1

HC VIN CNG NGH BU CHNH VIN THNG

---------------------------------------






Trn Th Kim Thy



NGHIN CU V NG DNG CHUN MT M NNG CAO
(AES) TRONG XY DNG HM BM



Chuyn ngnh: K thut in t
M s: 60.52.70




TM TT LUN VN THC S





H NI - 2012
2



Lun vn c hon thnh ti:
HC VIN CNG NGH BU CHNH VIN THNG


Ngi hng dn khoa hc: GS.TS.NGUYN BNH


Phn bin 1:

Phn bin 2: ....




Lun vn s c bo v trc Hi ng chm lun vn thc s ti Hc
vin Cng ngh Bu chnh Vin thng
Vo lc: ....... gi ....... ngy ....... thng ....... .. nm ...............






C th tm hiu lun vn ti:
- Th vin ca Hc vin Cng ngh Bu chnh Vin thng

3
M U
Vi tc v kh nng x l ngy cng c nng cao ca cc b vi x l hin
nay, phng php m ha chun (DES - Data Encryption Standard) tr nn khng
an ton trong bo mt thng tin. Do , Vin tiu chun v cng ngh Hoa k (NIST
- National Institute Standards of Technology) quyt nh chn mt chun m ha
mi vi an ton cao nhm phc v nhu cu bo mt thng tin lin lc ca Chnh
ph Hoa K cng nh trong cc ng dng dn s. Thut ton Rijndael do Vincent
Rijmen v Joan Daeman c chnh thc chn tr thnh chun m ha nng cao
(AES - Advanced Encryption Standard) t ngy 02 thng 10 nm 2000.
Ngy nay, ng dng ca chun mt m nng cao ang c s dng ngy cng
ph bin trong cc lnh vc khc nhau trn th gii. Chun mt m nng cao khng
ch n thun l m ha v gii m thng tin m cn bao gm nhiu vn khc
nhau cn c nghin cu v gii quyt nh ng dng xy dng cc hm bm phc
v vic chng thc ngun gc ni dung thng tin (k thut ch k in t), xc thc
tnh nguyn vn d liu...
Vi s pht trin ngy cng nhanh chng ca Internet v cc ng dng giao
dch in t trn mng, nhu cu bo v thng tin trong cc h thng v ng dng in
t ngy cng c quan tm v c ngha ht sc quan trng. V th vic nghin cu
v chun mt m nng cao v ng dng n trong cc lnh vc bo mt thng tin l rt
cn thit.
Ngoi phn m u, kt lun v danh mc ti liu tham kho lun vn c kt
cu thnh 3 chng:
Chng 1: S lc v chun mt m nng cao (AES)
Chng 2: Hm bm mt m
Chng 3: ng dng chun mt m nng cao xy dng mt vi hm bm c
th
Trong qu trnh thc hin Lun vn, do thi gian cng nh trnh ca tc gi
c nhng hn ch nht nh nn khng th trnh khi nhng sai st. Rt mong nhn
c s gp ca cc thy, c gio v cc bn Lun vn hon thin hn. Ti xin
chn thnh cm n s hng dn, v gip tn tnh ca GS.TS Nguyn Bnh, cc
thy trong khoa Quc t v o to sau i hc Hc vin Cng ngh Bu chnh
Vin thng gip ti trong qu trnh hc tp cng nh trong qu trnh lm Lun
vn.
4

CHNG 1: S LC V CHUN MT M NNG CAO
1.1. t vn
Hin nay vi tc v kh nng x l ca cc b vi x l ngy cng c
nng cao, phng php m ha chun DES, Tri DES tr nn khng an ton trong
bo mt thng tin. V th cn nghin cu chun mt m p ng c nhu cu bo
mt thng tin, chun mt m nng cao AES ra i.
Sau khi thc hin hai ln tuyn chn cng khai, c nm thut ton c vo
vng chung kt, gm c: Mars, RC6, Serpent, Twofish v Rijndael. Cc thut ton
ny u t cc yu cu ca AES nn c gi chung l cc thut ton ng vin AES.
Cc thut ton ng vin AES c an ton cao, chi ph thc hin thp. Tuy nhin vi
thit k p v n gin thut ton Rijndael do hai nh mt m hc ngi B thit k
c chn l thut ton ca AES.
1.2. C s ton hc ca AES
AES s dng trng hu hn Galois (GF(2
8
) thc hin cc php ton: php
cng, php tr, php nhn, v php chia. Cc phn t ca trng GF(2
8
) c xem
nh l cc a thc.
1.3. Cc thut ton ng vin AES
1.3.1. Thut ton Marc
1.3.2. Thut ton RC6
1.3.3. Thut ton Rijndael
1.3.4. Thut ton Serpent
1.3.5. Thut ton TwoFish
1.3.6. Nhn xt cc thut ton ng vin AES
- Quy trnh m ha gm: khi to, phn b kha v m ha.
- Quy trnh gii m gm: khi to, phn b kha v gii m.
- Phn b kha c thc hin da trn kha ngi s dng cung cp pht sinh
b subkey phc v cho vic m ha v gii m.
- D liu vo v ra trong quy trnh m ha, gii m l khi d liu 128 bit.
1.4. M t AES theo Rijndael
1.4.1. u vo v u ra ca php m v gii m
AES l mt trng hp ring ca Rijndael. AES c di khi bng 128 bit v
h tr cc di kha bng 128, 192, hay 256 bit. u vo v u ra ca Rijndael
c xem nh l mng mt chiu ca cc byte 8bit. i vi php m, u vo l khi
r v kha, u ra l bn m. i vi php gii m, u vo l khi m v kha, u
5
ra l khi r. Bin i vng ca Rijndael v cc bc ca n, thao tc trn mt kt
qu trung gian, c gi l trng thi. Trng thi c th c v nh l mt mng ch
nht cc byte vi 4 dng. S cc ct trong trng thi c k hiu bi N
b
v bng
di khi chia cho 32 (i vi AES th N
b
bng 4).
1.4.2. Cu trc AES
Rijndael l mt m khi kha - lp: n bao gm vic p dng lp mt nh x
vng trn trng thi. S cc vng c k hiu bi N
r
v ph thuc vo di khi
v di kha. Hnh v 1.8 trn minh ha cu trc c s ca thut ton AES.

