma ha: nghin c
u ca
c thu t toa
n va
phng th
c a
m ba
o ti
nh bi
m t va
xac thc cua thng tin (th
ng la
i da ng ca
c vn ba
n lu tr
trn ma
y ti
nh ). Cac san
ph m cu
a li
nh v c na
y la
ca
c h ma
u ca
c phng pha
p t n cng ca
c ha
m bm va
ca
c giao th
c m t ma
.
Trong gi
i ha n cu
a mn ho c na
y chu
ng ta chu
y u t p trung va
o ti
m hi u ca
c v n
ma ha vi cac h ma mt, cac ham bm, cac h ch ky in t, cac giao thc mt ma.
Ma hoa (cryptography) l mt ngnh khoa hc ca cc phng php truyn tin bo
mt. Trong ting Hy Lp, Crypto (krypte) co ngha l che du hay o ln, cn Graphy
(grafik) co ngha l t. [3]
Ngi ta quan nim rng: nhng t, nhng ky t cua ban vn ba
n gc c th hiu
c s cu thanh nn ban r (P-Plaintext), th
ng thi
y la
ca
c oa n vn ba
n trong
m t ngn ng
na
o o
ng s
du ng k t h p ca
hai ky
thu t na
y.
6. Khi nim h ma mt (CryptoSystem)
Mt h ma mt l b 5 (P, C, K, E, D) tho man cc iu kin sau:
1) P l khng gian bn r: l tp hu hn cc bn r co th co.
2) C l khng gian bn ma: l tp hu hn cc bn ma co th co.
3) K l kkhng gian kho: l tp hu hn cc kho co th co.
4) i vi mi k e K, co mt quy tc ma ho e
k
e E v mt quy tc gii ma
tng ng d
k
e D. Vi mi e
k
: P C v d
k
: C P l nhng hm m d
k
(e
k
(x)) = x cho mi
bn r x e P. Hm gii ma d
k
chinh l nh x ngc ca hm ma hoa e
k
[5]
Chng I: Gi
i thi u
5
Th
ng thi
khng gian ca
c ba
n ro
va
khng gian ca
c ba
n ma
la
ca
c vn ba
n c
tao thanh t mt b ch cai A nao . o
co
th la
b ch
ca
i ti ng Anh, b ma
ASCII, b
ma Unicode hoc n gian nht la cac bit 0 va 1.
Tinh cht 4 la tinh cht quan trong nht cua ma hoa. Ni dung cua n ni rng nu
ma hoa bng e
k
va ban ma nhn c sau c giai ma bng ham
d
k
th kt qua nhn
c phai la ban r ban u x. R rang trong trng hp nay, ham e
k
(x) phai la mt n
anh, nu khng th ta s khng giai ma c. V nu tn tai x
1
v x
2
sao cho y = e
k
(x
1
) =
e
k
(x
2
) th khi nhn c ban ma y ta khng bit n c ma t x
1
hay x
2
.
Trong mt h mt bt ky ta lun c |C| |P| v mi quy tc ma hoa la mt n anh.
Khi |C| = |P| th mi ham ma hoa la mt hoan vi.
7. M hi
nh truy n tin c ba
n cu
a m t ma
ho c va lut Kirchoff
M hi
ng : Trong m hi
ng thng tin
c truy n (v n chuy n) t
ng
i g
i n ng
i nh n c th c hi n nh
m t knh v t
ly (ch ng ha n nh vi c g
i th) c coi la
an toa
n.
M hnh truy n tin c ban cu
a m t ma
ho c:
Hnh 1.1: M hnh c ban cua truyn tin bao mt
y la m hnh c ban cua truyn tin bao mt. Khac vi truyn tin thng thng, c
cac yu t mi c thm vao nh khai nim ke ich (E-Enemy), cc kho m ho v
giai ma K am bao ti
nh ba
nh na
y ngi g
n ro
n (Insecured
Channel), ke ich E (Enemy) c th nghe trm, hay sa i thng tin X. V vy, S s dung
phep bin i, tc ma hoa (E-Encryption) ln thng tin X dang oc c (Plaintext)
tao ra mt oan vn ba
ng s
du ng m t thng tin bi
m t c goi la khoa K
1
(Key), kho K
1
chinh la thng s iu khin cho phep bin i t ba
n ro
X sang ba
n m Y (ch cc bn
tham gia truyn tin S va R m
i c th bi t kho
a na
du ng
kha giai ma K
2
(ch y la kha giai ma va kha ma ha c th khac nhau ho c la
m t ty
thu c va
o h ma
du ng).
Cac phep bin i c s dung trong m hnh truyn tin trn thuc v mt h ma
m t (Cryptosytem) nao .
X Y Y X
Sender
Encrypt
Insecured
Channel
Decrypt
Receiver
K
1
K
2
Enemy
Chng I: Gi
i thi u
6
Qua trnh ma ha va giai ma yu cu cac qua trnh bin i d liu t dang nguyn
thuy thanh in put cho vi c ma
ho
a va
chuy n output cu
a qua
tri
nh gia
i ma
tha
nh ba
n ro
.
Cac qua trnh nay la cac qua trnh bin i khng kha va c goi la cac qua trnh
encode va
decode.
Theo lu t Kirchoff (1835 - 1903) (mt nguyn t c c ban trong m ho) th: ton b
c ch ma/gii ma tr kho l khng bi mt i vi k ch [5]. R rang khi i phng
khng bit c h ma
n ma
ho
a gi
th vic tha
m ma s rt
kh khn. Nhng chng ta khng th tin vao an toan cua h ma
mt ch da vao mt
gia thit khng chc chn la i phng khng bit thu t toa
c ta p cu
a thu t toa
n ma
ho
a s
du ng.
8. S lc v li ch s
m t ma
ho c
M t ma
ho c la
m t nga
nh khoa ho c co
m t li ch s
khoa
cho th y i u na
y . Nh
ng ng
i Ai c p c a i a
dung cac ch tng hnh nh la mt dang ma ha n gian nht trn cac bia m cua ho .
Cac tai liu vit tay khac cung cho thy cac phng phap ma ha n gian u tin ma
loai ngi a s dung la cua ngi Ba T c va ngi Do Thai c.
Tuy v y co
th chia li ch s
m t ma
ho c tha
nh hai th
i ky
nh sau:
Th
i ky
ti n khoa ho c : T
tr
ng du ng trong th c t .
Lich s cua mt ma hoc c anh du vao nm 1949 khi Claude Shannon a ra
ly thuyt thng tin . Sau th
i ky
na
y m t loa t ca
c nghin c
u quan tro ng cu
a ngha
nh m t
ma hoc a c thc hin chng han nh cac nghin cu v ma khi , s ra
i cu
a ca
c
h ma
m t kho
a cng khai va
ch
ky
i n t
.
Qua nhi u th ky
pha
t tri n cu
a m t ma
ho c chu
y u c phu c vu cho ca
c mu c
i
du i n hi
nh la
2000 nm
tr
c y hoa
ng La ma
Julius Caesar a
ng s
du ng m t thu t toa
n thay th n
gian ma ngay nay c mang tn ng trong cuc chin tranh Gallic.
Tac phm A manuscript on Deciphering Cryptography Messages cua Abu al -Kindi
c vit vao th ky th 9 c ti
m th y ta i Istabul va
o nm 1987 a
cho th y nh
ng nha
khoa ho c A r p la
nh
ng ng
i u tin a
pha
t tri n ca
c phng pha
p tha
m ma
d a va
o
phn ti
ch t n s xu t hi n cu
a ca
c ky
t i v
i ca
c h ma
thay th n m (m t phng
phap c s dung rng rai trong th
i ky
Trung c do n gia
n va
kha
hi u qua
).
chu u thi ky Trung c la mt khoang thi gian u am va tm ti cua lich s nn
khng co
nhi u pha
t tri n ma nh v vn ho
a no
i chung va
m t ma
ho c no
i ring . Mt vai
s kin c ghi lai bi cac vi linh muc nhng ch c Roger Bacon la ngi thc s a
vit v mt ma hoc trong tac phm Secret Work of Art and the Nullity of Magic vao gia
nhng nm 1200. Vao thi Trung c mt trong nhng cai tn ni ting nht la Chaucer,
ng
i thi u
7
tac phm cua mnh chng han nh Treatise on the Astrolabe. Trong th
i ky
Trung c
phng Ty cun sach cua Blaise De Vegenere (ng
i pha
ng la
ta
c gia
cu
a h ma
mang t n ng, h ma
na
y a
ng
c xem la
an toa
n tuy t i va
c s
du ng trong m t th
i gian da
c nga
a qun
c (m t trong ca
c s ki n tiu bi u cu
a m t ma
ho c ) trong th
chin th nht va kt qua la s tham gia cua My vao cuc chin.
V
i s xu t hi n cu
a ca
c h th ng ma
y ti
n nga
y ca
ng c lu tr
va
ly
nhi u hn trn ca
c ma
y ti
nh do o
na
y sinh yu
c u v an toa
n ba
o m t i v
i ca
c thng tin c lu tr
, x
ly
va
truy n gi
a ca
c ma
y
tinh.
Vao u nhng nm 1970 la s phat trin cua cac thut toan ma ha khi u tin :
Lucipher v DES . DES sau o
co
m t s pha
t tri n
ng du ng r c r
cho t
i u
nh
ng nm 90.
Vao cui nhng nm 1970 chng kin s phat trin cua cac thut ton m ha
kha cng khai sau khi Whitfield Diffie va
i ba
o New Directions
in Cryptography lam nn tang cho s ra i cua cac h ma kha cng khai va cac h
ch
ky
i n t
.
Do nh c i m cu
a ca
c h ma
m t kho
a cng khai la
ch m nn ca
c h ma
kh i v n
ti p tu c c pha
t tri n v
i ca
c h ma
kh i m
i ra
o cu i th
ky 20 nh IDEA, AES ho c 3DES (m t ca
i ti n cua DES).
G n y nh t la cac s kin lin quan ti cac ham bm MD5 (m t ha
m bm thu c
ho MD do Ron Rivest phat trin ) va SHA1. M t nho
m ca
pha
m t s ki n l
n i v
i nga
nh m t ma
ho c do s
ng du ng r ng ra
i
va c th xem la cn quan trong hn ban thn cac h ma
m t cu
a ca
c ha
m bm . Do s
ki n na
y ca
c ha
ng vi t ph n m m l
ng nha
m t ma
ho c ha
ng no
i r ng ca
c hi
nh th
c t n cng i v
i ca
c h ma
m t no
i ring va
t n
cng i v
i ca
c h th ng ma
y ti
nh no
i chung se
nga
y ca
ng t r
nn hoa
n thi n hn
Attacks always get better ; they never get worse . va
li ch s
pha
t tri n cu
a m t ma
ho c
chinh la lich s phat trin cua cac hnh thc tn cng i vi cac h ma mt ang c
s
du ng.
Chng I: Gi
i thi u
8
9. Phn loa i ca
c thu t toa
n m t ma
ho c
C nhiu cach khac nhau chng ta c th phn loai cac thut toan mt ma hoc
s c hoc trong chng trnh. y chng ta s phn loai cac thut toan mt ma hoc
d a va
.
Tiu chi
th
nh t la
d a va
o ca
c di ch vu an toa
n ba
o m t ma
ca
c thu t toa
n cung
c p, d a va
o s l ng kho
a s
a i x
cu
a ng
i nh n va
ng
i g
i la
a s
du ng cho ca
c thu t toa
n na
y la
c h ma
ho
a va
m t cho vi c gia
i ma
ky
i n t
ng m i h ch
ky
i n t
co
cu
ng c s
ly
thuy t v
i m t h ma
m t kho
i ca
ch a
p
dung khac nhau. Trong chng tri
nh ho c chu
ng ta se
ho c m t s h ch
ky
i n t
ph
bi n la
RSA, ElGammma
4. Cac ham bm (Hash functions). Cac ham bm la cac thut toan ma ha khng
kha hoc c kha va thng c s
du ng trong ca
c h ch
ky
i n t
ho c ca
c h ma
kha cng khai.
Tiu chi
th
c thu t toa
n ma
ho
a d a trn ca
ch th
c x
ly
input cu
a
thu t toa
n (t
c la
ba
n ro
na
y chu
ng ta co
n ma
ho
a
sau:
1. Cac thut toan ma ha khi (ch ng ha n nh DES, AES ) x
ly
ba
n ro
i
cac n vi c ban la cac khi c kich thc ging nhau.
2. Cac thut toan ma ha dng (RC4 ) coi ba
n ro
la
ng du ng cu
a m t ma
ho c
Ngay nay kh c th tm thy cac ng dung trn may tinh lai khng s
du ng t
i ca
c
thu t toa
n va
ca
c giao th
c m t ma
ho c . T
ca
ng du ng cho ca
c ma
y ti
nh ca nhn
(Desktop Applications ) cho t
i ca
c chng tri
nh h th ng nh ca
c h i u ha
nh
(Operating Systems) ho c ca
ng du ng ma ng nh Yahoo Messenger ho c ca
c h c s
li u u co
du ng ca
c thu t toa
n ma
ho
a m t kh u ng i dng bng mt h ma
ho c m t ha
m bm na
o o
i du
i thi u
9
Bao mt (Confidentiality): che d u n i dung cu
a ca
c thng i p c trao i
trong m t phin truy n thng ho c giao di ch ho c ca
c thng i p trn m t h th ng ma
y
tinh (cac file, cac d liu trong mt c s d liu ).
Xac thc ha (Authentication): a
m ba
o ngu n g c cu
a m t thng i p , ng
i
dng.
Toan ven (Integrity): a
m ba
o chi
co
ca
c t ch
c a
c xa
c th c ho
a m
i co
th thay i ca
c ta
i sa
n cu
a h th ng cu
ng nh ca
ng truy n.
Dich vu khng th chi t (Non-Repudiation): Cac bn a c xac thc
khng th phu nhn vic tham gia vao mt giao dich hp l.
Ngoai ra cn cac dich vu quan trong khac chng han nh ch ky in t , dich
vu chng thc danh tinh (Identification) cho phe
p thay th hi
nh th
c xa
c th c ho
a ng
i
dng d a trn ca
c m t kh u b ng ca
c ky
thu t ma nh hn ho c di ch vu thng ma i i n
t
cho phe
p ti n ha
nh ca
c giao di ch an toa
n trn ca
n
nh Internet.
Chng II: C s
ton hoc
10
CHNG II: C S TOAN HOC
hi u c nh
ng thu t toa
n s
du ng trong ca
c h ma
m t , trong ca
c h ch
ky
i n t
cu
ng nh ca
c giao th
c m t ma
ng c
ban v toan hoc, ly thuyt thng tin c s
du ng trong m t ma
ho c. Chng na
y tri
nh
bay nh
ng kha
i ni m c ba
n v ly
a ngn ng
(Rate of Language), ph
c ta p cu
a thu t toa
n , an toa
n cu
a thu t toa
n , va mt s
ki n th
ph n d trung hoa ,
i nh ly
ng v n chi
nh se
c
trnh bay trong chng nay gm :
- Ly thuyt thng tin
- Ly thuyt phc tap
- Ly thuyt s hoc.
1. Ly thuyt thng tin
Nh
ng kha
i ni m m
u cu
o nm
1948 b
khoa ho c c coi la
cha cu
a ly
thuy t
thng tin). Trong ph n na
y chu
ng ta chi
c p t
i m t s chu
quan tro ng cu
a ly
thuy t
thng tin.
1.1. Entropy
Ly thuyt thng tin inh ngha kh i l ng thng tin trong m t thng ba
o la s bit nh
nh t c n thi t ma
hoa
t t ca
nh
ng nghi
a co
th cu
a thng ba
o o
.
Vi du, tr
ng ngay_thang trong m t c s
li u ch
a khng qua
i vi
y c bi u di n b
i chu i ky
t ASCII tng
ng , n s chim
nhi u khng gian nh
hn , nhng cu
ng khng ch
ng gioi_tinh cu
a m t c s
t ASCII : Nam, N
.
Kh i l ng thng tin trong m t thng ba
o M o b
i Entropy cu
a thng ba
o o
, ky
hi u la
H(M). Entropy cu
a thng ba
o gioi _tinh la
ton hoc
11
Trong tr
i n la
s kha
nng co
a ngn ng
. (Rate of Language)
i vi mt ngn ng, t c th c t (actual rate) cua ngn ng la:
r = H(M)/N
trong tr
ng h p na
y N la
da
i cu
a thng ba
o va M la mt thng ip c dai N.
T c cu
a ti ng Anh bi
nh th
ng la 0.28 do o
m i ch
ca
i ti ng Anh co
la
s bits l
n nh t c n thi t
ma ha cac ky t cua ngn ng . N u co
L ky
t t rong m t ngn ng
, th tc tuyt
i la
:
R = log
2
L
y la
s Entropy l
n nh t cu
a m i ky
t n le
. i vi ting Anh gm 26 ch
ca
i,
t c tuy t i la
log
2
26 = 4.7bits/ch
ca
i t t
ca moi ngi rng thc t tc cua ting Anh nh hn nhi u so v
i t c tuy t i , va
chng ta vn thy rng i vi mt thng bao bng ting Anh c th loai b mt s ch
cai nhng ngi oc vn c th hi u c. Hi n t ng na
y c go i la
d th
a cu
a
ngn ng
(Redundancy) t nhin.
Khng chi
i v
i ti ng Anh ma
i h u h t ca
c ngn ng
t nhin , do c u tru
c cu
a
ngn ng
, do vi c s
du ng ngn ng
d n t
i co
m t s ch cai c s dung vi tn
su t khng ng u ho c chi
co
th xu t hi n v
i m t c u tru
c na
o o
la
m cho chu
ng ta
v n co
th oa
n c nghi
a cu
a ca
c thng ba
o n u loa i bo
ca
c ch
ca
i na
y.
d tha (Redundancy) cua mt ngn ng ky hiu la D va D = R r. i vi
ti ng Anh:
D = 1 - .28 = .72 letters/letter
D = 4.7 1.3 = 3.4 bits/letter
Nh v y m i ch
ca
i co
a va 3.4 bit d th
a (x p xi
72%).
1.3. Tinh an toa
n cu
a h th ng ma
hoa
Shannon i nh nghi
a r t ro
ra
n
cua cac h ma mt s dung . Muc ich cua ngi tham ma la phat hin ra khoa s
du ng
cua h ma (K-Key), ban r (P-PlainText), ho c ca
hai . Hn n
a ho co
th ha
i lo
ng v
i
m t va
i thng tin co
kha
nng v ba
n ro
P ch ng ha n nh o
la
m thanh dang s , ho c
la mt vn ba
n ti ng
c l n tham ma, ng
i tham ma th
ng c g ng thu th p m t s
thng tin co
kha
nng v ban r P tr
dung ma hoa. Ngn ng
na
y ch c ch n co
s d th
a k t h p v
i chi
nh ngn ng
.
N u no
la
m t thng ba
o g
i t
n
H(M) = log
2
n
Chng II: C s
ton hoc
12
"Dear Bob" s la mt kha nng c th hn la m t chu i khng mang y
nghi
a gi
ch ng ha n
"tm*h&rf". Muc i
ch cu
a vi c tha
m ma
la
a nh
ng t p h p kha
nng co
th co
cu
a ba
n
ma (C-CipherText) v
i m i kha
nng co
th cu
a ba
n ro
.
Shannon pha
t tri n ly
thuy t cho r ng , h th ng ma
hoa
chi
an toa
n tuy t i n u
n u s khoa c th s
o co
th . Hi u theo m t nghi
a
khac, khoa ti thiu cua h ma phai dai bng thng bao cua h ma
.
Ngoai tr cac h ma an toa
ng ch
a m t s thng tin
u
ng v
i ba
n ro
, i u na
y la
khng th tra
nh c . M t thu t toa
n m t ma
t t gi
cho
thng tin bi tit l mc nh nht va m t ng
i tha
m ma
gio
i se
khai tha
c t t nh
ng
thng tin na
y pha
t hi n ra ba
n r.
Ng
a cu
a ngn ng
, s d dang hn cho
qua trnh tham ma. Chinh v ly do nay ma nhiu m hi
nh ma
ho
a s
du ng thu t toa
n nen
ban r giam kich thc vn ban trc khi ma hoa chng. V qua trnh nen lam giam s
d th
a cu
a thng ba
ng a ra m t kha
i ni m go i la
s nho
nh t ca
c ba
n ma
c n thi t co
th ti n ha
nh tha
m ma
theo ca
ch th
t t ca
ca
c kho
a co
i h ma
thay th
n m (nh Caesar) trn ba
ng ch
ca
i ti ng Anh ta se
co
:
H(K)= log
2
26! = 87. D = 3.4 suy ra U = 25.5.
i u na
y co
nghi
a la
n u chu
ng ta co
khoa
ng 25 ch
ca
i ba
n ma
chu
ng ta chi
co
th
th
kh
p v
i m t ba
n ro
.
Khai nim Unicity Distance la mt khai nim mang tinh xac sut n cho chng ta
bi t s l ng it nht cac ban ma cn c c th xac inh duy nht 1 ban ma ch khng
phai la s ban ma u tin hanh tham ma (ch c ch n tha
nh cng). N u chu
ng ta co
s
ban ma it hn s U th khng th ni la d oan (phep th
) cua chng ta la ng . D a
vao cng thc nay chng ta thy nu nh d tha cua ngn ng cang gn 0 th cang
kh tham ma mc d c th la mt h ma rt n gian . Cung da vao cng thc nay
suy ra tng ti
nh an toa
n cu
a h ma
co
a cu
a no
.
1.4. Ky thut l n x n va
m ra
la
: s l n x n va s rm ra.
Ky thut ln xn (Confusion): che d u m i quan h gi
a ba
n ro
va
ba
n g c . Ky
thu t na
y la
m th t ba i cac c g ng nghin c
u ba
n ma
p d nh t t h c hi n i u na
y la
hoa
thay th n gia
n , ch ng ha n h ma
di ch vo
ng Caesar , d a trn n n
Chng II: C s
ton hoc
13
tang cua s thay th cc ch
ca
cai khac
Ky thut rm ra (Diffusion): lam mt i s d tha cua ban r bng cach tng
s phu ban ma vao ban r (va kha). Cng vi c ti
m ki m s d th
a cu
a ng
i tha
m ma
s rt mt thi gian va phc tap. Cach n gian nht tao ra s rm ra la thng qua vic
i ch (hay co
n go i la
ng ca
c h ma
hi n a i th
ng k t h p ca
hai ky
thu t thay th va
hoa
n
vi tao ra cac thut toan ma ha c an toan cao hn.
2. Ly thuyt phc tap
Ly thuyt phc tap cung cp mt phng phap phn tich phc tap tinh
toan cua thut toan va cac ky thut ma hoa khac nhau . N so sanh cac thut toan ma
hoa, ky thut va phat hin ra an toan cua cac thut toan . Ly thuyt thng tin a cho
chung ta bit rng mt thut ton ma ho co th b bi l . Cn ly thuyt ph
c ta p cho
bit kha
nng bi tha
m ma
cu
a m t h ma
m t.
phc tap thi gian cua thut toan la m t ham cua kich thc d liu input cua
thu t toa
n o
. Thu t toa
n co
ph
c ta p th
i gian f (n) i v
i mo i n va
a thu t toa
n l
n hn f(n) b
c.
phc tap thi gian thut toan phu thuc vao m hnh cua cac thut toan , s ca
c
b
c nho
hn n u ca
c (ch ng ha n nh ca
c
vng lp, cac li goi ham ).
Cac lp cua thut toan, v
i ph
c ta p th
i gian la mt ham mu i v
i ki
ch th
c
input c coi la
"khng co
kha
o trong ca
c l
c ta p la
n
3
c phn va
o trong l
p n
3
va ky hiu bi O(n
3
). C hai lp tng quat s
c la
p P (Polynomial) va lp NP (NonPolynomial).
Cac thut toan thuc lp P c phc tap la ham a thc cua kich thc input .
N u m i b
c ti p theo cu
a thu t toa
n la
duy nh t thi
thu t toa
n go i la
n i nh . T t ca
thu t toa
n thu c l
p P n i nh co
th
i gian gi
i ha n la
P _time, i u na
y cho bi t chu
ng
s thc hin trong thi gian a thc , tng ng v
i ph
c ta p a th
c cua kich
th
c input.
Thu t t oan ma bc tip theo vic tinh toan phai la chon giai phap t nhng
gi
i ha n gia
tri cu
a hoa t ng go i la
c
may c bit m ta c im bng cach a ra kt lun bi cac chun . My Turing la
m t ma
a ha
m ph
c ta p th
i gian k t h p v
i ma
y Turing A.
f
A
(n) = max{m/A k t thu
c sau m b
c v
i u va
o w = n
3
}
y chng ta gia s rng A la trang thai kt thc i vi tt ca cac u vao , v n
s tr nn kh khn hn nu cac trang thai khng n m trong P . May Turing k hng
n i nh hoa t ng v
i thu t toa
ton hoc
14
thai chinh xac. S(w) la trang thai o s thanh cng ngn nht cua thut toan, (Ngha la s
tinh toan dn n trang thai cui cng)
Ham s phc tap thi gian cua may Turing khng n inh A c inh ngha :
f
A
(n)=max{1,m/s(w) co m bc i vi w/w=n}
mi bc may Turing khng n inh b tri nhiu ban sao cua chinh n nh c
m t va
i gia
i pha
p va
ti
nh toa
n c l p v
i mo i l
i gia
i.
Cac thut toan thuc lp NP la khng n inh va c th tinh toan trn may Turing
khng n i nh trong th
i gian P.
Tuy nhin khng pha
i thu t toa
n theo nh pha
t bi u cu
a lu t Kierchoff.
V y co
th a
nh gia
an toa
n cu
a m t h ma
m t nh th na
o ? V n nay a
c Claude Shannon tra
i v
i ca
c kha
i ni m v an toa
n cu
a ca
c h ma
m t trong
m t bai bao c tiu Ly thuyt thng tin cua cac h thng bao mt (1949).
2.1. an toan tinh ton
inh nghia:
Mt h mt c gi l an ton v mt tinh ton nu co mt thut ton tt nht
ph no th cn it nht N php ton, vi N l mt s rt ln no o. [10]
Tuy nhin trong thc t, khng c mt h mt nao chng t la an toan theo inh
ngha trn. V vy, trn thc t, ngi ta goi h mt la an toan tinh toan nu c mt
thut toan pha n nhng i hi thi gian ln n mc khng chp nhn c (thu t
toan c phc tap ham mu hoc thuc lp cac bai toan c phc tap NP).
Mt cach tip cn khac v an toan tinh toan la quy n v mt bai toan a c
nghin cu ky va c coi la kh. Vi du nh bai toan phn tich ra tha s nguyn t cua
mt s n cho trc c coi la bai toan kh vi n ln, v vy ta c th coi mt h mt
da trn bai toan phn tich ra tha s nguyn t la an toan (tt nhin y ch la an
toan da vao chng minh mt bai toan khac ch khng phai chng minh hoan chnh v
an toan cua h mt).
2.2. an toan khng iu kin
inh nghia 1:
Mt h mt c coi l an ton khng iu kin khi no khng th b ph ngay c vi
kh nng tinh ton khng hn ch. [10]
R rang la an toan khng iu kin khng th nghin cu theo quan im
phc tap tinh toan v thi gian tinh toan la khng han ch. V vy, y ly thuyt xac sut
s c cp nghin cu v an toan khng iu kin.
inh nghia 2:
Gia s bin X va Y la cac bin ngu nhin. Ky hiu xac sut X nhn gia tri x la
p(x) va Y nhn gia tri y la p(y). Xac sut ng thi p(x, y) la xac sut ng thi X
nhn gia tri x va Y nhn gia tri y. Xac sut c iu kin p(x/y) la xac sut X nhn gia tri
Chng II: C s
ton hoc
15
x vi iu kin Y nhn gia tri y. Cac bin X va Y c goi la c lp nu p(x, y) = p(x)p(y)
vi moi gia tri c th c cua X va Y.
inh ly Bayes:
Nu p(y) 0 th ta co:
( ) ( / )
( / )
( )
p x p y x
p x y
p y
=
H qu:
X, Y l bin c lp khi v ch khi p(x/y) = p(x) vi mi x, y. [5]
y, ta gia thit rng mt khoa cu th ch c dng cho mt ban ma. Ky hiu
xac sut tin nghim ban r xut hin la p
p
(x). Cung gia thit rng khoa K c chon
theo mt phn b xac sut nao (thng thng khoa K c chon ngu nhin nn cac
khoa s ng kha nng). Ky hiu xac sut khoa K c chon la p
k
(K).
Gia thit rng khoa K va ban r x la cac bin c lp. Hai phn b xac sut trn P
v K s tao ra mt phn b xac sut trn C . Ky hiu C(K) la tp cac ban ma c th nu
K l kho.
C (K) = { e
K
(x): x
e
P }
Khi vi mi y
e
C, ta c:
C
, ( )
( ) ( ). ( ( ))
K p K
K y C K
p y p K p d y
e
=
Va xac sut c iu kin p
C
(y/x) la xac sut y la ban ma vi iu kin ban r la x
c tinh theo cng thc sau:
=
=
) ( ,
) ( ) / (
y d x K
K C
K
K p x y p
By gi ta c th tinh xac sut c iu kin p
P
(x/y) la xac sut x la ban r khi ban
ma la y theo inh ly Bayes:
, ( )
C
, ( )
( ) ( )
( ) ( / )
( / )
( ) ( ) ( ( ))
K
P K
K x d y
P
P
C K P K
K y C K
p x p K
p x p y x
p x y
p y p K p d y
=
e
= =
Lc nay, ta c th inh ngha khai nim v mt hoan thin. Ni mt cach khng
hnh thc, mt hoan thin ngha la i phng vi ban ma trong tay cung khng th
thu nhn c thng tin g v ban r. Tuy nhin ta s nu inh ngha chinh xac v mt
hon thin nh sau:
inh nghia:
Mt h mt hon thin nu p
P
(x/y) = p
P
(x) vi mi x
e
P v mi y
e
C. Tc l xc sut
hu nghim thu c bn r l x vi iu kin a thu c bn ma l y ng nht vi
xc sut tin nghim bn r l x. [5]
Chng II: C s
ton hoc
16
Hay ni cach khac, mt hoan thin cung tng ng vi p
C
(y/x)= p
C
(y)).
inh ly Shannon:
Gi s (P, C, K, E, D) l mt h mt, khi o h mt t c mt hon thin khi
v ch khi |K| |C|. Trong trng hp |K| = |C| = |P|, h mt t mt hon thin khi v
ch khi mi kho K c dng vi xc sut bng nhau, bng 1/|K| v vi mi x
e
P, mi y
e
C co mt kho K duy nht sao cho eK(x) = y. [5]
Nh vy ta thy at hoan thin i hi khoa phai rt dai, do vy rt kh khn
trong vic chuyn giao khoa gia hai bn truyn tin. V vy trong thc t, chng ta khng
th c an toan khng iu kin ma chng ta ch cn an toan thc t, tc la phu thuc vao
thng tin va thi gian cn bao mt bng cach s dung cac h mt khac nhau vi bao
mt khac nhau.
3.3. H mt tich
Mt y tng khac c Shannon a ra la y tng tao ra cac h mt mi da trn
cac h mt cu bng cach tao tich cua chng. y la mt y tng quan trong trong vic
thit k cac h mt hin ai ngay nay.
n gian, y chng ta ch xet cac h mt trong C = P, cac h mt loai nay
goi la t ng cu. Gia s S1 = (P, C, K1, E1, D1) va S2 = (P, C, K2, E2, D2) la cac h
mt t ng cu c cng khng gian ban r va ban ma. Khi h mt tich c inh
ngha la h mt S = (P, C, K1
ton hoc
17
3. Ly thuyt ton hoc
3.1. Modulo s ho c
V c ba
k la
m t s nguyn . N u a va
b
dng va
a nho
hn n, chng ta c th goi a la
ph n d cu
i ta co
n go b la
th ng d cu
a a theo modulo n,
va a la ng d cua b theo modulo n.
Modulo s ho c cu
ng gi ng nh s ho c bi
nh th
ng , bao g m ca
c phe
p giao hoa
n ,
k t h p va
phn ph i. M t kha
c gia
m m i gia
i m t modulo N na
o
o
.
3.2. S nguyn t
S nguyn t la
m t s l
n hn 1, nhng chi
n s na
o no
co
th chia h t n
a . S 2 la mt s ng uyn t u tin va
la
s
nguyn t ch n duy nh t . Do v y 7, 17, 53, 73, 2521, 2365347734339 cung la s nguyn
t . S l ng s nguyn t la
v t n. H m t ma
th
ng s
du ng s nguyn t l
n c
512
bits va
th m chi
n hn nh v y.
3.3. c s chung ln nht
Hai s a va
n c go i la
o kha
c 1, hay no
i m t ca
ch kha
c, n u
c s chung l
n nh t cu
a a va
n la
b ng
1. Chng ta c th vi t nh sau :
GCD(a,n)=1, (GCD-Greatest Common Divisor)
S 15 va 28 la hai s nguyn t cu
c s chung la
1 va 3, d da
ng th y 13 va 500 cung la mt
c p s nguyn t cng nhau. M t s nguyn t se
la
nguyn t cu
ng nhau v
i t t ca
ca
c
s nguyn kha
c tr
ca
c b i s cu
a no
.
M t ca
ch d nh t ti
nh toa
n ra
c s chung l
n nh t cu
a hai s la
nh
va
o thu t
toan Euclid. Knuth m ta
thu t toa
n va
m t va
i m hi
nh cu
a thu t toa
n a
c s
a i.
D
i y la
oa n ma
C:
/* Thu t toa
n ti
c s chung l
n nh t cu
a x va
y, gia s x,y>0 */
int gcd(int x, int y)
{
int g;
if(x<0)
Chng II: C s
ton hoc
18
x=-x;
if(y<0)
y= -y;
g=y;
while(x>0){
g=x;
x=y%x;
y=g;
}
return g;
}
3.4. Vanh Z
N
(vanh ng d module N)
T p ca
c s nguyn Z
N
= {0, 1, , N-1} trong o
N la
m t s t nhin dng v
i
hai phe
p toa
a nh sau ta o tha
nh m t vanh ng d
modulo N (hay co
n go i la
t p th ng d y u
nh ch t cu
a modulo s ho c chu
ng ta d da
ng nh n th y Z
N
la mt vanh giao
hoan va kt hp. H u h t ca
c ti
nh toa
n trong ca
c h ma
m t u c th c hi n trn m t
vanh Z
N
nao .
Trn va
nh Z
N
s 0 la phn t trung ha v a + 0 = 0 + a = a, a eZ
N
, s 1 c go i
la phn t n vi v a . 1 = 1 . a = a a eZ
N
.
3.5. Ph n t
nghi ch a
o
Trn tr
ng s th c R, s nghi ch a
o cu
a 5 la 1/5, b
i vi
5 1/5=1. Cn trn mt
vanh s nguyn Z
N
ng
i ta a ra kha
i ni m v s nghi ch a
o cu
a m t s nh sau:
Gia s a eZ
N
va tn tai b eZ
N
sao cho a.b = (a*b) mod N = 1. Khi o
b c go i la
ph n t
nghi ch a
o cu
a a trn Z
N
va ky hiu la a
-1
= b.
