Co So Ly Thuyet MM

Gio trnh
C s l thuyt mt m
H Ni, 2006
http://www.ebook.edu.vn
Mc lc
Mc lc
Trang
Trang ba ph ........................................................................................
Mc lc ...................................................................................................
Cc ch vit tt ......................................................................................
Li ni u .............................................................................................
i
ii
viii
ix
Chng I: Nhp mn mt m hc .........................................
1.1. S khi n gin ca mt h thng thng tin s ...................

1.2. S lc v mt m hc ..................................................................
1.3. Thut ton v phc tp ...........................................................
1.3.1. Khi nim v thut ton ..............................................................
1.3.1.1. nh ngha .................................................................................
1.3.1.2. Thut ton tm cc i. ...............................................................
1.3.1.3. phc tp ca thut ton. ........................................................
1.3.2. phc tp ca thut ton ........................................................
1.4. L thuyt thng tin trong cc h mt ........................................
1.4.1. mt hon thin ......................................................................
1.4.2. ENTROPY ..................................................................................
1.4.3. Cc tnh cht ca Entropy .........................................................
1.4.4. Cc kho gi v khong duy nht ............................................
1.5. Bi tp .........................................................................................
1
2
3
3
3
3
4
4
7
8
15
17
21
26
Chng II. Mt m kha b mt ..........................................
28
2.1. S khi mt h truyn tin mt ................................................

2.2. Mt m thay th ............................................................................
2.2.1. Mt m dch vng (MDV) ............................................................
2.2.2. M thay th (MTT) .......................................................................
2.2.3. Mt m Vigenre ..........................................................................
2.3. Mt m hon v (MHV) ................................................................
2.4. Mt m Hill ....................................................................................
2.5. H mt xy dng trn cc cp s nhn xyclic trn vnh a
thc .................................................................................................
2.5.1. Nhm nhn ca vnh...................................................................
28
29
29
30
31
32
33
37
Co so ly thuyet mat ma
ii
38
Mc lc
2.5.2. Cc phn t cp n v cc nhm nhn xyclic cp n ....................

2.5.3. H mt xy dng trn cc cp s nhn xyclic ............................
2.5.3.1. Cc cp s nhn xyclic cp n ....................................................
2.5.3.2. H mt xy dng trn cc cp s nhn xyclic ...........................
2.5.3.3. Vn gii m ..........................................................................
2.5.3.4. Cc ma trn lun hon ...............................................................
2.6. M Affine .......................................................................................
2.7. Cc h mt m tch........................................................................
2.8. Cc h m dng .............................................................................
2.9. Chun m d liu .........................................................................
2.9.1. M u ..........................................................................................
2.9.2. M t DES ....................................................................................
2.9.3. Mt v d v DES ..........................................................................
2.9.4. Mt s kin tho lun v DES ..................................................
2.9.5. Cc ch hot ng ca DES ..................................................
2.9.6. Mt s bin th ca DES .............................................................
2.9.6.1. DES bi hai (Double DES) ........................................................
2.9.6.2. DES bi ba (Triple DES TDES) .............................................
2.9.6.3. DES vi cc kha con c lp ....................................................
2.9.6.4. DES tng qut (Generalize DES - GDES) ..................................
2.10.Thm m vi sai v thm m tuyn tnh ......................................
2.10.1. Thm m vi sai (thm m da trn s khc bit) .....................
2.10.2. Thm m tuyn tnh (TMTT) ....................................................
2.11.Chun m d liu tin tin (AES)................................................
2.11.1. C s ton hc ca AES.............................................................
2.11.2. Thut ton AES ..........................................................................
2.12. Bi tp .........................................................................................
39
40
40
40
41
43
46
51
54
58
58
58
67
70
72
75
75
75
76
77
78
79
83
90
90
91
95
Chng III. Mt m kha cng khai ...................................
99
3.1. Gii thiu v mt m kha cng khai. .........................................

3.2. S hc modulo................................................................................
3.2.1. S nguyn.......................................................................................
3.2.2. Cc thut ton trong Z ....................................................................
3.2.3. Cc s nguyn modulo n .................................................................
3.2.4. Cc thut ton trong Z n ................................................................
99
101
101
104
107
113
3.2.4.1. Thut ton (Tnh cc nghch o trong Z n ) ..................................
114
3.2.4.2. Thut ton nhn v bnh phng c lp ly lu tha trong Zn ......
114
iii
Mc lc
3.2.5. Cc k hiu Legendre v Jacobi......................................................