Hnh 1.8: Cu trc c s ca thut ton AES
Tng phi tuyn: p dng song song ca cc S - box m c cc tnh cht phi tuyn
trong trng hp ti nht ti u.
Tng trn tuyn tnh: m bo khuych tn cao qua nhiu vng
Tng cng kha: L php XOR tng bit ca Round key v trng thi trung gian.
Trong thc t, tng trn tuyn tnh ca Rijndael li bao gm hai tng con, l
ShiftRows v MixColumns
1.4.3. Quy trnh m ha v gii m
Quy trnh m ha v gii m AES s dng mt hm lp l kt hp ca bn hm
bin i (n v x l l byte) sau: 1) bin i thay th byte s dng mt bng th (S-
box), 2) dch cc hng ca mng trng thi vi s ln dch ca mi hng l khc nhau,
3) kt hp d liu ca mi ct trong mng trng thi v 4) cng mt kha RoundKey
vo trng thi. Gii m AES bng cch thc hin bin i ngc ca cc bin i
6
php m ha AES hoc bng cch bin i tng ng. Cc bin i ny c minh
ha bng hnh v 1.10 di y:

Hnh 1.10. Quy trnh m ha v gii m AES
1.4.3.1. Quy trnh m ha
Ton b ca php m ha c th m t nh sau:
(1) S =AddRoundKey (P,W
0
)
(2) For i = 1 to N
r
-1
S =SubBytes (S)
S =ShiftRows (S)
S =MixColumns (S)
S =AddRoundKey (S, W)
(3) S =SubBytes (S), S = ShiftRows (S)
(4) C =AddRoundKey (SubBytes, W
Nr
)
1.4.3.2. Gii m Rijndael
Gii m Rijndael c 2 cch gii m l: gii m trc tip v gii m bng
thut ton gii m tng ng.
7
Gii m trc tip: Mi bin i c dng trong cc php tnh m ha l kh
nghch. Ci t php tnh gii m l gi nguyn cc th t cc bin i dng trong
php m ha, ch thay cc php bin i bng cc bin i ngc ca chng.
Gii m tng ng: c thc hin bng cch o ngc th t ca hm
SubByte
-1
() v ShiftRows
-1
(), thay i th t ca AddRoundKey(), MixColumns
-1
()
trong cc ln lp sau khi thay i kha cho gi tr Round = 1 to N
r-1
bng cch s
dng bin i MixColumns(). Cc word u tin v cui cng ca danh sch kha
khng b thay i khi ta p dng phng php ny.
1.4.3.2.Cc php bin i trong m ha v gii m AES
a) Bin i SubBytes()
Bin i SubBytes() thay th mi byte ring r ca state s
r,c
bng mt gi tr
mi s

r,c
s dng bng thay th (S - box), n l bng c ngc. Hnh 1.13 ch ra nh
hng ca bin i SubBytes() trn state

Hnh 1. 13. SubBytes() p dng S - box cho mi byte ca state
S - box dng trong bin i SubBytes() c trnh by dng c s 16 nh
bng 3.1 sau:
b) Bin i ShiftRows(): Hnh 1.14 ch ra bin i ShiftRows().

Hnh 1.14. Dch vng ShiftRows() ba hng cui cng trong state
8
Trong bin i ShiftRows(), cc byte trong ba hng cui cng ca trng thi
c dch vng i cc s byte khc nhau ( lch) . C th, bin i ShiftRows(), x
l nh sau:
s
rc
=s
r(c+r)
mod 4, vi 0<r<4 v 0sc<4 (trong r l s hng)
Bin i ny c tc dng dch chuyn cc byte sang bn tri, trong khi cc
byte bn tri nht c chuyn vng v cc v tr bn phi nht ca hng.
Bng 1.1. S - box c dng trong bin i SubBytes ()
00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
00 63 7c 77 7b f2 6b 6f c5 30 01 67 2b fe d7 ad 76
10 ca 82 c9 7d fa 59 47 f0 ad d4 a2 af 9c a4 72 c0
20 b7 fd 93 26 36 3f f7 cc 34 a5 e5 f1 71 d8 31 15
30 04 c7 23 c3 18 96 05 9a 07 12 80 e2 eb 27 b2 75
40 09 83 2c 1a 1b 6e 5a a0 52 3b d6 b3 29 e3 2f 84
50 53 d1 00 ed 20 fc b1 5b 6a cb be 39 4a 4c 58 cf
60 d0 ef aa fb 43 4d 33 85 45 f9 02 7f 50 3c 9f a8
70 51 a3 40 8f 92 9d 38 f5 bc b6 da 21 10 ff f3 d2
80 cd 0c 13 ec 5f 97 44 17 c4 a7 7e 3d 64 5d 19 73
90 60 81 4f dc 22 2a 90 88 46 ee b8 14 de 5e 0b db
a0 0e 32 3a 0a 49 06 24 5c c2 d3 ac 62 91 95 e4 79
b0 e7 c8 37 6d 8d d5 4e a9 6c 56 f4 ea 65 7a ae 08
c0 ba 78 25 2e 1c a6 b4 c6 e8 dd 74 1f 4b bd 8b 8a
d0 70 3e b5 66 48 03 f6 0e 61 35 57 b9 86 c1 1d 9e
e0 e1 f8 98 11 69 d9 8e 94 9b 1e 87 e9 ce 55 28 df
f0 8c a1 89 0d bf e6 42 68 41 99 ad 0f b0 54 bb 16
c. Bin i MixColumns()
Bin i MixColumns() tnh ton trn tng ct ca state. Bin i ny c th
c trnh by nh php nhn mt ma trn, m mi byte c hiu nh l mt phn
t trong trng GF(2
8
):
(
(
(
(
(

(
(
(

(
(
(
(
(

= =
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
x s x a x s
, 3
, 2
, 1
, 0
02 01 01 03
03 02 01 01
01 03 02 01
01 01 03 02
, 3
'
, 2
'
, 1
'
0
'
: ) ( ) ( ) ( ' vi 4 0 s s c
V kt qu ca php nhn ny, bn byte trong mt ct c thay th nh sau:
9
)
, 3
} 02 ({
, 2 , 1
)
, 0
} 03 ({
, 3
'
)
, 3
} 03 ({ )
, 2
} 02 ({
, 1 , 0 , 2
'
, 3
)
, 2
} 03 ({ )
, 1
} 02 ({
, 0 , 1
'
, 3 , 2
)
, 1
} 03 ({ )
, 0
} 02 ({
, 0
'
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
c
s
- - =
- - =
- - =
- - =

Php trong biu thc ny k hiu php cng trong GF(2
8
), m tng ng
vi php XOR tng bit. Cc php nhn c thc hin theo modulo vi a thc bt
kh quy ca trng. Vi thut ton AES a thc ny l x
8
+x
4
+x
3
+x+1. Hnh 1.16
ch ra bin i MixColumns ()

Hnh 1.16. MixColumns() tnh ton trn tng ct ca state
d. Bin i Addroundkey()
Trong bin i Addroundkey(), mt kha vng c cng vi state bng mt
php XOR theo tng bit n gin. Mi kha vng gm c 4 t (128 bit) c ly t
lc kha. 4 t c cng vo mi ct ca state, sao cho:
| | | | | |
c i c c c c c c c c
w s s s s s s s s
+ -
=
4 ( , 3 , 2 , 1 , 0 , 3 , 2 , 1 , 0
' , ' , ' , ' ' , ' , ' , '
vi 0 c s <4.
Trong
) 4 ( c i
w
+ -
l cc t th c ca kha vng th i
| |
) 3 4 (
,
) 2 4 (
,
) 1 4 (
,
) 4 ( + - + - + - -
=
i
w
i
w
i
w
i
w
i
W

ca lch trnh kha v i l mt gi tr nm trong khong 0si sN
r
. Trong php m ha,
php cng kha vng khi u thc hin vi i = 0, trc khi p dng u tin ca
hm vng. Vic p dng bin i Addroundkey() vo N
r
vng ca php m ha xy ra
khi 1si sN
r.