Vi c ti
m ph n t
nghi ch a
o cu
a m t s a eZ
N
cho tr
c th c ch t tng ng
v
i vi c ti
m hai s b va
b, k eZ
N
. Hay vi t go n la i la
:
a
-1
b (mod N )
i nh ly
v s t n ta i cu
a ph n t
nghi ch a
ton hoc
19
3.6. Ham phi le
V
m t s nguyn thi
gia
tri
ham phi le cua P: C(P) = P 1 ho c n u N = p*q trong o
p va
q la
C(N) = (p-1)*(q-1).
Trong tr
ng h p t ng qua
p
i
la cac s nguyn t cn o
i
la cac s nguyn dng th gia tri cua ham
phi le c ti
nh nh sau:
1 2
1 1 1
1 1 2 2
( ) ( 1) ( 1) ...( 1)
k
k k
N p p p p p p
o o o
|
=
Lin quan t
i kha
( )
1(mod )
N
a N
|
. C ngha la
( ) N
a
|
chinh la gia tri nghich ao cua a trn Z
N
.
M t tr
m t s
nguyn t thi
a e Z
*
P
ta co
1
1(mod )
P
a P
. y la
m t trong nh
ng i nh ly
e p nh t
cua s hoc.
V
i m i s nguyn N va
nh Z
*
N
g m ca
c ph n t
thu c Z
N
va nguyn t cng nhau
v
i N, hay no
i ca
ch kha
c: Z
*
N
= {x: xeZ
N
, (x, N) = 1} = {x: xeZ
N
,
( )
1
N
x
|
= }.
V
i m i ph n t
a e Z
N
, b c t cu
ba
ng sau:
aeZ
*
21
1 2 4 5 8 10 11 13 16 17 19 20
Ord(a) 1 6 3 6 2 6 6 2 3 6 6 2
Bang 2.1: Bang bc cua cac phn t trn Z
*
21
N u b c cu
a a e Z
*
N
b ng |(N) th a c goi la phn t sinh hay phn t nguyn thuy
cua tp Z
*
N
. Va nu tp Z
*
N
ch c mt phn t sinh th n c goi la mt cyclic.
3.7. Th ng d b c hai
Gia s a e Z*
N
, khi o
c ph n t
th ng d theo modulo N c ky
hi u la
Q
N
,
t p ca
c ph n t
ton hoc
20
i nh ly
: n u p la
m t s nguyn t le
va
a la
m t th ng d b c 2 theo modulo N khi va
chi
khi a = o
i
mod p, trong o
i la
s nguyn le
.
T
i nh ly
na
y suy ra ( 1) / 2
N N
Q p Q = = .
Vi du vi p = 13, o = 6 e Z
13
ta co
ba
ng sau:
i 0 1 2 3 4 5 6 7 8 9 10 11
o
i
mod 13 1 6 10 8 9 2 12 7 3 5 4 11
Bang 2.2: Bang luy tha trn Z
13
Do o
Q
13
= {1, 3, 4, 9, 10, 12} va
13
Q = {2, 5, 6, 7, 8, 11}.
V
i a e Q
N
. N u x e Z*
N
tha man x
2
= a (mod N) th a c goi la cn bc hai cua
x theo modulo N.
3.8. Thu t toa
n lu
y th
a nhanh
c th tm phn t nghich ao cua mt s nguyn a trn mt vanh Z
N
cho tr
c
chng ta c th s dung inh ly le tinh gia tri luy tha cua a vi s mu la gia tri ham
phi le cu
a N. Tuy nhin co
th nhanh cho
m t thu t toa
n hi u qua
va
m t trong ca
c thu t toa
n o
n na
y do Chivers a ra va
o nm
1984. Cac bc cua thut toan nh sau:
Input: a, m, N.
Output: a
m
mod N.
Begin
Phn ti
ch m tha
nh da ng nhi phn m = b
k
b
k-1
b
0
.
j = 0, kq = a;
while (k>=j)
{
if (b
j
==1)
kq = (kq * a) mod N;
a = (a * a) mod N;
j = j + 1;
}
return kq;
end
M t ca
i t kha
c b ng ngn ng
C nh sau:
long modexp(long a, long x, long n)
{
Chng II: C s
ton hoc
21
long r = 1;
while (x > 0){
if (x % 2 == 1) /* is x odd? */
r = (r * a) % n;
a = (a*a) % n;
x /= 2;
}
return r;
}
Thu t toa
n na
log
2
(m+1) b
c.
3.9. Thu t toa
n clit m
r ng
Trong ph n 3.3 chng ta a bit thut toan clit c dng tm c s chung
l
n nh t cu
a ha i s nguyn va
ch s
du ng thu t toa
n lu
y th
m t thu t toa
i GCD(a, N) = 1
output: a
-1
begin
g
0
=n, g
1
= a, u
0
= 1, u
1
= 0, v
0
= 0, v
1
= 1, i = 1;
while (g
i
<>0 )
{
y = g
i-1
div g
i
;
g
i+1
= g
i-1
y*g
i
;
u
i+1
= u
i-1
y*u
i
;
v
i+1
= v
i-1
v*u
i
;
i = i + 1;
}
x = v
i-1
;
if(x>0) then
return x;
else
return (N+x);
end;
Chng II: C s
ton hoc
22
3.10. Phng tri
nh ng d b c nh t 1 n
Phng tri
a, b e Z
N
la cac h s cn x la n s.
N u nh GCD(a, N) = 1 chng ta c th tm a
-1
sau o
nhn va
o 2 v cu
a phng
trnh va tm ra nghim mt cach d dang tuy nhin nu g = GCD(a, N) la mt gia tri khac 1
th sao? Khi o
ba
i toa
n co
th v nghi m ho c co
sau:
Gia s g = GCD(a, N) va nu b chia ht cho g th phng trnh ng d bc nht 1
n:
ax b (mod N)
s c g nghim c dang
x ((b/g)x
0
+ t(n/g)) (mod N) trong o
t = 0, , g-1,
va x
0
la nghim cua phng trnh (a/g)x 1 (mod N/g).
3.11. i nh ly
ph n d Trung Hoa.
i nh ly
ph n d Trung Hoa la
pha
t bi u nh sau:
N u d
1
, d
2
, , d
k
la cac s nguy n i m t nguyn t cu
ng nhau va
N = d
1
d
2
d
k
th h phng trnh ng d:
x x
i
(mod d
i
), i=1, 2, , k
s c mt nghim thuc vao Z
N
. Nghi m cu
a h co
ti
nh theo cng th
c sau:
1
( / ) (mod )
k
i i i
i
x N d y x N
=
=
trong o
y
i
la cac nghim cua cac phng trnh ng d (N/d
i
) y
i
1(mod d
i
).
D
i y la
oa n ma
i nh ly
C :
int chinese_remainder(int r, int *m, int *u)
{
int i;
int modulus;
int n;
modulus = 1;
for ( i=0; i<r:++i )
modulus *=m[i];
n=0;
for ( i=0; i<r:++i )
Chng II: C s
ton hoc
23
{
n+=u[i]*modexp(modulus/m[i],totient(m[i]),m[i]);
n%=modulus;
}
return n;
}
4. Cc thu t toa
n ki m tra s nguyn t .
Ham m t phi
m t vi
c s nguyn t
l
n ta o tha
nh m t h p s la
ch m t s nguyn
l
n tha
nh da ng th
m t thu t toa
n t t).
Cac thu t toa
n ma
hoa
m t s v n c t ra
i v
i s nguyn t nh sau
- Trong m t h th ng co
th a
m ba
o hai ng
i du
ng se
c s
du ng hai s
nguyn t kha
i la
co
th vi
co
i 10
150
s nguyn t co
dai 512 bits ho c nho
hn.
- Kha nng hai ngi dng s la chon cng mt s nguyn t la bao nhiu. V
i s
l a cho n t
10
150
s nguyn t , i u ky
hn so v
i s t b c cha
y
cua may tinh.
Cac loai thut toan kim tra s nguyn t c chia lam hai loai : thu t toa
n t t i nh
va thut toan xac sut. Cac thut toan tt inh cho chng ta bit chinh xac cu tr a li mt
s nguyn co
pha
i la
n m t thu t toa
y se
tri
nh
bay mt s thut toan kim tra s nguyn t ph bi n.
4.1. M t s ky
hi u toa
n ho c
4.1.1. Ky hiu Lagrng (Legendre Symbol)
Ky hiu L(a,p) c i nh nghi
a v
i a la
m t s nguyn va
p la
m t s nguyn t l
n
hn 2. N nhn ba gia tri 0, 1, -1 :
L(a,p) = 0 n u a chia h t cho p.
L(a,p) = 1 n u a e Q
N
(a la
th ng d b c 2 modulo p).
L(a,p) = -1 n u a e
N
Q (a khng la th ng d b c 2 modulo p).
M t phng pha
p d da
ng ti
nh toa
n ra L(a,p) la :
L(a,p) = a
(p-1)/2
mod p
Chng II: C s
ton hoc
24
4.1.2. Ky hiu Jacobi (Jacobi Symbol)
Ky hiu Jacobi c vit la J (a,n), n la s khai quat hoa cua ky hiu Lagrng , n
i nh nghi
a cho b t ky
c p s nguyn a va
c s n va
co
th ti
nh toa
n theo cng th
c sau:
- N u n la
s nguyn t , th J(a,n) = 1 n u a la
th ng d b c hai modulo n .
- N u n la
th ng d b c hai modulo
n .
- N u n khn g pha
i la
s nguyn t thi
i p
1
,p
2
. . .,p
m
la cac tha s ln nht cua n.
Thu t toa
n na
y ti
nh ra s Jacobi tu n hoa
n theo cng th
c sau :
1. J(1,k) = 1
2. J(ab,k) = J(a,k) J(b,k)
3. J(2,k) =1 N u (k
2
-1)/8 la chia ht va J(2,k) = -1 trong ca
c tr
ng h p kha
c.
4. J(b,a) = J((b mod a),a)
5. N u GCD(a,b)=1 :
a. J(a,b) J(b,a) = 1 n u (a-1)(b-1)/4 la chia ht.
b. J(a,b) J(b,a) = -1 n u (a-1)(b-1)/4 la cn d.
Sau y la
thu t toa
n trong ngn ng
C :
int jacobi(int a,int b)
{
int a1,a2;
if(a>=b)
a%=b;
if(a==0)
return 0;
if(a==1)
return 1;
if(a==2)
if(((b*b-1)/8)%2==0)
return 1;
else
return -1;
Chng II: C s
ton hoc
25
if(a&b&1) (ca a va b u la s d)
if(((a-1)*(b-1)/4)%2==0)
return +jacobi(b,a);
else
return -jacobi(b,a);
if(gcd(a,b)==1)
if(((a-1)*(b-1)/4)%2==0)
return +jacobi(b,a);
else
return -jacobi(b,a);
return jacobi(a1,b) * jacobi(a2,b);
}
Trn th c t co
th ti
nh c ky
hi u Jacobi m t ca
ch thu n l i hn n u d a va
o 1
trong ca
c ti
nh ch t sau, gia s m, n la
ca
c s nguyn le
, a, b e Z:
(i) J(a*b, n) = J(a, n) * J(b, n) do o
J(a
2
, n) = 1.
(ii) J(a, m*n) = J(a, m) * J(a, n).
(iii) n u a b (mod n) th J(a, n) = J(b, n).
(iv) J(1, n) = 1.
(v) J(-1, n) = (-1)
(n-1)/2
(vi) J(m, n) = J(n, m) * (-1)
(m-1)*(n-1)/4
4.2. Thu t toa
n Soloway-Strassen
Soloway va
Strassen a
pha
n co
n ki m tra s p la
s nguyn t :
1. Chon ngu nhin mt s a nh hn p.
2. N u
c s chung l
n nh t gcd(a,p) = 1 th p la hp s.
3. Tinh j = a
(p-1)/2
mod p.
4. Tinh s Jacobi J(a,p).
5. N u j = J(a,p), th p khng phai la s nguyn t.
6. N u j = J(a,p) th ni p c th la s nguyn t vi chc chn 50%.
L p la i ca
c b
c na
y n l n , m i l n v
a h p s v
i n phe
p th
la
khng qua
2
n
.
Th c t khi th c hi n chng tri
n cha y v
i t c kha nhanh.
Chng II: C s
ton hoc
26
4.3. Thu t toa
n Rabin-Miller
Thu t toa
n na
y c pha
t tri n b
i Rabin , d a trn m t ph n y
ng cu
a Miller .
Th c t nh
ng phin ba
n cu
a thu t toa
n a
c gi
i da ng p = 1+2
b
m trong
o
m la
m t s le
.
Sau y la
thu t toa
n :
1. Chon mt s ng u nhin a, va gia s a nh hn p.
2. t j=0 va z=a
m
mod p.
3. N u z=1, ho c z=p-1 th p a qua bc kim tra va c th la
s nguyn t .
4. N u j > 0 va z=1 th p khng phai la s nguyn t.
5. t j = j+1. N u j < b va
z = p-1 th t z=z
2
mod p va
tr
la i b
c 4.
6. N u j = b va
n Lehmann.
M t phng pha
p n gia
t tri n c l p b
i
Lehmann. Sau y la
thu t toa
n v
i s b
c l p la
100.
1. Chon ngu nhin mt s n kim tra.
2. Ch c ch n r ng n khng chia h t cho ca
c s nguyn t nho
nh 2,3,5,7 va 11.
3. Chon ngu nhin 100 s a
1
, a
2
, . . . , a
100
gi
a 1 va n-1.
4. Tinh a
i
(n-1)/2
(mod n) cho t t ca
a
i
= a
1
. . . a
100
. D
ng la i n u ba n ti
m th y a
i
sao
cho phe
p ki m tra la
sai.
5. N u a
i
(n-1)/2
= 1 (mod n) v
i mo i i, th n c th la hp s.
N u a
i
(n-1)/2
= 1 ho c -1 (mod n) v
i i b t ky
, th n la hp s.
N u a
i
(n-1)/2
= 1 ho c -1 (mod n) v
i mo i i = 1, th n la s nguyn t.
5. Bai tp
Bai tp 2.1: hy tnh 17
53
mod 29, hi cn dng it nht la bao nhiu phep nhn
tm ra kt qua.
Bai tp 2.2: Tnh 876
611
mod 899.
S
du ng m t trong ca
c ngn ng
l p tri
nh ca
i t thu t toa
n ti
m ph n t
nghi ch a
o.
Bai tp 2.4: Vi t chng tri
nh ca
i t thu t toa
n lu
y th
a nhanh.
Bai tp 2.5: Vi t chng tri
nh gia
i h phng tri
nh ng d b c nh t hai n.
Bai tp 2.6: Vi t chng tri
nh ca
i t thu t toa
n ki m tra s nguyn t v
i input la
m t s nguyn nh hn 2000000000.
Chng II: C s
ton hoc
27
Bai tp 2.7: Vi t chng tri
nh ca
i t th vi n s nguyn l
n v
i ca
c thao ta
c ti
nh
toan c ban: nhn, chia, c ng tr
, l y modulo.
Bai tp 2.8: S
du ng th vi n s l
n ( bai tp 2.5 ho c m t th vi n ma
ngu n
m
) cai t cac thut toan kim tra s nguyn t c trnh bay trong phn 4 cua chng
2.
Chng III: Cc h ma khoa bi mt
28
CHNG III: CAC H MA KHOA BI MT
1. Cc h ma c in
1.1. H ma
hoa
hoa
thay th la
h ma
hoa
trong o
m i ky
t cu
a ba
n ro
c thay th b ng
ky t khac trong ban ma (c th la mt ch cai, m t s ho c m t ky
hi u).
C 4 ky thut thay th sau y:
1. Thay th n (A simple substitution cipher): la h trong mt ky t cua ban r
c thay b ng m t ky
t tng
ng trong ba
n ma
. M t a
nh xa 1-1 t
ba
n ro
i
ban ma c s dung ma hoa toan b thng ip.
2. Thay th ng m (A homophonic substitution cipher ): gi ng nh h th ng ma
hoa thay th n , ngoai tr mt ky t cua ban r c th c anh xa ti mt
trong s m t va
i ky
t cua ban ma : s a
th tng
ng v
i 7, 19, 31,
ho c 42, v.v.
3. Thay th a m u t (A polyalphbetic substitution cipher): c ta o nn t
nhi u
thu t toa
n ma
hoa
ng h p thay th n,
nhng co
n ma
hoa
n
c s
cu
a m i ky
t trong ba
n ro
.
4. Thay th a s (A polygram substitution cipher ): la thut toan trong cac
kh i ky
t c ma
hoa
theo nho
m . y la
thu t toa
n t ng qua
t nh t , cho phe
p
thay th ca
c nho
m ky
t cu
a vn ba
n g c . Vi du, ABA co
th tng
ng v
i
RTQ, ABB co
th tng
ng v
i SLL, v.v.
1.2. H ma
Caesar
H ma
h ma
c i n va
n gia
n nh t a
ng c du
ng
trong th c t b
i hoa
ng La ma
Caesar nn c t theo tn cu
a vi hoa
ng na
y.
Khng gian ca
c ba
n ro
ba
ng ch
ca
i A ( tin trnh
bay chng ta xem y la mt bang ch cai tng quat). Tng t khng gian ca
c ba
n ma
C
P. Gia s s phn t cua bang ch cai |A| = N.
ma
ho
a ng
i ta a
nh s ca
c ch
ca
i t
0 t
a K = Z
N
. V
i
m i kho
Caesar v
i ba
ng ch
ca
i ti ng Anh se
co
N = 26 ch
ca
i, bang ch cai c
a
nh s nh sau:
Chng III: Cc h ma khoa bi mt
29
A B C D ... L M N ... W X Y Z
0 1 2 3 ... 11 12 13 ... 22 23 23 25
Bang 3.1: Bang anh s cac ch cai ting Anh
Cac phep tinh toan s hoc c th c hi n trn va
nh Z
26
, s kho
a co
th s
du ng
la 26 nhng trn th c t chi
co
25 kha c ich.
Vi du: v
i k=3 (tr
ng h p a
c hoa
ng Caesar s
du ng), ky t A c thay
b ng D, B c thay b ng E, ... , W c thay b ng Z, ... , X c thay b ng A, Y c
thay b ng B, va Z c thay bng C.
Bang ch cai gc:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Bang ch cai dng ma hoa:
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Do o
ch ng ha n xu ANGLES se
c ma
ho
a tha
nh DQJOHV.
H ma
Caesar s
du ng phng pha
p thay th n m nn co
hi n t ng go i la
phu thuc tn sut xut hin cua ngn ng t nhin. Trong ngn ng
t nhin m t s ch
cai xut hin nhiu hn so vi cac ch cai khac (ch ng ha n trong ti ng Anh ca
c ch
ca
i
xu t hi n nhi u la
e, t, i, h ) nn ca
c ch
ca
i du
ng cu
ng xu t hi n
nhi u. i u na
y co
c ky
t xu t hi n nhi u trong ba
n ma
b ng ca
c ky
t xu t hi n nhi u trn ca
c
vn ba
n th c t .
Trn th c t h ma
Caesar co
s kho
a i
t nn hoa
t t ca
ca
c kho
a co
Affine
Khng gian ca
c ba
n ro
va
ba
n ma
cu
a h ma
la
ca
c xu c hi
nh tha
nh t
m t
bang ch cai A, gia s |A| = N. Khi o
a cu
a h ma
c xa
c i nh nh sau:
K = { (a, b): a, b e Z
N
, (a, N) = 1}
ma
ho
a ng
i ta a
nh s ca
c ch
ca
i cu
a ba
ng ch
ca
i t
0 t
i N 1 va tin
hanh ma ha, giai ma tng ky t (thay th ) theo ca
c cng th
c sau:
Ma ha:
E
K
(x) = (a*x + b) mod N. Ky t ban r c s th t la x s c chuyn thanh ky t
c s th t la (a*x+b) mod N trong ba
ng ch
ca
i.
gia
i ma
ta c n ti
m a
-1
(do (a, N) = 1 nn lun ti
ng ch
ca
i.
C th thy rng i vi mt h ma Affine th s kha c th s dung s la:
|K| = C(N) * N. Vi du vi N = 26 tng
ng v
i ba
ng ch
ca
i ti ng Anh chu
ng ta se
c C(26) * 26 = 12 * 26 = 312 kha. Con s na
y la
tng i nho
.
1.4. H ma
Vigenere
H ma
i Pha
p Blaise de
Vigenre (1523-1596).
i vi h ma nay khng gian cac ban ma va ban r cung la cac thng ip c
tao thanh t mt bang ch cai A nh trong h ma
i N-1 trong o
N la
s ph n t
cu
a ba
ng ch
ca
i.
Khng gian kho
a K c xa
c i nh nh sau:
V
ho
a m t ba
n ro
P ng
i ta chia P tha
nh ca
c oa n da
i M va chuyn thanh
s th
t tng
ng cu
a chu
ng trong ba
ng ch
ca
i , ch ng ha n X = x
1
x
2
x
M
. Khi o
vi c
ma ha va giai ma c thc hin nh sau:
E
K
(X) = (x
1
+ k
1,
x
2
+ k
2
, , x
M
+ k
M
) mod N
D
K
(Y) = (y
1
- k
1,
y
2
- k
2
, , y
M
- k
M
) mod N v
i N la
s ph n t
cu
a ba
ng ch
ca
i va Y
= y
1
y
2
y
M
la ban ma.
Vi du: xet A la bang ch cai ting Anh , ta co
K = 2 8 15 7 4
17, P = 19 7 8 18 2 17 | 24 15 19 14 18 23 | 18 19 4 12 8 18 | 13 14 19 18 4 2 | 20 17 4.
Qua trnh ma ha thc hin nh sau:
P = 19 7 8 18 2 17 | 24 15 19 14 18 23 | 18 19 4 12 8 18 | 13 14 19 18 4 2 | 20 17 4
K = 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15
C = 21 15 23 25 6 8 | 0 23 8 21 22 14 | 20 1 19 19 12 9 | 15 22 8 25 8 19 | 22 25 19
V y ba
n ma
la
na
y la
k t h p cu
a nhi u ma
Caesar , trong h ma
Caesar
chng ta thay th tng ky t n le th trong h ma Vigenere na
y thay th t
ng b M ky
t lin ti p. V
i m i M chu
ng ta co
s kho
a co
th s
du ng la
N
M
, cu th la vi bang ch
cai ting Anh s c 26
M
kha c th s dung.
1.5. H ma
Hill
H ma
hoa
na
y d a trn ly
thuy t v a i s tuy n ti
nh do Lester S .Hill a ra nm
1929.
Ca khng gian ban r va ban ma u la cac xu c thanh lp t mt bang ch
cai A nh trong h ma
Vigenere.
Chng III: Cc h ma khoa bi mt
31
V
i m i s nguyn M kho
a cu
a h ma
la
m t ma tr n K vung ki
ch th
c MxM g m
cac phn t la c ac s nguyn thuc Z
N
trong o
N la
s ph n t
cu
a ba
ng ch
ca
i . i u
ki n ma tr n K co
th s
du ng la
m kho
a cu
a h ma
la
K pha
i la
m t ma tr n khng suy
bi n trn Z
N
hay no
i ca
ch kha
c la
t n ta i ma tr n nghi ch a
o cu
a ma tr n K trn Z
N
.
Cac ky t cua bang ch cai cung c anh s t 0 t
i N-1.
ma
ho
a m t ba
n ro
ng
i ta cu
ng chia ba
n ro
tha
nh ca
c xu co
da
i M ,
chuy n cac xu nay thanh s th t cua cac ch cai trong bang ch cai di dang mt
vect ha
ng M chi u va
ti n ha
nh ma
ho
Hill co
c la
a
K =
|
|
.
|
\
|
5 2
3 3
Hay ma ha xu P = HELP va
gia
i ma
ng c la i ba
n ma
thu c.
ma
ho
a chu
i P
1
= (7 4) ta co
C
1
= P
1
* K =( ) 7 4
|
|
.
|
\
|
5 2
3 3
= ( ) 3 15 = ( ) D P
V
i P
2
= (11 15) ta co
C
2
= P
2
* K =( ) 11 15
|
|
.
|
\
|
5 2
3 3
= ( ) 11 4 = ( ) L E
V y ba
n ma
thu c la
C = DPLE.
gia
i ma
ta ti
nh kho
a gia
i ma
la
ma tr n nghi ch a
c sau:
V
i K =
11 12
21 22
k k
k k
| |
|
\ .
va det(K) = (k
11
*k
22
k
21
*k
12
) mod N la
m t ph n t
co
ph n t
nghich ao trn Z
N
(ky hiu la det(K)
-1
) th kha giai ma s la
K
-1
= det(K)
-1
*
22 12
21 11
k -k
-k k
| |
|
\ .
Chng III: Cc h ma khoa bi mt
32
Ap dung vao trng hp trn ta c det(K) = (15 - 6) mod 26 = 9. GCD(9, 26) =1 nn
ap dung thut toan clit m rng tm c det (K)
-1
= 3. V y K
-1
= 3 *
5 23
24 3
| |
|
\ .
=
|
|
.
|
\
|
9 20
17 15
.
Qua trnh giai ma tin hanh ging nh qua trnh ma ha vi kha ma ha thay bng
kha giai ma.
Giai ma C = DP = ( 3 15 ), P = C * K
-1
= (3 15) *
|
|
.
|
\
|
9 20
17 15
= ( ) 3 15 = HE.
Tng t giai ma xu C = LE kt qua s c ban r P = LP.
Ch y la trong vi du trn chng ta s dung kha K c kich thc nh nn d dang
tm c kha giai ma cn trong trng hp tng quat iu nay la khng d dang.
1.6. H ma
i ch (transposition cipher)
M t h ma
hoa
i ch la
h ma
hoa
trong o
ca
c ky
t cu
a ba
n ro
v n c gi
nguyn, nhng th
t cu
a chu
ng c i ch cho nhau.
Vi du mt h ma hoa i ch ct n gian , ban r c vit theo hang ngang trn
trang gi y v
i da
p na
y co
ca
c ky
thu t sau:
1. a
o ngc toa
n b ba
n ro
phng pha
p ma
hoa
n gia
n nh t vi
v y khng a
m
bao an toan.
Vi du : ban r TRANSPOSITION CIPHER c ma hoa thanh
REHPICNOITISOPSNART.
2. Ma ho theo mu hinh hoc : ban r c sp xp lai theo mt m u hi
nh ho c
nao , th
ng la
m t ma
ng ho c m t ma tr n hai chi u.
Vi du: ban r LIECHTENSTEINER c vit thanh ma trn 35 theo ha
ng nh
sau:
C t 1 2 3 4 5
Ban r L I E C H
Chng III: Cc h ma khoa bi mt
33
T E N S T
E I N E R
Bang 3.3: Ma ha theo mu hnh hoc
N u l y ca
c ky
t ra theo s th
t c t 2, 4, 1, 3, 5 th s c ban ma
IEICSELTEENNHTR.
i ch ct: u tin i ch cac ky t trong ban r thanh dang hnh ch nh t theo
c t, sau o
ca
c c t c s p x p la i va
ca
c ch
ca
i c l y ra theo ha
ng ngang
Vi du: ban r gc la NGAY MAI BAT DAU CHIEN DICH XYZ c vit di dang
ma tr n 55 theo c t nh sau:
C t 1 2 3 4 5
Ban r N A D I C
G I A E H
A B U N X
Y A C D Y
M T H I Z
Bang 3.4: Vi du ma ha theo mu hnh hoc
V c 5 c t nn chu
ng co
n co
c c t theo th
t 3, 5, 2, 4, 1 r i l y ca
c ky
t ra theo ha
ng
ngang ta se
c ba
n ma
la
DCAINAHIEGUXBNACYADY HZTIM . Lu y
r ng ca
c ky
t
cach c b i.
Han ch cua phng phap nay la toan b cac ma trn ky t phai c sinh ma
hoa va giai ma.
3. Hon vi cc ky t cua bn ro theo chu ky c inh d : N u ha
m f la
m t hoa
n
vi cua mt khi gm d ky t th khoa ma hoa c biu din bi K(d,f).
Do v y, ban r:
M = m
1
m
2
...m
d
m
d+1
...m
2d
V
i m
i
la cac ky t , va ban ro
se
c ma
hoa
tha
nh
Ek(M) = m
f(1)
m
f(2)
...m
f(d)
m
f(d)+1
...m
d+f(d)
Trong o
m
f(1)
m
f(2)
...m
f(d)
la mt hoan vi cua m
1
m
2
...m
d
.
Vi du: gia s d=5 va f hoa
n vi da
Ma hoa
1 3 G O
2 5 R P
Chng III: Cc h ma khoa bi mt
34
3 1 O G
4 4 U U
5 2 P R
Bang 3.5: Ma ha hoan vi theo chu ky
Theo ba
i vi tri
th
3, ky t th
hai c chuy n t
i vi tri
th
5, ... Ch ng ha n t
g c GROUP c ma
hoa
tha
nh
OPGUR. B ng ca
ch o
ADFGV cu
c , c s
i l n th
I , la
m t h ma
hoa
p thay th n gia
n). N c coi la mt
thu t toa
n ma
hoa
ph
c ta p va
o th
i y nhng no
n.
2. Cc h ma khi
Trong ph n na
y chu
ng ta se
ho c v ca
c h ma
kh i i n hi
nh la
chu n ma
ho
a d
li u DES (Data Encryption Standard), m t trong s ca
c h ma
kh i c s
du ng r ng ra
i
nh t va
la
n n ta
ng cho r t nhi u ca
c h ma
kh i kha
c.
Chu n ma
ho
a d
li u DES la
na
y c xy dng da trn mt h ma
kh i ph bin c tn la LUCIFER va c phat trin bi IBM.
DES co
n cng khai , d ca
i t ) va a tng c
s
du ng trn th c t trong m t th
i gian r t da
i (cho n tr
c u nh
ng nm 90) tuy
nhin theo th
i gian nng l c cu
a ca
c ma
y ti
nh pha
t tri n cu
ng v
i ca
c ky
thu t tha
m ma
m
i c a ra a
cho th y nhu c u v m t h ma
kh i ma nh hn va chun ma ha
cao cp AES a
ra
i . Chu n na
y ra
kh i an toa
a
Hoa Ky (NIST). C rt nhiu h ma a c gi n lam ng c vin cho AES nhng
cu i cu
ng h ma
Rijndael cu
a hai ta
c gia
ng
i Bi
la
ti n si
Joan Daemen va
ti n si
Vincent Rijmen (vao nm 2001).
2.1. Mt ma khi
Cac h ma c in ma chng ta xem xet phn u chng nay u c c im
chung la tng ky t cua ban r c ma hoa tach bit. iu nay lam cho vic pha ma tr
nn d dang hn. Chinh v vy, trn thc t ngi ta hay dng mt kiu mt ma khac,
trong tng khi ky t cua ban r c ma hoa cng mt lc nh la mt n vi ma hoa
ng nht. Trong kiu ma hoa nay, cac tham s quan trong la kich thc ( dai) cua mi
khi va kich thc khoa.
iu kin ma hoa khi an toan:
- Kch thc khi phai u ln chng lai phng an tn cng bng phng
phap thng k. Tuy nhin iu nay s dn n thi gian ma hoa s tng ln.
Chng III: Cc h ma khoa bi mt
35
- Khng gian khoa, tc chiu dai khoa phai u ln chng lai phng an tn
cng bng vet can. Tuy nhin khoa phai u ngn vic tao khoa, phn phi va
lu tr khoa c d dang.
Khi thit k mt h ma khi, phai am bao hai yu cu sau:
- S hn loan (confusion): s phu thuc gia ban r va ban ma phai thc s
phc tap gy kh khn i vi vic tm quy lut tham ma. Mi quan h nay
tt nht la phi tuyn.
- S khuch tan (diffusion): Mi bit cua ban r va kha phai anh hng ln cang
nhiu bit cua ban ma cang tt.
Trong khi s hn loan (confusion) c tao ra bng ky
i gian (tai cac quc gia khac nhau va ng dung trong cac lnh
v c kha
na
y
g n li n v
i ha
da
n x p v
i IBM
thut toan ma ha nay thanh min phi va phat trin n thanh chun ma ha d liu va
cng b va
o nga
y 15/02/1977.
2.2.1. M t s ma ho DES
M ta
t ng quan:
DES la
thu t toa
n ma
ho
a v
i input la
kh i 64 bit, output cu
ng la
kh i 64 bit. Kha
ma ha c dai 56 bit, th c ra chi
nh xa
c hn pha
i la
64 bit v
i ca
c bit
vi tri
chia h t
cho 8 c th s dung la cac bit kim tra tinh chn le . S kha cua khng gian kha K la
2
56
.
Chng III: Cc h ma khoa bi mt
36
Hnh 3.1: Chu n ma
ho
a d
li u DES
Thu t toa
n th c hi n 16 vng. T
kho
a cho m t vo
ng th c hi n trong qua
tri
nh ma
ho
a . Trong m i vo
ng, 8 anh xa
thay th 6 bit tha
nh 4 bit S
i
(cn goi la hp S
i
) c cho n l a ky
ca
ng va
c i nh , ky hiu
chung la
S se
c s
c s
du ng chia tha
nh hai n
a L
0
va R
0
.
Cac vng c chc nng ging nhau , nh n input la
L
i-1
va R
i-1
t
vo
ng tr
c va
sinh ra
output la
ca
c xu 32 bit L
i
va R
i
nh sau:
L
i
= R
i-1
; (1)
R
i
= L
i-1
f(R
i-1
, K
i
) trong o
f(R
i-1
, K
i
) = P( S( E(R
i-1
) K
i
) ); (2)
Trong :
la ky hiu cua phep tuyn loai tr (XOR) cua hai xu bit theo modulo 2.
Ham f la mt ham phi tuyn.
E la
hoa
n vi m
r ng a
nh xa R
i-1
t
32 bit tha
nh 48 bit (i khi t t ca
ca
c bit se
c s
du ng ho c m t bit se
c s
du ng hai l n).
P la
hoa
n vi c i nh kha
c cu
a 32 bit.
M t hoa
n vi bit kh
i u (IP) c s
du ng cho vo
ng u tin ; sau vo
ng cu i cu
ng
n
a tra
i va
pha
i se
c i cho nhau va
cu i cu
ng xu k t qua
se
c hoa
n vi bit l n
cu i b
i hoa
n vi ng c cu
a IP (IP
-1
).
Qua trnh giai ma din ra tng t nhng vi cac khoa con ng dung vao cac vng
trong theo th
t ng c la i.
C th hnh dung n gian la phn bn phai trong mi vng (sau khi m
r ng input
32 bit tha
nh 8 ky t 6 bit xu 48 bit) s thc hin mt tinh toan thay th phu thu c kho
a
trn m i m t ky
c bit cu
a ca
c ky
t k t qua
hi
nh tha
nh nn output 32 bit.