3.2.5.1. nh ngha 3.19 ............................................................................
3.2.5.2. Cc tnh cht ca k hiu Legendre ...............................................
3.2.5.3.nh ngha 3.20 .............................................................................
3.2.5.4. Cc tnh cht ca k hiu Jacobi ....................................................
3.2.5.5. Thut ton tnh ton k hiu Jacobi (v k hiu Legendre) .............
3.2.5.6. Nhn xt (tm cc thng d bc hai theo modulo ca s nguyn t
p) ..............................................................................................................
3.2.5.7. V d tnh ton k hiu Jacobi. ......................................................
3.2.5.8. V d (Cc thng d bc 2 v khng bc 2) ....................................
3.2.5.9. nh ngha 3.21 ............................................................................
3.2.5.10. nh l 3.15 ..............................................................................
3.2.6. Cc s nguyn Blum .......................................................................
3.2.7. Bi ton logarit ri rc ...................................................................
3.3. H mt RSA ...................................................................................
3.3.1. Thut ton 1: To kho ..................................................................
3.3.2. nh ngha .....................................................................................
3.3.3. Thut ton 2: M ho cng khai RSA .............................................
3.3.3.1. M ho.........................................................................................
3.3.3.2. Gii m ........................................................................................
3.3.4. V d ..............................................................................................
3.3.4.1. To kho ......................................................................................
3.3.4.2. M ho.........................................................................................
3.3.4.3. Gii m ........................................................................................
3.3.4.4. Ch (S m vn nng) ................................................................
3.3.5. Vn im bt ng trong RSA ....................................................
3.4. H mt Rabin .................................................................................
3.4.1. Thut ton 1: To kho ..................................................................
3.4.2. Thut ton 2: M ho cng khai Rabin ..........................................
3.4.2.1. M ho.........................................................................................
3.4.2.2. Gii m ........................................................................................
3.4.3. Ch : ............................................................................................
3.4.4.V d ...............................................................................................
3.4.4.1. To kha ......................................................................................
3.4.4.2. M ho.........................................................................................
3.4.4.3. Gii m ........................................................................................
3.4.4.4. nh gi hiu qu.........................................................................
3.5. H mt ElGamal ............................................................................
3.5.1. Thut ton to kho .......................................................................
iv
115
115
116
116
117
118
119
119
119
120
120
120
121
122
122
122
122
122
123
123
123
123
123
124
124
125
125
125
125
126
126
126
126
126
127
127
127
127
Mc lc
3.5.2. Thut ton m ho cng khai ElGamal ..........................................

3.5.2.1. M ho.........................................................................................
3.5.2.2. Gii m ........................................................................................
3.5.3. V d ..............................................................................................
3.5.3.1. To kha ......................................................................................
3.5.3.2. M ho.........................................................................................
3.5.3.3. Gii m ........................................................................................
3.6. H mt Merkle - Hellman.............................................................
3.6.1. nh ngha dy siu tng ................................................................
3.6.2. Bi ton xp bal ............................................................................
3.6.3. Gii bi ton xp ba l trong trng hp dy siu tng ...................
3.6.4. Thut ton to kho .......................................................................
3.6.5. Thut ton m cng khai Merkle-Hellman .....................................
3.6.5.1. M ho.........................................................................................
3.6.5.2. Gii m ........................................................................................
3.6.6. V d ..............................................................................................
3.6.6.1. To kha ......................................................................................
3.6.6.2. M ho.........................................................................................
3.6.6.3. Gii m ........................................................................................
3.7. H mt Chor-Rivest (CR) .............................................................
3.7.1. Thut ton to kho .......................................................................
3.7.2. Thut ton m ho .........................................................................
3.7.2.1. M ho.........................................................................................
3.7.2.2. Gii m ........................................................................................
3.7.3. V d ..............................................................................................
3.7.3.1. To kha ......................................................................................
3.7.3.2. M ho.........................................................................................
3.7.3.3. Gii m ........................................................................................
3.7.4. Ch ..............................................................................................
3.8. H mt trn ng cong Elliptic ..................................................
3.8.1. Cc ng cong Elliptic ..................................................................
3.8.2. Cc ng cong Elliptic trn trng Galois ....................................
3.8.3. Cc php ton cng v nhn trn cc nhm E ................................
3.8.4. Mt m trn ng cong Elliptic.....................................................
3.8.5. an ton ca h mt trn ng cong Elliptic .............................
3.9. H mt McElice .............................................................................
3.9.1. nh ngha 3.24 ..............................................................................
3.9.2. nh l 3.19 ....................................................................................
3.10. Bi tp ..........................................................................................
127
128
128
128
128
128
129
129
129
129
129
130
130
130
131
131
131
131
132
132
132
133
133
133
134
134
135
136
136
137
137
137
140
141
143
144
144
145
148
Mc lc
Chng IV. Hm bm, xc thc v ch k s .....................
152
4.1. Cc hm bm v tnh ton vn ca d liu ................................