Cc php bin i SubBytes
-1
(), ShiftRows
-1
(), MixColumns
-1
() trong gii m
AES l cc php bin i ngc ca SubBytes(), ShiftRows(), MixColumns().
1.4.4. Bin i vng v s cc vng
Bin i vng ca Rijndael v cc bc ca n, thao tc trn mt kt qu trung
gian, c gi l trng thi. Trng thi c th c v nh l mt mng ch nht cc
10
byte vi 4 dng. S cc ct trong trng thi k hiu bi N
b
v bng di khi chia
cho 32 (i vi AES th N
b
bng 4).
S vng bin i, k hiu l N
r
theo cng thc: N
r
=max {N
b
, N
k
} +6
Bin i vng c k hiu l Round v l mt dy ca 4 php bin i
AddRoundKey, SubBytes, ShiftRows, MixColumns chng c gi l cc bc
(Steps). Vng cui cng ca php m c khc i mt cht, n khng c php
MixColumns.
1.4.5. Lch trnh kha
Lch trnh kha bao gm 2 thnh phn: m rng kha (Key Expansion) v
chn kha vng (Round Key Selection). M rng kha ch ra cc ExpandedKey
nhn c t kha m. Nguyn tc chnh nh sau:
- Tng s cc bit trong ExpandedKey bng di khi nhn vi s cc vng cng
thm mt, (v d di kha l 128 bit v 10 vng lp th kha ko di c 1408 bit).
- Cipher Key c ko di thnh ExpandedKey
- Ch rng ExpandedKey lun nhn c t kha m, n khng bao gi ch ra mt
cch trc tip: Round Key u tin bao gm N
b
t u tin, Round Key th hai bao
gm N
b
t tip theo, v tng t i vi Round Key th ba
Vic ko di kha c chn phi theo tiu chun v tnh hiu qu, loi b
tnh i xng, khuch tn, phi tuyn. Ngoi ra cn mt vi tiu chun khc cho lch
trnh kha nh sau:
- N s dng mt bin i c ngc, tc l vic bit bt k N
k
t lin kt ca
ExpandedKey s cho php to li ton b bng.
- Vic bit mt phn cc bit ca Cipher Key hoc Roundkey s khng cho php
tnh c nhiu bit Roundkeys khc.
- Chng li c cc tn cng trong mt phn Cipher Keys l c bit bi k
m thm.
- Cc tn cng m Cipher Keys l c bit hoc c th c chn, v d nh khi
m php c s dng nh hm nn (hm vng) ca hm bm.
c tnh hiu qu i vi cc b x l 8 bit, lc ko di n gin, nh
hng byte c chp nhn. Vic p dng php th S
RD
phi tuyn m bo tnh
phi tuyn ca lc , khng cn phi thm nhiu cc yu cu lu tr tm thi trn
b x l 8 bit.
Thut ton AES ly kha m K v thc hin mt th tc m rng kha to
ra mt lc kha. Vic m rng kha to ra tng s 4(N
r
+1) t, thut ton yu cu
mt tp 4 t khi u, v mi vng trong N
r
vng yu cu 4 t d liu kha. Lc
11
kha kt qu gm mt mng tuyn tnh ca cc t 4 byte, c k hiu l w
j
, vi j
nm trong khong 0sj s4(N
r
+1)
1.4.6. Ko di kha
Trong khi ko di kha, kha m c ko di thnh mng kha ko di, bao
gm 4 dng v N
b
(N
r
+1) ct. Mng ny c k hiu bi W[4][N
b
(N
r
+1)]. Hm
ko di kha ph thuc vo gi tr ca N
k
: C mt phin bn cho N
k
bng hoc nh
hn 6, v mt phin bn cho N
k
ln hn 6.
1.5. Phm vi, ngha v ng dng ca AES
1.5.1. Phm vi v ngha ca AES
Phm vi chnh thc ca mt chun FIPS l tng i hn ch: FIPS ch p dng
cho hnh chnh lin bang. Hn th na, AES mi ch c s dng cho cc ti liu
cha thng tin nhy cm nhng khng mt. AES t khi c chp nhn c s
dng nh mt chun mt m ngm nh trn ton th gii. Vic chp nhn Rijndael
nh mt chun chnh ph em n cho n mt b s chng thc v cht lng
Cc nhn t chnh lm cho s chp nhn nhanh chng i vi Rijndael l s
kin n khng c bn quyn, n c th c ci t mt cch d dng
1.5.2. u, nhc im ca AES
1.5.2.1. u im
+) AES c chnh ph Hoa k tuyn b l c an ton cao, v c s dng
thng tin mt;
+) AES c m t ton hc n gin;
+) Cu trc r rng n gin.
1.5.2.2. Nhc im
+) AES khng an ton i vi dng tn (side channel attack]).
+) Cu trc ton hc ca AES c m t ton hc kh n gin. Tuy iu ny cha
dn n mi nguy him no nhng mt s nh nghin cu s rng s c ngi li
dng c cu trc ny trong tng lai.
1.5.3. ng dng ca AES
+) Hin nay, AES c s dng ph bin trn ton th gii bo v d liu cc t
chc ngn hng, ti chnh, chnh ph, thng mi in t, ch k in t;
+) M ha AES c ng dng nhanh i vi c phn cng v phn mm, v ch yu
cu mt khng gian lu tr nh, l tng s dng cho vic m ha nhng thit b
cm tay nh nh USB flash, a CD;
+) S dng nh mt hm bm;
+) Xy dng cc hm bm. Hm bm Whilrpool l mt v d in hnh.
1.6. Kt lun chng 1
12
CHNG 2: HM BM MT M
2.1. t vn
2.2. Khi nim, tnh cht c bn, phn loi hm bm mt m
2.2.1. Khi nim
Hm bm mt m l hm ton hc chuyn i mt thng ip c di bt k
thnh mt dy bit c di c nh (ty thuc vo thut ton bm). Dy bit ny c
gi l thng ip rt gn (message digest) hay gi tr bm (hash value), i din cho
thng ip ban u. Cc hm bm ng vai tr c bn trong mt m hin i.
2.2.2. Tnh cht c bn ca hm bm mt m
c. Tnh kh va chm.
b. Kh tmnghch nh th hai
c. Tnh kh tnh ton nghch nh
2.2.3. Phn loi hm bm mt m