Cac khoa con K
i
(ch
a 48 bit cu
a K) c ti
nh b ng ca
ch s
du ng ca
c ba
ng PC1 va
PC2 (Permutation Choice 1 va 2). Tr
c tin 8 bit (k
8
, k
16
,,k
64
) cua K bi b i (ap dung
PC1). 56 bit co
n la i c hoa
n vi va
ga
D, va sau trong 16
vng lp ca C va D s c quay 1 ho c 2 bit, va cac kha con 48 bit K
i
c cho n t
k t
qua cua vic ghep hai xu vi nhau.
Nh vy, ta c th m ta toan b thut toan sinh ma DES di dang cng thc nh
sau:
Y = IP
-1
- f
16
- T- f
15
- T- ... - f
2
- T- f
1
- IP(x)
Trong :
T m ta phep hoan vi cua cac khi L
i
R
i
(1 i 15).
f
i
m ta vic dng ham f vi khoa K
i
(1 i 16).
Thu t toa
n chi ti t:
Input: ban r M = m
1
m
2
m
64
, kha 64 bit K = k
1
k
2
k
64
(bao g m ca
8 bit ch n le
,
vi c thm bit ch n le
sao cho ca
c oa n kho
a 8 bit co
s bit 1 la le)
Chng III: Cc h ma khoa bi mt
37
Output: ban ma 64 bit C = c
1
c
2
c
64
1. Sinh kho
a con. Tinh cac kha con theo thut toan sinh kha con bn di
2. (L
0
,R
0
) IP(m
1
m
2
m
64
) (S
du ng ba
ng hoa
n vi IP hoa
n vi ca
c bit , k t qua
nh n c chia tha
nh hai n
a la
L
0
= m
58
m
50
m
8
, R
0
= m
57
m
49
m
7
.)
3. (16 vng) for i = 1 to 16
Tinh cac L
i
va R
i
theo ca
c cng th
c (1) va (2), vi c ti
nh
f(R
i-1
, K
i
) = P( S( E(R
i-1
) K
i
) ) c th c hi n nh sau:
a) M
r ng R
i-1
= r
1
r
2
r
32
t
32 bit tha
nh 48 bit b ng ca
ch s
du ng hoa
n vi m
r ng E.
T E(R
i-1
). (V th T = r
32
r
1
r
2
r
32
r
1
)
b) T T K
i
. Bi u di n T nh la
ca
c xu g m 8 ky t 6 bit T = (B
1
,,B
8
)
c) T (S
1
(B
1
), S
2
(B
2
),,S
8
(B
8
)). Trong o
S
i
(Bi) anh xa b
1
b
2
b
6
thanh cac xu 4
bit cu
a ph n t
thu c ha
ng r va
c t c cu
a ca
c ba
ng S
i
(S box) trong o
r = 2 * b
1
+ b
6
va c = b
2
b
3
b
4
b
5
la mt s nhi phn t 0 t
i 15. Ch ng ha n S
1
(011011) s
cho r = 1 va c = 13 va kt qua la 5 bi u di n d
i da ng nhi phn la
0101.
d) T P(T) trong o
P la
hoa
n vi c i nh hoa
n vi 32 bit cu
a T = t
1
t
2
t
32
sinh ra t
16
t
7
t
25
.
4. b
1
b
2
b
64
(R
16
, L
16
) ( i vi tri
ca
c kh i cu i cu
ng L
16
, R
16
5. C IP
-1
(b
1
b
2
b
64
) (Bi n i s
du ng IP
-1
, C = b
40
b
8
b
25
)
S 16 vng lp cua DES:
Chng III: Cc h ma khoa bi mt
38
Hnh 3.2: S ma hoa DES
K
16
(48 bit)
K
15
(48 bit)
Bn r (64 bit)
Bn m (64 bit)
IP
IP
-1
L
0
(32 bit)
L
1
= R
0
R
0
(32 bit)
R
1
= L
0
f(R
0
, K
1
)
f
K
1
(48 bit)
L
i
= R
i-1
L
15
= R
14
R
i
= L
i-1
f(R
i-1
, K
i
)
R
15
= L
14
f(R
14
, K
15
)
f
f
K
i
(48 bit)
L
16
= L
15
f(R
15
, K
16
) R
16
= L
15
f
Chng III: Cc h ma khoa bi mt
39
2.2.2. Hon vi IP va hon vi ngc IP
-1
Bang hoan vi IP c a ra trong bang di y:
58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7
Bang 3.6: Bang hoan vi IP
Bang hoan vi ngc IP
-1
:
40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
Bang 3.7: Bang hoan vi ng c IP
-1
Hai hoan vi IP v IP
-1
khng c y ngha g v mt mt ma ma hoan toan nhm tao
iu kin cho vic chip hoa thut toan DES.
S cu trc mt vng DES:
Hnh 3.3: S mt vng DES
L
i-1
R
i-1
Hm m
rng (E)
S-Box
P-Box
R
i
L
i
Trt t nn
(PC-2)
Kho
Kho
Vng dch Vng dch
Hm f
Kho K
Chng III: Cc h ma khoa bi mt
40
2.2.3. Thu t toa
n sinh kho
a con
M
i sa
u vng lp cua DES chay cng thut toan nh nhau nhng vi 16 kho con
khc nhau. Cac kho con u c sinh ra t khoa chinh cua DES bng mt thut toan
sinh khoa con. Khoa chinh K (64 bit) i qua 16 bc bin i, tai mi bc bin i nay
mt khoa con c sinh ra vi dai 48 bit.
C th m ta thut toan sinh cac kha con chi tit nh sau:
Input: kha 64 bit K = k1k2...k64 (bao g m ca
8 bit ki m tra ti
nh ch n le
)
Output: 16 kha con 48 bit K
i
, 1 s i s 16.
1) i nh nghi
a v
i
, 1 s i s 16 nh sau: v
i
= 1 i v
i i e {1,2,9,16}; v
i
= 2 cho ca
c
tr
ng h p kha
c (y la
ca
c gia
i).
2) T PC1(K); bi u di n T tha
nh ca
c n
a 28 bit (C
0
, D
0
) (S
du ng ba
ng PC1
chon cac bit t K: C
0
= k
57
k
49
...k
36
, D
0
= k
63
k
55
...k
4
.)
3) For i from 1 to 16, tinh cac K
i
nh sau: C
i
(C
i-1
v
i
), D
i
(D
i-1
v
i
), K
i
PC2(C
i
, D
i
). (S
du ng ba
xu ghe
p b
1
b
2
...b
56
cua C
i
va D
i
: K
i
=
b
14
b
17
...b
32
. la
ky
hi u di ch vo
ng tra
i.)
S sinh ca
c kho
a DES
64 bit u vao s giam xung cn 56 bit bng cach b i 8 bit ( cac vi tri chia ht
cho 8), cac bit nay dng kim tra bit chn le. Sau 56 bit nay lai c trich ly 48 bit
sinh ra cho 16 vng khoa cua DES.
Bang trt t khoa (PC-1):
57 49 41 33 25 17 9 1 58 50 42 34 26 18
10 2 59 51 43 35 27 19 11 3 60 52 44 36
63 55 47 39 31 23 15 7 62 54 46 38 30 22
14 6 61 53 45 37 29 21 13 5 28 20 12 4
Bang 3.8: Bang PC-1
u tin 56 bit kho
a 28 bit ny
c dich vng trai hoc 1 hoc 2 bit phu thuc vao s bit di ch tng
ng v
i vng .
S bit dich cua cac vng (LS):
Vng l p 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Kho chnh (64 bit)
C
0
(28 bit) D
0
(28 bit)
PC-1
C
1
(28 bit) D
1
(28 bit)
LS
1
LS
1
C
i
(28 bit) D
i
(28 bit)
LS
2
LS
2
C
16
(28 bit) D
16
(28 bit)
LS
1
LS
1
PC-2
K
1
(48 bit)
PC-2
K
i
(48 bit)
PC-2
K
16
(48 bit)
Chng III: Cc h ma khoa bi mt
42
S bit dich 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
Bang 3.9: Bang dich bit tai cac vng lp cua DES
Sau khi dich vng, m t ba
ng cho n 48 bit c s
du ng. V ca
ha
m m
r ng E
Vi du nh bit vi tri s 3 cua khi vao s di chuyn n vi tri s 4 cua khi ra va bit
vi tri 21 u vao s di chuyn n vi tri 30 va 32 u ra.
2.2.6. M t hp S - Box
i vi s ma hoa DES, moi tinh toan u la tuyn tinh, tc la vic tinh phep
tuyn loai tr XOR cua hai u ra cung ging vi phep tuyn loai tr XOR cua hai u
vao ri tinh toan u ra. Ch duy nht c cac tinh toan vi hp S la phi tuyn. Chinh v vy
cc hp S-Box (cha ng cac thanh phn phi tuyn cua h mt) la quan trong nht i
vi mt cua h ma, chinh cac hp S tao nn s hn loan (confusion) va s khuch tan
(diffusion) cua DES. Nm 1976, NSA a a ra tiu chun thit k hp S nh sau:
Mi hang trong mi hp S la mt hoan vi cua cac s nguyn t 0 n 15.
Khng c hp S nao la ham Affine hay tuyn tinh i vi cac u vao cua n.
S thay i cua mt bit u vao s dn n s thay i it nht hai bit u ra.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 1312 1314 15 16 1716
32
32
Chng III: Cc h ma khoa bi mt
45
i vi hp S bt ky va vi u vao x (mt xu bit c dai bng 6) bt ky, th
S(x) v S(x001100) phai khac nhau it nht la 2 bit.
NSA cung tit l 3 thuc tinh cua hp S, nhng thuc tinh nay am bao tinh
confusion va diffusion cua thut toan:
Cac bit vao lun phu thuc khng tuyn tinh vi cac bit ra.
Sa i mt bit vao lam thay i it nht la hai bit ra.
Khi mt bit vao c gi c inh va 5 bit cn lai cho thay i th hp S th hin
mt tinh cht c goi la phn b ng nht: so sanh s lng bit s 0 va 1 cac u
ra lun mc cn bng. Tinh cht nay khin cho vic phn tich theo ly thuyt thng k
tm cach pha hp S la v ich.
Sau khi cng modulo vi khoa K, kt qua thu c chui 48 bit chia lam 8 khi a
vao 8 hp S-Box. Mi hp S-Box c 6 bit u vao va 4 bit u ra (tng b nh yu cu
cho 8 hp S-Box chun DES la 256 bytes). Kt qua thu c la mt chui 32 bit tip tuc
vao hp P-Box.
Ta c th xy dng cac hp S cua ring mnh, tuy nhin cung c th dng cac hp
S chun a c cng b:
14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
Bang 3.12: Hp S
1
15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10
3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5
0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15
13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9
Bang 3.13: Hp S
2
10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8
13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1
13 6 4 9 8 15 3 0 11 1 2 12 15 10 14 7
1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12
Bang 3.14: Hp S
3
7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15
13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9
Chng III: Cc h ma khoa bi mt
46
10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4
3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14
Bang 3.15: Hp S
4
2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9
14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14
11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3
Bang 3.16: Hp S
5
12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11
10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8
9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6
4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13
Bang 3.17: Hp S
6
4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1
13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6
1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2
6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12
Bang 3.18: Hp S
7
13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7
1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2
7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8
2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11
Bang 3.19: Hp S
8
Vi d:
Gia s u vao cua hp S
6
la chui bit 110011 t 31 n 36 . Bit u tin va bit cui
cng kt hp lai thanh 11 tng ng vi hang 3 cua hp S
6
. Bn bit gia c gia tri 1001,
tng ng vi ct 9. Nh vy, gia tri nhn c la 14 (s m cua ct, hang bt u t
0) va gia tri 1110 c thay th cho gia tri 110110 u ra.
2.2.7. Hp P-Box
Vic hoan vi nay mang tinh n anh, ngha la mt bit u vao s cho mt bit u
ra, khng bit nao c s dung hai ln hay bi b qua. Hp P-Box thc cht ch lam chc
nng sp xp n thun theo bang sau:
Chng III: Cc h ma khoa bi mt
47
Bang m ta hp P-Box (P):
16 7 20 21 29 12 28 17
1 15 23 26 5 18 31 10
2 8 24 14 32 27 3 9
19 13 30 6 22 11 4 25
Bang 3.20: Bang hoan vi P
Vi du nh bit 21 s dich chuyn n bit th 4, trong khi bit th 4 lai dich chuyn n
bit 31. Kt qua cui cng cua hp P-Box lai c XOR vi n
a trai va n
a DES
Cui cng, chuyn i IP
-1
, ta thu c ban ma ( dang Hecxa):
85E813540F0AB405.
Chng III: Cc h ma khoa bi mt
51
2.3. Cc yu im cua DES
2.3.1. Tnh b
Nu ta ky hiu u la phn b cua u (vi du nh: 0100101 la phn b cua 1011010) th
DES c tinh cht sau:
y = DES(x,k) y = DES( x , k )
Cho nn nu ta bit ma y c ma hoa t thng tin x vi khoa K th ta suy ra c
ban ma y c ma hoa t ban r x vi khoa k . Tinh cht nay chinh la mt yu im
cua DES bi v qua i phng c th loai b i mt s khoa phai th khi tin hanh
th giai ma theo kiu vet can.
2.3.2. Kho yu
Khoa yu la cac khoa ma theo thut toan sinh khoa con th tt ca 16 khoa con u
nh nhau:
K
1
= K
2
= ... = K
15
= K
16
iu khin cho vi c m ha va giai ma i vi khoa yu la ging ht nhau.
C tt ca 4 khoa yu sau:
Kho yu (Hex) C
0
D
0
0101 0101 0101 0101 {0}
28
{0}
28
FEFE FEFE FEFE FEFE {1}
28
{1}
28
1F1F 1F1F 0E0E 0E0E {0}
28
{1}
28
E0E0 E0E0 F1F1 F1F1 {1}
28
{0}
28
Bang 3.22: Cac kha yu cua DES
ng thi cn c 6 cp khoa n
a K
DES c 2
56
= 10
17
khoa. Nu chng ta bit c mt cp tin/ma th chng ta c
th th tt ca 10
17
kha nng nay tm ra khoa cho kt qua khp nht. Gia s nh mt
phep th mt 10
-6
s, th chng s mt 10
11
s, tc 7300 nm. Nhng vi cac may tinh c
ch tao theo x ly song song. Chng han vi 10
7
con chipset ma DES chay song song th
by gi mi mt con chipset ch phai chiu trach nhim tinh toan vi 10
10
phep th.
Chipset m DES ngy nay c th x ly tc 4.510
7
bit/s tc c th lam c hn 10
5
phep ma DES trong mt giy.
Vao nm 1976 va 1977, Diffie va Hellman a c lng rng c th ch tao c
mt may tinh chuyn dung vet can khng gian khoa DES trong ngay vi cai gia 20
triu la. Nm 1984, chipset ma hoa DES vi tc ma hoa 256000 ln/giy. Nm
1987, a tng ln 512000 ln/giy. Vao nm 1993, Michael Wiener a thit k mt may
tinh chuyn dung vi gia 1 triu la s dung phng phap vet can giai ma DES
trung bnh trong vng 3,5 gi (va chm nht la 7 gi).
n nm 1990, hai nha toan hoc ngi Do Thai - Biham v Shamir - a phat minh
ra phng phap pha ma vi sai (diferential cryptanalyis), y la mt ky thut s dung
nhng phng oan khac nhau trong ban r a ra nhng thng tin trong ban ma. Vi
phng phap nay, Biham va Shamir a chng minh rng n hiu qua hn ca phng
phap vet can.
Pha ma vi sai la thut toan xem xet nhng cp ma hoa khac nhau, y la nhng
cp ma hoa ma ban r cua chng la khac bit. Ngi ta s phn tich tin trnh bin i
cua nhng cp ma nay thng qua cac vng cua DES khi chng c ma hoa vi cng
mt khoa K. Sau s chon hai ban r khac nhau mt cach ngu nhin hp ly nht. S
dung s khac nhau cua kt qua ma hoa va gan cho nhng kho khc nhau mt cach ph
hp nht. Khi phn tch nhiu hn nhng cp ban ma, chng ta s tm ra mt khoa c
xem la ng nht.
2.4. Triple DES (3DES)
Nh a
tri
nh ba
ca
c ph n trn , h ma
ho
a d
li u ) v
i
khng gian kha ven ven c 2
54
kha nn th c t hi n nay c th bi tham ma trong
Chng III: Cc h ma khoa bi mt
53
khoang thi gian vai gi ng h. V vy vic tm kim cac h ma khac thay th cho DES
la mt iu cn thit . M t trong nh
ng ca
ch th
c c xem xe
t u tin la
t n du ng DES
nhng s
du ng ma
ho
n hn so v
c ch
ng minh
v m t ly
a ta
i li u na
y ) a
cho th y r ng h ma
na
y
khng h an toa
n tha
m ma
theo ki u ve
t can brute-force yu c u s
phep tinh gp i tham ma 2DES so v
i DES).
Cach thc th hai va hin nay ang c s dung rng rai la ma ha DES ba ln ,
cach nay goi la Triple DES (TDES) hay 3DES, ho c m t ca
ch chu n m c h n la
TDEA
(Triple Data Encryption Algorithm). M hi
nh s
du ng n gia
n nh t cu
a Triple DES la
ma
ha 3 l n s
nh minh ho a sau:
Hnh 3.7: Triple DES
Ban ma C = DES
K3
(DES
K2
(DES
K1
(M)), m hi
nh na
y go i la
EEE vi
ca
ba b
c s
dung ba kha y u s dung thut toan ma ha chun cua DES , m t bi n th kha
c
cua m hnh nay goi la EDE vi bc gia s dung thut toan giai ma cua DES:
C = DES
K3
(
1
2 K
DES
(DES
K1
(M)).
Vi c l a cho n ma
ho
a hay gia
i ma
c th
hai khng la
m thay i ti
nh an toa
n
cua Triple DES. Kha cua Triple DES la 168 bit, m t s bi n th cu
a Triple DES s
du ng
kha c dai 112 bit (K1=K3) nhng kha
c v
phng pha
p na
y co
tn go i la
Two key Triple DES . Cac chng minh v mt ly thuyt va cac tn cng i vi
Triple DES cho th y h ma
na
y v n se
co
n c s
trn trn th c t no
ch m hn so v
i AES 6 l n.
Chng III: Cc h ma khoa bi mt
54
2.5. Chu n ma
ho
a cao c p AES
2.5.1. Gi
i thi u
Chu n ma
ho
a d
li u cao c p AES la
m t h ma
kho
a bi
m t co
tn la
Rijndael (Do
hai nha
m t ma
ho c ng
i Bi
la Joan Daemen va
Vincent Rijmen a ra va
tr
tha
nh
chu n t
p x
ly
ca
c kh i d
li u input co
ki
ch th
c 128 bit s
du ng
cac kha c dai 128, 192 ho c 256 bit. H ma
Rijndael c thi t k co
th l am
vi c v
i ca
c kho
a va
ca
c kh i d
li u co
da
i l
m t
chu n do U y ban tiu chu n cu
a Hoa Ky
a ra va
i ca
c kh i d
li u 128 bit va
ca
c kho
a co
da
co
n
t cho no
ca
ng v
i da
i kho
a s
du ng).
2.5.2. Cc khi nim va inh nghia (Definitions)
2.5.2.1. Cc khi nim va ky hiu
Cac khai nim va i nh nghi
a c s
du ng tri
nh ba
y v chu n ma
ho
a cao c p:
AES Chu n ma
ho
a cao c p
Bi n i Affine
Phep bin i bao gm mt phep nhn vi mt ma trn
sau o
la
m t phe
p c ng cu
a m t vect
Bit M t s nhi phn nh n gia
tri 0 ho c 1
Block
M t da
y ca
no
ch
a . Cac kh i cu
ng co
th c xem la
m t
day cac byte
Byte M t nho
m 8 bit
Cipher Thu t toa
n ma
ho
a
Cipher Key
Kha cua h ma , c th c biu din di dang mt
mang 2 chi u g m 4 hang va Nk ct
Ciphertext Ban ma
Inverse Cipher Thu t toa
n gia
i ma
Thu tuc sinh kha (Key
Expansion)
Thu tuc c s dung sinh ra cac kha s dung tai
cac vng lp cua thut toan ma ha , giai ma t kha
chinh ban u
Round Key
La cac gia tri sinh ra t kh a chinh bng cach s dung
thu tuc sinh kha . Cac kha nay c s dung tai cac
vng lp cua thut toan
Trang thai (State)
Cac gia tri ma ha trung gian c th biu din di dang
m t ma
ng 2 chi u g m 4 hang va Nb c t
S-box
M t ba
ng th phi tuy n c s
du ng trong thu
tu c sinh
kha va trong cac bin i thay th cac byte thc
hi n ca
c thay th 1-1 i v
i m t gia
tri 1 byte
Word
M t nho
m 32 bit co
m t ma
ng 4 byte
Bang 3.24: Qui
c m t s t
vi t t t va
thu t ng
cu
a AES
2.5.2.2. Cc ham, ky hiu va cc tham s cua thut ton
Cac tham s thut toan , cac ky hiu va cac ham c s dung trong m ta
thu t
toan:
AddRoundKey()
Ham bin i c s dung trong thut toan ma ha va giai
ma trong thc hin phep toan XOR bit gia mt trang
Chng III: Cc h ma khoa bi mt
55
thai tr ung gian (State) va mt kha cua vng lp (Round
Key). Kich thc cua mt Round Key bng kich thc cua
trang thai (ch ng ha n v
i Nb = 4 da
i cu
a m t Round Key
s la 128 bit hay 16 byte)
InvMixColumns()
Ham bin i c s dung trong thut toan giai ma, la ham
ng c cu
a ha
m MixColumns()
InvShiftRows()
Ham bin i trong thut toan giai ma , la ham ngc cua
ham ShiftRows()
InvSubBytes()
Ham bin i trong thut toan giai ma , la ham ngc cu a
ham SubBytes()
K Kha ma ha
MixColumns()
Ham bin i trong thut toan ma ha nhn tt ca cac ct
cua mt trang thai (State) va trn vi d liu cua n (khng
phu thuc ln nhau) nhn c mt ct mi
Nb
S l ng ca
nh kho
a ma
ho
a K (Nk = 4,
6, ho c 8)
Nr
S l ng ca
c vo
ng l p cu
a thu t toa
n , la mt ham cua Nk
va Nb (la cac gia tri c i nh) ( Nr = 10, 12 ho c 14 tng
ng vi cac gia tri khac nhau cua Nk)
Rcon[] Mang word hng s s dung trong cac vng lp
RotWord()
Ham s dung trong thu tuc sinh kha nhn mt word 4-byte
va thc hin mt hoan vi vng
ShiftRows()
Ham s dung trong qua trnh ma ha , x
ly
ca
c tra ng tha
i
b ng ca
ch di ch vo
ng ba ha
ng cu i cu
a tra ng tha
i v
i s l n
dich khac nhau
SubBytes()
Ham bin i s dung trong qua trnh ma ha , x
ly
m t
trang tha
i b ng ca
ch s
du ng m t ba
ng th phi tuy n ca
c
byte (S-box) thao ta
c trn m i byte m t ca
ch c l p
SubWord()
Ham s dung trong thu tuc sinh kha nhn mt word input
4-byte va
c (b c nho
hn 4) theo modulo (x
4
+ 1)
- Phep nhn trn trng hu han
2.5.3. Cc ky hiu va qui c
2.5.3.1. Input va
Output
Input va
Output cu
a chu n ma
ho
a cao c p u la
ca
c da
i cu
a m i kh i na
y la
s bit d
ho
a d
li u cao c p
khng la
m vi c v
i ca
c gia
kho
a co
ca
c da
i kha
c (m c du
thu t toa
n
c s
cu
a no
cho phe
p i u na
y).
Cac bit cua input, output va
kho
a cu
a h ma
c a
nh s t
0.
2.5.3.2. n vi Byte
n vi c ba
n x
ly
trong AES la
m t byte t
c la
m t da
y 8 bit c xem nh la
m t i t ng n. Cac gia tri input, output va
kho
a cu
a h ma
( c qui i nh trong ph n
3.1) c xem la
kho
a cu
a h ma
c ky
Chng III: Cc h ma khoa bi mt
56
hi u b
i tn ma
ng a va
bi u di n d
i da ng a
n
ho c a[n] trong o
n nh n ca
c gia
tri trong
cac khoang sau:
N u da
i kho
i kho
i kho
ca
c gia
tri Byte s
n cu
a AES u c bi u di n d
i
dang mt day cac bit 0 ho c 1 theo i nh da ng {b
7
, b
6
, b
5
, b
4
, b
3
, b
2
, b
1
, b
0
}. Cac Byte nay
sau c hi u la
ca
c ph n t
trn tr
ng h
u ha n b ng ca
ch s
du ng bi u di n tha
nh
dang a thc:
b
7
x
7
+ b
6
x
6
+ b
5
x
5
+ b
4
x
4
+ b
3
x
3
+ b
2
x
2
+ b
1
x
1
+ b
0
x
0
=
7
0
i
i
i
b x
=
.
Ch ng ha n gia
i ph n t
trn tr
ng h
u ha n x
6
+
x
5
+ x + 1.
thu n ti n, cac gia tri Byte c biu din s dung cac ky hiu cua h Hexa ,
s
du ng 4 bit cho m t ky
t va
hai ky
t cho m t Byte nh ba
ng sau:
Bit Ky t Bit Ky t Bit Ky t Bit Ky t
0000 0 0100 4 1000 8 1100 c
0001 1 0101 5 1001 9 1101 d
0010 2 0110 6 1010 a 1110 e
0011 3 0111 7 1011 b 1111 f
Bang 3.25: Bang biu din cac xu 4 bit
Khi o
ca
c byte
c go i la
tra ng tha
i . M t tra ng tha
i g m b n ha
ng ca
c byte , m i ha
ng co
Nb byte trong
o
Nb la
ki
ch th
c cu
o ma
ng tra ng tha
ca
c gia
tri cu
a ma
ng s va
ma
ng output c ti
nh nh sau:
s[r, c] = in[r + 4c] 0 s r, c < 4
input bytes
in
0
in
4
in
8
in
12
in
1
in
5
in
9
in
13
in
2
in
6
in
10
in
14
in
3
in
7
in
11
in
15
State array
S
0,0
S
0,1
S
0,2
S
0,3
S
1,0
S
1,1
S
1,2
S
1,3
S
2,0
S
2,1
S
2,2
S
2,3
S
3,0
S
3,1
S
3,2
S
3,3
output bytes
out
0
out
4
out
8
out
12
out
1
out
5
out
9
out
13
out
2
out
6
out
10
out
14
out
3
out
7
out
11
out
15
Chng III: Cc h ma khoa bi mt
57
out[r + 4c] = s[r, c] 0 s r, c < 4
2.5.3.5. Bi u di n cu
a tra ng tha
i
B n c t cu
a ma
ng tra ng tha
i cu
a thu t toa
n ta o tha
nh 4 word 32-bit w
0
, w
1
, , w
3
c bi u di n nh sau:
w
0
= s
0,0
s
1,0
s
2,0
s
3,0
w
1
= s
0,1
s
1,1
s
2,1
s
3,1
w
2
= s
0,2
s
1,2
s
2,2
s
3,2
w
3
= s
0,3
s
1,3
s
2,3
s
3,3
2.5.4. Thu t toa
n
dai cua input , output va
ca
c tra ng tha
ng v
i gia
tri cu
cu
ng la
s c t
cua mi trang thai ). Kha cua AES c dai la 128, 192 ho c 256 bit tng
ng v
i ca
c
gia tri cua Nk la 4, 6, ho c 8 va cung la s ct cua kha ma ha.
Tng
ng v
i da
i cu
a kho
a s
du ng s vo
ng l p cu
ho
a va
gia
i ma
AES s
du ng m t ha
m l p la
k t h p cu
a b n ha
m
bi n i (n vi x
ly
la
du ng m t ba
ng th (S-box),
2) dich cac hang cua mang trang thai vi s ln dich c ua mi hang la khac nhau, 3) k t
h p d
li u cu
a m i c t trong ma
ng tra ng tha
i va
4) c ng m t kho
a Round Key va
o tra ng
thai. Cac bin i nay (va cac ham ngc cua chng ) c m ta
trong ca
c ph n 4.1.1-
4.1.4 va 4.3.1-4.3.4.
2.5.4.1. Thu t toa
n ma
ho
a
B t u thu t toa
n ba
n ro
(input) c copy va
o ma
ng tra ng tha
i s
du ng ca
c qui
c c m ta trong phn 3.4. Sau khi c ng v
i kho
a Round Key kh
i ta o ma
ng tra ng
thai c bin i bng cac thc hin mt ham vng (round function) Nr l n (10, 12, ho c
14 phu thuc vao dai kha ) trong o
l n cu i cu
ng th c hi n kha
c ca
c l n tr
c o
.
Trang thai sau ln lp cui cng s c chuyn thanh output cua thu t toa
n theo qui t c
c m ta
trong ph n 3.4.
Ham vng c tham s ha s dung mt (key schedule) day cac kha c biu
di n nh la
m t ma
ng 1 chi u cu
a ca
thu
tu c sinh kho
a (Key
Expansion) c m ta
trong ph n 5.2.
Chng ta c th thy tt ca cac vng u thc hin cac cng vic ging nhau da
trn 4 ham (theo th
vng cui cng b qua vic thc hin ham MixColumns().
Thu t toa
n c m ta
ma
l nh sau:
Cipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
Chng III: Cc h ma khoa bi mt
58
begin
byte state[4,Nb]
state = in
AddRoundKey(state, w[0, Nb-1]) // See Sec. 5.1.4
for round = 1 step 1 to Nr1
SubBytes(state) // See Sec. 5.1.1
ShiftRows(state) // See Sec. 5.1.2
MixColumns(state) // See Sec. 5.1.3
AddRoundKey(state, w[round*Nb, (round+1)*Nb-1])
end for
SubBytes(state)
ShiftRows(state)
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1])
out = state
end
S thu t toa
n:
Chng III: Cc h ma khoa bi mt
59
Plaintext
Substitute bytes
Add round key
Shift rows
Mix Columns
Add round key
R
o
u
n
d
1
Substitute bytes
Shift rows
Mix Columns
Add round key
R
o
u
n
d
9
Substitute bytes
Shift rows
Add round key
R
o
u
n
d
1
0
Plaintext
(a) M ha
Plaintext
Add round key
Inverse sub bytes
Inverse shift row
Ciphertext
(b) Giai ma
Key
w[0, 3]
Expand key
w[4, 7]
Inverse mix cols
Add round key
Inverse sub bytes
Inverse shift row
R
o
u
n
d
9
R
o
u
n
d
1
0
Inverse mix cols
Add round key
Inverse sub bytes
Inverse shift row
R
o
u
n
d
1
w[40, 43]
Add round key
w[36,39]
Hnh 3.9: Thu t toa
n ma
ho
a va
gia
i ma
cu
a AES
2.5.4.1.1 Ham SubBytes()
Ham SubBytes() th c hi n phe
p thay th ca
c byte cu
a ma
du ng m t ba
o trn tr
ng h
n ha n GF (2
8
) (m ta
trong ph n 4.2), ph n t
{00} c a
nh xa thanh chinh n
2. Ap dung bin i Affine sau (trn GF(2)):
Chng III: Cc h ma khoa bi mt
60
'
( 4)mod8 ( 5)mod8 ( 6)mod8 ( 7)mod8 i i i i i i i
b b b b b b c
+ + + +
= trong o
0 s i <8 la bit th i
cua byte b tng ng va c
i
la bit th i cua byte c vi gia tri {63} hay {01100011}.
Cac phn t bin i affine cua S-box co
th c bi u di n d
i da ng ma tr n
nh sau:
'
0 0
'
1 1
'
2 2
'
3 3
'
4 4
'
5 5
'
6 6
'
7 7
1 0 0 0 1 1 1 1 1
1 1 0 0 0 1 1 1 1
1 1 1 0 0 0 1 1 0
1 1 1 1 0 0 0 1 0
1 1 1 1 1 0 0 0 0
0 1 1 1 1 1 0 0 1
0 0 1 1 1 1 1 0 1
0 0 0 1 1 1 1 1 0
b b
b b
b b
b b
b b
b b
b b
b b
( (
(
( (
(
( (
(
( (
(
( (
(
( (
(
= +
( (
(
( (
(
( (
(
( (
(
( (
(
( ( (
(
(
(
(
(
(
(
(
(
(
(
(
Hnh sau minh hoa kt qua cua vic ap dung ham bin i SubBytes () i v
i ma
ng
trang thai:
0,0
S
0,1
S
0,2
S
0,3
S
1,0
S
1,2
S
1,3
S
2,0
S
2,1
S
2,2
S
2,3
S
3,0
S
3,1
S
3,2
S
3,3
S
Bang th S -box c s
du ng trong ha
a AES
trong o
ch ng ha n n u s
1,1
= {53} c ngha la gia tri thay th s c xac inh
b ng giao cu
a ha
ng co
chi
s 5 v
i c t co
chi
s 3 trong ba
ng trn i u na
y tng
ng
v
i vi c s
1,1
= {ed}.
2.5.4.1.2. Ham ShiftRows()
Trong ham nay cac byte trong 3 hang cui cua mang trang thai s c dich vng
v
gia
o s ha
ng r nh sau:
shift(1, 4) = 1, shift(2, 4) = 2, shift(3, 4) = 3.
Thao ta
c na
y se
chuy n ca
c byte t
i ca
c vi tri
th p hn trong ca
c ha
ng , trong khi
cac byte thp nh t se
c chuy n ln u cu
a ha
ng . T t ca
c ca
c m ta
trn co
th minh
hoa qua hnh v sau:
S
1,1
S
S
0,0
S
0,1
S
0,2
S
0,3
S
1,1
S
1,2
S
1,3
S
1,0
S
2,2
S
2,3
S
2,0
S
2,31
S
3,3
S
3,0
S
3,1
S
3,2
S
0,0
S
0,1
S
0,2
S
0,3
S
1,0
S
1,2
S
1,3
S
2,0
S
2,1
S
2,2
S
2,3
S
3,0
S
3,1
S
3,2
S
3,3
S
0,0
S
0,1
S
0,2
S
0,3
S
0,0
S
0,1
S
0,2
S
0,3
S
ShiftRows()
Chng III: Cc h ma khoa bi mt
62
Hnh 3.10: Ham ShifftRows()
2.5.4.1.3. Ham MixColumns()
Ham nay lam vic trn cac ct cua bang trang thai , n coi mi ct cua mang trang
thai nh la mt a thc gm 4 hang t nh c m ta trong phn 4.3. Cac ct s c
xem nh la
ca
c a th
c trn GF(2
8
) va c nhn theo modulo x
4
+ 1 v
i m t a th
c c
i nh a(x):
a(x) = {03}x
3
+ {01}x
2
+ {01}x + {02}
Nh a
m ta
trong ph n 4.3 i u na
y co
th bi u di n b ng m t phe
p nhn ma
tr n:
s(x) = a(x)s(x):
'
0, 0,
'
1, 1,
'
2, 2,
'
3, 3,
02 03 01 01
01 02 03 01
01 01 02 03
03 01 01 02
c c
c c
c c
c c
S S
S S
S S
S S
( (
(
( (
(
( (
(
=
( (
(
( (
(
( (
v
i mo i 0 s c < Nb = 4.