4.1.1. M u ...........................................................................................
4.1.2. Cc nh ngha v tnh cht c bn .................................................
4.1.2.1. nh ngha hm bm ....................................................................
4.1.2.2. Mt s tnh cht ca cc hm bm khng c kho ..........................
4.1.2.3. nh ngha hm bm mt chiu (OWHF - oneway hash function) ..
4.1.2.4. nh ngha hm bm kh va chm (CRHF: Collision resistant HF) .
4.1.2.5. Ch v cc thut ng ..................................................................
4.1.2.6. V d ...........................................................................................
4.1.2.7. nh ngha thut ton m xc thc thng bo (MAC) .....................
4.1.2.8. Phn loi cc hm bm mt m v ng dng ..................................
4.1.3. Cc hm bm khng c kho ..........................................................
4.1.3.1. nh ngha 4.1..............................................................................
4.1.3.2. nh ngha 4.2..............................................................................
4.1.3.3. MDC di n ...........................................................................
4.1.3.4. MDC di kp: MDC -2 v MDC - 4 ..........................................
4.1.4.Cc hm bm c kho (MAC) ......................................................
4.1.5.Tnh ton vn ca d liu v xc thc thng bo .......................
4.1.5.1. nh ngha 4.3 ............................................................................
4.1.5.2. nh ngha 4.4 ............................................................................
4.1.5.3. Cc phng php m bo xc thc tnh nguyn vn ca d
liu ...........................................................................................................
4.2. Trao i v tho thun kho ......................................................
4.3. H mt da trn nh danh ..........................................................
4.3.1. tng c bn................................................................................
4.3.2. S trao i kho Okamoto-Tanaka .............................................
4.4. Cc s ch k s khng nn ....................................................
4.4.1 Ch k s Shamir ............................................................................
4.4.1.1 Xc thc thng bo dng s Shamir ...........................................
4.4.1.2 Kim tra thng bo .......................................................................
4.4.2 S xc thc Ong-Schnorr-Shamir ...............................................
4.5. Cc s ch k s c nn ...........................................................
4.5.1. Nn ch k .....................................................................................
4.5.2. S ch k Diffie Lamport ........................................................
4.5.3. S ch k RSA ...........................................................................
4.6. Bi tp ...........................................................................................
152
152
153
153
153
154
154
154
154
154
155
155
155
155
156
157
159
160
160
160
161
vi
161
162
162
163
165
165
166
167
170
172
172
173
176
178
Mc lc
Ti liu tham kho ...............................................................................
180
Ph lc 1: i s tru tng. ................................................................

Ph lc 2: To s gi ngu nhin ...........................................................
Ph lc 3: Mt m hc che du ...............................................................
181
vii
196
202
Cc ch vit tt
cc ch vit tt
AES
CBC
CFB
CRHF
DES
ECB
LAN
LFSR
Advanced Encryption Standard

Cipher Block Chaining
Cipher Feedback
Collission
Resistant
Hash
Function
Data Encryption Standard
Electronic Code Book
Local Area Network
Linear
Feedback
Sequence
Register
Least Signification Bit
Massage Authentication Code
Manipulation Detection Code
LSB
MAC
MDC
MDV
MHV
MTT
OWHF One Way Hash Function
RSA
Rivest Shamir - Adleman
viii
Chun m d liu tin tin