Hnh 2.1: S phn loi hm bm
2.2.3.1.Hm bm mt m c kha
Hm bm mt m c kha l hm bm c d liu u vo ngoi thng ip ra
cn c thng ip khc l mt kha b mt, nu khng c kha b mt ny th khng
th bm thng ip u vo theo ng yu cu. Cc hm bm c kho c s dng
xc thc thng bo v thng c gi l cc thut ton to m xc thc thng
bo (MAC).
2.2.3.2 Hm bm mt m khng kha (cc hm bm da trn mt m khi)
Hm bm khng kha l hm bm c d liu u vo ch l thng ip, khng
cha kha. Hm bm khng kha c mt s tnh cht nh sau:
a. Tnh kh tnh ton nghch nh
b. Kh tm nghch nh th hai
c. Tnh kh va chm
Hm bm
Khng c kha C kha
MDC Cc ng dng khc Cc ng dng khc

MAC
OWHF CRHF
13
Hm bm khng kha bao gm cc lp con MDC. Cc MDC c s dng
to ra nh c trng ca thng ip, m bo s ton vn ca d liu. Bn thn MDC
li c chia thnh hai lp hm sau:
+) Hm bm mt chiu (OWHF - One Way Hash Function) c ngha l vi mt m
bm bit trc, kh c th tnh ton tm ra thng ip u vo c m bm bng vi
m bm cho. Hm bm mt chiu tho mn tnh cht:
- Kh tm nghch nh
- Kh tm nghch nh th hai
+) Hm bm kh va chm (CRHF - Collision Resistant Hash Function) c ngha l
kh c th tnh ton tm ra hai thng ip khc nhau v c cng gi tr m bm.
Hm bm kh va chm ngoi hai tnh cht c bn cn tho mn cc tnh cht sau:
- Kh tm nghch nh th hai
- Kh v chm
M pht hin s sa i MDC c chia thnh MDC di n v MDC di kp.
2.3. Gii thiu cu trc, vai tr hm bm mt m
2.3.1. Cu trc ca hm bm mt m
Thnh phn chnh ca mt hm bm l mt hm nn v cc hm bin i khc.
Hm nn c thc thi nhiu ln bm thng ip ban u ca hm bm thnh mt
chui c chiu di c nh. Cc hm bin i khc (c th c hoc khng) nhn vo
chui bt sau ln cui cng thc thi hm nn v cho kt qu chnh l m bm cui
cng ca hm bm. Hnh 2.3 di y l cu trc tng qut ca hm bm.

Hnh 2.3: Cu trc tng qut ca hm bm.
C rt nhiu thut ton hm bm cho n nay s dng chung mt cu trc c
bn. C th, mt hm bm thng gm cc bc nh sau:
Bc 1: Phn chia thng ip u vo chiu di hu hn thnh cc khi thng ip
con lin tip c chiu di c nh r (gi s l m
1
, m
2
,
,
m
3
,,

m
k
)
14
Bc 2: Do m c di bt k nn lun c mt bc thm cc bit ph sao cho chiu
di chui mi m

chia ht cho r. (trong cc bit thm thng thm 64 bit lu li

chiu di ban u ca chui trc khi chn).
Bc 3: a khi thng ip con m
1
, m
2
,
,
m
3
,,

m
k
s ln lt i qua mt hm nn f
ca hm bm h(m).
Bc 4: Kt qu ca khi th m
i-1
sau khi i qua hm nn f s l ngun d liu u
vo cho bc th i tip theo.
2.3.2. ng dng ca hm bm mt m
a. Vai tr ca hm bm trong ton vn ca d liu
b. Vai tr ca hm bm trong chng nhn ngun gc d liu
c. Vai tr ca hm bm trong xc thc tnh nguyn vn d liu
2.4. Mt s hm bm mt m thng dng
2.4.1. Hm bm MD4
Hm MD4 (Message Digest Algorithm 4): L mt hm bm 128 bit c thit
k bi Ronald Rivest vo nm 1990. Mc tiu thit k ca MD4 l tm c hai
thng ip c cng m bm th cn khong 2
64
php ton, v tm c tin nh ca
mt m bm th cn khong 2
128
php ton. Nhng n nay mc tiu b tht bi.
Xung t ca MD4 c th tm thy vi khong 2
20
php ton.
2.4.2. Hm bm MD5
a) c im
Hm MD5 l mt hm bm di 128 bit. N l hm bm ci tin ca MD4.
u vo l nhng khi 512 bit, c chia cho 16 khi con 32 bit. u ra ca thut
ton l mt thit lp ca 4 khi 32 bit to thnh mt hm bm 128 bit duy nht.
Bc 1: Chia thng ip u vo thnh nhng khi 512 bit, c chia thnh 16 khi
con 32 bit, vi khi cui cng (t l x v x <512 bit) ca bc in, chng ta cng
thm mt bit 1 vo cui ca x, theo sau l cc bit 0 c di cn thit (512
bit). Kt qu l bc in vo l mt chui M c di chia ht cho 512, v vy ta c
th chia M ra thnh cc N word 32 bit (N word ny s chia ht cho 16).
Bc 2: Tm ct ca bc in vi 4 khi 32 bit A, B, C, D (c xem nh thanh ghi).
Ngi ta thng gi A, B, C, D l cc chui bin s:
A =0x01234567
B =0x89abcdef
C =0xfedcba98
D =0x76543210.
15
Thng ip u vo c chia thnh 16 khi 32 bit i vo bn vng lp ca
MD5. Gi s ta t a, b, c, d thay cho A, B, C, D i vi khi 512 bit u tin ca
bc in. Bn vng lp trong MD5 u c cu trc ging nhau. Mi vng thc hin
16 ln bin i: thc hin vi mt hm phi tuyn ca 3 trong 4 gi tr a, b, c, d, sau
n cng kt qu n gi tr th 4, tip cng vi mt khi con 32 bit v mt hng
s. Sau , n dch tri mt lng bit thay i v cng kt qu vo mt trong 4 gi tr
a, b, c, d. Kt qu cui cng l mt gi tr mi c thay th mt trong 4 gi tr a, b,
c, d. Tng t i vi cc khi 512 bit tip theo ca bc in s c thc hin qua 4
vng lp v thc hin cc php bin i trong 4 vng lp tm ct ca bc in
vi 4 khi 32 bit A, B, C,D.