K t qua la bn byte trong mi ct s c thay th theo cng thc sau:
'
0, 0, 1, 2, 3,
({02} ) ({03} )
c c c c c
s s s s s = - -
'
1, 0, 1, 2, 3,
({02} ) ({03} )
c c c c c
s s s s s = - -
'
2, 0, 1, 2, 3,
({02} ) ({03} )
c c c c c
s s s s s = - -
'
3, 0, 1, 2, 3,
({03} ) ({02} )
c c c c c
s s s s s = - -
C th minh hoa vic thc hin cua ham nay bng hnh v sau:
Chng III: Cc h ma khoa bi mt
63
Hnh 3.11: Ham MixColumns cua AES
2.5.4.1.4. Ham AddRoundKey()
Trong ha
m na
y m t kho
a vo
a vo
ng g m Nb word c sinh ra b
i thu
tu c sinh
kha (ph n 5.2). Cac word nay s c cng vao mi ct cua mang trang thai nh sau:
| |
' ' ' '
0, 1, 2, 3, 0, 1, 2, 3, *
, , , , , , 0 4
c c c c c c c c round Nb c
s s s s s s s s w c Nb
+
( ( = s s =
trong o
[w
i
] la cac word cua kha c m ta trong phn 5.2 va round la ln lp
tng
ng v
i qui
n ma
ho
a phe
p c ng kho
a vo
ng
kh
i ta o xa
y ra v
i round = 0 tr
c khi ca
c vo
ng l p cu
a thu t toa
n c th c hi n. Ham
AddRoundKey() c th c hi n trong thu t toa
n ma
ho
a ha
m na
y co
th minh ho a qua hi
nh ve
tring o
l = round * Nb.
i a chi
byte trong ca
c word cu
a da
y kho
a c m ta
trong ph n 3.1.
Hnh 3.12: Ham AddRoundKey cua AES
2.5.4.2. Thu t toa
n sinh kho
a (Key Expansion)
Thu t toa
n sinh kho
a cu
a AES nh n m t kho
a ma
ho
a K sau o
th c hi n m t thu
tuc sinh kha sinh mt day cac kha cho vic ma ha . Thu tuc nay s sinh tng s
Nb*(Nr+1) word, thu tuc s dung mt tp khi tao Nb word va mi mt ln lp trong s Nr
l n se
c n t
i Nb word cu
a d
li u kho
nh ca
c
word 4-byte c ky
hi u la
[w
i
] trong o
0 s i < Nb(Nr+1).
S m
r ng kho
a tha
nh da
y kho
a c m ta
qua oa n gia
ma
sau:
KeyExpansion(byte key[4*Nk], word w[Nb*(Nr+1)], Nk)
begin
word temp
i = 0
while (i < Nk)
Chng III: Cc h ma khoa bi mt
64
w[i] = word(key[4*i], key[4*i+1], key[4*i+2], key[4*i+3])
i = i+1
end while
i = Nk
while (i < Nb * (Nr+1)]
temp = w[i-1]
if (i mod Nk = 0)
temp = SubWord(RotWord(temp)) xor Rcon[i/Nk]
else if (Nk > 6 and i mod Nk = 4)
temp = SubWord(temp)
end if
w[i] = w[i-Nk] xor temp
i = i + 1
end while
end
SubWord() la mt ham nhn mt input 4-byte va
p du ng ba
ng th S -box ln input
nhn c mt word output . Ham RotWord() nh n m t word input [a
0
, a
1
, a
2
, a
3
] th c
hi n m t hoan vi vng va tra v [a
1
, a
2
, a
3
, a
0
]. Cac phn t cua mang hng s Rcon [i]
ch
a ca
c gia
tri nh n c b
i [x
i-1
, {00}, {00}, {00}] trong o
x
i-1
la mu ha cua x (x c
bi u di n d
ma
trn chu
ng ta co
th nh n th y r ng Nk word cu
a kho
a k t qua
se
c i n b
i kho
a ma
ho
i w[i-Nk]. V
i ca
c word
vi tri
chia h t cho Nk m t bi n i se
c th c hi n v
i
w[i-1] tr
c khi th c hi n phe
la
phe
p XOR v
i m t h ng s Rcon [i].
Bi n i na
y g m m t phe
p di ch vo
ng ca
c byte cu
la
p
dung mt bang tra ln tt ca 4 byte cu
a word (SubWord()).
Ch y la thu tuc m rng kha i vi cac kha c dai 256 hi khac so vi thu
tuc cho cac kha c dai 128 ho c 192. N u Nk = 8 va i 4 la mt bi s cua Nk th
SubWord() s c ap dung cho w[i-1] tr
c khi th c hi n phe
p XOR bit.
2.5.4.3. Thu t toa
n gia
i ma
Thu t toa
n gia
i ma
kha
gi ng v
i thu t toa
n ma
ho
a v m t c u tru
c nhng 4 ham
c ba
n s
du ng la
ca
c ha
m ng c cu
a ca
c ha
n gia
i ma
. oa n gia
ma
cho thu t toa
n gia
i ma
nh sau:
InvCipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
begin
byte state[4,Nb]
state = in
Chng III: Cc h ma khoa bi mt
65
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1]) // See Sec. 5.1.4
for round = Nr-1 step -1 downto 1
InvShiftRows(state) // See Sec. 5.3.1
InvSubBytes(state) // See Sec. 5.3.2
AddRoundKey(state, w[round*Nb, (round+1)*Nb-1])
InvMixColumns(state) // See Sec. 5.3.3
end for
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[0, Nb-1])
out = state
end
2.5.4.3.1. Ham InvShiftRows()
Ham nay la ham ngc cua ham ShiftRows () . Cac byte cua ba hang cui cua
mang trang thai s c dich vng vi cac vi tri dich khac nhau . Hang u tin khng bi
dich, ba ha
ca
c gia
o s ha
ng nh trong ph n 5.1.2.
Cu th ham nay tin hanh x ly sau:
'
,( ( , ))mod ,
0 4, 0 ( 4)
r c shift r Nb Nb r c
s s r c Nb Nb
+
= < < s < =
Hnh minh hoa:
Chng III: Cc h ma khoa bi mt
66
Hnh 3.13: Ham InvShiftRows() cua AES
2.5.4.3.2. Ham InvSubBytes()
Ham nay la ham ngc cua ham SubBytes(), ham s dung nghich ao cua bin i
Affine b ng ca
ch th c hi n nhn nghi ch a
o trn GF(2
8
).
Bang th c s
du ng trong ha
m la
:
Bang 3.28: Bang th cho ham InvSubBytes()
2.5.4.3.3. Ham InvMixColumns()
Ham nay la ham ngc cua ham MixColumns (). Ham lam vic trn cac ct cua
mang trang thai , coi m i c t nh la
mt a th
i m t a
th
c c i nh la
a
-1
(x):
a
-1
(x) = {0b}x
3
+ {0d}x
2
+ {09}x + {0e}
Va c th m ta bng phe
p nhn ma tr n nh sau:
s(x) = a
-1
(x)s(x):
'
0, 0,
'
1, 1,
'
2, 2,
'
3, 3,
0 0 0 09
09 0 0 0
0 09 0 0
0 0 09 0
c c
c c
c c
c c
e b d S S
e b d S S
d e b S S
b d e S S
( (
(
( (
(
( (
(
=
( (
(
( (
(
( (
trong o
0 s c < Nb.
K t qua
la
b n byte trong m i c t se
c sau:
'
0, 0, 1, 2, 3,
({0 } ) ({0 } ) ({0 } ) ({09} )
c c c c c
s e s b s d s s = - - - -
'
1, 0, 1, 2, 3,
({09} ) ({0 } ) ({0 } ) ({0 } )
c c c c c
s s e s b s d s = - - - -
Chng III: Cc h ma khoa bi mt
67
'
2, 0, 1, 2, 3,
({0 } ) ({09} ) ({0 } ) ({0 } )
c c c c c
s d s s e s b s = - - - -
'
3, 0, 1, 2, 3,
({0 } ) ({0 } ) ({09} ) ({0 } )
c c c c c
s b s d s s e s = - - - -
2.5.4.3.4. Ham nghich o cua ham AddRoundKey()
Th t thu
vi la
ha
m na
y t ba
n thn no
la
nghi ch a
o cu
a chi
nh no
la
do ha
m chi
co
phep toan XOR bit.
2.5.4.3.5. Thu t toa
n gii ma tng ng
Trong thu t toa
n gia
i ma
c tri
nh ba
trn chu
ng ta th y th
t cu
a ca
c ha
m
bi n i c a
p du ng kha
c so v
i thu t toa
n ma
ho
a trong khi da ng cu
a danh sa
ch kho
a
cho ca
2 thu t toa
n v n gi
nguyn. Tuy v y m t s c i m cu
p chu
ng ta
c mt thut toan giai ma tng ng c th t ap dung cac ham bin i ging vi
thu t toa
n ma
ho
a (t t nhin la
thay ca
c bi n i b ng ca
c ha
m ng c cu
a chu
ng ). i u
nay at c bng cach thay i danh sach kha.
Hai thu c ti
p chu
ng ta co
m t thu t toa
n gia
i ma
tng ng:
1. Cac ham SubBytes () va ShiftRows() hoan i cho nhau ; c ngha la mt bin
i SubBytes () theo sau b
i m t bi n i ShiftRows () tng ng v
i m t bi n i
ShiftRows() theo sau b
i m t bi n i SubBytes (). i u na
y cu
ng u
ng v
i ca
c ha
m
ng c cu
a chu
ng
2. Cac ham trn ct MixColumns() va InvMixColumns() la cac ham tuyn tinh
i v
i ca
t cu
a ca
c ha
ca
c c t cu
a danh sa
ch kho
a gia
i ma
pha
i c thay i b ng ca
ch s
du ng ha
m
InvMixColumns().
Thu t toa
n gia
i ma
tng ng c th c hi n b ng ca
ch ao ngc th t cua
ham InvSubBytes () va InvShiftRows (), va thay i th t cua AddRoundKey () va
InvMixColumns() trong ca
a cho gia
cu i cu
ng cu
a danh sa
ch
kha khng bi thay i khi ta ap dung phng phap nay.
Thu t toa
n gia
i ma
c hi u qua
hn so v
i thu t toa
n
giai ma trc .
oa n gia
ma
ng ta a
ch s
du ng
chng ma ha cac d liu cn ma ha. Cach thc s dung mt thut toan ma ha khi
trong thc t c goi la Mode of Use hay Mode Of Operation. C 4 hnh thc s dung
cac h ma khi c inh ngha trong cac chun ANSI (vi du ANSI X3.106-1983 danh
cho DES). D a va
o vi c x
ly
li u input cu
a h ma
ng
i ta chia tha
nh hai loa i c ch
s dung cac h ma khi sau:
1. Cc ch khi (Block Mode): x ly cac thng ip theo cac khi (ECB, CBC)
2. Cc ch lung, dng (Stream Modes): x ly cac thng ip nh la mt
lung bit/byte (CFB, OFB).
Cac ch khi thng c s dung ma ha cac d liu ma ch ng ta bit
tr
c v vi tri
, l
n tr
c khi ma
ho
a (ch ng ha n nh ca
i i ) trong khi ca
c ch lu ng th
ng c s
du ng cho vi c ma
ho
a ca
c d
li u
khng c bi t tr
c v l
c ti
n hi u do m t b ca
m bi n o c t
bn ngoa
i va
o.
Ch : DES, 3DES, AES (hay bt k mt thut ton ma hoa khi no khc) to
thnh mt khi xy dng c bn. Tuy nhin s dng chung trong thc t, chung ta
thng cn lm vic vi cc khi lng d liu khng th bit trc c, co th chung l
mt khi d liu sn sng ngay cho vic ma hoa(khi o vic s dng ma hoa theo c ch
khi l ph hp), hoc co th ch c mt vi bit, byte ti mt thi im (khi o s dng
ch dng l ph hp). V th cc c ch s dng ma khi c trnh by trong phn
ny l ring cho DES nhng cu
ng c a
p du ng tng t cho ca
c h ma
kh i kha
c.
2.6.2. C ch ba
ng tra ma
i n t
ho
n
ma la kt qua cua vic ma ha ring bit khi ban r tng ng vi n va c lp vi khi
khac. Cach lam vic nay ging nh chng ta thay th cac khi ban ma bng cac khi ban
r tng ng nn c tn goi la bang tra ma in t.
P = P
1
P
2
P
N
Ma ha: C
i
= DES
K
(P
i
), k t qua
ba
n ma
la
C = C
1
C
2
..C
N
. Qua trnh giai ma tin hanh
ng c la i: P
i
= DES
-1
K
(C
i
).
Ma ha
P
P1 P2 Pn
C1 C2 Cn
E E E
C
K Giai ma
C
C1 C2 Cn
P1 P2 Pn
D D D
P
K
Hnh 3.14: C ch ECB
ECB la ch s dung n gian va d cai t nht, c s dung khi ch mt khi
n thng tin cn c gi i (chng han nh mt kha session c ma ha bng cach
dng mt kha chinh).
Do trong ECB cac khi ban r c ma ha c lp nn lam nay sinh mt s nhc
i m sau: cac lp lai cua thng ip c th c th hin trn ban ma, ngha la nu c
cac ban r ging nhau th tng ng cac ban ma ging nhau , i u na
y c bi t th hi n
r vi cac d liu lp lai nhiu chng han nh cac d liu hnh anh. Vi c l ti
nh l p la i
cua ban r c th dn ti cac tn cng theo phng phap phn tich thng k . Hn n
a
cac ban ma c th bi gia mao bng cach thm mt s khi ban ma gia vao kt qua ma
ha, bn nh n se
khng pha
t hi n ra s gia
ma o na
y . Bn ca nh o
mo
c xi
nay chinh la
iu ma CBC cung cp cho chng ta bng cach kt hp khi ban r trc vi khi thng
ip hin tai trc khi ma ha.
Cung ging nh c ch EBC trong c ch CBC ba
n ro
se
tri
n ro
ho c ba
n ma
na
o o
cu
ng la
m sai l ch k t qua
ma
ha va giai ma tng ng . Kh khn nht trong vic s dung CBC chinh la quan ly cac
gia tri IV s dung , th
ng thi
c kh
i ta o b ng ca
c gia
tri m
i va
i cho bn nh n tr
c khi ma
ho
a . Tuy
nhin nu IV bi tit l ke tn cng c th lam thay i cac bit khi u tin, v th c th
IV la mt gia tri c inh hoc c gi i sau khi a
ma ha bng ECB.
2.6.4. Ch ma phn hi CFB (Cipher Feedback) va ch ma phn hi u ra
OFB (Output Feedback)
Cac ch lung CFB va OFB c s dung ma ha cac d
li u c cung
c p r
i ra c, th
ng la
ca
c ti
n hi u nh n c t
v tinh ho c do m t b ca
m bi n na
o o
truy n v . Chinh v d liu c cung cp ri rac nn tai mt thi im chng ta khng
th bi t tr
c l
n va vi tri d liu s c ma ha . Do o
i v
i ca
c ch lu ng
x
1
e
k
y
1
IV=y
0
x
2
e
k
y
2
y
1
x
1
IV=y
0
d
k
y
2
x
2
d
k
M ho Gii m
Chng III: Cc h ma khoa bi mt
71
input cho thu t toa
n ma
ho
a c xem la
m t lu ng ca
c bit cu
a ba
n ro
c l n l t theo
th
i gian.
Trong ch OFB va CFB dng khoa c tao ra s c cng modulo 2 vi ban
r. OFB thc s la mt h ma ng b: dng khoa c thanh lp bi vic tao lp cac
vector khi tao 64 bit (vector IV). Ta xac inh z
0
= IV v tnh dng kho z
1
z
2
... z
n
theo quy
tc z
i
= e
k
(z
i-1
) vi i 1. Sau day ban r x
1
x
2
... x
n
s c ma hoa bng cach tinh y
i
=
x
i
z
i
vi i 1.
Trong ch CFB, ta bt u vi y
0
= IV (vector khi tao 64 bit) va tao phn t z
i
cua dng khoa bng cach ma hoa khi ban ma trc . Tc la z
i
= e
k
(y
i-1
) vi i1 va y
i
=
x
i
z
i
vi i1. Vic s dung CFB c m ta bng s sau (e
k
trong trng hp nay
c s dung cho ca ma hoa va giai ma):
Hnh 3.16: Ch CFB
Cung c mt vai dang khac cua OFB va CFB c goi la ch phan hi k-bit (1<
k < 64). y ta a m ta ch phan hi 64 bit. Cac ch phan hi 1-bit v 8-bit
thng c s dung cho phep ma hoa ng thi 1 bit (hay byte) d liu. Ky thut c
ban c s dung y la mt thanh ghi dich 64 bit va mi bc dich c k-bit lm
u vao cho ma hoa. K-bit bn trai cua u vao ham ma hoa c XOR vi n vi u
cua block ban r tip theo a ra mt n vi ban ma truyn i va n vi nay c
a lai vao k-bit bn phai cua thanh ghi dich. Qua trnh x ly tip tuc cho ti khi tt ca
n vi ban r u c ma hoa. im khac nhau gia CFB va OFB la k-bit hi tip cho
b ghi dich c ly t trc hay sau b XOR (nu ly sau b XOR th d liu a ma hoa
ng vi CFB, cn ly phia trc th la OFB).
Nhn chung , bn ch cua DES u c nhng u nhc im ring. ch
ECB va OFB, s thay i cua mt khi ban r x
i
64 bit s lam thay i khi ban ma y
i
tng ng, nhng cac khi ban khac th khng bi anh hng. Trong mt s tnh hung,
x
1
y
1
e
k e
k
IV=y
0
x
2
y
2
y
1
x
1
e
k e
k
IV=y
0
y
2
x
2
Gii m
M ho
Chng III: Cc h ma khoa bi mt
72
y la mt tinh cht ang mong mun. Vi du nh ch OFB thng c dng ma
hoa trong vic truyn tin hiu qua v tinh.
Mt khac, ch CBC va CFB, nu mt khi ban r x
i
bi thay i th y
i
va cac khi
tip theo s bi anh hng. Nh vy ch CBC va CFB c th c s dung rt hiu
qua trong muc ich xac thc. Cung v ly do nn CFB th
ng c du
ng ma
ho
a
trong ca
c tr
ng h p ma
du ng ba
ng
ch
ca
i ti ng Anh): WKXPEVXS.
Bai tp 3.2 (kho): Thng i p bi
m t n sau oa n vn ba
n ti ng Anh sau la
gi
:
The supply of game for London is going steadily
up. Head keeper Hudson, we believe, has been
now told to receive all orders for fly paper and for
preservations of your hen-pheasant's life.
Trich trong tac phm The Gloria Scott.
Bai tp 3.3: S
du ng ba
ng sau (h ma
: y la
m t h ma
thay th t ng hi
nh.
Bai tp 3.4: Hay tm thng i p bi
m t n gi u trong oa n vn ba
n sau:
Dear George, 3rd March
Greetings to all at Oxford. Many thanks for your
letter and for the Summer examination package.
All Entry Forms and Fees Forms should be ready
for final dispatch to the Syndicate by Friday
20th or at the very least, Im told, by the 21st.
Admin has improved here, though theres room
for improvement still; just give us all two or three
more years and well really show you! Please
dont let these wretched 16+ proposals destroy
your basic O and A pattern. Certainly this
sort of change, if implemented immediately,
would bring chaos.
Bai tp 3.5: Cho h ma Affine c cai t trn Z
99
. Khi kha la cac cp (a, b) trong
a, b e Z
99
vi (a, 99) = 1. Ham ma ha E
K
(x) = (a * x + b) mod 99 va ham giai ma D
K
(x) = a
-1
* (x b) mod 99.
a) Hay xac inh s kha c th c s dung cho h ma nay.
b) Nu nh kha giai ma la K
-1
= (16, 7), hay thc hin ma ha xu m =
DANGER.
Bai tp 3.6: Cho h ma Affine c cai t trn Z
39
. Khi kha la cac cp (a, b) trong
a, b e Z
39
vi (a, 39) = 1. Ham ma ha E
K
(x) = (a * x + b) mod 39 va ham giai ma D
K
(x) = a
-1
* (x b) mod 39.
a) Hay xac inh s kha c th c s dung cho h ma nay.
b) Nu nh kha giai ma la K
-1
= (23, 7), hay thc hin ma ha xu m = ATTACK.
Bai tp 3.7: Cho h ma Affine c cai t trn Z
55
. Khi kha la cac cp (a, b) trong
a, b e Z
55
vi (a, 55) = 1. Ham ma ha E
K
(x) = (a * x + b) mod 55 va ham giai ma D
K
(x) = a
-1
* (x b) mod 55.
a) Hay xac inh s kha c th c s dung cho h ma nay.
Chng III: Cc h ma khoa bi mt
74
b) Kha giai ma la K
-1
= (13, 17), hay xac inh kha ma ha.
Bai t p 3.8: Gia s h ma Affine c cai t trn Z
99
.
a) Hay xac inh s kha c th c cua h ma.
b) Gia s kha ma ha la (16, 7), hay xac inh kha giai ma.
Bai t p 3.9: Gia s h ma Affine c cai t trn Z
126
.
a) Hay xac inh s kha c th c cua h ma.
b) Gia s kha ma ha la (23, 7), hay xac inh kha giai ma.
Bai tp 3.10: Cho h ma Hill c M = 2.
a) Ma trn A =
(
17 13
3 5
c th c s dung lam kha cho h ma trn khng giai
thch.
b) Cho A =
(
7 3
5 12
hay thc hin ma ha va giai ma vi xu S = HARD.
Bai tp 3.11: Cho h ma Hill c M = 2.
a) Ma trn A =
(
a 11
3 5
c s dung lam kha cho h ma trn. Hay tm tt ca cac
kha c th s dung cua h ma trn.
b) Gia s ngi ta s dung h ma trn ma ha ban r P = EASY va thu c
ban ma la UMQA. Hay thc hin giai ma vi ban ma la C = MCDZUZ va a
ra ban r.
Bai tp 3.12: Cho h ma Hill c M = 2.
a) Ma trn A =
(
a 7
13 15
c s dung lam kha cho h ma trn. Hay tm tt ca
cac kha c th s dung cua h ma trn.
b) Gia s ngi ta s dung h ma trn ma ha ban r P = MARS va thu c
ban ma la YARH. Hay thc hin giai ma vi ban ma la C = MANNTF va a
ra ban r.
Bai tp 3.13: Cho h ma Vigenere c M = 6, K = CIPHER.
a) Hay thc hin ma ha xu P = THIS IS MY TEST.
b) Hay thc hin giai ma xu M = EICJIC RTPUEI GBGLEK CBDUGV.
Bai tp 3.14: Cho h ma Vigenere c M = 6. Ma ha xu P = THIS IS MY TEST ngi
ta thu c ban ma la LLKJML ECVVWM.
a) Hay tm kha ma ha a dng cua h ma trn.
b) Dng kha tm c phn trn hay giai ma ban ma C = KLGZWT
OMBRVW.
Chng III: Cc h ma khoa bi mt
75
Bai tp 3.15: Cho h ma Vigenere c M = 6. Ma ha xu P = SPIRIT ngi ta thu c
ban ma la OXHRZW.
a) Hay tm kha ma ha a dng cua h ma trn.
b) Dng kha tm c phn trn hay giai ma ban ma C = BQETYH HMBEEW.
Bai tp 3.16: Cho h ma Vigenere c M = 6. Giai ma xu C = RANJLV ngi ta thu
c ban r la CIPHER.
a) Tm kha a s dung cua h ma trn.
b) Dng kha tm c phn trn hay hay giai ma xu M = PLDKCI DUJQJO.
Bai tp 3.17: Phng pha
p ma
ho
a thay th n gia
n
oa n vn ba
n sau c ma
ho
a b ng ca
ch s
du ng m t phng pha
p ma
ho
a thay
th n gia
n. Ban r la mt phn cua mt vn ban ting Anh vit hoa, b qua cac du
cu. Hay s dung bang thng k tn sut xut hin cua cac ch cai trong ting Anh
giai ma ban ma a cho.
ODQSOCL OW GIU BOEE QRROHOCS QV GIUR KIA QF Q DQCQSLR WIR
ICL IW CQFQF EIYQE YIDJUVLR FGFVLDF GIU SLV OCVI GIUR
IWWOYL IC VXQV DICPQG DIRCOCS VI WOCP VXL JXICLF ROCSOCS
LHLRG YQEELR OF Q POFVRQUSXV YICWUFLP CQFQ BIRMLR QCP
LHLRG YQEELR QFFURLF GIU VXQV XOF IR XLR WOEL IR
QYYIUCVOCS RLYIRP IR RLFLQRYX JRIKLYV LHLRG ICL IW BXOYX
OF DOFFOCS WRID VXL YIDJUVLR FGFVLD OF QAFIEUVLEG HOVQE
Bang thng k tn sut xut hi n cu
a ca
c ch
ca
i trong ti ng Anh:
Ch
ca
i T n su t Ch
ca
i T n su t Ch
ca
i T n su t
A 8.2 % J 0.2 % S 6.3 %
B 1.5 % K 08 % T 9.1 %
C 2.8 % L 4.0 % U 2.8 %
D 4.3 % M 2.4 % V 1.0 %
E 12.7 % N 6.7 % W 2.3 %
F 2.2 % O 7.5 % X 0.1 %
G 2.0 % P 1.9 % Y 2.0 %
H 6.1 % Q 0.1 % Z 0.1 %
I 7.0 % R 6.0 %
Bai t p 3.18: Cho ba
n ma
sau:
EYMHP GZYHH PTIAP QIHPH YIRMQ EYPXQ FIQHI AHYIW ISITK MHXQZ PNMQQ
XFIKJ MKXIJ RIKIU XSSXQ ZEPGS ATIHP PSXZY H
Chng III: Cc h ma khoa bi mt
76
Bi t r ng ba
ng ch
ca
i s
du ng la
ng phn ph i t n su t
ph n a xa
c i nh
xem kha
nng na
o la
cao hn (h ma
du ng m t trong ca
c ngn ng
l p tri
n ti ng Anh
da ng file text.
Bai tp 3.21: Vi t chng tri
n ti ng Vi t
da ng file RTF.
Bai tp 3.22: Vi t chng tri
nh ca
i t thu t toa
nh ca
i t thu t toa
n ma
ho
a va
gia
i ma
cu
a h ma
Affine.
Bai tp 3.24: Vi t chng tri
nh ti
nh i nh th
c cu
nh ca
i t thu t toa
n ma
ho
a va
gia
i ma
cu
a h ma
Hill.
Bai tp 3.26: Vi t chng tri
nh ca
i t thu t toa
n ma
ho
a va
gia
i ma
cu
a h ma
Vigenere.
Bai tp 3.27: Vi t chng tri
nh ma
ho
a va
gia
i ma
i ca
c c ch
ma ha ECB, CBC.
Bai tp 3.28: Vi t chng tri
nh ma
ho
a va
gia
i ma
file theo h ma
AES v
i ca
c c ch ma
ha ECB, CBC.
Chng IV: Cc h ma mt khoa cng khai
77
CHNG IV: CAC H MA MT KHOA CNG KHAI
Trong ca
c h ma
m t kho
a bi
m t n u chu
ng ta bi t kho
a va
ha
m ma
ho
a chu
ng ta
c th tm c kha va ham giai ma mt cach nhanh chng (th
i gian a th
c).
M t h ma
m t kho
a bi
m t la
m t h ma
a gia
i ma
ca
c thng tin o
.
1. Khi nim h ma mt khoa cng khai
Cac h ma c trnh bay trong ca
c chng tr
c c go i la
ca
c h ma
kho
a bi
m t, kha i xng, hay ca
c h ma
truy n th ng (conventional).
Cac h ma nay c cac im yu sau y:
- N u s l ng ng
i s
i n
ng
i s
du ng thi
s kho
a se
la
n *(n-1)/2 do o
r t kho
qua
n ly
, ph
c ta p va
khng an toa
n.
- D a trn ca
c h ma
na
y khng th xy d ng ca
c kha
i ni m va
di ch vu nh ch
ky in t, dich vu xac thc ha ngi dng cho cac ng dung thng mai in
t
.
Vao nm 1975 Diffie va
nh cu
a mi
nh (m t ba
i ba
o) a
xu t ra ca
c y
ng cho phe
p xy d ng ln ca
c h ma
hoa t ng theo ca
c nguyn t c
m
i g n li n v
i ca
c bn truy n tin ch
khng g n v
i ca
c c p truy n tin.
Nguyn t c hoa t ng cu
a ca
c h ma
la
co
2 kha,
m t kho
a go i la
kho
a bi
m t va
m t kho
a c go i la
kho
a b t c
ai cu
ng co
th s
du ng kho
a na
y g
i tin cho ng
i chu
cu
a h
ma (K
P
). Ngay nay chng ta c th thy rt r nguyn tc nay trong vic gi email , moi
ng
i u co
th g
i email t
i m t i a chi
email na
o o
, nhng chi
co
ng
i chu
u
cua ia ch email mi c th oc c ni dung c ua bc th, cn nhng ngi khac
th khng. V
i ca
c h ma
kho
a se
tr
nn d da
ng hn
qua ca
a cng c ng , s l ng kho
a h th ng qua
n ly
cu
ng se
t hn
(la n kha cho n ngi du
c h ma
na
y.
Cac yu cu cua loai h ma nay:
- Vi c sinh K
P
, K
S
phai d dang
- Vi c ti
nh E(K
P
, M) la d dang
- N u co
C = E(K
P
, M) va K
S
th vic tm ban r cung la d
- N u bi t K
P
th vic d tm K
S
la kh
- Vi c khi phu c ba
n ro
ba
n ma
la
r t kho
Khi A mu n truy n tin cho B , A se
du ng kho
a K
P
cua B ma ha tin tc va
truy n ba
n ma
i cho B, B se
du ng kho
a bi
m t cu
a mi
nh gia
i ma
va
o c tin:
Chng IV: Cc h ma mt khoa cng khai
78
Hnh 4.1: M hi
nh s
nh s
nh (2) c s
du ng c ho ca
c h ch
ky
i n t
co
n m hi
nh (1) c s
dung cho cac h ma mt . Cac h ma nay c goi la cac h ma kha cng khai PKC
(Public Key Cryptosystems) hay ca
c h ma
b t i x
ng (Asymmetric Encryption
Scheme).
2. Nguyn t c c u ta o cu
a ca
c h ma
m t kho
a cng khai
Cac h ma kha cng khai c xy dng da trn cac ham c goi la cac ham 1
phia hay ham 1 chi u (oneway functions).
Ham mt chiu f : X Y la
m m t ha
m ma
n u bi t x e X ta co
th d da
ng ti
nh
c y = f(x). Nhng v
i y b t ky
e Y vi c ti
m ha
m ng c f
-1
la rt kh.
Vi du nu chng ta c cac s nguyn t P
1
, P
2
, ..., P
n
th vic tinh N = P
1
* P
2
* ... *
P
n
la d nhng nu c N th vic phn tich ngc lai la mt bai toan kh vi N ln.
thu n ti n ca
c ha
m m t phi
a c s
du ng trong ca
c h ma
PKC th
ng c
trang bi ca
c c
m x tho
a ma
a b y na
y.
Ham cua by (trapdoor function): la mt ham mt chiu trong vic tinh f
-1
la rt
nhanh khi chu
ng ta bi t c c
a b y cu
a ha
m. Vi du vic tm nghi m cu
a ba
i toa
n x p
bal 0/1 trong h ma
x p bal Knapsack ma
chu
ng ta se
ho c trong ph n ti p theo la
m t
ham mt phia (vi c ma
ho
a r t nhanh va
d da
ng nhng ti
ng la
kh) nhng n u ta bi t c
ng.
3. M t s h ma
kho
a cng khai
3.1. H ma
knapsack
Bai toan xp ba l tng quat:
Kha cng
khai (K
P
)
Kha b mt
(K
S
)
M ha Gii m
Plaintext Plaintext
Ciphertext
A B
M ha Gii m
Plaintext
Kha b mt
(K
S
)
Kha cng
khai (K
P
)
Plaintext
Signed Message
A B
Chng IV: Cc h ma mt khoa cng khai
79
Cho M, N va
A
1
, A
2
, ...., A
N
la cac s nguyn dng tm cac s x
i
khng m sao cho:
M =
1
*
N
i i
i
x A
=
Vecto A = (A
1
, A
2
, ..., A
N
) c go i la
vecto x p bal co
n vect X = (x
1
, x
2
, , x
N
) la
vect nghi m.
M t tr
ng h p ring a
ng quan tm cu
a ba
i toa
n x p ba l t ng qua
t la
tr
ng
h p ma x
i
e {0, 1}. Khi o
ta co
ba
i toa
n x p ba l 0, 1.
Vecto x p ba l siu tng : Trong tr
ng h p vecto (A
1
, A
2
, ..., A
N
) c s p la i
thanh (A
1
, A
2
, ..., A
N
) sao cho:
i ta co
:
'
j
j i
A
<
< A
i
th vecto (A
1
, A
2
, ..., A
N
) c go i la
ngay ti
nh ch t : M >= A
i
i.
Do o
vi c gia
i ba
i toa
n x p ba l 0/1 tr
nn d da
ng hn r t nhi u.
H ma
knapsack do Merkle va
Hellman a ra va
o nm 1978.
Cch xy dng:
1. Chon 1 vecto siu tng A
= (a
1
, a
2
, ..., a
N
), chon 1 s M > 2 * a
N
, chon ngu
nhin 1 s u < M va
(u, M) = 1
2. Xy d ng Vecto A = (a
1
, a
2
, ..., a
N
) trong o
a
i
= (a
i
* u) mod M
3. Kha: K
P
= (A, M), K
S
= (u, u
-1
)
4. Khng gian ca
c ba
n ro
la
khng gian mo i da
y N bit
P = (x
1
, x
2
, ..., x
n
).
Ma ha: C = (
1
*
N
i i
i
a x
=
)mod M
Giai ma: tinh C
= C * u
-1
mod M sau o
gia
i ba
i toa
n x p ba l 0/1 v
i A
, C
tm c P = (x
1
, x
2
, ..., x
n
).
Vi du 1: Cho h ma
Knapsack co
RSA c t tn d a theo ca
c ch
ca
i u cu
s mu
l p ma
- tm phn t ngc cua e trn vanh module C(N), d la
s mu
gia
i ma
- kha cng khai l K
P
= (e, N)
- kha bi mt la K
S
= K
-1
P
= (d, p, q)
Vic thit lp kha nay c thc hin 1 ln khi mt ngi dng thit lp (thay th)
kha cng khai cua ho. Mu e thng la kha nh ( ma ha nhanh), va phai la nguyn t
cng nhau vi C(N). Cac gia tri thng c chon cho e la 3 ho c 2
16
1 = 65535. Tuy
nhin khi e nho
thi
d se
tng i l
n.