Ch lin kt khi m
Ch phn hi m
Hm bm khng va chm
Chun m d liu
Ch quyn m in t
Mng cc b
Thanh ghi hi tip tuyn tnh
Bt thp nht (c gi tr nh nht)
M xc thc thng bo
M pht hin s sa i
M dch vng
M hon v
M thay th
Hm bm mt chiu.
Thut ton RSA
Li ni u
Li ni u
m bo an ton l mt trong nhng ch tiu cht lng c bn ca h

thng truyn tin s. Ngoi vic m bo h thng l kh dng (c ti
nguyn cn thit cho dch v tng ng) c ba loi dch v chnh phi thc
hin:
- B mt (Confidential)
- Xc thc (Authentication)
- m bo tnh ton vn (Intergrity)
Cc dch v ny c thc hin thng qua vic kt hp cc thut ton c
bn trong mt m hc. Gio trnh ny l 1 gio trnh c s gip cho sinh vin
bc u tm hiu cc vn v cc thut ton c bn trong mt m hc nhm
thc hin cc dch v trn.
Ni dung gio trnh bao gm 4 chng:
Chng 1: Nhp mn mt m hc: Trnh by mt s khi nim, nh
ngha c bn v c s l thuyt thng tin p dng cho cc h mt
Chng II: Mt m kha b mt: Trnh by cc thut ton mt m kho b
mt bao gm cc thut ton hon v, thay th v cc thut ton kt
hp m ch yu l DES v AES.
Chng III: Mt m kha cng khai: Trnh by cc thut ton c bn
trong mt m cng khai bao gm cc cc h mt RSA, MerkleHellman, Rabin, ElGamal, h mt trn ng cong Elliptic v h mt
McEliece.
Chng IV: Hm bm, xc thc v ch k s: Trnh by khi nim hm
bm cc ng dng trong vic xc thc v m bo tnh ton vn ca
d liu.
Sau mi chng u c cc bi tp nhm gip cho sinh vin c th nm,
hiu c th v su sc hn cc vn l thuyt c trnh by
ix
Li ni u
Phn ph lc bao gm mt s vn quan trng cn c thm nhng cha

c nu cc chng bao gm:
Ph lc 1: B tc cc kin thc ton hc cn thit v i s
Ph lc 2: Nu ra mt s thut ton to s ngu nhin
Ph lc 3: Trnh by mt ng dng c th l mt m che du.
Bao trm ln ni dung ca chng trnh vn l hai bi ton chnh l bi
ton phn tch v bi ton tng hp. Tuy nhin bi ton phn tch y mi
ch c cp mt mc hn ch. Bn c c th tm hiu su hn cc
gio trnh nng cao v mt m hc v mt s gio trnh khc nh cc th tc
mt m, an ton mng
Vi kinh nghim v thi gian hn ch, vic chn lc v trnh by cc vn
khng th trnh khi cc thiu st nht nh. Rt mong nhn c cc
kin ng gp qu bu ca c gi.
Cc tc gi
GS. TS Nguyn Bnh
TS. Trn c s
Chng 1 Nhp mn mt m hc
Chng 1: Nhp mn mt m hc
S khi n gin ca mt h thng thng tin
1.1.
s.
u vo r
Ngun tin
tng t
Bin i
A/D
(tng t
s)
Bn r
M
ngun
Bn m
M
knh
M bo
mt
T m c truyn
Knh truyn
(tp m, a ng, giao
thoa, nhiu, nghe trm )
Nhn tin
Bin i
D/A (s tng t)
Gii m
ngun
u ra s
Gii m
mt
Bn r
Gii m
knh
Bn m
Hnh 1.1: S khi ca mt h thng thng tin s
Trng hp ngun tin u vo l ngun tin s th khng cn b bin i