Hnh 2.8: S vng lp chnh ca MD5
b. Nhn xt v MD5
V tc sinh ra chui ct yu th MD5 chm hn so vi MD4 nhng n li an
ton hn rt nhiu so vi MD4. Thut ton s ha thng ip MD5 kh n
gin thc hin, cung cp mt gi tr bm ca thng ip vi di ty .
Ngi ta cho rng kh tm c 2 thng ip c cng gi tr bm l khong
2
64
bc tnh, v kh tm c mt thng ip vi gi tr bm cho trc
l 2
128
bc tnh. Tuy nhin l hng mi pht hin trong thut ton MD5 s cho
php k tn cng c th to ra file gi mo trong vng vi gi vi loi my tnh t
chun. Hm bm MD5 vi di bm nh l 128 bit di ny s khng an ton
i vi mt s tn cng c bit l tn cng ngy sinh nht.
2.4.3. H hm bm SHA
a) c im
Thut ton SHA l thut ton bm mt c pht trin bi cc an ninh quc
gia M (NSA: National Security Agency) v c xut bn thnh chun ca chnh
ph M bi vin cng ngh v chun quc gia M (NIST: National Institute of
Standards and Technology). H hm bm SHA bao gm 5 thut ton bm an ton l:
16
SHA - 1, SHA - 224, SHA - 256, SHA - 384 v SHA - 512. Bn thut gii sau
thng c gi chung l SHA - 2. Bng 2.1 di y th hin cc tnh cht c bn
ca bn thut ton bm an ton.
Bng 2.1: Cc tnh cht c bn ca bn thut ton bm an ton
Kch thc (n v: bit)

Thut ton
Thng ip Khi T
Thng ip
rt gn
an ton

(n v: bit)
SHA-1 <2
64
512 32 160 80
SHA-224 <2
64
512 32 224 112
SHA-256 <2
64
512 32 256 128
SHA-384 <2
128
1024 64 384 192
SHA-512 <2
128
1024 64 512 256
Cc bc thc hin hm bm SHA gm: tin x l v tnh ton gi tr bm
Bc 1: Tin x l bao gm cc thao tt:
- M rng thng ip
- Phn tch thng ip m rng thnh cc khi m bit
- Khi to gi tr bm ban u
Bc 2: Tnh ton gi tr bm
- Lm N ln cc cng vic sau:
To bng phn b thng ip t khi th i
Dng bng phn b thng ip cng vi cc hm, cc hng s cc thao tc trn
word to ra gi tr bm i
- S dng thng ip bm cui cng to thng ip rt gn
a. M rng thng ip
Thng ip M c m rng trc khi thc hin bm. Mc ch ca vic m
rng ny l m bo thng ip m rng c di l bi s ca 512 hoc 1024 bit
ty thuc vo thut ton.
- i vi SHA - 1, SHA - 224 v SHA - 256:
Gi s di ca thng ip M l l bit. Thm bit 1 vo cui thng ip, theo
sau l k bit 0 (k l s khng m nh nht sao cho l +1 +k = 448(mod 512). Sau
thm khi 64 bit l biu din nh phn ca l.
- i vi SHA - 384 v SHA - 512:
Gi s di ca thng ip M l l bit. Thm bit 1 vo cui thng ip, theo
sau l k bit 0 (k l s khng m nh nht sao cho l +1 +k = 896(mod 1024) sau
thm khi 128 bit l biu din nh phn ca l.
17
b. Phn tch thng ip m rng
Sau khi thng ip c m rng, thng ip cn c phn tch thnh N
khi mbit trc khi thc hin bm.
i vi thng ip SHA - 1, SHA - 256, thng ip m rng c phn tch
thnh N khi 512 bit M
(1)
, M
(2)
, M
(N)
do 512 bit ca khi d liu u vo c th
c th hin bng 16 t 32 bit, M
0
(i)
cha 32 bit u ca khi thng ip i, M
1
(i)
cha
32 bit u ca khi thng ip tip
i vi thng ip SHA - 384, SHA - 512, thng ip m rng c phn tch
thnh N khi 1024 bit M
(1)
, M
(2)
, M
(N)
do 1024 bit ca khi d liu u vo c
th c th hin bng 16 t 64 bit, M
0
(i)
cha 64 bit u ca khi thng ip i, M
1
(i)
cha 64 bit u ca khi thng ip tip
c. Khi to gi tr bm
Gi tr bm l mt chui bit c gi tr bng message digest (tr SHA 384) gm
cc words ghp li. Trong H
i
(j)
l word j trong gi tr bm ln lp i vi 0s j ss
word trong gi tr bm - 1. Trc khi thc hin bm, vi mi thut ton bm an ton,
gi tr bm ban u H
(0)
phi c thit lp. Kch thc v s lng t trong H
(0)
ty
thuc vo kch thc thng ip rt gn.
d. Thut ton ca cc bc tnh ton gi tr bm: trong khun kh ca lun vn ch
trnh by v SHA - 512 bit.
SHA - 512 c s dng bm thng ip M di l bit 0 l s <2
128
. Thut ton
s dng:
- Mt bng phn b gm 80 t 64 bit
- 8 bin 64 bit
- Mt gi tr bm gm 8 t 64 bit
Kt qu ca SHA - 512 l thng ip rt gn 512 bit.
b. Nhn xt v h hm bm SHA
+) u im: SHA l h hm bm c coi l an ton bi:
Th nht: Cho mt gi tr bm nht nh c to nn bi mt trong nhng thut gii
SHA, vic tm li c on d liu gc l khng kh thi.
Th hai: Vic tm c hai on d liu nht nh c cng kt qu bm to ra bi
mt trong nhng thut gii SHA l khng kh thi. Bt c thay i no trn on d
liu gc, d nh, cng s to nn mt gi tr bm hon ton khc vi xc sut rt cao.
SHA - 1 c s dng rng ri trong nhiu ng dng v giao thc an ninh khc nhau.
SHA - 1 c coi l thut gii thay th cho MD5, mt thut gii bm 128 bit khc
18
+) Nhc im: Hin nay, SHA-1 khng cn c coi l an ton bi u nm 2005,
ba nh mt m hc ngi Trung Quc pht trin thnh cng mt thut tondng
tm c hai on d liu nht nh c cng kt qu bm to ra bi SHA-1. Mc d
cha c ai lm c iu tng t vi SHA-2, nhng v v thut ton, SHA-2 khng
khc bit my so vi SHA-1 nn nhiu nh khoa hc bt u pht trin mt thut
ton khc tt hn SHA. NIST cng khi u mt cuc thi pht trin thut ton
bm mi an ton hn SHA, ging nh quy trnh pht trin chun m ha nng cao
AES.
2.4.4. Hm bm xy dng da trn thut ton Rijndael m rng
2.4.4.1. L do chn xy dng hm bm da trn da trn AES s dng thut
ton Rijndael m rng
Mt trong nhng ng dng ca hm bm l bin i chui mt khu c di
bt k ca ngi dng thnh mng cc byte c kch thc c nh s dng lm
kha i xng. i vi cc thut ton m rng da trn thut ton Rijndael, bao gm
thut ton m rng 256/384/512 - bit v thut ton m rng 512/768/1024 - bit,
chng ta cn s dng m kha c kch thc l 256 bit, 384 bit, 512 bit, 768 bit hoc
1024 bit. Nu s dng cc hm bm thng thng (nh nhm cc hm bm SHA
hoc AES - Hash) th cha p ng c tt c cc trng hp kch thc m kha
ca cc thut ton m rng ny. Vic ghp ni hay bin i gi tr bm ca cc hm
bm thng thng ko di chui bit nhn c ra di i hi ca kha
khng phi l gii php ti u. Do , gii php c ngh l s dng chnh cc
thut ton m rng xy dng cc hm bm c khng gian gi tr bm rng hn,
ng thi c kh nng phc v cho vic to kha cho chnh cc thut ton ny t
chui mt khu ca ngi dng.
2.4.4.2. Nguyn tc xy dng hm bm da trn cc thut ton m rng
Rijndael
Theo Bram Cohen, hm bm AES (AES - Hash) m bo cc tnh cht ca mt
hm bm, v th nguyn tc xy dng hm bm da trn cc thut ton m rng
Rijndael hon ton tng t nh hm bm AES ch thay i di ca khi v thao
tc m ha thng tin c s dng trong thut ton.
2.5. Kt lun chng 2
19
CHNG 3: NG DNG CHUN MT M NNG CAO XY DNG
MT VI HM BM C TH
3.1. t vn
Cc hm bm ng vai tr c bn trong mt m hin i. ng dng chnh ca
cc hm bm l s dng trong xy dng cc h ch k in t, ngoi ra hm bm cn
c s dng vo cc mc ch khc nh: Xc thc ha thng ip, xc thc ha
ngi dng, xc thc tnh ton vn ca d liu.
Mt trong cc hm bm c nhc n hin nay l hm bm Whirlpool.
Whirlpool c thit k bi Vincent Rijmen v Paulo S. L. M. Barreto. Hm bm
Whirlpool c cng nhn cng vi phng php m ho AES l nhng nn tng
bo mt mnh m ti Hi tho v Bo Mt NESSIE ti Lund, Thy in vo ngy
26/2/2003. Hm bm Whirlpool c chn trong danh sch cc hm bm chng xung
t v c xp vo chun ISO/IEC 10118-3 cho cc hm bm. Hm bm Whirlpool
cng c chnh ph Vit Nam chn l b chun mt m quc gia.
Hm bm Whirlpool c cu trc ging vi hm bm thng, c khi m ha
(hm nn) Whirlpool tng t nh thut ton ca AES nhng vi kch thc khi, s
vng, lch trnh kha v S - box ban u khc nhau. Di y xin trnh by c th v
hm bm Whirlpool.
3.2. Cc c s ton hc ca hm bm Whirlpool
3.2.1. Trng Galois (s biu din nh phn)
K hiu trng Galois GF(2
4
) l GF(2)[x] / p
4
(x) vi p
4
(x) = x
4
+x +1 v
trng GF(2
8
) nh GF(2)[x] / p
8
(x) vi p
8
(x) =x
8
+x
4
+x
3
+x
2
+ 1. a thc p
4
(x) v
p
8
(x) l cc a thc chnh u tin bc 4 v 8, v c chn sao cho g(x) = x l
phn t sinh ca GF(2
4
) /{0} v GF(2
8
) /{0} tng ng. Cc phn t thuc trng
Galois c biu din di dng mt a thc | |

