Bo Co Mn Hc: Bo Mt Mng

Ti:
Tm hiu thut ton
MD5 & SHA



GVHD: Phan Th Thanh Nga
Nhm Sinh Vin Thc Hin:
Tng Huy Lng
L Thnh Lun
1
Ni Dung Bo Co
1. Tm hiu v thut ton md5
MD5 v lch s ra i
c im v ng dng
MD5
So snh Md4 vi Md5
Kh nng b tn cng
2. Tm hiu v thut ton sha
SHA v lch s ra i
c im v ng dng
SHA-1
u nhc im
Mt vi v d
So snh sha1-sha2

2
Khi Nim MD5
Trong mt m hc, MD5 (Message-Digest algorithm 5) l mt b to
Hash mt m c s dng ph bin vi gi tr Hash di 128-bit .
L mt chun Internet (RFC 1321)
Mt bng bm MD5 thng c din t bng mt s h thp lc phn 32
k t.
MD5 c thit k bi Ronald Rivest vo nm 1991 thay th cho hm
bm trc , MD4. Vo nm 1996, ngi ta pht hin ra mt l hng
trong MD5; trong khi vn cha bit n c phi l li nghim trng hay
khng, nhng chuyn gia m ha bt u ngh s dng nhng gii thut
khc, nh SHA-1 (khi cng b xem l khng an ton). Trong nm 2004,
nhiu l hng hn b khm ph khin cho vic s dng gii thut ny cho
mc ch bo mt ang b t nghi vn

3
c im v ng dng
c im
Vic tnh MD n gin, c kh nng xc nh c file c kch thc
nhiu Gb.
Khng c kh nng tnh ngc, khi tm ra MD.
Do bn cht ngu nhin ca hm bm v s lng cc ln cc gi tr
hash c th, nn hu nh khng c kh nng hai bn tin phn bit c
cng gi tr hash.
Gi tr MD ph thuc vo bn tin tng ng.
Mt chui ch c duy nht mt hash.
Gi tr MD ph thuc vo tt c cc bit ca bn tin tng ng
ng dng
Bo ton thng tin
Bo mt


4
ng Dng
5
Bo Mt
Bo Ton thng tin
Gii M
V c bn MD5 khng th gii m li c. Nhng ti sao trn mng c rt
nhiu trang web gii m MD5 ?!? Tht ra th nhng trang web ny h
cng khng th gii m c MD5 m l h tra nhng password c
lu tr t trc.
V d: Gi s c Password l: 12345. Password ny sau khi m ha s
thnh chui MD5: 827ccb0eea8a706c4c34a16891f84e => Sau h lu
vo CSDL. Khi bn mun gii m chui
827ccb0eea8a706c4c34a16891f84e th h s tra vo CSDL v cho ra
password l : 12345
Mt s trang web c th lm vic ny l:
+ http://www.md5.net/
+ http://md5.gromweb.com
+http://md5cracker.org

6
M t thut ton MD5
7
Thut ton chnh ca MD5 hot ng trn mt b 128 bit. Chia nh n ra thnh 4
t 32 bt, k hiu A, B, C, D. Cc gi tr ny l cc hng s c nh. Sau thut
ton chnh s lun phin hot ng trn cc khi 512 bit. Qu trnh x l mt khi
thng ip gm 4 bc tng t nhau, gi l vng. Mi vng li gm 16 qu trnh
tng t nhau da trn hm mt chiu F, php cng module v php xoay tri


Thc hin qua cc 4 bc sau:
M t thut ton MD5
8
Bc 1: Thm cc bit vo chui
Thc hin ni di thng ip. (theo hnh v thng ip l B) chi nh
thnh cc module 512.