S dung RSA
- ma ha mt thng ip M: C = M
e
(mod N) (0<= M < N)
- giai ma: M = C
d
(mod N)
Thut toan ma ha RSA lam vic c bi v n da trn c s toan hoc la s tng
quat inh ly Ferma nh cua clit: X
C(N)
= 1 (mod N). Trong thut toan RSA chng ta chon
e v d l nghich ao cua nhau trn vanh Z
C(N
) vi e c chon trc.
Do chng ta s c e.d 1 mod C(N), suy ra:
M = C
d
= M
e.d
= M
1+q.C(N)
= M . (M
C(N)
)
q
= M mod N
Cng thc nay am bao vic giai ma s cho kt qua ng la ban r ban u (ch y
la iu nay ch ng khi p khac q).
Vi du 1: Cho h ma RSA c N = p*q = 11 * 47 = 517, e = 3.
- Hy tm cc kha cng khai va bi mt cua h ma trn
- Ma ha ban r M = 26.
u tin ta tinh c C(N) = 460 = 10 * 46, do (3,460) = 1 nn ap dung thut toa
n
clit m rng ta tm c d = 307.
Vy kha cng khai cua h ma K
P
= (e, N) = (3, 517), kha bi mt la K
S
= (d, p, q) =
(307, 11, 47).
M ha M = 26 ta c C = M
e
mod N = 26
3
mod 517 = 515.
an toan cua RSA
an toan cua RSA phu thuc vao kh cua vic tinh C(N) va iu nay i hi
chng ta cn phn tich N ra tha s nguyn t. Thut toan phn tich s nguyn t hiu
qua nht hin nay la Brent-Pollard, chng ta hay xem xet bang thng k sau thy c
tc hoat ng cua n:
S ch s trong h thp phn cua N S cc thao tc Bit phn tich N
Chng IV: Cc h ma mt khoa cng khai
81
20 7.20e+03
40 3.11e+06
60 4.63e+08
80 3.72e+10
100 1.97e+12
120 7.69e+13
140 2.35e+15
160 5.92e+16
180 1.26e+18
200 2.36e+19
Bang 4.1: T c cu
a thu t toa
n Brent-Pollard
Cac nghin cu v vn phn tich cac s nguyn ln hin nay tin trin rt chm,
cac tin b ln nht cung ch la cac cai tin v thut toan va c th ni rng tr khi c cac
t pha trong vic phn tich cac s 1024 bit, RSA la an toan trong thi im hin nay.
Cac nha mt ma hoc phat minh ra h ma RSA a a ra mt giai thng tri gia 100
$ vao nm 1977. la mt h ma vi s N c 129 ch s, thach thc nay a c pha.
Trn thc t cai t RSA cn phai thc hin cac thao tac modulo vi cac s 300
ch s (hay 1024 bit) ma hin nay cac may tinh mi ch thao tac vi cac s nguyn 64 bit,
iu nay dn n nhu cu cn cac th vin s hoc nhn chinh xac lam vic vi cac s
nguyn ln nay. Ngoai ra vic s dung RSA cn ti cac s nguyn t ln nn chng ta
cung phai c mt c s d liu cac s nguyn t.
tng tc cho RSA chng ta c th s dung mt s phng phap khac chng han
nh cai tin cac phep tinh toan nhn hai s ln hoc tng tc vic tm ban ma, ban r.
i vi phep nhn 2 s n bit thng thng chng ta cn thc hin O(n
2
) php tnh
bit. Thut toan nhn cac s nguyn Schonhage Strassen cho phep chng ta thc hin
phep nhn 2 s vi phc tap la O(n log n) vi cac bc nh sau:
- Chia mi s nguyn thanh cac khi, s dung cac khi nay nh cac h s cua
mt a thc.
- Tinh cac a thc nay tai mt s cac im thich hp, va nhn cac kt qua thu
c.
- Ni suy cac kt qua nay hnh thanh cac h s cua a thc tich
- Kt hp cac h s hnh thanh nn tich cua hai s ban u
- Bin i Fourier ri rac, va ly thuyt chp c th c s dung tng tc
cua qua trnh ni suy.
Chng IV: Cc h ma mt khoa cng khai
82
Mt cach khac na tng tc vic nhn cac s ln trong h ma RSA la s dung
cac phn cng chuyn dung vi cac thut toan song song.
Nh a trnh bay phn trc khi m ha chng ta thng chon e nh y
nhanh qua trnh ma ha nhng iu nay cung ng ngha la vic giai ma s chm do s
mu ln. Mt cai tin ang k trong tc giai ma RSA c th nhn c bng cach s
dung inh ly phn d Trung Hoa lam vic vi modulo p va q tng ng thay v N. V p v
q ch bng mt na cua N nn tinh toan s nhanh hn nhiu.
inh ly phn d Trung Hoa c s dung trong RSA bng cach tao ra hai phng
trnh t vic giai ma M = C
d
(mod N) nh sau:
M
1
= M mod p = (C mod p)
d mod (p-1)
M
2
= M mod q = (C mod q)
d mod (q-1)
Sau ta giai h:
M = M
1
mod p
M = M
2
mod q
H nay c nghim duy nht theo inh ly phn d Trung Hoa
M = [(M
2
+ q M
1
)u mod q] p + M
1
Trong p.u mod q = 1
Vic s dung inh ly phn d Trung Hoa la mt phng phap c s dung rng
rai va ph bin tng tc giai ma cua RSA.
Hi n tng l ba
n ro
M t hi n t ng c n lu y
khi s
du ng ca
c h ma
RSA la
hi n t ng l ba
n ro
. Ta
hay xet h ma RSA c N = p*q = 5*7, e = 17, khi o
i M = 6 ta co
C = 6
17
mod N = 6.
Tng t v
i h ma
RSA co
i mo i M ta u co
M
e
mod N = M.
Theo ti
nh toa
n thi
i m t h ma
RSA co
N = p*q va
e b t ky
, s l ng ba
n ro
se
bi
l khi ma
ho
a se
la
c h ma
kho
co
le
h ma
RSA (cho t
i th
i i m hi n ta i )
la h ma c s dung rng rai nht.Tuy nhin do khi la
m vi c v
i d
li u u va
o (thng
i p ma
ho
a , ban r) l
n thi
kh i l ng ti
nh toa
n r t l
n nn trn th c t ng
i ta hay
dng h ma nay ma ha cac d liu c kich thc nh , ho c co
yu c u ba
o m t cao,
ch ng ha n nh ca
c kho
h ma
RSA se
c s
du ng k t h p v
i m t h ma
kh i kha
c , ch ng ha n nh AES , theo m
hnh lai ghep nh sau:
Chng IV: Cc h ma mt khoa cng khai
83
B - ngi nhn
RSA
Kha cng
khai cua B
Kha
phin K
C1
RSA
Kha bi mt
cua B
C1
Kha
phin K
AES P
C2
AES
C2
P
A - ngi gi
Hnh 4.3: M hi
nh
ng du ng lai ghe
p RSA v
i ca
c h ma
kh i
3.3. H ma
El Gamal
H ma El Gamal la mt bin th cua s phn phi khoa Diffie Hellman. H ma
ny c El Gamal a ra vao nm 1985. Ging nh s phn phi kha Diffie
Hellman tinh an toan cua n da trn tinh kh giai cua bai toan logarit ri rac. Nhc
im chinh cua n la kich thc thng tin sau khi ma ha gi i s tng gp i so vi
thng tin gc.
Tuy nhin so vi RSA, El Gamal khng c nhiu rc ri v vn ban quyn s
dung.
Ban u ngi ta s chon mt s nguyn t ln p va hai s nguyn tuy y nh hn p
l a (a la
m t ph n t
nguyn thu
y cu
a Z
*
P
) va x (x la cua ngi nhn, bi mt) sau tinh:
y = a
x
mod p
ma ha mt thng ip M (la mt s nguyn trn Z
P
) thanh ban ma C ngi gi
chon mt s ngu nhin k nh hn p va tinh kha ma ha K:
K = y
k
mod p
Sau tinh cp ban ma:
- C
1
= a
k
mod p
- C
2
= K.M mod p
Va gi ban ma C = (C
1
, C
2
) i (ch y la sau k s bi huy).
giai ma thng ip u tin ta cn tinh lai kha ma ha thng ip K:
K = C
1
x
mod p = a
k.x
mod p
Sau tinh M bng cach giai phng trnh sau y:
M = C
2
. K
-1
mod p
Vic giai ma bao gm vic tinh lai kha tam thi K (rt ging vi m hnh cua Diffie
Hellman a ra). Kha cng khai cua h ma la (p, a, y), kha bi mt la x.
Vi du: Cho h ma El Gamal c P = 97, a = 5, x = 58.
Chng IV: Cc h ma mt khoa cng khai
84
- Tm kha cua h ma trn.
- Ma ha ban r M = 3 vi k c chon bng 36.
Trc ht ta tinh y = 5
58
mod 97 = 44, t suy ra K
P
= (P, a, y) = (97, 5, 44) v K
S
= (58).
ma ha thng ip M = 3 ta tnh kha K = 44
36
mod 97 = 75 sau tinh:
- C
1
= 5
36
= 50 mod 97
- C
2
= 75.3 mod 97 = 31 mod 97
Vy ban ma thu c la C = (50, 31).
Vn i vi cac h ma kha cng khai ni chung va El Gamal ni ring la tc
(do phai lam vic vi cac s nguyn ln), bn canh dung lng b nh danh cho vic
lu tr cac kha cung ln. Vi h ma El Gamal chng ta cn gp i b nh cha ban
ma so vi cac h ma khac. Ngoai ra do vic s dung cac s nguyn t nn vic sinh kha
va quan ly kha cung kh khn hn vi cac h ma khi. Trn thc t cac h ma kha
cng khai thng c s dung kt hp vi cac h ma khi (ma ha kha cua h ma)
hoc ma ha cac thng tin c dung lng nh va la mt phn quan trong cua mt
phin truyn tin nao .
Thm ma i vi h ma El Gamal
th c hi n tha
m ma
h ma
El Gamal chu
ng ta c n gia
i ba
i toa
n Logaritm r
i ra c .
y chng ta s xem xet hai thut toan c th ap dung giai bai toa n na
y, v
i
ph
c ta p va
kha
nng a
p du ng kha
c nhau.
Thu t toa
n Shank
Thu t toa
n na
y co
n co
tn kha
c la
thu t toa
n cn b ng th
i gian b nh
(Time-
Memory Trade Off), c ngha la nu chng ta c u b nh th c th s dung b nh
lam giam thi gian thc hin cua thut toan xung.
Input: s nguyn t p, ph n t
nguyn thu
y a cu
a
*
p
Z , s nguyn y.
Output: c n ti
m x sao cho a
x
mod p = y.
Thu t toa
n:
Goi m = [(p-1)
1/2
] (l y ph n nguyn).
B
c 1: Tinh a
mj
mod p v
i 0 j m-1.
B
c 2: S p x p ca
c c p (j, a
mj
mod p) theo a
mj
mod p va
lu va
o danh sa
ch L
1
.
B
c 3: Tinh ya
-i
mod p v
i 0 i m-1.
B
c 4: S p x p ca
c c p (i, ya
-i
mod p) theo a
mj
mod p va
lu va
o danh sa
ch L
2
.
B
t n ta i c p (j, a
mj
mod p) va (i, ya
-i
mod p) nao ma a
mj
mod p = ya
-i
mod p (toa th hai cua hai cp bng nhau).
B
i gia
tri cu
a m, chng ta
c n ti
nh ca
c ph n t
ch L
1
va L
2
, u la cac phep toan luy tha phu
thu c va
o j va
i , i va
j la i phu thu c va
o m nn co
th nh n th y la
thu t toa
n na
y chi
co
th a
p du ng trong nh
ng tr
ng h p ma
p nho
.
Thu t toa
n Pohlig-Hellman
C nhng trng hp c bit ma bai toan Logarithm ri rac c th giai quyt vi
ph
c ta p nho
hn O(p
1/2
), ch ng ha n nh khi p 1 ch c cac c nguyn t nh. M t
thu t toa
n la
m vi c v
i ca
c tr
ng h p nh v y a
c Pohlig va
Hellman a ra va
o
nm 1978.
Gia s p 1 = 2
n
.
Goi a la phn t nguyn thuy cua
*
p
Z , p la
m t s le
va
a
(p-1)/2
mod p = -1. Goi m la
s nguyn thu c khoa
nh da ng nhi phn m = m
0
+ 2m
1
+ 4m
2
+ + 2
n-1
m
n-1
. Khi o
:
2 1
0
0 1 2 1
1 1 1 1
0 2 2 ... 2
2 2 2 2
0
1 0
( ) ( )
1 1
nu m
nu m
n
n
p p p p
m
m m m m m
y a a a
+ + + +
=
= = = =
=
Vi c ti
nh y
(p-1)/2
m t nhi u nh t 2[log
2
p] b
c va
se
cho ta m
0
. Khi xa
c i nh c y
1
= ya
-m
0
, ta l p la i thao ta
c tng t ti
nh m
1
:
2
1
1 2 1
1 1 1
1 2 ... 2
4 2 2
1
1
1 0
( )
1 1
nu m
nu m
n
n
p p p
m
m m m
c a a
+ + +
=
= = =
Qua trnh tinh toan c th tip din cho ti khi chng ta tm c m
i
. phc tap
cua thut toan la: n(2[log
2
p] + 2) ~ O((log
2
p)
2
).
3.4. Cc h ma mt da trn cc ng cong Elliptic
H u h t ca
c sa
n ph m va
ca
c chu n s
du ng ca
c h ma
kho
a cng khai ma
ho
a
va ch ky in t hin nay u s dung h ma
i s pha
t tri n cu
a
nganh tham ma va nng lc ngay cang tng nhanh chng cua cac h thng may tinh ,
dai kha am bao an toan cho h ma RSA cung ngay cang tng nhanh chng , i u
nay lam giam a
ng k hi u nng cu
a ca
c h th ng s
du ng h ma
RSA , c bi t la
i
cac ng dung thng mai in t trc tuyn hay cac h thng realtime i hi thi gian
x
ly
nhanh cho
ng . G n y m t h ma
i a
xu t hi n va
la
ca
c h ma
kho
a ca
c h ma
d a trn ca
ng cong Elliptic la
no
cho
phep at c tinh an toa
n tng ng v
ch th
c kho
a s
du ng la i
nh hn rt nhiu, lam giam s phep tinh s dung khi ma ha, giai ma va do at c
hi u nng va
t c c n thi t . Trn ly
thuy t ti
nh an toa
n cu
i
RSA va
cu
ng kho
gia
i thi
ch m t ca
ch d hi u hn so v
toan hoc y u cua cac h ma da trn ng cong Elliptic vt ra ngoai pham vi cua
tai liu nay , trong ph n na
ca
c h ma
ECC.
Chng IV: Cc h ma mt khoa cng khai
86
3.4.1. Nhom Abel
Nhm Abel G, th
ng c ky
hi u la
hi u la
, k t qu
c m nh sau u tho
a ma
n:
(A1): a, b e G thi
a (b c) = (a b) c, tinh kt hp (Associate)
(A3): T n ta i e e G: e a = a e = a a e G, e c go i la
ph n t
n vi cu
a t p
G.
(A4): a e G, lun - a e G: a a = a a = e, a la phn t nghich ao cua a.
(A5): a, b e G: a b = b a, tinh giao hoan (Commutative).
R t nhi u ca
c h ma
kho
c nho
m Abel . Ch ng ha n, giao th
c
trao i kho
i vi c nhn ca
m ma
lin quan t
i vi c xa
c i nh gia
tri cu
a k v
i ca
c thng tin
cng khai la
a va
(a x k).
M t
ng cong Elliptic la
m t phng tri
nh v
i hai bi n va
ca
c h s . Cac ng
cong s
du ng cho ca
c h ma
m t co
ca
c bi n va
ca
c h th ng la
ca
c ph n t
thu c v
m t tr
ng h
u ha n, i u na
y ta o tha
nh m t nho
m Abel . Tr
c h t chu
ng ta se
xem xe
t
cac ng cong Elliptic trn tr
ng s th c.
3.4.2. Cc ng cong Elliptic trn tr
ng s th c
Cac ng cong Elliptic khng phai la cac ng Ellipse . Tn go i
ng cong
Elliptic c t vi
loa i
ng cong na
y c m ta
i ca
c phng tri
nh b c ba, tng
t nh ca
c phng tri
nh c du
ng ti
nh chu vi cu
nh b c 3 bi u di n m t
ng cong Elliptic co
da ng:
y
2
+ axy + by = x
3
+ cx
2
+ dx + e.
Trong o
a, b, c, d, e la
ca
i
muc ich hiu v cac h ma ECC chng ta ch xet cac dang ng cong Elliptic c
dang:
y
2
= x
3
+ ax + y (phng tri
nh 1)
Cac phng trnh nay c goi la cac phng trnh bc ba, trn ca
ng cong
Elliptic chu
ng ta i nh nghi
a m t i m c bi t go i la
i m O hay i m ta i v cu
ng (point at
infinity). ve
ng ta c n ti
nh ca
c gia
nh:
3
y x ax b = + +
V
i m i gia
tri cu th cu
a a va
m t
dng) tng
ng v
i m t gia
tri cu
a t t ca
du ng ca
ng ta co
ca
c t p E (a, b)
khac nhau. S
du ng ky
hi u na
y ta co
hi
nh ve
minh ho a trn la
bi u di n cu
a hai t p h p
E(1, 0) va E(1, 1) tng
ng.
3.4.3. M ta
hi
nh ho c cu
a phe
p c ng trn ca
ng cong Elliptic
V
i
cac iu kin sau:
3 2
4 27 0 a b + = (i u ki n 1).
Chng IV: Cc h ma mt khoa cng khai
88
V
i i u ki n b sung na
y ta i nh nghi
a phe
p c ng trn
ng cong Elliptic , m ta
v m t hi
nh ho c nh sau: n u ba i m trn m t
nh m t
ng
th ng thi
t ng cu
a chu
ng b ng O. V
i i nh nghi
a na
y ca
c lu t cu
a phe
p c ng trn
ng
cong Elliptic nh sau:
1. O la phn t trung ha cua phep cng. P e E(a, b): P + O= P. Trong ca
c
m nh sau chu
ng ta gia
P, Q O.
2. P = (x, y) th phn t i cua P, ky hiu la P, s la (x, -y) va P + (P) = P P =
O. P va
P n m trn m t
ng th ng
ng
3. c ng hai i m P va
Q khng co
ng va
ti
m giao i m R. D da
ng nh n th y chi
co
m t i m R nh v y , t ng cu
a P
va Q la im i xng vi R qua ng thng y = 0.
4. Giao i m cu
ng th ng n i P v
i i cu
a P, t
c P, c xem nh c t
ng cong ta i i m v c c va
chi
nh la
O.
5. nhn i m t i m Q, ta ve
m t ti p tuy n ta i Q v
ng cong va
ti
m
giao i m S: Q + Q = 2Q = S.
V
i 5 i u ki n na
a i s v phep cng
Trong ph n na
y chu
ng ta se
tri
nh ba
y m t s k t qua
cho phe
p ti
nh toa
n trn ca
ng cong Elliptic. V
i hai i m phn bi t P = (x
P
, y
P
) va Q = (x
Q
, y
Q
) khng pha
i la
i
cua nhau, d c cu
ng n i l gi
a chu
ng la
= (y
Q
, y
P
). C chinh xac mt im
khac ma l giao vi ng cong , va chinh la i cua tng gia P va Q . Sau m t s
phep toan ai s chng ta c th tinh ra R = P + Q nh sau:
2
R P Q
x y x = A
( )
R P P R
y y x y = +A
Phep toan nhn i i vi P c tinh nh sau:
2
2
3
( ) 2
2
P
R P
P
x a
x x
y
+
=
2
3
( )( )
2
P
R P R P
P
x a
y x x y
y
+
=
3.4.5. Cc ng cong Elliptic trn Z
P
Cac h ma ECC s dung cac ng cong Elliptic vi cac bin va cac h s gii han
thu c v m t tr
ng h
ng cong nguyn t la
phu
h p nh t cho ca
ng du ng ph n m m vi
nh
ng ph
c ta p trong ti
nh toa
n i v
i ca
i ca
ng
dung phn cng th vic s dung cac ng cong nhi phn lai tt hn v c ch lam vic
cua cac mach, cac con chip rt ph hp vi cac tinh toan trn trng nhi phn.
Chng IV: Cc h ma mt khoa cng khai
89
V
i ca
nh 2)
Ch ng ha n ca
c gia
ca
c bi n s x , y u thu c Z
P
. T p E
P
(a, b) g m t t ca
ca
c
c p (x, y) tha man phng trnh phng trnh 2.
Vi du vi p = 23, a = b = 1, ta co
t p E
23
(1, 1):
(0, 1) (6, 4) (12, 19)
(0, 22) (6, 19) (13, 7)
(1, 7) (7, 11) (13, 16)
(1, 16) (7, 12) (17, 3)
(3, 10) (9, 7) (17, 20)
(3, 13) (9, 16) (18, 3)
(4, 0) (11, 3) (18, 20)
(5, 4) (11, 20) (19, 5)
(5, 19) (12, 4) (19, 18)
Bang 4.2: Bi u di n cu
a t p E23(1, 1)
Chng IV: Cc h ma mt khoa cng khai
90
Cac qui tc v phep cng cung c inh ngha tng t i vi cac ng cong
Elliptic nguyn t :
i u ki n: (4a
3
+ 27b
2
) mod p 0.
1. P + O = P
2. N u P = (x
P
, y
P
) th P +(x
P
, y
P
) = O, i m (x
P
, y
P
) c go i la
i cu
a P, ky
hi u la
P. Ch ng ha n trn E
23
(1, 1), P = (13, 7) ta co
i hai i m phn bi t P = (x
P
, y
P
) va Q = (x
Q
, y
Q
), R = P + Q = (x
R
, y
R
)
c i nh nghi
a nh sau:
2
( ) mod
( ( ) ) mod
R P Q
R P R P
x x x p
y x x y p
=
=
Trong o
:
2
( ) mod , ( )
3
( ) mod , () )
2
Q P
Q P
P
P
y y
p P Q
x x
x a
p p Q
y
=
+
4. Phep nhn c inh ngha la tng cua cac phep cng , ch ng ha n 4P = P
+ P + P + P. Vi du vi P = (3, 10) va Q = (9, 7) trn E
23
(1, 1) ta co
:
7 10 3 1
( ) mod23 ( ) mod23 ( ) mod23 11
9 3 6 2
= = = =
nn
x
R
= (11
2
- 3 - 9 ) mod 23 = 17
y
R
= (11(3 - 17) - 10) mod 23 = 20. Nn P + Q = (17, 20).
ti
m 2P ta ti
nh:
2
3(3 ) 1 5 1
( ) mod23 ( ) mod23 ( ) mod23 6
2 10 20 4
+
= = = =
Ch y la thc hin phep tinh cui cng ta ly phn t nghich ao cua 4 trn Z
23
sau o
nhn v
i t
s la
1.
x
R
=(6
2
(3 - 7) - 10) mod 23 = 30 mod 23 = 7
y
R
= (6(3 - 7) - 10) mod 23 = 34 mod 23 = 12
K t lu n: 2P = (7, 12).
xa
c i nh an toa
n cu
a ca
c h ma
m t d a trn ca
ng cong Elliptic , ng
i
ta th
ng d a trn m t con s la
s ph n i m trn m t nho
m Abel h
u ha n , goi la N,
c i nh nghi
a trn m t
ng h p nho
m h
u ha n E
P
(a, b),
ta co
ca
c c n cu
a N la
:
1 2 1 2 p p N p p + s s + + , con s na
y x p xi
b ng s ph n t
cu
a Z
P
(b ng p).
3.4.6. Cc ng cong Elliptic da trn cc trng hu han GF(2
m
)
S ph n t
cu
a tr
ng h
u ha n GF (2
m
) la 2
m
, cac phep toan c trang bi trn
GF(2
m
) la phep toan cng va phep toan nhn c thc hin vi cac a thc . i vi cac
ca
c tham s co
gia
tri thu c GF (2
m
), cac phep tinh c thc hin tun theo cac
phep toan trn GF(2
m
).
1. Phng tri
nh bi u di n
Chng IV: Cc h ma mt khoa cng khai
91
So v
i ca
c h ma
m t d a trn ca
ng cong trn Z
P
, dang biu din cua cac h
ma da trn GF(2
m
) tng i kha
c:
y
2
+ xy = x
3
+ ax
2
+ b (phng tri
nh 3)
Trong o
ca
c bi n x, y va
ca
c h s a, b la
ca
c ph n t
cu
a GF(2
m
) va cac phep tinh
toan c thc hin tun theo cac qui tc trn GF(2
m
).
Chng ta ky hiu E
2
m
(a, b) la tt ca cac cp s nguyn (x, y) tha man phng trnh
phng tri
nh 3 va im v cng O.
Vi du: chng ta c th s dung GF(2
4
) v
i a th
c b t kha
qui f(x) = x
4
+ x + 1. Ph n
t
sinh cu
a GF(2
4
) la g tha man f(g) = 0, g
4
= g + 1, hay
da ng nhi phn la
0010. Chng
ta co
ba
ng lu
y th
a cu
a g nh sau:
g0 = 0001 g4 = 0011 g8 = 0101 g12 = 1111
g1 = 0010 g5 = 0110 g9 = 1010 g13 = 1101
g2 = 0100 g6 = 1100 g10 = 0111 g14 = 1001
g3 = 1000 g7 = 1011 g11 = 1110 g15 = 0001
Ch ng ha n g
5
= g
4
g = (g+1)g = g
2
+ g = 0110.
Xet ng cong Elliptic y
2
+ xy = x
3
+ g
4
x
2
+ 1, trong tr
ng h p na
y a = g
4
va b =
g
0
= 1. M t i m n m trn
ng cong la
(g
5
, g
3
):
(g
3
)
2
+ (g
5
)(g
3
) = (g
5
)
3
+ (g
4
)(g
5
)
2
+ 1
g
6
+ g
8
= g
15
+ g
14
+ 1
1100 + 0101 = 0001 + 1001 + 0001
1001 = 1001
Bang sau la cac im trn E
2
4
(g
4
, 1):
(0, 1) (g
5
, g
3
) (g
9
, g
13
)
(1, g
6
) (g
5
, g
11
) (g
10
, g)
(1, g
13
) g
6
, g
8
) (g
10
, g
8
)
(g
3
, g
8
) (g
6
, g
14
) (g
12
,0)
(g
3
, g
13
) (g
9
, g
10
) (g
12
, g
12
)
Hnh biu din tng ng:
Chng IV: Cc h ma mt khoa cng khai
92
Hnh 4.5: Hnh biu din E
2
4
(g
4
, 1)
M t nho
m Abel co
th i nh nghi
a d a trn E
2
m
(a, b) v
i phe
p c ng, a, b eE
2
m
(a, b):
1. P + O = P
2. N u P = (x
P
, y
P
) th P + (x
P
, x
P
+ y
P
) = O. i m (x
P
, x
P
+ y
P
) la im i cua
P, ky hiu la P.
3. N u P = (x
P
, y
P
) va Q = (x
Q
, y
Q
) va PQ, PQ th R = P + Q = (x
R
, y
R
) c
xac inh bng cac cng thc sau:
2
( )
R
R
P Q
P R R P
x x x a
y x x x y a
= + + + +
= + + + +
Trong o
:
Q P
Q P
y y
x x
+
=
+
4. N u P = (x
P
, y
P
) th R = 2P = (x
R
, y
R
) c xa
c i nh b ng ca
c cng th
c
sau:
2
2
( 1)
R
R
P R
x a
y x x
= + +
= + +
Trong o
:
P
P
P
y
x
x
= +
Chng IV: Cc h ma mt khoa cng khai
93
3.4.7. H ma
m t d a trn ca
ng cong Elliptic
Phep toan cng trn ng cong Elliptic tng ng vi phep nhn theo modulo
trong h ma
i toa
n c s
cu
a
h ma
RSA la
ba
i toa
n phn ti
ch ra da ng th
a s nguyn t cu
a m t s nguyn l
n , cac
h ma
d a trn ca
ng cong Elliptic cu
ng co
P, Q e E
P
(a, b) va k < p. Vi c ti
nh Q n u bi t P va
k la
m t ba
i toa
n d (th c hi n theo ca
c cng th
c). Nhng vi c xa
c i nh k v
i gia
tri P, Q
cho tr
c la i la
ba
i toa
n kho
.
Chng ta xem xet vi du (Certicom Website www.certicom.com): E
23
(9, 17) c xa
c
i nh b
i phng tri
nh y
2
mod 23 = (x
3
+ 9x + 17) mod 23.
V
c h ma
se
m ba
o gia
tri k la
n phng
phap vet can nh trn la khng th thc hin c.
3.4.8. Phng pha
p trao i kho
a Diffie-Hellman d a trn ca
ng cong Elliptic
Ban u ng
i ta cho n m t s nguyn l
n q , c th la mt s nguyn t p hay c
dang 2
m
tng
ng v
i ca
c phng tri
nh bi u di n va
ca
c tham s a , b. Vi c l a cho n
nay cho chng ta tp hp E
q
(a, b). Ti p theo cho n m t i m G = (x
1
, y
1
) e E
P
(a, b) c bc
n r t l
n, b c n cu
a i m G la
s nguyn nho
nh t tho
a ma
n nG = O. E
q
(a, b) va G la cac
tham s cng khai cho h ma
m t d a trn
ng v
i ca
c tham
s p, a, b.
Phng pha
p trao i kho
a gi
a hai ng
i du
ng A va
B co
th th c hi n nh sau:
1. A cho n m t s nguyn n
A
nh hn n. o
chi
nh la
kho
a ring cu
a A. Sau o
sinh kho
a cng khai P
A
= n
A
x G, kha nay la mt im trn E
q
(a, b).
2. Tng t B cu
ng cho n m t kho
a ring n
B
va tinh kha cng khai P
B
.
3. A sinh m t kho
a bi
m t K = n
A
x P
B
. B sinh kho
a bi
m t K = n
B
x P
A
.
D da
ng ki m ch
ng ca
c kho
a bi
m t cu
a A va
p trao i kho
p trao i kho
i ca
c gia
G va
i toa
n kho
.
Vi du: p = 211, E
211
(0, 4) tng
ng v
i phng tri
nh bi u di n y
2
= x
3
+ 4, ta cho n
G = (2, 2). Do 240G = O nn n = 240. A cho n kho
a ring la
n
A
= 121, kha cng khai
tng
ng cu
a A se
la
P
A
= 121(2, 2) = (115, 48). Kha ring cua B la n
B
= 203 nn kho
a
cng khai cu
a B la
P
B
= 203(2, 2) = ( 130, 203). Kha bi
m t (chia se
) gi
a A va
B la
121(130, 203) = 203(115, 48) = (161, 69).
3.4.9. Thu t toa
n ma
ho
a va
gia
i ma
C nhiu cach ma ha /giai ma a c nghin cu vi cac h ma trn cac ng
cong Elliptic, y chng ta s xem xe
t ca
ch n gia
n nh t . Thu t toa
n ma
ho
a ban u
s thc hin phep bin i tin x ly t input la mt ban r m thanh dang mt im P
m
.
i m P
m
s c ma ha thanh ban ma va sau giai ma . Th c ch t vi c ti n x
ly
na
y
khng n gia
n vi
khng pha
i t t ca
ca
c to a co
da ng (x, y) u thuc E
P
(a, b). C
Chng IV: Cc h ma mt khoa cng khai
95
nhi u ca
ch kha
c nhau cho vi c ti n x
ly
na
co
m t va
i ca
ch d hi u th c hi n vi c o
.
Gi ng nh i v
i h trao i kho
i du
ng A l a cho n m t kho
a ring n
A
va sinh mt kha
cng khai P
A
= n
A
x G.
ma
ho
a m t thng i p P
m
gi ti cho B , A se
sinh ba
n ma
C
m
g m m t c p i m:
C
m
= {kG, P
m
+ kP
B
}.
Ch y la y A s dung kha cng khai cua B . gia
i ma
ba
n ma
, B se
nhn
i m th
nh t v
i kho
a bi
m t cu
a B va
l y k t qua
nh n c tr
i i m th
hai:
P
m
+ kP
B
n
B
(kG) = P
m
+ k(n
B
G) n
B
(kG) = P
m
.
A a
che i gia
tri cu
a P
m
b ng ca
ch c ng kP
B
vao P
m
. Ch c duy nht A bit gia tri
k, nn th m chi
bi t kh a cng khai P
B
, khng ai co
th loa i bo
m t na kP
B
tm ra P
m
.
Tuy nhin gia
tri cu
a C
m
cung gm mt u mi B (ng
i duy nh t gi
kho
a ring n
B
)
c th da vao u mi ma tm ra P
m
.
Vi du: p = 751, E
P
(1, 188) tng
ng v
i phng tri
nh y
2
= x
3
+ x + 188, G = (0,
376). Gia s A mun gi mt thng ip tng ng vi P
m
= (562, 201) va A la chon k =
386, kha cng khai cua B la P
B
= (201, 5). Chng ta c 386(0, 376) = (676, 558) va (562,
201) + 386(201, 5) = (385, 328). Ban ma s la C
m
= {(676, 558), (385, 328)}.
3.4.10. an toan cua cc h ma mt da trn cc ng cong Elliptic
an toan cua cac h ma ECC phu thuc vao vic xac inh c gia tri cua k da
trn cac gia tri kP va P. Bai toan nay c goi la bai toan Logarithm trn cac ng cong
Elliptic. Thu t toa
n nhanh nh t gia
i ba
i toa
n na
y la
thu t toa
n cu
ng ta s so sa
nh tng quan gi
a ca
c h ma
:
Symmetric Scheme
(key size in bits)
ECC-Based Scheme
(size of n in bits)
RSA/DSA (modulus
size in bits)
56 112 512
80 160 1024
112 224 2048
128 256 3072
92 384 7680
256 512 15360
Ngu n: Certicom
Bang 4.3: Bang so sanh cac h ma ECC vi h ma RSA
Chng IV: Cc h ma mt khoa cng khai
96
C th thy la so vi RSA , cac h ma ECC c u th hn v dai kha s dung ,
c bi t la
khi chu
ng ta s
du ng ca
c kho
a co
da
i nho
thi
ECC co
n co
u th v t c
(s phe
p ti
nh) x
ly
trong ma
ho
a va
gia
i ma
.
4. Bai tp
Bai tp 4.1: Cho N = 1517. Hy tnh 13
1435
mod N.
Bai tp 4.2: Trong h ma RSA c N = p * q = 103 * (2
19
1) th c th s dung ti a la
bao nhiu gia tri cua e lam kha ma ha, giai thich.
Bai tp 4.3: Trong h ma RSA c N = p*q = 103 * 113 s c bao nhiu trng hp l ban
r.
Bai tp 4.4: Trong h ch ky in t ElGamma c p = 2
31
1 khi ky ln mt vn ban c
th s dung ti a bao nhiu gia tri k, giai thich.