=
e =
1
0
) 2 (
m
i
x GF
i
x
i
u u , trong u
i

GF(2) vi mi i = 0,,m -1 s c ghi ch gi tr s

=
1
0
2 .
m
i
i
i
u
hay c vit di
dng thp lc phn, v d 13
x
k hiu cho p4(x).
3.2.2. Cc lp ma trn
3.3. M t hm bm Whirlpool
Hm bm chuyn dng Whirlpool nhn u vo l mt thng ip d liu c
di khng qu 2
256
- 1 bit v cho ra gi tr bm c di 512 bit. Hm bm
Whirlpool c m t da trn kin trc hm bm Davies - Mayer, s dng thut
ton Rijndael vi kch thc khi v kha u l 512 bit.
u vo: Gi s chui d liu u vo c m ti hm bm l dng
mt dy cc byte. Nu chui d liu c m dng mt dy ca 8n bit, x
0
,
20
x
1
, x
8n-1
, th n s c hiu nh l mt dy ca n byte, B
0
, B
1
,B
n-1
theo cch sau.
Mi nhm ca 8 bit lin tip c xem l mt byte, bit th nht ca nhm l bit c
gi tr cao nht ca byte . Tc l: B
i
=2
7
x
8i
+2
6
x
8i+1
+.+2x
8i +7
cho mi i (0 i
<n). Bin i u ra cho hm bm l: m bm H nhn c bng cch ly L
H
bit tri
nht ca chui u ra H
q
cui cng c L
2
bit. Vic la chn L
H
nh hng ti an
ton ca hm bm.
3.3.2. Cu trc ca Whirlpool
Trc khi c bm, thng ip M c chiu di L <2
256
c thm mt bit 1
v mt s bit 0 c thm vo c chui bit c chiu di l bi s l ca 256 v
cui cng l 256 bit nh phn cha chiu di L ca thng ip trc khi thm cc bit
c thm vo to thnh mt thng ip m, thng ip kt qu ny c chia thnh t
khi m
1
,,m
t
. Cc khi ny c xem nh l cc mng byte bng cch nhm lin tc
cc bit thnh cc on 8 - bit.
Hm nn Whirlpool lp chin lc bm Miyaguchi Preneel trn t khi thng
ip thm bit m
i
, 1 i t, dng mt m ton b khi 512 - bit W.
H
0
=Initial Value
H
i
= W(H
i-1
, m
i
) +H
i-1
+m
i
=Intermediate Value

Hnh 3.2: Cu trc ca Whirlpool
3.3.3. Khi m ha Whirlpool (hm nn Whirlpool)
M khi Whirlpool c cu trc v cc hm bin i ging nh AES. Nhng
Whirlpool s dng di kha 512 bit v di khi l 512 bit, trong khi di khi
ca AES l 128 bit, v di kha l 128 bit, c th h tr n 192 bit hoc 256 bit.
Whirlpool lm vic vi ma trn c kch thc 8*8, AES lm vic vi ma trn 4*4. S
vng trong AES l 10, 11, 12, 13 hoc 14, trong khi Whirlpool s vng ch l 10.
21
3.3.3.1. Cc hm trong khi m ha Whirlpool
Thut ton m ha Whirlpool c u vo l khi bn r di 512 bit, v
di kha l 512 bit, u ra l khi bn m c m ha vi di l 512 bit. Thut
ton m ha Whirlpool s dng 4 hm (php bin i) l: AddRoundKey (AK),
hm SubBytes (SB), hm ShiftColumns (SC), v MixRows (MR). Quy trnh m ha
Whirlpool bao gm 10 vng. Mi vng c 1 kha vng c thm vo bin i
AddRoundKey. Cu trc khi m ha Whirlpool c ch ra hnh 3.3 di y.