V d :Ta c chui 384bit

Trc tin n s chn bit 1 vo cui
thng ip.
Thm vo k bit 0 sao cho (b bit + bit 1 + k
bit 0)mod 512=448
64 bit tip theo s c thm vo biu th
chiu di ca chui bit ban u. (B bit + bit
1 + k bit 0 + 64 bit chiu di) mod 512 = 0

M t thut ton MD5
Bc 2:Khi to b m MD
Mt b m 4 word (A,B,C,D) c dng tnh m s thng ip.
y mi A,B,C,D l mt thanh ghi 32 bit. Nhng thanh ghi ny c
khi to theo nhng gi tr hex sau ( cc byte thp trc ) :
word A : 01 23 45 67
word B : 89 ab cd ef
word C : fe dc ba 98
word D : 76 54 32 10
Bc 3: X l thng ip theo tng khi 16 word
Trc ht ta nh ngha cc hm ph, cc hm ny nhn u vo l 3
word 32 bit v to ra mt word 32 bit
9
M t thut ton MD5
Vi ln lt l XOR, AND, OR, NOT
Qu trnh thc hin qua cc vng:
Vng 1: [abcd k s t] l cc bc thc hin ca php ton.
a= b + ((a + F1(b,c,d) + X[k] + T[i]) <<< s)
Vi t t 1 16 v k t 015
Vng 2: [abcd k s t] l cc bc thc hin ca php ton.
a= b + ((a + F2(b,c,d) + X[k] + T[i]) <<< s)
Vi t t 17 32 v k =(1+5t)mod 16
Vng 3: [abcd k s t] l cc bc thc hin ca php ton.
a= b + ((a + F3(b,c,d) + X[k] + T[i]) <<< s)
Vi t t 33 48 v k =(5+3t)mod 16
Vng 4: [abcd k s t] l cc bc thc hin ca php ton.
a= b + ((a + F4(b,c,d) + X[k] + T[i]) <<< s)
Vi t t 49 64 v k =(7t)mod 16




10
M t thut ton MD5
Bc 4: In ra
M s thng ip c to ra l A,B,C,D. Ngha l chng ta bt u t
byte thp ca A, kt thc vi byte cao ca D.
Hm bm MD5 tr v mt chui s thp lc phn gm 32 s lin tip.
Di y l cc v d m t cc kt qu thu c sau khi bm.
MD5("The quick brown fox jumps over the lazy dog") =
9e107d9d372bb6826bd81d3542a419d6
Thm ch ch cn mt thay i nh cng lm thay i hon ton kt qu
tr v:
MD5("The quick brown fox jumps over the lazy cog") =
1055d3e698d289f2af8663725127bd4b
Ngay c mt chui rng cng cho ra mt kt qu phc tp:
MD5("") = d41d8cd98f00b204e9800998ecf8427e


11
M t thut ton MD5
12
Bao gm 64 tc v th ny, nhm trong
4 vng 16 tc v.
F l 1 hm phi tuyt, mt hm c
dng trong mi vng.
M
i
ch ra mt khi tin nhp vo 32 bit
K
i
ch mt hng s 32 bit, khc nhau
cho mi tc v.
<<<<
s
ch s xoay bit v tri s n v, s
thay i ty theo tng tc v.
ch cng thm vi modulo 2
32
.
Hm bm MD5 s tr v mt chui s
thp lc phn gm 32 s lin tip.

Hnh m t qu trnh trong 1 vng.
Mt vng ca thut ton
13
Vng 4 c thm vo
Mi bc u c thm vo mt hng s duy nht
Hm G vng 2 c i t (XY v XZ v YZ) thnh (XZ v Y not(Z))
lm gim s i xng trong G.
Mi bc u s dng kt qu t bc trc . iu ny nhm to ra hiu
ng dy chuyn nhanh hn
Th t cc word u vo vng 2 v vng 3 c thay i, lm cho hai
mu ny t ging nhau hn
S bit dch chuyn mi vng c ti u ha, to ra hiu ng dy
chuyn nhanh hn. Lng dch chuyn mi vng l khc nhau.

So snh MD5 vi MD4
Kh nng b tn cng
Ngi ta cho rng kh tm c 2 thng ip c cng m s l
khong 2^64 bc tnh, v kh tm c mt thng ip vi m s
cho trc l 2^128 bctnh.
Vi bt k gi tr x, khng th tnh c y x sao cho
H(y) = H(x).
Khng th tnh c mt cp (x, y) sao cho H(x) = H(y).
Do MD5 c s dng rng ri trong cc ng dng, web, bo mt, v
chng thc
Tuy nhin mt mc no th md 5 vn c th crack c