Bai tp 4.5: Cho h ma ElGamma c p = 31, a = 11 va x = 6. ma ha M = 18 ngi ta
chon k = 7. Hay thc hin tinh toan va a ra ban ma kt qua.
Bai tp 4.6: Cho h RSA c n = 1363, bit phi(n) = 1288 hay ma ha ban r M = 2007.
Bai tp 4.7: Tng t Cu 1 vi n = 215629 v phi(n) = 214684 hay giai ma ban ma M =
2007.
Bai t p 4.8: Gia s c 4 t chc s dung 4 h ma RSA truyn thng vi nhau. Goi N
1
,
N
2
, N
3
, N
4
ln lt la cac tham s tng ng ma ho s dung va (N
i
, N
j
) = 1 i = j v i, j e
Z
5
/{0}. Ca bn h RSA nay u c s mu lp ma la e = 3. Mt thng ip m sau khi ma
ha bng 4 h ma trn nhn c 4 ban ma tng ng la C
1
, C
2
, C
3
, C
4
. Hy tm m.
Bai tp 4.9: Cho h ma Knapsack c A = {11, 15, 30, 60}, M = 150 va u = 77.
a) Hy tm kha cng khai K
P
, v kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip vit bng ting Anh ngi ta dng mt ham chuyn
i t cac ky t thanh cac xu nhi phn nh sau:
Ky t Xu bt Ky t Xu bt Ky t Xu bt Ky t Xu bt
A 00000 H 00111 O 01110 V 10101
B 00001 I 01000 P 01111 W 10110
C 00010 J 01001 Q 10000 X 10111
D 00011 K 01010 R 10001 Y 11000
E 00100 L 01011 S 10010 Z 11001
F 00101 M 01100 T 10011
G 00110 N 01101 U 10100
Khi vi du xu ABCD s c chuyn thanh 00000 00001 00010 00011 va ct
thanh cac xu c dai 4 thc hin ma ha. Kt qua thu c ban ma la mt day cac
s e Z
M
. Hay thc hin ma ha xu P = ANTI.
c) Gia s ban ma thu c la C = <120, 105, 105, 0, 60, 75, 30, 22, 22, 30>. Hy
thc hin giai ma ban ma trn thu c thng ip ban u.
Bai tp 4.10: Cho h ma Knapsack c A = {7, 13, 31, 53}, M = 173 va u = 97.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
Chng IV: Cc h ma mt khoa cng khai
97
b) ma ha cac thng ip vit bng ting Anh ngi ta dng mt ham chuyn
i t cac ky t thanh cac xu nhi phn nh sau:
Ky t Xu bt Ky t Xu bt Ky t Xu bt Ky t Xu bt
A 00000 H 00111 O 01110 V 10101
B 00001 I 01000 P 01111 W 10110
C 00010 J 01001 Q 10000 X 10111
D 00011 K 01010 R 10001 Y 11000
E 00100 L 01011 S 10010 Z 11001
F 00101 M 01100 T 10011
G 00110 N 01101 U 10100
Khi vi du xu ABCD s c chuyn thanh 00000 00001 00010 00011 va ct
thanh cac xu c dai 4 thc hin ma ha. Kt qua thu c ban ma la mt day cac
s e Z
M
. Hay thc hin ma ha xu P = AUNT.
c) Gia s ban ma thu c la C = < 67,160, 66, 66, 0, 116, 4, 111, 0, 17>. Hy
thc hin giai ma ban ma trn thu c thng ip ban u.
Bai tp 4.11: Cho h ma Knapsack c A = {2, 3, 7, 13, 29, 57}, M = 151 va u = 71.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip vit bng ting Anh ngi ta dng mt ham chuyn
i t cac ky t thanh cac xu nhi phn nh sau:
Ky t Xu bt Ky t Xu bt Ky t Xu bt Ky t Xu bt
A 00000 H 00111 O 01110 V 10101
B 00001 I 01000 P 01111 W 10110
C 00010 J 01001 Q 10000 X 10111
D 00011 K 01010 R 10001 Y 11000
E 00100 L 01011 S 10010 Z 11001
F 00101 M 01100 T 10011
G 00110 N 01101 U 10100
Khi vi du xu ABCDEF s c chuyn thanh 00000 00001 00010 00011
00100 00101 va ct thanh cac xu c dai 6 thc hin ma ha. Kt qua thu c
ban ma la mt day cac s e Z
M
. Hay thc hin ma ha xu P = ANSWER.
c) Gia s ban ma thu c la C = <44, 40, 121, 104, 0>. Hay thc hin giai ma
ban ma trn thu c thng ip ban u.
Bai tp 4.12: Cho h ma RSA c p = 31, q = 41, e = 271.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip c vit bng ting Anh ngi ta dng mt ham
chuyn i cac ky t thanh cac s thp phn c hai ch s nh sau:
Ky t A B C D E F G H I J K L M
M ha 00 01 02 03 04 05 06 07 08 09 10 11 12
Ky t N O P Q R S T U V W X Y Z
M ha 13 14 15 16 17 18 19 20 21 22 23 24 25
Chng IV: Cc h ma mt khoa cng khai
98
Khi vi du xu ABC s c chuyn thanh 00 01 02 va sau ct thanh cac s
c 3 ch s 000 (bng 0) va 102 ma ha. Ban ma thu c la mt tp cac s e Z
N
.
Hay thc hin ma ha xu P = SERIUS.
c) Gia s ban ma thu c la C = <201, 793, 442, 18> hay thc hin giai ma
tm ra thng ip ban r ban u.
Bai tp 4.13: Cho h ma RSA c p = 29, q = 43, e = 11.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip c vit bng ting Anh ngi ta dng mt ham
chuyn i cac ky t thanh cac s thp phn c hai ch s nh sau:
Ky t A B C D E F G H I J K L M
M ha 00 01 02 03 04 05 06 07 08 09 10 11 12
Ky t N O P Q R S T U V W X Y Z
M ha 13 14 15 16 17 18 19 20 21 22 23 24 25
Khi vi du xu ABC s c chuyn thanh 00 01 02 va sau ct thanh cac s
c 3 ch s 000 (bng 0) va 102 ma ha. Ban ma thu c la mt tp cac s e Z
N
.
Hay thc hin ma ha xu P = TAURUS.
c) Gia s ban ma thu c la C = <1, 169, 1206, 433> hay thc hin giai ma
tm ra thng ip ban r ban u.
Bai tp 4.14: Cho h ma RSA c n = 1363, e = 57.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) Gia s ban r P = 102 hay ma ha va a ra ban ma C.
c) Gia s h ma trn c dng lam h ch ky in t, hay tinh ch ky vi thng
ip M = 201.
Bai tp 4.15: Cho h ma ElGamma c p = 83, a = 5 la mt phn t nguyn thuy cua Z
P
*
,
x = 37.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha ban r P = 72 ngi ta chon k = 23, hay ma ha va a ra ban ma.
c) Hay tm tt ca cac phn t nguyn thuy cua Z
P
*
.
Bai tp 4.16: Cho h ma mt ElGamma c p = 1187, a = 79 la mt phn t nguyn thuy
cua Z
P
*
, x = 113.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip c vit bng ting Anh ngi ta dng mt ham
chuyn i cac ky t thanh cac s thp phn c hai ch s nh sau:
Ky t A B C D E F G H I J K L M
M ha 00 01 02 03 04 05 06 07 08 09 10 11 12
Ky t N O P Q R S T U V W X Y Z
M ha 13 14 15 16 17 18 19 20 21 22 23 24 25
Chng IV: Cc h ma mt khoa cng khai
99
Khi vi du xu ABC s c chuyn thanh 00 01 02 va sau ct thanh cac s
c 3 ch s 000 (bng 0) va 102 ma ha. Ban ma thu c la mt tp cac cp s (C1,
C2) e Z
P
. Hay thc hin ma ha xu m = TAURUS vi cac gia tri 13 < k < 19.
c) Gia s thu c ban ma la mt tp cac cp (C1, C2) la <(358, 305), (1079,
283), (608, 925),(786, 391)>. Hay giai ma va a ra thng ip ban u.
Bai tp 4.17: Cho ba
n ma
nh n c b ng ca
ch s
du ng m t h ma
RSA nh sau:
11437 6198 16611 2405 18636 2679 12205 24142 6375 2134
16611 2405 9529 7260 7834 15094 4667 24027 762 5878
5206 16683 5359 10888 4168 3536 23229 20351 15580 6704
7977 374 6525 4287 14402 527 12887 21628 11884 9402
15470 1339 10420 18051 23125 7747 135 22007 20049 9984
13199 15176 1379 8313 19574 7989 22869 406 10057 21758
3918 23991 14237 7989 3947 19529 15728 5601 3527 7200
7601 13282 21160 6291 15994 7785 8982 3045 6596 16796
4663 2405 20302 11929 17125 14533 21001 8351 11571 22082
11040 8687 6704 3330 5630 19650 13024
Kha cng khai c n = 24637 va e = 3.
a) Hay xac inh p, q va
d.
b) Giai ma ban ma nhn c ban r (la cac s trn Z24637).
c) Chuy n ba
n ro
nh n c tha
nh da ng vn ba
n ti ng Anh , bi t r ng m i s
nguyn trn Z24637 bi u di n m t b 3 ch
ca
ElGamal co
p = 71 va a = 7.
a) Gia s kha cng khai cua B la Y
B
= 3 va A chon s ngu nhin k = 2, hay xac
i nh ba
n ma
tng
ng v
i ba
n ma
M = 30.
b) Gia s A chon mt gia tri ngu nhin k khac va ban ma tng ng vi M = 30
by gi
la
C = (59, C
2
). Hay xac inh C
2
?
Bai tp 3.19: Cho h ma
d a trn
ng cong Elliptic co
ca
c tham s la
E
11
(1, 6) va G =
(2, 7). Kha bi mt cua B la n
B
= 7.
a) Hay xac inh kha cng khai cua B?
b) Gia s cn ma ha ban r P
m
= (10, 9) va s ngu nhin k = 3. Hay xac inh
ban ma C
m
.
c) Minh ho a qua
tri
nh gia
i ma
i C
m
nh n c
ph n b.
S
du ng m t trong ca
c ngn ng
l p tri
nh ca
i t thu t toa
n ma
ho
a va
gia
i ma
cu
a h ma
Knapsack.
Bai tp 3.21: Vi t chng tri
nh ca
i t thu t toa
n ma
ho
a va
gia
i ma
cu
a h ma
RSA.
Bai tp 3.22: Vi t chng tri
nh ca
i t thu t toa
n ma
ho
a va
gia
i ma cua h ma El
Gammal.
Bai tp 3.23: Vi t chng tri
nh ma
ho
a va
gia
i ma
File v
i thu t toa
n ma
ho
a va
gia
i ma
RSA.
Bai tp 3.24: Vi t chng tri
du ng thu t toa
n ma
ho
a
RSA.
Bai tp 3.25: Vi t chng tri
nh chia se
file trn ma ng cu c b s
du ng h ma
RSA.
Bai tp 3.26: Vi t chng tri
nh phn ph i kho
a d a trn h ma
RSA.
Chng V: Ch
ky
i n t
va
ha
m bm
101
CHNG V: CH KY I N T VA HAM BM
1. Ch
ky
i n t
1.1. Khi nim v ch ky in t
K t khi con ngi phat minh ra ch vit, cac ch ky thng lun c s dung
hang ngay, chng han nh ky mt bin nhn trn mt bc th nhn tin t ngn hang, ky
hp ng hay mt vn ban bt ky nao . Ch ky vit tay thng thng trn tai liu
thng c dng xac inh ngi ky n.
S ch ky in t la mt phng phap ky mt vn ban hay lu bc in di
dang in t. Chng han mt bc in c ch ky c lu hanh trn mang may tinh.
Ch ky in t t khi ra i a c nhiu ng dung rng rai trong cac giao dich thng
mai, t vic xac minh ch ky cho n cac the tin dung, cac s inh danh va cac s
chia se
ky
i n t
va
ha
m bm
102
Cac ch ky in t c sinh va s dung bi cac h ch ky (s ) in t, di
y la inh ngha mt h ch ky in t.
inh nghia:
Mt s ch ky i n t
TRUE nu y = sig(x)
FALSE nu y sig(x). [5]
Vi mi K e K, hm sig
K
v ver
K
la cac ham a thc thi gian. Ham ver
K
s la ham
cng khai cn hm sig
K
la bi mt. Khng th d dang tinh toan gia mao ch ky cua B
trn bc in x, ngha la vi x cho trc ch c B mi c th tinh c y ver(x, y) =
TRUE. Mt s ch ky khng th an toan v iu kin v mt ngi C nao c th
kim tra tt ca ch s y trn bc in x nh dng thut toan ver() cng khai cho ti khi
anh ta tm thy ch ky ng. V th, nu c u thi gian, C lun c th gia mao ch ky
cua B. Nh vy muc ich cua chng ta la tm cac s ch ky in t an toan v mt
tnh ton.
Ch rng ai c th gia mao ch ky cua B trn mt bc in ngu
nhin x bng cach tinh x = e
K
(y) vi y nao ; khi y = sig
K
(x). Mt bin phap
xung quanh vn kh khn nay la yu cu cac bc in cha u phn d
ch ky gia mao kiu nay khng ph hp vi toan b ni dung cua bc in x tr
mt xac sut rt nh. C th dng cac ham Bm (hash function) nh MD4, MD5
trong vic tinh kt ni cac s ch ky in t s loai tr phng phap gia mao
ny (s trnh bay trong cac phn sau cua tai liu).
1.2. H ch ky RSA
Da vao u im cua h ma RSA, nu thit lp c s ch ky da trn bai
toan phn tich ra tha s nguyn t th an toan cua ch ky s rt cao. Vic thit lp s
xac thc ch ky RSA rt n gian, ta ch cn ao ngc ham ma hoa va giai ma. Sau
y la s ch ky RSA.
Cho n = p*q, trong o p, q l cc s nguyn t. t P = A = Z
n
v nh ngha:
K = {(n, p, q, a, b): n=p*q, p v q l cc s nguyn t, ab 1 (mod | (n))}.
Cc gi tr n v b l cng khai; cn p, q, a l bi mt.
Vi K = (n, p, q, a, b), ta xc nh:
Chng V: Ch
ky
i n t
va
ha
m bm
103
sig
K
(x) = x
a
mod n
v
ver
K
(x,y) = TRUE x y
b
(mod n) vi x, y e Z
n
. [5]
Thng thng, ch ky c kt hp vi ham ma hoa cng khai. Gia s A mun gi
mt bc in a c ma hoa va a c ky n cho B. Vi ban r x cho trc, A s
tinh toan ch ky cua mnh y = sig
A
(x) va sau ma hoa ca x va y s dung khoa cng khai
e
B
cua B, kt qua nhn c la z = e
B
(x, y). Ban ma z s c gi ti B, khi B nhn c
z, u tin anh ta giai ma vi ham giai ma d
B
cua mnh nhn c (x, y). Sau anh
ta dng ham xac minh cng khai cua A kim tra xem ver
A
(x,y) = TRUE hay khng.
Song nu u tin A ma hoa x , ri sau mi ky ln ban ma nhn c th sao?
Khi , A s tinh:
y = sig
A
(e
B
(x))
A s truyn cp (z, y) ti B, B s giai ma z va nhn c x, sau xac minh ch ky
y trn x nh dng ver
A
. Mt vn nay sinh nu A truyn (x, y) kiu nay th mt ngi th
ba C c th thay ch ky y cua A bng ch ky cua chinh mnh:
y = sig
C
(e
B
(x))
Ch y rng, C c th ky ln ban ma e
B
(x) ngay ca khi anh ta khng bit ban r x. Khi
nu C truyn (z, y) n B, ch ky cua C c B xac minh bng ver
C
va do , B cho
rng ban r x xut phat t C. Do kh khn nay, hu ht ngi s dung c khuyn nghi
ky trc khi ma.
1.3. H ch ky ElGammal
H ch ky ElGammal c a ra vao 1985. Mt phin ban sa i h nay c
Hoc vin Quc gia tiu chun va ky thut (NIST) a ra nh mt chun cua ch ky in
t. H ch ky ElGammal c thit k ring bit cho muc ich ch ky, trai ngc vi
RSA thng c s dung cho ca muc ich ma hoa cng khai va ch ky. H ch ky
ElGammal la khng xac inh, ngha la c rt nhiu gia tri ch ky cho cng mt bc in
cho trc. Thut toan xac minh phai c kha nng nhn bt ky gia tri ch ky nao nh la
vic xac thc. S ch ky ElGammal c miu ta nh sau:
Cho p l mt s nguyn t nh l bi ton logarit ri rc trong Z
p
, e Z
p
*
l mt
phn t nguyn t v P = Z
p
*
, A = (Z
p
*
)*Z
p-1
, v nh ngha:
K = {(p, , a, ) :
a
(mod p)}
trong o gi tr p, v l cng khai, cn a l bi mt.
Vi K = (p, , a, ) v chn mt s ngu nhin k e Z
p-1
*
, nh ngha:
sig
K
(x, k) = (, o)
trong o: =
k
mod p
o = (x - a*)k
-1
mod (p 1).
Vi x, e Z
p
*
v o e Z
p-1
, nh ngha:
ver(x, , o) = TRUE
o
x
(mod p). [5]
Chng V: Ch
ky
i n t
va
ha
m bm
104
Nu ch ky la ng th vic xac nhn thanh cng khi:
o
a
ko
(mod p)
x
(mod p).
trong : a + ko x (mod p -1).
B s tinh toan ch ky bng vic s dung ca gia tri bi mt a (mt phn cua khoa) va
s bi mt ngu nhin k (gia tri ky bc in). Vic xac minh c th thc hin c ch
vi cac thng tin c cng khai:
Vi d:
Chng ta chon p = 467, = 2, a = 127. Ta tnh: =
a
mod p = 2
127
mod 467 = 132.
By gi B mun ky ln bc in x = 100 va anh ta chon mt gia tri ngu nhin k =
213 (ch l UCLN(213, 466) = 1 v 213
-1
mod 466 = 431). Sau tinh:
= 2
213
mod 467 = 29
o = (100 127*29)431 mod 466 = 51.
Bt c ai cung c th kim tra ch ky nay bng cach tinh:
132
29
29
51
189 (mod 467)
2
100
189 (mod 467).
Gia s ke th ba C mun gia mao ch ky cua B trn bc in x ma khng bit s bi
mt a. Nu C chon mt gia tri va c gng tm o, anh ta phai tinh mt ham logarit ri rac
log
x
|
-
. Mt khac, nu u tin anh ta chon o c gng tm th anh ta phai tinh |
o
=
x
(mod p). Ca hai vic nay u khng th thc hin c.
Tuy nhin c mt ly thuyt ma C c th ky ln mt bc in ngu nhin bng cach
chon ng thi , o va x. Cho i, j la s nguyn vi 0 i, j p - 2, v UCLN(j, p - 1) = 1. Sau
tinh:
=
i
j
mod p
o = - j
-1
(mod p-1)
x = - ij
-1
(mod p-1).
Nh vy, ta xem (, o) la gia tri ch ky cho bc in x. Vic xac minh s thc hin
nh sau:
o
) (mod ) (
1
p
j j i
j i j i
| o | o
| o |
) (mod
1
p
j i j i j i
ij | o | o | o
| o |
) (mod
1
p
j i
ij | o
o
) (mod
1
p
ij
o
x
(mod p).
V d:
Nh vi du trn, ta chon p = 467, = 2, = 132. K th ba C s chon i = 99 va j =
179. Anh ta s tinh:
Chng V: Ch
ky
i n t
va
ha
m bm
105
= 2
99
132
179
mod 467 = 117
o = -117*151 mod 466 = 41
x = 99*44 mod 466 = 331
Cp gia tri (117, 41) la gia tri ch ky cho bc in 331. Vic xac minh c thc
hin nh sau:
132
117
117
41
303 (mod 467)
2
331
303 (mod 467).
Mt phng phap th hai c th gia mao ch ky la s dung lai ch ky cua bc in
trc , ngha la vi cp (, o) la gia tri ch ky cua bc in x, n s c C ky cho
nhiu bc in khac. Cho h, i va j la cac s nguyn, trong 0 i, j, h p-2 v UCLN(h -
jo, p-1) = 1.
=
h
j
mod p
= o(h - jo)
-1
mod (p-1)
x = (hx + io)(h - jo)
-1
mod (p-1).
Ta c th kim tra:
=
x
mod p. Va do , (, ) la cp gia tri ch ky cua bc
in x.
iu th ba la vn sai lm cua ngi ky khi s dung cng mt gia tri k trong vic
k hai bc in khac nhau. Cho (, o
1
) la ch ky trn bc in x
1
v (, o
2
) la ch ky trn
bc in x
2
. Vic kim tra s thc hin:
1
o
1
x
(mod p)
2 o
2 x
(mod p).
Do : ) (mod
2 1 2 1
p
x x o o
o
.
t =
k
, khi : x
1
- x
2
= k(o
1
- o
2
) (mod p-1).
By gi t d = UCLN(o
1
- o
2
, p - 1). V d | (o
1
- o
2
) v d | (p - 1) nn n cung chia ht
cho (x
1
- x
2
). Ta t tip:
x =
d
x
2 1
x
o =
d
2 1
o o
p =
d
p 1
Cui cng, ta c: x ko (mod p). V UCLN(o, p) = 1 nn ta c:
c = (o)
-1
mod p
Nh vy, gia tri k s c xac inh nh sau:
Chng V: Ch
ky
i n t
va
ha
m bm
106
k = xc (mod p) = xc + ip (mod p)
Vi 0 i d-1, ta c th tm c gia tri k duy nht bng ham kim tra:
k
mod p.
1.4. Chun ch ky in t (Digital Signature Standard)
1.4.1. Thut ton ch ky in t (Digital Signature Algorithm)
Thang 8/1991, NIST a a ra thut toan ch ky in t (DSA) la c s cho chun
ch ky in t. y la mt bin th cua thut toan ElGammal.
1) Chn mt s nguyn t q vi 2
159
< q < 2
160
.
2) Chn t sao cho 0 t 8 v chn mt s nguyn t p, trong o 2
511+64t
< p <
2
512+64t
v q phi chia ht (p-1) (hay q la
m t
c nguyn t ca p-1).
3) By gi, to ra mt s duy nht cho q trong trng Z
p
*
.
- Chn mt gi tr g e Z
p
*
v tinh = g
(p-1)/q
mod p.
- Nu = 1 th quay li bc trn. (chn li gi tr g cho ph hp)
4) Chn mt s nguyn ngu nhin a 1 a q-1.
5) Tinh y =
a
mod p.
6) Nh vy , kho ky l (p, q, , y) c cng khai v a l kho bi mt.
1.4.2. Chun ch ky in t
Chun ch ky in t (DSS) c sa i t h ch ky ElGammal. N c cng
b tai hi nghi Tiu chun x ly thng tin Lin Bang (FIPS) vao 19/05/1994 va tr thanh
chun vao 01/12/1994. DSS s dung mt khoa cng khai kim tra tinh toan ven cua
d liu nhn c va ng nht vi d liu cua ngi gi. DSS cung c th s dung bi
ngi th ba xac inh tinh xac thc cua ch ky va d liu trong n. u tin chng ta
hay tm hiu ng c cua s thay i nay, sau s tm hiu thut toan cua DSS.
Trong rt nhiu trng hp, mt bc in c th c ma hoa va giai ma mt ln,
v vy n ap ng cho vic s dung cua bt ky h thng bao mt nao c bit la an
toan lc bc in c ma hoa. Ni cach khac, mt bc in c ky am nhim chc
nng nh mt vn ban hp phap, chng han nh cac ban hp ng, v vy n cung
ging nh vic cn thit xac minh ch ky sau rt nhiu nm bc in c ky. iu
nay rt quan trong cho vic phng nga v an toan cua ch ky c a ra bi mt
h thng bao mt. V h ch ky ElGammal khng am nhn c iu nay, vic thc
hin nay cn mt gia tri ln modulo p. Tt nhin p nn c it nht 512-bit, va nhiu ngi
cho rng dai cua p nn la 1024-bit nhm chng lai vic gia mao trong tng lai.
Tuy nhin, ngay ca mt thut toan modulo 512-bit dng ky cung phai thc hin
vic tinh toan n 1024-bit. Cho ng dung tim nng nay, c rt nhiu card thng minh
c a ra, nhm thc hin mt ch ky ngn hn nh mong mun. DSS a sa i h
ch ky ElGammal cho ph hp theo cach nay mt cach kheo leo, mi 160-bit bc in
c ky s dung mt ch ky 320-bit, nhng vic tinh toan c thc hin vi 512-bit
modulo p. Cach nay c thc hin nh vic chia nh Z
p
*
thanh cac trng c kich
thc 2
160
. Vic thay i nay s lam thay i gia tri o:
Chng V: Ch
ky
i n t
va
ha
m bm
107
o = (x + )k
-1
mod(p - 1).
iu nay cung lam cho gia tri kim tra cung thay i:
o
(mod p). (1.4.2.1)
Nu UCLN(x + , p - 1) = 1 th s tn tai o
-1
mod (p - 1), do (6.1) s bin i
thnh:
1 1
o o
| o
x
(mod p). (1.4.2.2)
y chinh la s i mi cua DSS. Chng ta cho q la mt s nguyn t 160-bit sao
cho q | (p-1), va la mt s th q cua 1 mod p, th va cung la s th q cua 1 mod p.
Do , va c th c ti gian trong modulo p ma khng anh hng g n vic xac
minh ch ky. S thut toan nh sau:
Cho p l mt s nguyn t 512-bit trong trng logarit ri rc Z
p
; q l mt s nguyn
t 160-bit v q chia ht (p-1). Cho e Z
p
*
; P = Z
p
*
, A = Z
q
*Z
q
, v nh ngha:
K = {(p, q, , a, ) :
a
(mod p)}
trong o gi tr p, q, v l cng khai, cn a l bi mt.
Vi K = (p, , a, ) v chn mt s ngu nhin k (1 k q-1), nh ngha:
sig
K
(x, k) = (, o)
trong o: = (
k
mod p) mod q
o = (x + a*)k
-1
mod q.
Vi x e Z
p
*
v , o e Z
q
, vic xc minh c thc hin bng cch tinh:
e
1
= xo
-1
mod q
e
2
= o
-1
mod q
ver(x, , o) = TRUE (
2 1
e e
| o mod p) mod q = . [5]
Ch y rng, vi DSS th o = 0 (mod q) v gia tri: o
-1
mod q cn cho vic xac minh ch
ky (iu nay cung tng t nh vic yu cu UCLN(o, p-1) = 1 (1.4.2.1) (1.4.2.2)).
Khi B tinh mt gia tri o 0 (mod q) trong thut toan ky, anh ta nn b n i va chon mt s
ngu nhin k mi.
Vi d:
Chng ta chon q = 101 v p = 78*q + 1 = 7879 v g = 3 la mt nguyn t trong
Z
7879
. V vy , ta c th tinh:
= 3
78
mod 7879 = 170.
Chon a = 75, do : =
a
mod 7879 = 4567.
By gi, B mun ky mt bc in x = 1234, anh ta chon mt s ngu nhin k = 50.
V vy :
k
-1
mod 101 = 99.
Chng V: Ch
ky
i n t
va
ha
m bm
108
Tip : = (170
50
mod 7879) mod 101 = 2518 mod 101 = 94
o = (1234 + 75*94)99 mod 101 = 97.
Cp ch ky (94, 97) cho bc in 1234 c xac thc nh sau:
o
-1
= 97
-1
mod 101 = 25
e
1
= 1234*25 mod 101 = 45
e
2
= 94*25 mod 101 = 27
(170
45
4567
27
mod 7879) mod 101 = 2518 mod 101 = 94.
K t khi DSS c xut vao nm 1991, a c nhiu ph bnh a ra. Chng
han nh kich c cua moduloe p bi c inh 512-bit, iu ma nhiu ngi khng mun. V
vy, NIST a thay i chun nay c th thay i kich thc moduloe (chia bi 64)
thanh mt day t 512 n 1024-bit.
Ngoai ra, mt s ph bnh khac v DSS la ch ky c tao ra nhanh hn so vi
vic xac minh n. Trai ngc vi h ch ky RSA th vic xac minh cng khai la rt nhanh
chng (ma ta bit trong thng mai in t vic xac minh la rt quan trong va i hi thi
gian thc hin phai nhanh chng).
1.5. M hi
nh
ng du ng cu
a ch
ky
i n t
Khac vi ch ky thng th
vn ba
n s
du ng h ch
ky
i n t
va
khng pha
i la
m t
ph n cu
a vn ba
n . Do o
sau khi c ta o ra , ch
ky
i n t
se
c g
i i cu
ng v
i
thng i p, ng
i nh n nh n c thng i p va
ch
ky
nh
ng du ng na
y co
th c minh ho a qua hi
nh ve
sau:
B - ngi nhn
RSA
Kha cng
khai cua B
Kha
phin K
C1
RSA
Kha bi mt
cua B
C1
Kha
phin K
AES P, S
C2
AES
C2
P, S
A - ngi gi
Ky
P
S
Kha bi mt
cua A
Kim tra
ch ky
P
Kha cng
khai cua B
Hnh 5.1: M hi
nh
ng du ng cu
a ch
ky
i n t
Chng V: Ch
ky
i n t
va
ha
m bm
109
2. Ham Bm (Hash Function)
2.1. Khi nim
Ta thy rng cac h ch ky c miu ta trn ch cho phep ky cac bc in ngn.
Vi du nh trong DSS, 160-bit bc in c ky vi 320-bit. Nh vy vi nhng bc in
hang Megabyte th chng ta phai lam th nao!
Mt cach n gian giai quyt vn nay la chia bc in ln thanh nhng oan
nh 160-bit, va sau ky ln mi oan nh , iu nay cung tng t nh ma hoa mt
chui dai ban r bng vic ma hoa tng ky t ban r s dung cng mt khoa.
Nhng c mt vai vn trong vic tao ch ky in t. u tin la vi mt bc in
dai, chng ta s kt thc vi mt lng ch ky khng l. Ngoai ra, iu bt tin la hu ht
cac h ch ky u rt chm. Nghim trong hn la vi rt nhiu oan c ky nh vy s
dn n khi sp xp lai va c th mt vai oan bi b i (mt i tinh toan ven).
giai quyt tt ca cac rc ri nay, ngi ta s dung ham Bm (hash function).
inh nghia:
Mt ham Bm H s ly u vao mt thng tin X c kich thc bin thin va sinh
kt qua la mt chui c dai c inh, c goi la ct cua bc in (message digest).
Vi du nh khi B mun ky mt bc in x ( dai bt ky), u tin anh ta tinh ct cua
bc in z = h(x) ( dai c inh) va sau ky y = sig
K
(z). Anh ta phat cp (x,y) ln knh
truyn, by gi vic kim tra c th thc hin bng vic tinh lai ct cua bc in z = h(x),
sau kim tra ver
K
(z,y) c bng TRUE hay khng.
Hnh 5.2: S ch ky s dung ham Bm
2.2. c tinh cua ham Bm
Mt vn cn ban y la tinh ung cua ham Bm. Theo nguyn ly Diricle:
nu co n+1 con th c b vo n ci chung th phi tn ti it nht mt ci chung m
trong o co it nht l hai con th chung [9]. R rang vi khng gian gia tri Bm nh hn
rt nhiu so vi khng gian tin v mt kich thc th chc chn s tn tai ung , ngha
l c hai tin x = x ma gia tri Bm cua chng la ging nhau, tc h(x) = h(x).
Sau y chng ta s xet cac dang tn cng c th c, t rt ra cac tinh cht cua
ham Bm:
z = h(x) y = sig
K
(z) x
x.y
ver
K
(y)
z = h(x)
0: true
1: false
x.y
Chng V: Ch
ky
i n t
va
ha
m bm
110
Dang tn cng th nht la ngi C bt u vi mt bc in c ky c gia tri (x,
y), trong y = sig
K
(h(x)) (cp (x, y) c th la bt ky bc in trc ma B a ky). Sau
, C tinh z = h(x) va c gng tm x = x h(x) = h(x). Nu C lam c iu nay th cp
(x, y) s la mt bc in c ky c gia tri (mt bc in gia mao c gia tri). ngn can
vic nay, ham Bm h phai thoa man tinh cht sau:
Tinh cht 1:
Mt hm Bm h co tinh phi ng cao khi vi mt bc in x cho trc , khng
tm ra mt bc in x = x sao cho h(x) = h(x). [5]
Mt dang tn cng khac ma ngi C c th lam la: u tin anh ta tm 2 bc in x
= x sao cho h(x) = h(x). Sau C a bc in x cho B va thuyt phuc B ky vao ct bc
in h(x); va v vy, anh ta tm c y. Nh vy, cp (x, y) la mt cp ch ky gia c gi
tri. iu nay la nguyn nhn ma vic thit k ham Bm phai thoa man tinh cht 2 nh
sau:
Tinh cht 2:
Mt hm Bm h co tinh ng cao khi khng th tm ra nhng bc in x v x
sao cho x = x v h(x) = h(x). [5]
Dang tn cng th 3 la chon mt gia tri ct z ngu nhin. Ngi C s tinh mt ch
ky vi mt gia tri ngu nhin z, sau anh ta tm mt bc in x sao cho z = h(x). Nu
anh ta lam c iu nay th cp (x, y) la cp ch ky gia c gia tri. Nh vy mt tinh cht
na ma h cn thoa man la tinh mt chiu:
Tinh cht 3:
Mt hm Bm h co tinh mt chiu khi vi ct ca mt bc in z cho trc khng
th tm c mt bc in x sao cho h(x) = z. [5]
2.3. Birthday attack
Nh a bit, mt dang tn cng c kha nng i vi cac h ch ky in t c dng
ham Bm la tm cach tao ra nhng vn ban x va x c ni dung khac nhau (mt c li va
mt la bt li cho bn ky) ma gia tri Bm ging nhau. Ke ich c th tm cach tao ra mt
s lng rt ln cac vn ban c ni dung khng thay i nhng khac nhau v biu din
nhi phn (n gian la vic thm bt khoang trng hay dng nhiu t ng ngha thay
th ...), sau s dung mt chng trnh may tinh tinh gia tri Bm cua cac vn ban
va em so sanh vi nhau hi vong tm ra mt cp vn ban ung (s dung phng
phap thng k).
Nhng vic nay i hi s vn ban cn c tinh gia tri Bm phai ln hn kich
thc khng gian Bm rt nhiu. Chng han nh nu ham Bm c khng gian Bm 64-
bit th s lng vn ban cn c em ra nap vao chng trnh phai it nht 2
64
(vi mt
may tinh c th thc hin vic Bm 1 triu bc in trong 1 giy, th phai mt 6000.000
nm tinh toan [6])
Tuy nhin nu ke ich th vi lng vn ban it hn nhiu, trong pham vi c th tinh
c th xac sut tm c ung s nh th nao? Cu tra li la c th thc hin
c. Ban cht cua hin tng nay c minh hoa r thng qua phat biu sau, thng
c goi la nghich ly ngay sinh (birthday paradox):
Chng V: Ch
ky
i n t
va
ha
m bm
111
Trong mt nhom co 23 ngi bt k , xc sut co hai ngi co cng ngy sinh
nht it nht l . [5]
Mt cach tng quat, gia s mt ham Bm c n gia tri Bm khac nhau, nu chng ta
c k gia tri Bm t k thng tin khac nhau c chon ngu nhin, th xac sut khng
xay ra ung la:
(1-
n
1
)(1-
n
2
) ... (1-
n
k 1
) =
[
=
1
1
) 1 (
k
i
n
i
.