Hnh 3.3: Cu trc khi m ha Whirlpool
h tr ci t phn mm mt dy cc hm trn c k hiu thnh c
0
, c1,
c
2
, c
3
, c
4
. i vi c
0
hm nhn u vo

l mt chui 64 phn t ca GF(2
8
), v a ra
ma trn 8*8 vi cc phn t GF(2
8
). i vi c
1
, c
2
, c
3
hm nhn u vo

l mt ma
trn 8*8 gm cc phn t t GF(2
8
) v a ra mt ma trn 8*8 gm cc phn t t
GF(2
8
). i vi c
4
hm nhn u vo

l 2 ma trn 8*8 gm cc phn t t GF(2
8
) v
a ra 1 ma trn 8*8 gm cc phn t t GF(2
8
). C 4 hm trn u c s dng 64
byte, dng trong vic nh ra hm vng. Di y trnh by c th v cc hm ny:
Hm c
0
: nhn mt dy 64 byte, B = (B
0
, B
1
, B
63
) nh u vo, v to ma trn
Z

=(z
ij
) nh u ra vi: z
ij
= B
8i+j
(0si, j s7).
iu ny c ngha rng Z

= c
0
(B) khi v ch khi z

ij

= B
8i+j
(0si, j s7).
Hm c
1
: nhn ma trn X

= (x

ij
) nh u vo v to ra mt ma trn khc
W

= c
1
(X

) khi v ch khi w

ij
= s[x

ij
] (0si, j s7). Hm c th c cho dng bng
3.1. Hp s thay th mi phn t x_GF(2
8
) bng mt phn t khc s[x] _GF(2
8
), nh
22
c ch ra bng 3.1 (cc phn t trong ct u tin l mt na c ngha ln nht
ca x v phn t trong dng u tin l mt na c ngha nh nht ca x). V d,
nu x = 01010110 = 56 (h hexa), s[x] = 49 (h hexa) = 01001001.
Bng 3.1. S - box trong Whirlpool
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
00 18 23 C6 E8 87 B8 01 4F 36 A6 D2 F5 79 6F 91 52
10 60 BC 9B 8E A3 0C 7B 35 1D E0 D7 C2 2E 4B FE 57
20 15 77 37 E5 9F F0 4A DA 58 C9 29 0A B1 A0 6B 84
30 BD 5D 10 F4 CB 3E 05 67 E4 27 41 8B A7 7D 95 D8
40 FB EE 7C 66 DD 17 47 9E CA 2D BF 07 AD 5A 83 33
50 63 02 AA 71 C8 19 49 D9 F2 E3 5B 88 9A 26 32 B0
60 E9 0F D5 80 BE CD 34 48 FF 7A 90 5F 20 68 1A AE
70 B4 54 93 22 64 F1 73 12 40 08 C3 EC DB A1 8D 3D
80 97 00 CF 2B 76 82 D6 1B B5 AF 6A 50 45 F3 30 EF
90 3F 55 A2 EA 65 BA 2F C0 DE 1C FD 4D 92 75 05 8A
A0 B2 E6 0E 1F 62 D4 A8 96 F9 C5 25 59 84 72 39 4C
B0 5E 78 38 8C D1 A5 E2 61 B3 21 9C 1E 43 C7 FC 04
C0 51 99 6D 0D FA DB 7E 24 3B AB CE 11 8F 4E B7 EB
D0 3C 81 94 F7 B9 13 2C D3 E7 6E C4 03 56 44 7F A9
E0 2A BB C1 53 DC 0B 9D 6C 31 74 F6 46 AC 89 14 E1
F0 16 3A 69 09 70 B6 D0 ED CC 42 98 A4 28 5C F8 86
Hm c
2
: nhn u vo l ma trn X

= (x

ij
) v to ra ma trn khc W

=(w

ij
)
nh l u ra vi w

ij

= x
(i+j)mod8,j

(0si, j s7).
iu c ngha rng W

= c
2
(X

) khi v ch khi w

ij
= x
(i+j)mod 8
(0si, j s7).
Hm c
3
: nhn ma trn X

nh l u vo v to ra ma trn khc W

u ra vi
W

= X - C y C

l ma trn lun hon 8*8 vi cc thnh phn c chn t

GF(2
8
), nh c ch ra di y:
(
(
(
(
(
(
(
(
(
(
(
(
(
(
(

=
x x x x x x x x
x x x x x x x x
x x x x x x x x
x x x x x x x x
x x x x x x x x
x x x x x x x x
x x x x x x x x
x x x x x x x x
C''
01 09 02 05 08 01 04 01
01 01 09 02 05 08 01 04
04 01 01 09 02 05 08 01
01 04 01 01 09 02 05 08
08 01 04 01 01 09 02 05
05 08 01 04 01 01 09 02
02 05 08 01 04 01 01 09
09 02 05 08 01 04 01 01

iu ny c ngha l W

= c
2
(X

) khi v ch khi W

= X

- C

23
3.3.3.2. M t m hm vng
Hm vng (.,.) m bin i hai chui nh phn c di L
1
v L
2
vo mt
chui nh phn c di L
2
, n c s dng lp i lp li nh mt phn ca hm
bm, n kt hp chui d liu c di L
1
vi u ra trc c di L
2
.
Hm vng hot ng nh sau. Trong m t ny, chng ta s dng cc k
hiu W

, X

, K
0
,...K
10
k hiu 13 ma trn khc nhau, mi ma trn c cc phn t
c chn t GF(2
8
), chng cha cc gi tr c yu cu trong cc tnh ton.
a) Gi s 512 bit u vo u tin i vi l c cha trong ma trn Z

vi cc
phn t c chn t GF(2
8
), ma trn ny c to nn nh phng php quy c
sp xp byte. Cng gi s 512 bit u vo th hai i vi l c cha trong ma
trn Y

vi cc phn t c chn t GF(2

8
).
b) t K
0
:=Y

v i c gi tr t 1 n 10, ta ly: K
i
= c
4
(c
3
(c
2
(c
1
(K
i-1
)))), A
i
). Bc ny
m rng ma trn Y

thnh dy cc kha vng K
0
,.K
10
cho m khi W.
c) t X

:=c
4
(Z

, K
0
) v vi j c gi tr t 1 n 10 lm cc bc sau:
i) W

:=c
4
(c
3
(c
2
(c
1
(X

))),K
j
); ii) X

= W

Ch : y chnh l m khi W
Ly Y

:= W

K
0
Z

. y chnh l ch bm Miyaguchi-Preneel
Ma trn Y

biu din u ra ca hm vng . Sau vng lp cui cng ca hm
vng, ma trn Y

s c chuyn thnh mt dy c 64 byte nh php o ngc ca
th tc c ch ra trn, khi phn t dng u tin v ct u tin ca ma
trn s dn ti byte u tin, phn t dng u tin v ct th hai ca ma trn s
dn ti byte tip theo,... phn t dng th 8 v ct th 8 ca ma trn dn ti byte
cui cng. 64 byte s c chuyn thnh 512 bit nh php ngc ca th tc c
ch ra trn, tc l, bit th nht (ngoi cng bn tri) s tng ng vi bit c ngha
cao nht ca byte th nht ngoi cng bn tri, v bit th 512 (ngoi cng bn phi)
s tng ng vi bit nh nht ca byte th 64 (ngoi cng bn phi).
Hnh v 3.4 di y ch ra cc bc con a), v b) ca bc th 3 trong hm vng
ca Whirlpool, chng c thc hin 10 ln.