14
Kh nng b tn cng
V MD5 ch d qua d liu mt ln, nu hai tin t vi cng bng bm
c xy nn, th cng mt hu t c th cng c thm vo khin cho
ng d xy ra. Tc l hai d liu vo (input) X v Y hon ton khc
nhau nhng c th ra (output) c mt md5 hash ging nhau . Tuy nhin
xc sut xy ra iu ny l kh nh.
V nhng k thut tm ng hin nay cho php cc trng thi bm trc
c xc nh mt cch ngu nhin, c th tm thy xung t i vi bt
k tin t mong mun no; c ngha l, i bt k mt chui cc k t X
cho trc, hai tp tin ng c th c xc nh m u bt u vi X.
Gii Php
Bt c thut ton m ha no ri cng b gii m. Vi MD5, ngay t
nm1996, ngi ta tm thy l hng ca n. Mc d lc cn cha r
rng lm nhngcc chuyn gia m ha ngh n vic phi a ra mt
thut gii khc, nh l SHA-1,SHA-2,....
15
SHA
SHA v lch s ra i
SHA(Secure Hash Algorithm hay thut gii bm an ton) l cc thut
gii dng chuyn mt on d liu nht nh thnh mt on d liu
c chiu di khng i vi xc sut khc bit cao.
- SHA c pht trin bi cc quc gia an ninh Hoa K gi tt
l(NSA) v c xut bn thnh chun ca chnh ph Hoa K bi vin
cng ngh v chun quc gia Hoa K(NIST) vo nm 1993 v c
gi l SHA-0.Cc thut ton ca SHA bao gm: SHA-1,SHA-
224,SHA-384,SHA-512,SHA-256
Vo nm 1995 c 1 thay i nh ca SHA-0 dn n s ra i ca
SHA-1,v SHA-1 c cng b trong FIPS PUB 180-1
SHA-256,SHA-384,SHA-512 u tin c xut bn vo nm 2001
nh d tho FIPS PUB 180-2 v pht hnh nh l tiu chun chnh
thc vo nm 2002
SHA-224 c xut bn vo nm 2004 nh l thng bo thay i cho
FIPS PUB 180-2

16
SHA
Cc Loi SHA
SHA-1 : to chui 40 k t h 16. Tr li kt qu di
160bit.
SHA-256 : to chui 64 k t th 16Tr li kt qu di
256bit.
SHA-384: to chui 96 k t h 16. Tr li kt qu di
384 bit.
SHA-512 : to chui 128 k t h 16. Tr li kt qu
di 512 bit.

17
SHA
c im v ng dng
c im:
Cho mt gi tr bm nht nh c to nn bi mt
trong nhng thut gii SHA, vic tm li c on d
liu gc l khng kh thi.
Vic tm c hai on d liu nht nh c cng kt
qu bm to ra bi mt trong nhng thut gii SHA l
khng kh thi
Bt c thay i no trn on d liu gc, d nh, cng
s to nn mt gi tr bm hon ton khc vi xc sut
rt cao.

18
SHA
SHA c s dng rng ri trong nhiu ng
dng v giao thc an ninh khau nhau : TLS v
SSL, GPG, SHH, IPSec.

19
SHA-1
Thut ton SHA-1
Khi gn cc bin:
h0 := 0x67452301
h1 := 0xEFCDAB89
h2 := 0x98BADCFE
h3 := 0x10325476
h4 := 0xC3D2E1F0
Tin x l:
Thm bit 1 vo cui thng ip
Thm vo k bit 0 sao cho di thng ip nhn c ng
du 448 (mod 512)
Thm 64 bit biu din di di ca thng ip gc (gi tr
lu dng big-endian)

20
SHA-1
21
Chia thng ip ( padding) thnh cc
khi 512 bit
Vi mi khi 512-bit:
Chia thnh 16 word (32 bit, big-
endian) w[0..15]
M rng 16 word (32 bit) thnh 80
word (32 bit)
w[i]=(w[i-3] w[i-8] w[i-14] w[i-
16]) <<< 1 vi 16 s i < 80
A= h0, B= h1, C= h2, D= h3, E= h4
80 chu k x l
h0+=A, h1+=B, h2+=C, h3+=D,
h4+=E
Kt qu:= h0 | h1 | h2 | h3 | h4