Vi 1 <<
n
i
, th
[
=
1
1
) 1 (
k
i
n
i
n
k k
k
i
n
i
e e
2
) 1 (
1
1
= ~
[
. Do , xac sut xay ra ung it
nht la
n
k k
e
2
) 1 (
1
. Gia s goi xac sut trn la c ta co
:
( 1)
2
1
k k
n
e c
~
(*)
Suy ra :
2
1
2 log
1
k k n
c
~
, suy ra:
1
2 log
1
k n
c
~
(**)
Theo cng th
nho
nn k la
t l vi
n
. V
i = 0.5 ta co
k1.1774
n
(***).
Vi d:
V
ng ta co
p chu
ng ta d oa
n c ch n d
i
cua s lng phep th cn thc hin tm ra ung cua mt ham bm . M t ha
m bm
40-bit se
la
khng an toa
n vi
chi
c n th
2
20
(khoang 1 t) phep th chng ta a c xac
su t u ng la
50%.
Tng t , vi mt ham Bm c khng gian Bm 64-bit nu trn th s phe
p th
c xac sut ung la 50% s la 2
32
, iu nay la c kha nng thc hin c. Vi du vi
loai may tinh nu trn ch mt khoang 1 gi tinh toan.
Ham bm c coi la an toan la cac ham bm 128 bit (nh MD5 ..) v khi s
l ng phe
p th
se
la
2
64
. Tuy nhin hi n nay v
i s pha
t tri n cu
a ca
c thu t toa
n tha
m
ma ham bm mi c phat hin cac ham bm 128 cung c khuyn nghi la khng nn
s
du ng trong ca
c h th ng ba
o m t m
ng ta se
xem xe
t hm
Chng V: Ch
ky
i n t
va
ha
m bm
112
Bm MD5, y la mt cai tin cua MD4 va la ham Bm c s dung rng rai nht,
nguyn t c thi t k cu
a ha
m bm na
y cu
ng la
c ha
m
bm kha
c.
a. Miu t MD5:
u vao la nhng khi 512-bit, c chia cho 16 khi con 32-bit. u ra cua thut
toan la mt thit lp cua 4 khi 32-bit tao thanh mt ham Bm 128-bit duy nht.
u tin, ta chia bc in thanh cac khi 512-bit, vi khi cui cng (t la x va x <
512-bit) cua bc in, chng ta cng thm mt bit 1 vao cui cua x, theo sau la cac bit
0 c dai cn thit (512 bit). Kt qua la bc in vao la mt chui M c dai
chia ht cho 512; v vy ta c th chia M ra thanh cac N word 32-bit (N word nay s chia
ht cho 16).
By gi, ta bt u tm ct cua bc in vi 4 khi 32-bit A, B, C va D (c xem
nh thanh ghi) :
A = 0x01234567
B = 0x89abcdef
C = 0xfedcba98
D = 0x76543210.
ngi ta thng goi A, B, C, D la cac chui bin s (chaining variables).
Bc in c chia ra thanh nhiu khi 512-bit, mi khi 512-bit lai c chia ra 16
khi 32-bit i vao bn vng lp cua MD5. Gia s ta t a, b, c va d thay cho A, B, C va D
i vi khi 512-bit u tin cua bc in. Bn vng lp trong MD5 u c cu trc ging
nhau. Mi vng thc hin 16 ln bin i: thc hin vi mt ham phi tuyn cua 3 trong 4
gia tri a, b, c va d; sau n cng kt qua n gia tri th 4, tip cng vi mt khi con
32-bit va mt hng s. Sau , n dich trai mt lng bit thay i va cng kt qua vao
mt trong 4 gia tri a, b, c hay d. Kt qua cui cng la mt gia tri mi c thay th mt
trong 4 gia tri a, b, c hay d.
Hnh 5.3: S vng lp chinh cua MD5
A
B
C
D
Vng
1
Vng
2
Vng
3
Vng
4
A
B
C
D
Khi ca bc
in
Chng V: Ch
ky
i n t
va
ha
m bm
113
Hnh 5.4: S mt vng lp MD5
C bn ham phi tuyn, mi ham nay c s dung cho mi vng:
F(X,Y,Z ) = (X Y) ((X) Z)
G(X,Y,Z ) = ((X Z) (Y (Z)))
H(X,Y,Z ) = X Y Z
I(X,Y,Z ) = Y (X (Z)).
trong : l XOR, l AND, l OR, v l NOT.
Nhng ham nay c thit k sao cho cac bit tng ng cua X, Y va Z la c lp
va khng u tin, va mi bit cua kt qua cung c lp va ngang bng nhau.
Nu M
j
la mt biu din cua khi con th j (j = 16) va <<<s la phep dich trai cua s
bit, th cac vng lp c th biu din nh sau:
FF(a,b,c,d,M
j
,s,t
i
) c biu din a = b + ((a + F(b,c,d) + M
j
+ t
i
) <<< s)
GG(a,b,c,d,M
j
,s,t
i
) c biu din a = b + ((a + G(b,c,d) + M
j
+ t
i
) <<< s)
HH(a,b,c,d,M
j
,s,t
i
) c biu din a = b + ((a + H(b,c,d) + M
j
+ t
i
) <<< s)
II(a,b,c,d,M
j
,s,t
i
) c biu din a = b + ((a + I(b,c,d) + M
j
+ t
i
) <<< s).
Bn vng (64 bc) s thc hin nh sau:
Vng 1:
FF (a, b, c, d, M
0
, 7, 0x76aa478)
FF (d, a, b, c, M
1
, 12, 0xe8c7b756)
FF (c, d, a, b, M
2
, 17, 0x242070db)
FF (b, c, d, a, M
3
, 22, 0xc1bdceee)
FF (a, b, c, d, M
4
, 7, 0xf57c0faf)
FF (d, a, b, c, M
5
, 12, 0x4787c62a)
FF (c, d, a, b, M
6
, 17, 0xa8304613)
FF (b, c, d, a, M
7
, 22, 0xfd469501)
FF (a, b, c, d, M
8
, 7, 0x698098d8)
FF (d, a, b, c, M
9
, 12, 0x8b44f7af)
a
b
c
d
Hm phi
tuyn
<<< s
M
j
t
i
Chng V: Ch
ky
i n t
va
ha
m bm
114
FF (c, d, a, b, M
10
, 17, 0xffff5bb1)
FF (b, c, d, a, M
11
, 22, 0x895cd7be)
FF (a, b, c, d, M
12
, 7, 0x6b901122)
FF (d, a, b, c, M
13
, 12, 0xfd987193)
FF (c, d, a, b, M
14
, 17, 0xa679438e)
FF (b, c, d, a, M
15
, 22, 0x49b40821).
Vng 2:
GG (a, b, c, d, M
1
, 5, 0x61e2562)
GG (d, a, b, c, M
6
, 9, 0xc040b340)
GG (c, d, a, b, M
11
, 14, 0x265e5a51)
GG (b, c, d, a, M
0
, 20, 0xe9b6c7aa)
GG (a, b, c, d, M
5
, 5, 0xd62f105d)
GG (d, a, b, c, M
10
, 9, 0x02441453)
GG (c, d, a, b, M
15
, 14, 0xd8a1e681)
GG (b, c, d, a, M
4
, 20, 0xe7d3fbc8)
GG (a, b, c, d, M
9
, 5, 0x21e1cde6)
GG (d, a, b, c, M
14
, 9, 0xc33707d6)
GG (c, d, a, b, M
3
, 14, 0xf4d50d87)
GG (b, c, d, a, M
8
, 20, 0x455a14ed)
GG (a, b, c, d, M
13
, 5, 0xa9e3e905)
GG (d, a, b, c, M
2
, 9, 0xfcefa3f8)
GG (c, d, a, b, M
7
, 14, 0x676f02d9)
GG (b, c, d, a, M
12
, 20, 0x8d2a4c8a).
Vng 3:
HH (a, b, c, d, M
5
, 4, 0xfffa3942)
HH (d, a, b, c, M
8
, 11, 0x8771f681)
HH (c, d, a, b, M
11
, 16, 0x6d9d6122)
HH (b, c, d, a, M
14
, 23, 0xfde5380c)
HH (a, b, c, d, M
1
, 4, 0xa4beea44)
HH (d, a, b, c, M
4
, 11, 0x4bdecfa9)
HH (c, d, a, b, M
7
, 16, 0xf6bb4b60)
HH (b, c, d, a, M
10
, 23, 0xbebfbc70)
HH (a, b, c, d, M
13
, 4, 0x289b7ec6)
HH (d, a, b, c, M
0
, 11, 0xeaa127fa)
HH (c, d, a, b, M
3
, 16, 0xd4ef3085)
HH (b, c, d, a, M
6
, 23, 0x04881d05)
HH (a, b, c, d, M
9
, 4, 0xd9d4d039)
HH (d, a, b, c, M
12
, 11, 0xe6db99e5)
HH (c, d, a, b, M
15
, 16, 0x1fa27cf8)
HH (b, c, d, a, M
2
, 23, 0xc4ac5665).
Vng 4:
II (a, b, c, d, M
0
, 6, 0xf4292244)
II (d, a, b, c, M
7
, 10, 0x432aff97)
Chng V: Ch
ky
i n t
va
ha
m bm
115
II (c, d, a, b, M
14
, 15, 0xab9423a7)
II (b, c, d, a, M
5
, 21, 0xfc93a039)
II (a, b, c, d, M
12
, 6, 0x655b59c3)
II (d, a, b, c, M
3
, 10, 0x8f0ccc92)
II (c, d, a, b, M
10
, 15, 0xffeff47d)
II (b, c, d, a, M
1
, 21, 0x85845dd1)
II (a, b, c, d, M
8
, 6, 0x6fa87e4f)
II (d, a, b, c, M
15
, 10, 0xfe2ce6e0)
II (c, d, a, b, M
6
, 15, 0xa3013414)
II (b, c, d, a, M
13
, 21, 0x4e0811a1)
II (a, b, c, d, M
4
, 6, 0xf7537e82)
II (d, a, b, c, M
11
, 10, 0xbd3af235)
II (c, d, a, b, M
2
, 15, 0x2ad7d2bb)
II (b, c, d, a, M
9
, 21, 0xeb86d391).
Nhng hng s t
i
c chon theo quy lut sau: bc th i gia tri t
i
la phn nguyn
cua 2
32
*abs(sin(i)), trong i = [0..63] c tinh theo radian.
Sau tt ca nhng bc nay a, b, c va d ln lt c cng vi A, B, C va D cho
kt qua u ra; va thut toan tip tuc vi khi d liu 512-bit tip theo cho n ht bc
in. u ra cui cng la mt khi 128-bit cua A, B, C va D, y chinh la ham Bm nhn
c.
b. Tinh bo mt trong MD5:
Ron Rivest a phac hoa nhng cai tin cua MD5 so vi MD4 nh sau:
Vng th 4 c thm vao (cn MD4 ch c 3 vng).
Mi bc c cng thm mt hng s duy nht.
Ham G vng 2 thay i t ((X Y) (X Z) (Y Z)) thnh ((X Z) (Y
(Z))) nhm giam tinh i xng cua G (giam tinh tuyn tnh).
Mi bc c cng kt qua cua bc trc n, lam cac qua trnh c tinh lin
kt, phu thuc ln nhau.
Vic cac khi con bi thay i khi vao vng 2 va vng 3 lam cho khun dang
cu trc vng lp thay i theo.
S lng lng bit dich trai cua mi vng c ti u va cac bc dich mi
vng l khc nhau.
Nm 1993, den Boer va Bosselaers a tm ra ung trong vic s dung ham nen
(vng 2 va 3) cua MD5. iu nay pha v quy lut thit k MD5 la chng lai s ung ,
nhng MD5 vn la ham Bm c s dung rng rai hin nay.
2.4.2. SHA (Secure Hash Algorithm)
Nm 1995, t chc NIST cng NSA a thit k ra thut toan ham Bm an toan
(SHA) s dung cho chun ch ky in t DSS. SHA c thit k da trn nhng
nguyn tc cua MD4/MD5, tao ra 160-bit gia tri Bm.
a. Miu t SHA:
Chng V: Ch
ky
i n t
va
ha
m bm
116
Cung ging vi MD5, bc in c cng thm mt bit 1va cac bit 0 cui bc
in bc in c th chia ht cho 512. SHA s dung 5 thanh ghi dich:
A = 0x67452301
B = 0xefcdab89
C = 0x98badcfe
D = 0x10325476
E = 0xc3d2e1f0
Bc in c chia ra thanh nhiu khi 512-bit. Ta cung t la a, b, c, d va e thay
cho A, B, C, D va E i vi khi 512-bit u tin cua bc in. SHA c bn vng lp chinh
vi mi vng thc hin 20 ln bin i: bao gm thc hin vi mt ham phi tuyn cua 3
trong 5 gia tri a, b, c, d va e; sau cung c cng va dich nh trong MD5.
SHA xac lp bn ham phi tuyn nh sau:
f
t
(X,Y,Z) = (X Y) ((X) Z) vi 0 t 19
f
t
(X,Y,Z) = X Y Z vi 20 t 39
f
t
(X,Y,Z) = (X Y) (X Z) (Y Z) vi 40 t 59
f
t
(X,Y,Z) = X Y Z vi 60 t 79.
Bn hng s s dung trong thut toan la:
K
t
= 2
1/2
/4 = 0x5a827999 vi 0 t 19
K
t
= 3
1/2
/4 = 0x6ed9eba1 vi 20 t 39
K
t
= 5
1/2
/4 = 0x8f1bbcdc vi 40 t 59
K
t
= 10
1/2
/4 = 0xca62c1d6 vi 60 t 79.
Cc khi bc in c m rng t 16 word 32-bit (M
0
n M
15
) thnh 80 word 32-
bit (W
0
n W
79
) bng vic s dung thut toan m rng:
W
t
= M
t
vi 0 t 15
W
t
= (W
t-3
W
t-8
W
t-14
W
t-16
) vi 16 t 79.
Ta c th miu ta mt vng lp cua SHA nh sau:
Chng V: Ch
ky
i n t
va
ha
m bm
117
Hnh 5.5: S mt vng lp cua SHA
Nu goi W
t
la biu din cua khi con th t cua bc in c m rng, va <<<s la
biu din dich trai s bit, th vng lp chinh cua SHA nh sau:
a = A, b = B, c = C, D = D, e = E,
for t = 0 to 79
{
TEMP = (a <<< 5) + f
t
(b, c, d) + e +W
t
+ K
t
,
e = d,
d = c,
c = b <<< 30,
b = a,
a = TEMP,
}
A = A + a, B = B + b, C = C + c, D = D + d, E = E + e,
Thut toan tip tuc vi khi 512-bit tip theo cho ti khi ht bc in, va kt qua sau
cng trong 4 thanh ghi A, B, C, D va E chinh la ham Bm SHA 160-bit.
b. Tinh bo mt trong SHA:
hiu r hn v tinh bao mt cua SHA, ta hay so sanh SHA vi MD5 c th
tm ra nhng im khac nhau cua hai ham Bm nay:
- MD5 v SHA u cng thm cac bit gia tao thanh nhng khi chia ht cho
512-bit, nhng SHA s dung cng mt ham phi tuyn f cho ca bn vng.
e
i-1
d
i-1
c
i-1
b
i-1
a
i-1
e
i
d
i
c
i
b
i
a
i
Hm phi
tuyn
<<< 30
<<< 5
W
t
K
t
Chng V: Ch
ky
i n t
va
ha
m bm
118
- MD5 s dung mi hng s duy nht cho mi bc bin i, SHA s dung mi
hng s cho mi vng bin i, hng s dich nay la mt s nguyn t i vi
ln cua word (ging vi MD4).
- Trong ham phi tuyn th 2 cua MD5 c s cai tin so vi MD4, SHA th s dung
lai ham phi tuyn cua MD4, tc (X Y) (X Z) (Y Z).
- Trong MD5 vi mi bc c cng kt qua cua bc trc . S khac bit
i vi SHA la ct th 5 c cng (khng phai b, c hay d nh trong MD5), iu
nay lam cho phng phap tn cng cua Boer-Bosselaers i vi SHA bi tht bai
(den Boer va Bosselaers la hai ngi a pha thanh cng 2 vng cui trong
MD4).
Cho n nay, cha c mt cng b nao c a ra trong vic tn cng SHA, bi
v dai cua ham Bm SHA la 160-bit, n c th chng lai phng phap tn cng bng
vet can (k ca birthday attack) tt hn so vi ham Bm MD5 128-bit.
2.5. Mt s
ng du ng cu
a ham Bm
Nh a
tri
nh ba
thay vi
ky
tr c ti p ln ca
c vn ba
n , thng i p
(ma trong a s trng hp la rt ln, t c ch m) ng
i ta se
ky
ln gia
tri bm a i di n
cho toa
n b vn ba
n o
. i u na
y c bi t quan tro ng va
hi u qua
i vi
chu
ng ta bi t
r ng ca
c h ch
ky
i n t
u la
m vi c v
i ca
c phe
p ti
nh s ho c s l
n nn ba
n thn
chng a tng i chm, vi c s
du ng gia
n b vn ba
n la
gia
i pha
p
toan din khc phuc c yu im nay cua cac h ch ky in t . Ngoai vic x dung
v
i ca
c h ch
ky
i n t
ha
m bm co
ng truy n ng
i ta se
du ng ha
m bm cho mu c i
ch xa
c
th c ti
nh nguyn ve n cu
a thng i p o
. Ch ng ha n chu
ng ta co
m t ph n m m ma
ngu n m
i du
i ma
y ti
nh cu
a ng
i du
ng la
khng c n pha
i ma
ho
a , tuy nhin n u nh ph n m m o
bi thay i trn ng truyn (ch ng ha n nh bi g n thm ca
c spyware , virus ) th s
r t nguy hi m. a
m ba
o chu
ng ta se
cung c p gia
tri bm cu
a ph n m m (khi o
ph n m m chi
nh la
thng i p ). Ng
i du
ng se
download ca
ph n m m va
gia
tri bm
nh n c , sau o
ti n ha
nh bm la i , i sa
nh gia
tri bm nh n c v
i gia
tri bm
c cung c p cu
ng v
a i trn
ng truy n. Hi n nay a s ca
c ph n m m ma
ngu n
m
u c phn ph i theo ca
ch na
y.
Trong ca
c h th ng yu c u co
xa
c th c ng
i du
ng nh ca
c h qua
n tri c s
li u, h i u ha
i du
ng ng
i ta cu
ng s
du ng ca
c ha
m bm ho c ca
c h ma
trong ca
c vai tro
cua ham bm (khng s
du ng kho
a ). Khi o
m i ta
i khoa
n cu
a ng
i du
ng thay vi
lu
d
i du
i du
ng ng nh p va
o h th ng , h
th ng se
l y tn truy c p , m t kh u ho nh p va
o , ki m tra xem co
tn truy c p na
o nh
v y hay khng . N u co
se
ti n ha
nh bm gia
tri m t kh u do ng
i du
ng nh p va
o , i
Chng V: Ch
ky
i n t
va
ha
m bm
119
sanh vi gia tri bm tng ng lu trong c s d liu (c th dang file text , xml, hay
file c s
li u cu
a m t h qua
n tri c s
li u na
o o
). N u k t qua
i sa
nh la
kh
p
th ngi dng la hp l , ng c la i n u khng kh
p co
nghi
a la
sai m t kh u . Hi n
nay t t ca
ca
c h qua
n tri c s
li u u c trang bi ca
c ha
m bm cho phe
p
ng
i du
ng ta o ra ca
c gia
tri bm cu
a m t kh u ng
i du
ng va
lu la i ca
c gia
tri bm na
y.
Vi c lu ca
c gia
tri bm a
m ba
o chu
ng ta khn g bi l m t kh u do m t kh u c lu
dang nguyn ban trn ma y ti
nh Unix
s
du ng nguyn t c lu m t kh u nh trn v
i ha
m bm la
h ma
DES c l p la i 25
l n, m t kh u cua ngi dng c s dung nh kha cua h ma, ban r em ma ha la
xu 64 bit 0.
Ngay nay vi s phat trin manh m cua thng mai in t , cac giao dich u
c th c hi n t
xa, trn ca
c h th ng ma ng nn vi c
va
i ke
m v
i o
la
ca
c ha
m bm nga
y ca
ng tr
th no
i r ng i khi ca
c ha
m bm co
n quan tro ng hn ca
ca
c h ma
m t.
3. Bai tp
Bai tp 5.1: Cho h ch ky in t ElGamma c p = 1019, a = 191 la mt phn t
nguyn thuy cua Z
P
*
, x = 37.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ch ky trn.
b) ky ln ban r M = 102 ngi ta chon k = 143, hay thc hin ky a ra ch ky
tng ng.
c) Kim tra xem cp (K, S) = (251, 507) c la ch ky ln vn ban M = 127 hay
khng.
Bai tp 5.2: Cho h ch
ky
i n t
n ch
ky
i n t
DSA co
ky
i n t
RSA co
du ng m t trong ca
c ngn ng
l p tri
c th vi n ma
ngu n m
nh Crypto++ (chi ti t ta i i a chi
website http://www.cs.auckland.ac.nz/~pgut001/cryptlib).
Chng VI: Qun ly khoa
120
CHNG VI: QUAN LY KHOA
1. Qun ly
s gii
thiu mt s h phn phi hoc trao i khoa khi dng cac s an toan va bao mt vi
kho cng khai.
2. Mt s h phn phi kho
2.1. S phn phi kho Blom
Gia s ta c mt mang gm c n ngi dng va mi ngi dng u c nhu cu
trao i thng tin bi mt vi moi ngi trong mang. Gia s s mt ma c s dung
la mt s mt ma khoa i xng (chng han nh DES). Toan b mang cn c
2
) 1 ( n n
khoa khac nhau cho chng y cp ngi dng khac nhau trong mang. Mt c
quan uy thac TA quan ly chng y khoa va phai chuyn cho mi ngi dng (n-1) kho
chung vi (n-1) ngi cn lai trong mang; nh vy TA phai truyn bng nhng knh bi
mt tt ca la n(n-1) lt khoa n tt ca n ngi dng.
Chng VI: Qun ly khoa
121
Nm 1985, Blom nghi m t s phn ph i khoa
, ma sau y ta goi la s
Blom, trong tr
ng h p n gia
n nh t c m ta
nh sau:
- TA chon mt s nguyn t p n, va chon cho mi ngi dng A mt s
p A
Z r e
. S p va cac s r
A
c cng b cng khai.
- Sau , TA chon ba s ngu nhin a, b, c
p
Z e va lp a thc:
p cxy y x b a y x f mod ) ( ) , ( + + + =
- Vi mi ngi dng A, TA tinh p x b a r x f x g
A A A A
mod ) , ( ) ( + = = , trong
p br a a
A
mod
A
+ = , p cr b b
A A
mod + = . TA chuyn bi mt cp s (a
A
, b
A
) cho
A. Nh vy, A bit x b a x g
A A
+ =
A
) ( .
So vi vic TA phai truyn bi mt n(n-1) lt khoa trn th vi s Blom, TA ch
phai truyn n lt cac cp s (a
A
, b
A
) m thi.
Sau khi a thc hin xong cac cng vic chun bi , by gi nu hai ngi dng A
va B mun tao khoa chung truyn tin bng mt ma cho nhau th khoa chung K
A,B
s
l:
), , ( ) ( ) (
, B A A B B A B A
r r f r g r g K = = =
ma mi ngi A va B tinh c bng nhng thng tin mnh a c.
Nh vy, theo s phn phi nay, TA phn phi cho moi ngi dng mt phn bi
mt cua khoa, hai ngi dng bt ky phi hp phn bi mt cua ring mnh vi phn cng
khai cua ngi kia cng tao nn khoa bi mt chung cho hai ngi. S nay la an
toan theo ngha sau y: bt ky mt ngi thc ba C nao (k ca C la mt ngi tham gia
trong mang) c th c phat hin c khoa bi mt ring cua hai ngi A va B. Thc
vy, d C c la ngi tham gia trong mang i na, th cai ma C bit nhiu lm la hai s
a
C
, b
C
do TA cp cho. Ta chng minh rng vi nhng g ma C bit th bt ky gia tri
p
Z e
nao cung c th c chp nhn la K
A,B
. Nhng g ma C bit , k ca chp nhn
B A
K
,
= ,
c th hin thnh:
C C
C C
B A B A
b cr b
a br a
r cr r r b a
= +
= +
= + + + ) (
Nu xem a, b, c la n s, ta c inh thc cac h s v phai la:
), )( (
1 0
0 1
1
B C A C
C
C
B A B A
r r r r
r
r
r r r r
=
+
Theo gia thit chon cac s r, inh thc khac 0, do h phng trnh lun c
nghim (a, b, c), tc vic chp nhn la gia tri cua K
A,B
la hoan toan c th. Bt ky gia tri
Chng VI: Qun ly khoa
122
p
Z e nao cung c th c C chp nhn la K
A,B
, iu ng ngha vi vic C khng
bit K
A,B
la s nao.
Tuy nhin, nu c hai ngi tham gia C va D (khac A, B) lin minh vi nhau phat
hin K
A,B
th lai rt d dang, v ca C va D bit:
D D
D
C
C
b
a
b
a
= +
= +
= +
= +
cr b
br a
cr b
br a
D
C
C
bn phng trnh u xac inh (a, b, c) t tm c K
A,B
.
Ta c th m rng s Blom ni trn c mt s Blom tng quat, trong
moi khoa chung K
A,B
cua hai ngi dng A va B la bi mt hoan toan i vi bt ky lin
minh nao gm k ngi ngoai A va B, nhng khng cn la bi mt i vi moi lin minh
gm k+1 ngi tham gia trong mang. Mun vy, ta ch cn thay a thc f(x, y) ni trn
bng mt a thc i xng bc 2k sau y:
= =
=
k
i
k
j
j i
ij
p y x a y x f
0 0
, mod ) , (
trong
ji ij p ij
a a k j i Z a = s s e , , 0 , vi moi i, j.
2.2. H phn phi kho Kerberos
Kerberos la tn cua mt h dich vu phn phi (hay cp phat) khoa phin (sesion
key) cho tng phin truyn tin bao mt theo yu cu cua ngi dng trong mt mang
truyn tin. H mt ma c s dung thng la h c khoa i xng chng han nh DES.
thc hin h nay, trc ht c quan c uy thac (hay trung tm iu phi) TA
cn chia se mt khoa DES bi mt K
A
vi mi thanh vin A trong mang. Sau , mi ln A
c nhu cu truyn tin bao mt vi mt thanh vin khac B th yu cu TA cp mt khoa
phin cho ca A va B. Vic cp phat s c thc hin bng mt giao thc phn phi
khoa nh sau:
1) TA chon ngu nhin mt khoa phin K, xac inh mt tem thi gian T va thi
gian sng L (nh th c ngha la khoa phin K c gia tri s dung trong khoang thi gian
t T n T+L).
2) TA tnh ), , ), ( , (
1
L T B ID K e m
A
K
= ) , ), ( , (
2
L T A ID K e m
B
K
= va gi (m
1
, m
2
) n
A.
3) A dng ham giai ma
A
K
d cho m
1
thu c K, T, L, ID(B). Sau tinh
), ), ( (
3
T A ID e m
K
= va gi (m
3
, m
2
) cho B.
4) B dng cac ham giai ma
B
K
d cho m
2
v d
K
cho m
3
thu c K, T, L, ID(A)
va ID(A), T. Nu thy hai gia tri cua ID(A) va cua T trng nhau th B tinh tip m
4
= e
K
(T +
1) va gi m
4
cho A.
Chng VI: Qun ly khoa
123
5) A dng ham giai ma d
K
cho m
4
va th xem kt qua thu c c ng la T+1
hay khng.
Trong giao thc ni trn, cac ky hiu ID(A) va ID(B) la ch danh tinh cua A va cua B,
cac thng tin la cng khai.
Hoan thanh giao thc gm 5 bc ni trn, TA (cng vi A va B) a thc hin xong
vic cp phat mt khoa phin K cho hai ngi dng A va B truyn tin mt ma cho
nhau. Tt ca cac vic trao i cac thng tin trong giao thc u c thc hin trn
cac knh cng cng, d khoa K vn la bi mt (ch A, B va TA la c bit ma thi). Ngoai
vic cp phat khoa, giao thc cn thc hin c vic xac nhn khoa: B va A u tin
chc c rng i tac cua mnh a thc s c khoa K do kt qua cua vic thc hin cac
phep th bc 4 va 5. Thm na, ca A va B cn bit c thi han c hiu lc cua
kho.
Phn phi khoa bi mt theo giao thc Kerberos c tin cy cao, tuy nhin trong
thc t, vic s dung n cung i hi tn nhiu thi gian nn ngay nay cung ch c
dng trong nhng trng hp han ch.
2.3. H phn phi kho
a Diffe-Hellman
H phn phi khoa Diffe-Hellman khng i hi TA phai bit va chuyn bt ky thng
tin mt nao v khoa cua cac ngi tham gia trong mang ho thit lp c khoa chung
bi mt cho vic truyn tin vi nhau.
Trong mt h phn phi khoa Diffe-Hellman, TA ch vic chon mt s nguyn t ln
p va mt phn t nguyn thuy o theo mod p sao cho bi ton tnh log
a
trong
*
p
Z la rt
kh. Cac s p va o c cng b cng khai cho moi ngi tham gia trong mang. Ngoai
ra, TA c mt s ch ky vi thut toan ky bi mt sig
TA
va thut toan kim tra cng khai
ver
TA
.
Mt thanh vin bt ky A vi danh tinh ID(A) tuy y chon mt s a
A
(0 a
A
p-2) v
tnh p b
a
A
mod
A
o = . A gi bi mt a
A
va ng ky cac thng tin (ID(A), b
A
) vi TA. TA cp
cho A chng ch:
C(A) = (ID(A), b
A
, sig
TA
(ID(A), b
A
)).
Cac chng ch cua cac thanh vin trong mang c th c lu gi trong mt c s
d liu cng khai hoc uy thac cho TA lu gi va cung cp cng khai cho cac thanh vin
mi khi cn n.
Khi hai thanh vin A va B trong mang cn c mt khoa bi mt chung truyn tin
bao mt cho nhau th A dng thng tin cng khai b
B
c trong C(B) kt hp vi s bi mt
cua mnh la a
A
tao nn khoa.
. mod mod
A
,
p p b K
A B
a a a
B B A
o = =
Khoa chung B cung tao ra c t cac thng tin cng khai b
A
cua A va s bi mt
a
B
cua mnh:
. mod mod
B
,
p p b K
B A
a a a
B B A
o = =
Chng VI: Qun ly khoa
124
bao am c cac thng tin v b
B
v b
A
la chinh xac, A va B c th dng thut
ton ver
TA
kim tra ch ky xac nhn cua TA trong cac chng ch C(B) va C(A) tng
ng.
C s
ly
thuy t a
a Diffie -Hellman la
ba
i toa
n Logarithm r
i ra c , c th tham khao
thm trong ph n 3.3 chng IV bi t thm.
3. Trao i kho va tho thun kho
3.1. Giao thc trao i kho Diffie-Hellman
H phn phi khoa Diffie-Hellman ni trong muc trc c th d dang bin i
thanh mt giao thc trao i (hay thoa thun) khoa trc tip gia cac ngi s dung ma
khng cn c s can thip cua mt TA lam nhim vu iu hanh hoc phn phi khoa. Mt
nhm bt ky ngi s dung c th thoa thun cng dng chung mt s nguyn t ln p
va mt phn t nguyn thuy o theo mod p, hai ngi bt ky trong nhm A va B mi khi
mun truyn tin bao mt cho nhau c th cng thc hin giao thc sau y trao i
kho:
1) A chon ngu nhin s a
A
(0 a
A
p-2) bi mt, tinh p b
a
A
mod
A
o = va gi b
A
cho B .
2) Tng t, B chon ngu nhin s a
B
(0 a
B
p-2) bi mt, tinh p b
a
B
mod
B
o =
va gi b
B
cho A.
3) A va B cng tinh c khoa chung:
). mod ( mod mod
A A
,
p p b p b K
B B
a a a
A
a
B B A
o = = =
Giao thc trao i khoa Diffie-Hellman c cac tinh cht sau:
- Giao thc la an toan i vi vic tn cng thu ng, ngha la mt ngi th ba
d bit b
A
v b
B
s kh ma bit c K
A,B
.
Chng ta bit rng bai toan bit b
A
v b
B
tm K
A,B
chinh la bai toan Diffie-Hellman,
bai toan nay tng ng vi bai toan pha ma ElGammal. By gi ta s chng minh iu
ny.
Phep mt ma ElGammal vi khoa K = ( | o , , , a p ), trong p
a
mod o | = cho ta t
mt ban r x va mt s ngu nhin
1
e
p
Z k lp c mt ma e
K
(x, k) = (y
1
, y
2
) vi
p y
k
mod
1
o = , . mod
2
p x y
k
| = Va phep giai ma c cho bi p y
k
mod
1
o = .
Gia s ta c thut toan A giai bai toan Diffie-Hellman. Ta s dng A pha ma
ElGammal nh sau:
Cho mt ma (y
1
, y
2
). Trc tin, dung A cho p y
k
mod
1
o = v , mod p
a
o | = ta
c p B y A
k ka
mod ) , (
1
| o = = . Sau , ta thu c ban r x t
k
| v y
2
nh sau:
. mod ) (
1
2
p y x
k
= |
Chng VI: Qun ly khoa
125
Ngc lai, gia s c mt thut toan khac la B dng pha ma ElGammal, tc
. mod ) ( ) , , , , (
1
1 2 2 1
p y y x y y p B
a
= = | o Ap dung B cho
A
b = | , y
1
= b
B
, y
2
=1, ta c
, mod ) ) .( 1 ( ) 1 , , , , (
A A
1 1 1
p b b b p B
B
a a a
B B A
o o = =
tc giai c bai toan Diffie-Hellman.
- Giao thc la khng an toan i vi vic tn cng chu ng bng cach anh
trao gia ng.
Ngha la mt ngi th ba C c th anh trao cac thng tin trao i gia A va B.
Chng han, C thay
A
a
o ma A inh gi cho B bi
A
a'
o v thay
B
a
o ma B inh gi cho A
bi
B
a'
o . Nh vy, sau khi thc hin giao thc trao i khoa, A a lp mt khoa chung
B
a a '
A
o vi C ma vn tng la vi B; ng thi B cung lp mt khoa chung
B A
a a'
o vi C
ma vn tng la vi A. C c th gia ma moi thng bao ma A tng nhm la mnh gi n
B cung nh moi thng bao ma B tng nhm la mnh gi n A.