Hnh 3.4. Mt phn ca hm vng trong Whirlpool
3.3.4. Cc bc thc hin Whirlpool
Gi tr bm H ca d liu D s c tnh trong 4 bc nh sau:
24
a. Bc 1: m d liu (Padder)
Chui d liu D cn phi c m lm cho n cha mt s bit l bi nguyn ca
512. Th tc m hot ng nh sau:
1. D c ni vi mt bit 1;
2. Kt qu ca bc trc c ni vi mt s bit 0 (gia 0 v 511) sao cho
di (theo bit) ca chui kt qu l bi l ca 256.
3. Nu di ban u ca D l L
D
, ni chui thu c t bc trc vi biu
din nh phn 256 bit ca L
D
, bit c ngha ln nht u.
Trong m t ca hm vng sau y, mi khi d liu 512 bit D
i
, 1si sq, c
coi nh ma trn Z

=(z

ij
) (0si, j s7), tc l z

00
tng ng vi 8 bit ngoi cng bn
tri ca D
i
v z

77
tng ng vi 8 bit ngoi cng bn phi ca D
i
.
b. Bc 2: Phn chia
Phin bn c m ca chui d liu D c phn chia thnh cc khi D
1
,
D
2,
D
3
...D
q
c L
1
bit, vi D
1
biu din L
1
bit u tin ca phin bn c m ca
D
1
, D
2
biu din L
1
bit tip theo v, Cc qu trnh m v phn chia c minh ha
nh hnh v 3.5 di y:

Hnh 3.5: Cc qu trnh m v phn chia
c. Bc 3: Lp
Gi s D
1
, D
2
....

D
q
l cc khi L
1
bit ca d liu sau khi m v phn chia. Gi
s H
0
l chui bit bng vi IV. Cc chui bit L
2
bit, H
1
, H
2
,, H
q
c tnh bng lp
theo lc bm Miyaguchi - Preneel.
Vi i bng 1 ti q ta c: i i i i i i i D H D H W H D H = = 1 1 1 , ) ]( [ ) (
Trong : : l hm vng
D
i
l chui nhn c sau qu trnh m, H
i
: M bm ti thi im i
L
1
= 512 bit, l di (theo bit) ca chui u tin trong hai chui u vo ca
hm vng .
L
2
= 512 bit, l di (theo bit) ca chui th hai trong hai chui u vo ca
hm vng , cng l di ca chui u ra ca hm vng v ca gi tr khi
im.
Qu trnh lp ca Whirlpool c minh ha hnh 3.6
25

Hnh 3.6: Qu trnh lp ca Whirlpool
d. Bc 4: Bin i u ra
M bm H nhn c bng cch thc hin bin i T trn H
q
l u ra ca
bc 3, nhn c L
H
bit ca m bm cui cng. V d, bin i T c th l php
ton cht ct.
3.4. Mt s ng dng ca hm bm Whirlpool
Hm bm mt m hc c s dng trong nhiu ng dng bo mt thng tin
a dng nh trong cc h ch k in t, xc thc ha thng ip, xc thc ha ngi
dng, xc thc tnh ton vn ca d liu.
Hm bm Whirlpool khng yu cu khng gian lu tr ln v th vic ci t
ng dng bo mt thng tin trong cc th thng minh, cc thit b cm tay t c
hiu qu cao.
Hm bm Whirlpool c cng nhn cng vi phng php m ho AES l
nhng nn tng bo mt mnh m ti Hi tho v Bo Mt NESSIE vo ngy
26/2/2003. Hm bm Whirlpool c chnh ph Vit Nam chn l b chun mt
m quc gia.
3.5. nh gi hm bm Whirlpool
- Hm bm Whirlpool c kh nng m rng phm vi s dng hn cc hm bm
khc;
- Hiu qu trn a s phn cng (h tr cho cc b x l 8 bit c, cc b x l
32 bit hin ti v b x l 64 bit trong tng lai);
- Khng yu cu khng gian lu tr qu ln cho c m v S-box;
- c ci t hiu qu cho mi trng c nhng rng buc nh th thng minh,
cc thit b cm tay v hot ng hiu qu rt cao i vi cc b nh cache ln hn
ca cc b x l hin ti;
- Ch s dng nhng lnh n gin c sn trong b x l my tnh;
- Kch thc cc bn tm lc thng bo ca Whirlpool bng 512 bit, v th n
c kh nng chng li cc tn cng, c bit l tn cng ngy sinh nht.
3.6. Kt lun chng 3
26
KT LUN V KIN NGH
Ngy nay, b vi x l ca my tnh ngy cng nng cao vic thay th chun
mt m DES v TriDES bng chun mt m nng cao AES l rt cn thit. Chun
mt m nng cao AES c rt nhiu ng dng nhng ng dng xy dng hm bm
mt m c coi l quan trng v c ngha nht. V vy, lun vn vi ti
Nghin cu v ng dng chun mt m nng cao (AES) trong xy dng hm
Bm c thc hin vi mc ch nghin cu v chun mt m nng cao v mt
ng dng nh ca AES vo xy dng mt vi hm bm c th.
Lun vn thc hin c mt s vn c bn sau:
- Tng quan v chun mt m nng cao AES
- Cu trc, vai tr ca hm bm mt m, mt s hm bm thng dng cng vi
nguyn tc xy dng hm bm da trn AES.
- ng dng chun mt m nng cao AES xy dng hm bm Whirlpool.
- Cui cng, lun vn cng nu mt s kin ngh chun mt m nng cao c an
ton hn v mang li nhiu ng dng hn. Mt s kin ngh c nu ra nh sau:
Vi s pht trin ngy cng nhanh chng ca Internet v cc ng dng giao
dch in t trn mng, nhu cu bo v thng tin trong cc h thng v ng dng in
t ngy cng c quan tm v c ngha ht sc quan trng. V vy cn nng cao
an ton ca AES bng cch tng kch thc kha v kch thc khi ln 256 bit,
thm ch l 512 bit v hn th na.
Hm bm Whirlpool c chn lm chun mt m quc gia v vy cn c
trin khai v ng dng rng ri.