SHA-1
22
Chu ky x l:
t l s th t ca chu k
A, B, C, D, E l 5 word (32 bit) ca trng thi
F l hm phi tuyn (thay i ty theo chu k)
<<< n l php quay tri n v tr
php cng modulo 2
32
.
K
t
l hng s .

| |( )
( ) ( ) ( )
( ) ( ) ( )

s s
s s . v . v .
s s
s s . v .
=
79 60 ,
59 40 ,
39 20 ,
19 0 ,
, ,
t Z Y X
t Z Y Z X Y X
t Z Y X
t Z X Y X
Z Y X t F

s s
s s
s s
s s
=
79 60 ,
59 40 ,
39 20 ,
19 0 ,
t
t
t
t
K
t
0xca62c1d6
0x8f1bbcdc
0x6ed9eba1
0x5a827999
SHA-1
u im SHA-1
Bng bm l mt cu trc dung ha gia thi gian
truy xut v dung lng :
Nu khng c s gii hn v b nh : c th xy
dng bng bm vi mi ng dng vi mt a
ch vi mong mun thi gian truy xut tc thi.
Nu dung lng b nh c gii hn : t chc
mt s kha c cng a ch truy xut gim.
Cp php ton tren bng bm hn ch s ln so
snh, gim c thi gian truy xut.

23
SHA-1
Nhc im:
Hin nay vn bo mt ca SHA-1 khng cong
c tin tng s dng v :
u nm 2005, Rijmen v Oswald cng b 1 cuc
tn cng vao phin rt gn ca SHA-1 bng cch tm
ng bng cch tnh t hn 2^80 php tnh.
2-2005, mt cuc tn cng bi 3 nh vt mt m hc
thuc i hc ShanDong(Trung Quc) tm ra c s
ng trong phin bn SHA-1 ch vi 2^69 php tnh
nhanh hn khon 2000 ln so vi cch tn cng trc.
8-2005, ti hi ngh mt m, h cng b v thuyt
trnh vic tn cng ny v ch ra 1 v va chm ti vng
58 ca SHA-1 ch vi 2^33 php tnh.

24

SHA-1
Mt vi v d :
Text1:
Text: Xin Chao CTK33
SHA-1 :3c2225cd7740da98d80545085f216b373e7c1e01
Text2:
Text: Xin Chao CTK33.
SHA-1: 9830a511b3b4f044566f0491661b43751ccc52a9
- Text3 :
Text :
SHA-1:da39a3ee5e6b4b0d3255bfef95601890afd80709

25
SHA-2
SHA-2 bao gm 4 thut gii SHA-224,SHA-256,SHA-
384,SHA-512.
Nm 2004, FIPS PUB 180-2 c b sung thm mt bin
th SHA-224
V mt gii thut cc bin th SHA-2 khng khc
nhau.Mc d chng s dng gi tr bin v hng s cng
nh di t
Mc d Gilbert v Hanschuh(2003) nghin cu v
khng tm ra im yu ca nhng bin th ny, tuy nhin
chng vn cha c kim chng nh SHA-1

26
SHA
27
Tng t thut ton MD5
nhng thut ton SHA chia
nh n ra thnh 5 t 32 bt,
k hiu A, B, C, D, E.
Sau thut ton chnh s
lun phin hot ng trn
cc khi 512 bit. Qu trnh
x l mt khi thng ip
gm 4 vng con. Mi vng
li gm 20 qu trnh tng
t nhau.

Chc Nng Cc Loi SHA
28

Cc V D V M Ha SHA-2
Text : Xin Chao CTK33
M Ha :
SHA 256 :
b0ab7cf3f816aa1032077d8d0df64714b3ad59444a1f91f538
1907b63a24cf45
- SHA384:
09a9c9a50d8a2076fe241e4a3dd65b517fa727b1bb0c4817a
860c9bd96dac5e2d6bb5c9f7ff30a238d77dd88fddd681a
- SHA512:
0195c01101e1aebcd546e70c48af59713e552e12146b42b0
3ab8da7463508f826752058a0acdf9b620cf1b5e46263046
8bc77e6eb9496acc982161a0d6764354

29

Cm n C v cc bn
ch lng nghe.
30