Mt cach khc phuc kiu tn cng nay la lam sao A va B c kim th xac
nhn tinh ng n cua cac khoa cng khai b
A
v b
B
. Ngi ta a vao giao thc trao i
kho Diffie-Hellman thm vai tr iu phi cua mt TA c mt h phn phi khoa
Diffie-Hellman nh mt cach khc phuc nhc im nay. Trong h phn phi khoa Diffie-
Hellman, s can thip cua TA la rt yu, thc ra TA ch lam mi vic la cp chng ch xac
nhn khoa cng khai cho tng ngi dng ch khng i hi bit thm bt c mt bi mt
nao cua ngi dng. Tuy nhin, nu cha thoa man vi vai tr han ch cua TA th c
th cho TA mt vai tr xac nhn yu hn, khng lin quan g n khoa, chng han nh
xac nhn thut toan kim th ch ky cua ngi dng, cn ban thn cac thng tin v khoa
(ca bi mt ln cng khai) th do cac ngi dng trao i trc tip vi nhau. Vi cach khc
phuc c vai tr ht sc han ch cua TA, ta c giao thc sau y:
3.2. Giao thc trao i kho Diffie-Hellman co chng ch xc nhn
Mi ngi dng A c mt danh tinh ID(A) va mt s ch ky vi thut toan ky sig
A
va thut toan kim th ver
A
. TA cung c mt vai tr xac nhn, nhng khng phai xac nhn
bt ky thng tin nao lin quan n vic tao khoa mt ma cua ngi dng (d la khoa bi
mt hay khoa cng khai), ma ch la xac nhn mt thng tin it quan h khac nh thut toan
kim th ch ky cua ngi dng. Cn ban thn cac thng tin lin quan n vic tao khoa
mt ma th cac ngi dng s trao i trc tip vi nhau. TA cung c mt s ch ky
cua mnh, gm mt thut toan ky sig
TA
va mt thut toan kim th cng khai ver
TA
. Chng
ch ma TA cp cho mi ngi A s la:
C(A) = (ID(A), ver
A
, sig
TA
(ID(A), ver
A
)).
R rang trong chng ch TA khng xac nhn bt ky iu g lin quan n vic tao
khoa cua A ca. Vic trao i khoa gia hai ngi dng A va B c thc hin theo giao
thc sau y:
1) A chon ngu nhin s a
A
(0 a
A
p-2), tnh p b
a
A
mod
A
o = va gi b
A
cho B.
2) B chon ngu nhin s a
B
(0 a
B
p-2), tnh p b
B
a
B
mod o = tinh tip
, mod p b K
B
a
A
= ), , (
A B B B
b b sig y = va gi (C(A), b
B
, y
B
) cho A.
Chng VI: Qun ly khoa
126
3) A tnh , mod p b K
A
a
B
= dng ver
B
kim th y
B
, dng ver
TA
kim th C(B),
sau tinh y
A
= sig
A
(b
A
, b
B
) va gi (C(A), y
A
) cho B.
4) B dng ver
A
kim th y
A
v dng ver
TA
kim th C(A).
Nu tt ca cac bc c thc hin va cac phep kim th u cho kt qua ng
n th giao thc c kt thc, va ca A va B u c c khoa chung K. Do vic dng
cac thut toan kim th nn A bit chc gia tri b
B
la cua B va B bit chc gia tri b
A
cua A,
loai tr kha nng mt ngi C nao khac anh trao cac gia tri gia ng.
3.3. Giao thc trao i kho Matsumoto-Takashima-Imai
Giao thc trnh bay trong muc trn dng ba ln chuyn tin qua lai thit lp mt
khoa chung. Cac tac gia Nht Matsumoto, Takashima va Imai nghi mt cai tin ch
dng mt giao thc gm hai ln chuyn tin (mt t A n B va mt t B n A) thoa
thun khoa nh sau:
Ta gia s rng trc khi thc hin giao thc, TA a ky cp chng ch cho mi
ngi dng A theo cach trong giao thc trao i DH:
C(A) = (ID(A), b
A
, sig
TA
(ID(A), b
A
)).
va thut toan kim th ch ky ver
TA
la cng khai. Trong giao thc nay, cac b
A
khng
trc tip tao nn cac khoa mt ma cho truyn tin, ma vi mi phin truyn tin bao mt,
khoa phin (sesion key) s c tao ra cho tng phin theo giao thc.
Giao thc trao i khoa phin MTI gm ba bc (trong c hai ln chuyn tin)
nh sau:
1) A chon ngu nhin s r
A
(0 r
A
p-2), tnh , mod p s
A
r
A
o = va gi (C(A), s
A
)
cho B.
2) B chon ngu nhin s r
B
(0 r
B
p-2), tnh , mod p s
B
r
B
o = va gi (C(B), s
B
)
cho A.
3) A tnh , mod .
A
p b s K
A
r
B
a
B
= vi gia tri b
B
thu c t C(B)
B tnh , mod . p b s K
B B
r
B
a
A
= vi gia tri b
B
thu c t C(A).
Hai cach tinh cho cng mt gia tri . mod
A
p K
a r a r
B B A
+
=o
Giao thc nay cung c kha nng gi bi mt khoa K nh i vi giao thc Diffie-
Hellman trc s tn cng thu ng. Tuy nhin, v khng c chng ch i vi cac gia tri
s
A
, s
B
nn vn c nguy c cua s tn cng tich cc bng vic anh trao gia ng bi
mt ngi C nao theo kiu sau y:
L ra A gi n B cp (C(A), s
A
) th C anh trao bng cach (C(A), s
A
) va gi n B
gia tri (C(A), s
A
) vi p s
A
r
A
mod '
'
o = . Va ngc lai, ang l B gi n A gia tri (C(B), s
B
)
C(A),
A
r'
o
A
C
B
C(A),
A
r
o
C(B),
B
r'
o C(B),
B
r
o
Chng VI: Qun ly khoa
127
th C anh trao bng cach nhn (C(B), s
B
) va gi n A gia tri (C(B), s
B
) vi
p s
B
r
B
mod '
'
o = . Khi A tinh c khoa:
, mod
A
'
1
p K
a r a r
B B A
+
=o
va B tinh c khoa:
. mod
A
'
2
p K
a r a r
B B A
+
=o
Hai gia tri K
1
v K
2
nay khac nhau nn khng gip A va B truyn tin c cho nhau,
nhng C khng c kha nng tinh c gia tri nao trong hai gia tri (v khng bit a
A
v
a
B
) nn khac vi giao thc Diffie-Hellman, y C ch c th pha ri, ch khng th anh
cp thng tin c.
3.4. Giao thc Girault trao i kho khng chng ch
Giao thc Girault c xut nm 1991. Trong giao thc nay, ngi s dung A
khng cn dng chng ch C(A) ma thay bng mt khoa cng khai t chng thc c
cp trc bi mt TA. Phng phap nay s dung kt hp cac c tinh cua bai toan RSA
va logarit ri rac.
Gia s n la tich cua hai s nguyn t ln p va q, n = p*q, p va q c dang p = 2p
1
+1,
q = 2q
1
+1, trong p
1
v q
1
cung la cac s nguyn t. Nhm nhn
*
n
Z ng cu vi tich
* *
q p
xZ Z . Cp cao nht cua mt phn t trong
*
n
Z la bi chung be nht cua p-1 v q-1, tc
la bng 2p
1
q
1
. Gia s o la mt phn t cp 2p
1
q
1
cua
*
n
Z . Nhm tun hoan sinh bi o
c ky hiu la G, bai toan tinh logarit ri rac theo c s o trong G c gia thit la rt
kh.
Cac s n va o la cng khai. Ch TA bit p, q. TA chon s mu cng khai e vi
UCLN(e, ) (n | ) = 1, va gi bi mt ). ( mod
1
n e d |
=
Mi ngi dng A c mt danh tinh ID(A), chon ngu nhin mt s G a e
A
, gi bi
mt a
A
v tnh n b
a
A
mod
A
o = , ri gi a
A
, b
A
cho TA. TA th lai iu kin n b
a
A
mod
A
o =
, ri cp cho A mt khoa cng khai t chng thc p
A
= (b
A
-ID(A))
d
mod n. Trong kho
cng khai p
A
khng c thng tin v a
A
nhng TA cn bit a
A
th iu kin
n b
a
A
mod
A
o = .
Giao thc Girault trao i khoa gia hai ngi dng A va B c thc hin bi cac
bc sau y:
1) A chon ngu nhin G r
A
e , tnh n s
A
r
A
mod o = va gi cho B cac gia tri (ID(A),
p
A
, s
A
).
2) B chon ngu nhin G r
B
e , tnh n s
B
r
B
mod o = va gi cho B cac gia tri (ID(B),
p
B
, s
B
).
3) A tnh kho , mod )) ( (
A
n V ID p s K
A
r e
B
a
B
+ =
B tnh kho . mod )) ( (
B
n A ID p s K
B
r e
A
a
A
+ =
Chng VI: Qun ly khoa
128
Ca hai gia tri cua K u bng nhau va bng . mod
A
n K
a r a r
B B A
+
=o .
Bng cac lp lun tng t nh muc trc, ta d thy rng mt ngi th ba C
kh ma tao ra cac thng tin gia mao gi n A hoc B, nu tn cng bng cach anh
trao gia ng th c th pha ri ngn can A va B tao lp khoa chung nhng khng
th anh cp thng tin trao i gia A va B.
Cn lai vn : tai sao TA cn bit a
A
va th iu kin n b
a
A
mod
A
o = trc khi
cp p
A
cho A! Ta gia s rng TA khng bit a
A
va cp p
A
= (b
A
-ID(A))
d
mod n cho A , v
th xem c th xay ra chuyn g?
Mt ngi th ba C c th chon mt gia tri a
A
v tnh n b
a
A
mod '
A
'
o = , ri tinh b
C
=
b
A
- ID(A) ID(C) va a (ID(C), b
C
) cho TA. TA s cp cho C mt khoa cng khai t
chng thc:
p
C
= (b
C
ID(C))
d
mod n.
V b
C
ID(C) = b
A
ID(A) nn thc t C a c cp:
p
C
= p
A
= (b
A
ID(A))
d
mod n.
By gi gia s A va B thc hin giao thc trao i khoa va C xen vao gia. Nh
vy, A gi cho B ) mod , ), ( ( n p A ID
A
r
A
o , nhng do C anh trao nn B s nhn c
) mod , ' ), ( (
'
n p A ID
A
r
A
o . Do , B va C tinh c cng mt khoa:
, mod )) ( ( mod '
' ' ' '
A
n B ID p s n K
A A B B A
r e
B
a
B
a r a r
+ = =
+
o
cn A tinh c khoa . mod
A
n K
a r a r
B B A
+
=o
B va C c cng mt khoa khac vi khoa cua A nhng B vn ngh rng mnh c
chung khoa vi A. V th, C c th giai ma moi thng bao ma B gi cho A, tc anh cp
thng tin t B n A. Vic TA bit a
A
va th iu kin n b
a
A
mod
A
o = trc khi cp p
A
cho A la loai tr kha nng anh trao nh vy cua mt ke tn cng C.
4.Bai tp
Bai tp 6.1: Gia s A va B s dung ky thut phn phi kha Diffie -Hellman truy n tin
cho nhau v
i s nguyn t c cho n la
a bi
m t cu
a A la
X
A
= 5 th kha cng khai cua A la g?
b) N u kho
a bi
m t cu
a B la
X
B
= 12 th kha cng khai cua B la g?
c) Cho bi t kho
a bi
m t du
ng truy n tin?
Bai tp 6.2: A va
B s
du ng ky
ng la
ph n t
nguyn thu
y cu
a Z
*
11
.
b) N u kho
a cng khai cu
a A la
Y
A
= 9 th kha bi mt cua A la bao nhiu?
(ID)A, p'
A
,
A
r'
o
A
C
B
(ID)A, p
A
,
A
r
o
(ID)B, p
B
,
B
r
o (ID)B, p
B
,
B
r
o
Chng VI: Qun ly khoa
129
c) Gia s B c kha cng khai la Y
B
= 3, hay tm kha bi mt dng truyn tin
gi
a A va
B.
Chng VII: Giao th
c m t ma
130
CHNG VII: GIAO TH C MT MA
1. Giao thc
inh nghia:
Mt giao thc (protocol) ch n gin l mt chui cc bc thc hin trong o co it
nht 2 bn tham d, c thit k thc hin mt nhim v no o.[2]
inh ngha nay n gian nhng cht ch: mt chui cac bc ngha la mt day
cac bc c th t, c u c cui, bc trc phai c kt thc trc khi thc hin
bc sau. C it nht hai bn tham gia ngha la c th c nhiu ngi cng tham gia
thc hin chui bc nay, do nu mt ngi thc hin mt chui cac bc th khng
th goi la mt giao thc c. Va cui cng mt giao thc phai c thit k nhm at
c ti mt kt qua nao .
Mt giao thc c nhng c tinh nh sau:
Cac bn tham gia phai hiu cach thc va cac bc thc hin mt giao thc khi
tham gia thc hin.
Cac bn phai ng y tuyt i tun thu cac bc.
Giao thc phai r rang, tt ca cac bc phai c vit tng minh, khng c
ch nao gy nn kha nng hiu nhm.
Giao thc phai y u, tt ca cac tnh hung bin i u phai c a ra.
Giao thc mt ma la mt giao thc c vn dung cac kin thc cua ly thuyt mt ma
at c cac muc tiu v mt an toan va bao mt cho h thng. Cac thanh phn tham
gia c th la ban b tin tng ln nhau, nhng cung c th la nhng ke ich cua nhau.
Mt giao thc mt ma c lin quan n cac thut toan cua mt ma nhng thng thng
muc ich cua n i xa hn la tinh bao mt thun tuy. Cac bn c th tham d vao vic
chia se cac phn cua mt bi mt c dng chit xut ra mt thng tin nao , c th
cng kt hp phat ra mt chui s ngu nhin, c th chng minh danh tinh cua mnh
cho bn kia hay ng thi ky vao mt vn ban hp ng. Toan b vn cua ly thuyt
mt ma y la lam sao d ra va chng lai cac kha nng nghe trm hay la di.
Nguyn tc thit k giao thc: phai lam sao khng ai, khng bn nao c th
thu c nhiu hn, bit c nhiu hn nhng g ma thit k ban u gia inh.
2. Mc ich cua cc giao thc
Ngay nay, vi s phat trin vu bao cua h thng may tinh toan cu i n tng h
gia nh, vic a cac nghi thc thu tuc lam n bnh thng cua ngi ta thc hin qua
mang cung la khng bao xa. Nh vy cn phai thit k nhng thu tuc lam vic tng ng
cho may tinh c th thay th cho cac thu tuc trong i thng. im khac bit c
trng y la by gi ngi lam vic vi nhau thng qua cac may tinh ma khng cn
thy mt nhau na. Hn na may tinh khng phai la ngi, n khng th d dang thich
nghi vi thay i nh chng ta y. V vy cn tinh n moi tnh hung, moi kha nng c
th cua giao thc.
Chng VII: Giao th
c m t ma
131
Rt nhiu cac thu tuc lam n hang ngay cua chng ta c tin tng da trn s
c mt cng nhau cua cac bn i tac, chinh v th nn vic xy dng nhng giao thc
trn may tinh la khng cn n gian nh cac thu tuc i thng ma n thay th. Ban c
t hi xem ngi ta c th trao mt chng tin mt cho mt ngi la nh mua hang c
c khng? Hay th hi xem ban c dam gi th cho chinh phu vi phiu bu cua ban
ma khng c cac thu tuc am bao v vic giu tn. Tht la ngy th nu tin rng moi
ngi lam vic trn mang may tinh u trung thc. Va cung tht la ca tin nu cho rng
cac nha quan tri mang, hay thm chi ngay ca cac nha thit k ra cac mang nay la trung
thc n cng. D hu ht la nh th nhng ch cn mt thiu s nhng ngi khng
trung thc cung u ngy ra thit hai nu chng ta khng c cac bin phap am bao.
Vi phng phap hnh thc hoa, chng ta c th th thit k cac giao thc ri tm
hiu, kim tra kha nng cua n c vng hay khng trc moi kiu xm pham cua cac ke
khng trung thc; t ma cai tin, phat trin ln chng lai cac kiu tn cng . Bng
cach ma ngi ta a xy dng cac giao thc cho cac may tinh giai quyt c cac
nhim vu, cac bai toan i sng hang ngay.
Hn na giao thc may tinh la mt hnh thc tru tng hoa va khng quan tm
n vic cai t cu th. Mt giao thc la ging nhau d n c cai t trn bt c h
iu hanh nao. V th mt khi chng a c th khng inh c tin cy cua giao thc
ta c th ap dung n bt c u, d la cho may tinh, cho in thoai hay cho mt l vi
sng thng minh ...
3. Cc bn tham gia vao giao thc (the players in protocol)
c th tip cn thng nht vi tt ca cac giao thc th mt iu cn thit la c
mt qui inh thng nht cach goi tn tt ca cac bn tham gia va dinh liu c th c trong
giao thc: [6]
Alice bn th nht trong cac giao thc.
Bob bn th hai trong cac giao thc.
Carol bn tham gia th ba trong cac giao thc.
Dave bn tham gia th t trong cac giao thc.
Eve ke nghe trm (eavesdropper).
Mallory
ke tn cng chu ng c nhiu quyn lc trn mang va rt nguy him
(malicious active attacker).
Trent trong tai (trusted arbitrator).
Walter
ngi canh gac (warden), c th ng canh gac Alice va Bob trong mt
s giao thc .
Peggy ngi chng minh (prover).
Victor
ngi thm tra (verifier), Peggy cn phai chng minh vi Victor v mt
quyn s hu nao chng han nh danh tinh cua anh ta khai la ng
hay anh ta ng la ke c thm quyn c truy nhp vao mt ni
quan trong ...
Chng VII: Giao th
c m t ma
132
4. Cc dang giao thc
4.1. Giao thc co trong tai
Ngi trong tai la ngi thoa man cac iu kin sau:
Khng c quyn li ring trong giao thc va khng thin vi cho mt bn nao.
Cac bn tham gia c quyn li trong giao thc u tin tng vao trong tai rng
bt ky cai g ma anh ta ni va lam u la ng va chinh xac, ng thi tin tng anh ta s
hoan thanh trach nhim cua mnh trong giao thc.
Nh vy trong tai c th ng ra gip hoan thanh cac giao thc gia nhng bn
tham gia khng tin tng ln nhau.
V d 1:
Alice mun ban mt chic xe cho mt ngi la la Bob. Bob mun tra bng sec, tuy
nhin Alice lai khng c cach nao bit c sec c gia tri tht s hay khng. Do
vy, c ta ch mun c chuyn sec trc khi giao xe cho Bob va y chinh la mu
thun b tc v Bob cung chng tin g Alice nn anh ta s khng a sec trc khi nhn
c chic xe.
Cach giai quyt s thng qua Trent (ngi ma ca Bob va Alice u tin tng) va
mt giao thc s din ra nh sau am bao tinh trung thc:
Alice chuyn vt cn ban cho Trent
Bob a t sec cho Alice.
Alice chuyn sec vao tai khoan cua c ta ngn hang.
i mt khoang thi gian nht inh n khi sec a chuyn xong, Trent s giao
hang cho Bob. Nu t sec khng hp l th Alice s bao cho Trent bit vi bng chng cu
th va Trent s giao tra lai hang cho c ta.
Trong giao thc nay:
Alice tin tng rng Trent s khng trao hang cho Bob tr khi sec c
chuyn xong va s chuyn lai hang cho c ta nu sec khng c gia tri.
Bob tin tng Trent s gi hang trong thi gian sec c chuyn va s giao
n cho anh ta mt khi c chuyn xong.
Trent khng quan tm n vic t sec c gia tri tht s va c chuyn c hay
khng, anh ta lam phn vic cua mnh trong ca hai trng hp c th xay ra ng nh
giao thc qui inh, n gian v anh ta s c tra tin cng trong ca hai trng hp.
Vi d 2:
Nha bng cung c th ng ra lam trong tai cho ALice va Bob. Bob s dung mt cai
sec c chng nhn cua nha bng mua ban vi Alice:
Bob vit mt sec va chuyn cho nha bng.
Sau khi cm mt s tin t tai khoan cua Bob bng gia tri cua t sec, nha bng
ky chng nhn ln sec va chuyn tra lai cho Bob.
Chng VII: Giao th
c m t ma
133
Alice giao xe cho Bob cng lc Bob a Alice t sec c chng nhn cua nha
bng.
Alice chuyn sec vao nha bng.
Giao thc nay thc hin c bi v Alice tin tng vao chng nhn cua nha bng,
tin rng nha bng cm gi s tin cua Bob cho c ta ma khng s dung n vao u t
bt c u.
T tng nay c em ap dung vao th gii may tinh, tuy nhin y xut hin
mt s vn nht inh i vi h thng my tnh:
C th d dang tm thy va t lng tin vao mt bn th ba trung gian (trong
tai) nu ta bit va c th nhn tn mt ho. Tuy nhin nu hai bn tham gia giao thc a
nghi ng nhau th vic cng t lng tin vao mt bn th ba nao nm u khut
din trn mang may tinh cung tr nn c th ang ng.
Mang may tinh phai tn thm chi phi quan ly va bao tr may tinh trong tai.
Lun lun c nhng khoang tr vn gn lin vi bt ky mt giao thc c trong
ti no.
Trong tai phai tham gia vao moi giao dich trn mang, iu c ngha s
tr nn mt im tht nt c chai (bottleneck), d tc trn mang mt khi giao thc a
c trin khai cho mt ng dung rng rai. Tng cng s trong tai c th gip tranh b
tc nay nhng lai lam tng thm chi phi quan ly bao tr nhng may tinh c trong tai .
Bi v tt ca moi ngi trn mang u tin trong tai, d gy ra y mt im
nhay cam chiu ap lc tn cng tp trung t cac ke rnh rp pha h thng.
4.2. Giao thc co ngi phn x
yn tm giao dich, Alice va Bob cn mi mt trong tai c uy tin cao, tuy nhin
y s nay sinh vn v vic phai tra s tin xng ang cho ngi nay, r rang la
khng phai khng ang k. V vy ngi ta a nay sinh y ngh chia giao thc c trong ti
tham d (arbitrated protocol) thanh hai phn giao thc (subprotocol) hai cp di:
Mt la mt giao thc khng cn n trong tai, thc hin bt ky khi nao mun
tin hanh giao dich.
Hai la mt arbitrated giao thc ch c s dung khi Alice va Bob cai nhau v
mun c ngi phn x.
V th trong trng hp nay ta khng dng khai nim ngi trong tai (arbitrated) vi
ngha la ngi phai trc tip tham gia vao giao thc, ma s dung ngi phn x
(adjudicator), bao ham y ngha ngi nay khng cn phai c mt khi Alice va Bob tin
hanh giao dich ma ch c mi n khi Alice va Bob yu cu giai quyt tranh cai.
Cung ging nh trong tai, ngi phn x phai khng c quyn li lin can n giao
dich cua Alice va Bob, va c ca hai ngi nay tin tng. Anh ta khng tham gia trc
tip vao giao dich nh trong tai nhng s ng ra xac inh xem la giao dich c c
tin hanh ng khng va xac inh bn sai bn ng nu nh c tranh cai.Nhng im
khac bit gia trong tai va ngi phn x la ngi phn x khng phai lun lun cn
thit, nu c tranh cai th mi cn ngi phn x (khng c tranh cai th thi).
Chng VII: Giao th
c m t ma
134
Cac thm phan la nhng ngi phn x chuyn nghip. Khac vi cng chng vin,
mt thm phan - ngi ma s ch c bit n hp ng nay khi nao mt trong hai
ngi Alice hay Bob li ngi kia ra toa. Giao thc dng cho ky kt hp ng nay c th
c hnh thc hoa nh sau:
Vi d:
Tai moi thi im:
Alice va Bob thoa thun cac iu khoan trong hp ng.
Alice ky hp ng.
Bob ky hp ng.
Khi c tranh cai cn giai quyt:
Alice va Bob n gp quan toa nh phn x.
Alice a ra chng c cua c ta.
Bob trnh bay cac chng c cua anh ta.
Quan toa xem xet cac chng c va phan quyt.
Y tng dng ngi phn x nay c th em vao ap dung trn may tinh. Trong
nhng giao thc th nay nu c mt bn tham gia ma khng trung thc th d liu lu
c t giao thc s cho phep ngi phn x sau nay phat hin c ai la ngi a la
di. Nh vy thay v ngn chn trc s la ao, giao thc ngi phn x s phat hin
c la di nu xay ra, thc t nay khi c ph bin rng rai s c tac dung ngn
chn, lam li bc nhng ke c y inh la ao.
4.3. Giao thc t phn x
Giao thc t phn x
la loai tt nht trong s cac giao thc. Loai giao thc nay t
ban thn n c th am bao c tinh cng bng, khng cn n trong tai hay mt thm
phan phn x khi tranh cai. Ngha la giao thc loai nay c ch ra sao cho khng th
c cac k h cho tranh cai nay sinh. Nu c bn nao c y sai lut th tin trnh s cho
phep phia bn kia phat hin ra ngay va giao thc dng lai ngay lp tc. iu mong mun
cho tt ca cac giao thc u nn ch tao nh th, nhng ang tic la khng phai lc nao
cung c giao thc loai nay cho moi tnh hung.
5. Cc dang tn cng i vi giao thc
Nu nh giao thc c coi nh mt nghi thc giao tip cac bn lam vic vi
nhau th i vi cryptography giao thc, bn di cai v ngoai giao la cac ky thut,
cac thut toan mt ma c vn dung, cai t trong cac bc cu th cua giao thc. Cac
tn cng cua ke pha hoai nhm pha hoai tinh an ninh cua h thng cung nh xm pham
tinh bi mt ring t cua thng tin, c th hng vao mt trong cac yu t sau: cac x ly
ky thut, cac thut toan mt ma hay la chinh ban thn giao thc.
Trong phn nay, chng ta hay gac lai kha nng th nht - gia s rng cac ky thut
va thut toan mt ma u la an toan; chng ta ch xem xet kha nng th hai, tc la phn
tich cac dang tn cng c th, trong ke th li dung cac ke h logic kim li hay
pha hoai. Cac dang tn cng c th phn thanh hai loai chinh nh sau:
Chng VII: Giao th
c m t ma
135
Vi dang tn cng thu ng: ke ich ch ng ngoai nghe trm ch khng can
thip hay anh hng g n giao thc. Muc ich cua n la c gng quan sat va thu lm
thng tin. Tuy nhin thng tin nghe trm c ch dang ma hoa, do ke ich cn phai
bit cach phn tich, giai ma th mi dng c (cipher only attack). Mc d hnh thc tn
cng nay khng manh nhng rt kh phat hin v ke ich khng gy ng.
Vi dang tn cng chu ng (active attack): ke ich la mt th lc trong mang,
nm nhiu kha nng va phng tin c th chu ng tn cng can thip, gy anh
hng phc tap n giao thc. N c th ng gia vi mt cai tn khac can thip vao
giao thc bng nhng thng bao kiu mi, xoa b nhng thng bao ang phat trn
ng truyn, thay th thng bao tht bng thng bao gia, ngt ngang cac knh thng tin
hay sa cha vao cac kho thng tin trn mang. Cac kha nng khac nhau nay la phu thuc
vao t chc mang va vai tr cua ke ich trn mang.
Ke tn cng trong tn cng thu ng (Eve) ch c gng thu lm thng tin t cac
bn tham gia giao thc, thng qua thu nhp cac thng bao truyn tin gia cac bn
phn tich giai ma. Trong khi , ke tn cng chu ng (Mallory) c th gy ra cac tac hai
rt phc tap a dang. Ke tn cng c th c muc ich n thun la tm c tin ma n
quan tm, nhng ngoai ra n c th gy ra cac pha hoai khac nh pha hoai ng truyn
truy nhp vao nhng h thng thng tin ma ch danh cho nhng ngi c u thm quyn.
Ke ich trong tn cng chu ng tht s rt nguy him, c bit la trong cac giao
thc ma cac bn khac nhau khng nht thit phai tin nhau. Hn na phai nh rng ke
ich khng phai ch c th la nhng ke xa la bn ngoai ma n c th la mt ca nhn hp
phap trong h thng, thm chi ngay chinh la ngi quan tri mang. Ngoai ra cn c th c
nhiu ca nhn lin kt vi nhau thanh mt nhm ke ich, lam tng ln s nguy him cho
giao thc.
Mt iu cung c th xay ra la Mallory lai chinh la i tac trong giao thc. Anh ta c
th c hanh ng la di hoc la khng chiu tun theo giao thc. Loai ke ich nay c
la ke la ao (cheater). Ke la ao thuc loai thu ng th c th lam ng theo giao thc
nhng lai c tnh thu nht thm thng tin t cac bn i tac hn la c phep theo qui
inh. Ke la ao chu ng th pha v giao thc trong mt c gng la di. Rt kh gi
an toan cho mt giao thc nu nh phn ln cac bn tham gia u la nhng ke la ao
chu ng, tuy nhin i khi ngi ta cung c cac bin phap cac bn hp phap c th
d ra c s la ao ang din ra. Tt nhin cac giao thc cung cn phai c bao v
chng lai nhng ke la ao loai thu ng.
Tai liu tham kho
136
TAI LIU THAM KHAO
[1] Nik Goots, Boris Izotov, Alex Moldovyan and Nik Moldovyan, Modern Cryptography-
Protect Your Data with Fast Block Ciphers, A-LIST Publishing , 2003.
[2] Whitfield Diffie, Martin E. Hellman, New Directions in Cryptography, IEEE
transactions on information theory, Vol. IT-22, No. 6, November 1976.
[3] Randy Nichols (LANAKI), Classical cryptography course, 1995.
http://www.forturecity.com/course/LANAKI.html
[4] A.Menezes, P. van Oorchot, and S.Vanstone, Hand book of Applied Cryptography,
CRC Press, 1996. http://www.cacr.math.uwaterloo.ca/hac
[5] Douglas R.Stinson, Cryptography: theory and practice, CRC Press,
1995.http://www.mindspring.com/~pate/stinson/
[6] Bruce Schneier, Applied Cryptography, Second Edition: Protocols, Algorthms, and
Source Code in C (cloth), MIST Press, 1996.
[7] Gil Held, Learn Encryption Techniques with BASIC and C++, CRC Press, 1998.
[8] FIPS 186 - (DSS)http://www.itl.nist.gov/fipspubs/fip186.htm
[9] Jean Berstel, Dominique, Theory of code, Academic Press Inc, 1985.
[10] C. Shannon, Communication theory of secret systems (tap chi khoa hoc), 1949.
[11] RSA library. www.fpt.rsa.org/PKI
[12] System and Network Security. http://www.cs.ncl.ac.uk/old/modules/2000-
01/csc331/notes/
[13] Cryptography and Computer Security.
http://www.cs.adfa.edu.au/teaching/studinfo/csc/lectures/
[14] http://www.securitydynamics.com/rsalabs/changelenges/factoring/rsa155.html.
[15] Data security and cryptography. http://www.islab.oregonestate.edu/koc/ece575
[16] OPT8 Advanced Cryptography.
http://www.isg.rhul.ac.uk/msc/teaching/opt8/macs.pdf
thi tham kha
o
137
1:
Cu 1 : Cho h m Hill c M = 2 v ma trn kha A =
(
7 3
5 12
hy thc hin
m ha vi xu S = HARD.
Cu 2 : V m hnh qun l kha da vo h m kha cng khai. Gii thch
r cc chc nng v cc bc thc hin.
Cu 3: Cc mnh sau ng hay sai, gii thch?
1. So vi tn cng ch ng tn cng th ng nguy him hn.
2. Giao thc 3 bc Shamir h tr kh nng xc thc ha ngun gc thng
ip.
3. C ch m mc xch an ton hn c ch bng tra m in t
4. Mt trong cc yu im ca cc h m mt kha cng khai l chm.
5. Giao thc 3 bc Shamir l giao thc trao i thng tin khng cn trao i
kha.
6. Cc h m m t RSA, ElGamma, Knapsack c go i la
ca
c h ma
m t
kha cng khai v kha ca chng u c cng khai ha.
2:
Cu 1 : V lc ch s dng m khi mc xch CBC . M ta
thu t toa
n
sinh va
gia
i ma
.
Cu 2 : Cho kho
a K =
(
7 3
8 11
v tin gc l July xc nh trn trng Z
26
.
Tm tin m theo gii thut Hill cipher.
Cu 3: Cc mnh sau ng hay sai, gii thch?
1. Tt c c 4 loi hm bm: cc hm bm da vo cc h m khi (chng
hn nh DES), cc hm bm da vo cc php tnh s hc, cc hm bm
c bit v cc hm bm da vo cc h m kha cng khai.
2. Mt trong cc yu im chnh ca h Knapsack l vic lu kha cn b
nh ln.
3. Chun m ha d liu (DES) khng cn an ton nn khng cn c dng
trong thc t.
4. tng tnh bo mt cho DES c th m ha nhiu ln vi cc kha khc
nhau.
5. Trong h m ElGamma lun xut hin hin tng l bn r.
6. s dng c ch bng tra m in t (EBC) khi ci t khng cn c
mt ga tr khi to IV.
3:
Cu 1 : V lc ch s dng m khi phn hi CFB . M ta
thu t toa
n
sinh va
gia
i ma
.
thi tham kha
o
138
Cu 2 : Cho ve
i thu t Knapsack.
Cu 3: Cc mnh sau ng hay sai, gii thch?
1. Trong ch m mc xch thng ip c chia thnh n khi, nu nh
khi th i b li trc khi em m ha th s lm nh hng ti cc khi
m ha sau .
2. Cho N = 2000, khi gi tr hm le ca N: u(N) = 800.
3. Giao thc 3 bc Shamir l giao thc trao i thng tin khng cn trao i
kha.
4. Cc h ch k in t hot ng theo 3 bc: sinh ch k, gi ch k v
kim tra ch k.
5. Cc h m mt SKC v PKC u cho php s dng trong m hnh ch k
in t.
6. C ch m mc xch an ton hn c ch bng tra m in t.
4:
Cu 1 : V lc gii t hu t sinh ma
DES va
gia
i thi
ch ca
c cng th
c c
dng.
Cu 2 : Cho ve
c c du
ng.
Cu 2 : Cho p = 13, q = 23, e = 173, v tin m l 122. Tm tin gc theo gii
thu t RSA.
thi tham kha
o
139
Cu 3: Cc mnh sau ng hay sai, gii thch?
1. C ch CBC l c ch s dng m khi n gin nht v d dng nht.
2. Trong c ch ECB nu mt khi no b hng trc khi a vo m ha
s lm nh hng ti tt c cc khi m ha ng trc n.
3. Kha m ha ca chun m ha d liu c di bng 56 bit.
4. Cc ch s dng m khi u s dng cc n v khi d liu 64 bit..
5. Trong h m ElGamma lun xut hin hin tng l bn r.
6. C ch m mc xch an ton hn c ch bng tra m in t.