A/D u vo v b bin i D/A u ra
Trong h thng ny khi m bo mt c chc nng bo v cho thng tin
khng b khai thc bt hp php, chng li cc tn cng sau:
- Thm m th ng: bao gm cc hot ng:
+ Thu chn
+ D tm
+ So snh tng quan
+ Suy din
- Thm m tch cc: bao gm cc hot ng:
+ Gi mo
+ Ngy trang
+ S dng li
+ Sa i.
1.2.
S lc v mt m hc
Khoa hc v mt m (cryptology) bao gm:
- Mt m hc (cryptography) .
- Phn tch mt m (cryptanalysis)
Mt m hc l khoa hc nghin cu cch ghi b mt thng tin nhm bin

bn tin r thnh cc bn m.
Phn tch m l khoa hc nghin cu cch ph cc h mt nhm phc hi
bn r ban u t bn m. Vic tm hiu cc thng tin v kha v cc phng
php bin i thng tin cng l mt nhim v quan trng ca phn tch mt
m.
C ba phng php tn cng c bn ca thm m:
- Tm kha vt cn.
- Phn tch thng k.
- Phn tch ton hc.
Vic tn cng ca thm m c th c thc hin vi cc gi nh:
- Tn cng ch vi bn m.
- Tn cng vi bn r bit.
- Tn cng vi cc bn r c chn.
- Tn cng vi cc bn m c chn
Ch :
- Mt h mt c th b ph ch vi bn m thng l h mt c an
ton thp.
- Mt h mt l an ton vi kiu tn cng c cc bn r c chn
thng l mt h mt c an ton cao.
C 4 loi h mt m sau:
- H mt m dng
- H mt m khi i xng
- H mt m c hi tip mt m
- H mt m kha cng khai (Bt i xng).
Ta s nghin cu cc loi h mt trn cc chng sau.
Khi xy dng mt h mt ngi ta thng xem xt ti cc tiu chun sau:

- mt cn thit.
- Kch thc khng gian kha
- Tnh n gin v tc m ha v gii m.
- Tnh lan truyn sai.
- Tnh m rng bn tin.
1.3.
Thut ton v phc tp.
1.3.1. Khi nim v thut ton.

1.3.1.1. nh ngha.
C th nh ngha thut ton theo nhiu cch khc nhau. y ta khng
c nh trnh by cht ch v thut ton m s hiu khi nim thut ton
theo mt cch thng thng nht.
Thut ton l mt quy tc vi nhng d liu ban u cho, tm c
li gii ca bi ton c xt sau mt khong thi gian hu hn.
minh ha cch ghi mt thut ton cng nh tm hiu cc yu cu ra
cho thut ton, ta xt trn cc v d c th sau y:
Cho n s X [1], X [ 2],..., X [ n ] ta cn tm m v j sao cho:
m = X [ j] = max X [ k ]
1 k n
V j l ln nht c th. iu c ngha l cn tm cc i ca cc s

cho v ch s ln nht trong cc s cc i.
Vi mc tiu tm s cc i vi ch s ln nht, ta xut pht t gi tr
X [ n ] . Bc th nht, v mi ch c mt s ta c th tm thi xem m = X [ n ] v
j = n . Tip theo ta so snh X [ n ] vi X [ n 1] . Nu X [ n ] khng nh hn
X [ n 1] th ta gi nguyn, trong trng hp ngc li, X [ n 1] chnh l s
cc i trong hai s xt v ta phi thay i m v j. t m = X [ n 1] ,

j = 1,..., n 1 . Vi cch lm nh trn, mi bc ta lun nhn c s cc i
trong s nhng s xt. Bc tip theo l so snh n vi nhng s ng

trc hoc kt thc thut ton trong trng hp khng cn s no ng trc
n.
1.3.1.2. Thut ton tm cc i.
M1: [Bc xut pht] t j n, k n 1, m X [ n ]

M2: [ kim tra xong?]. Nu k = 0 , thut ton kt thc.
M3: [So snh]. Nu X [ k ] m , chuyn sang M5
M4: [Thay i m]. t j k, m X [ k ] (Tm thi m ang l cc i).
M5: [Gim k]. t k k 1 quay v M2.
Du " " dng ch mt php ton quan trng l php thay ch hay
php gn (replacement).
Trn y ta ghi thut ton bng ngn ng thng thng. Trong trng hp
thut ton c vit bng ngn ng ca my tnh, ta c mt chng trnh.
Trong thut ton c nhng s liu ban u c cho trc khi thut ton
bt u lm vic c gi l cc u vo (input). Trong thut ton trn u
vo l cc s X [1], X [ 2],..., X [ n ] .
Mt thut ton c th c mt hoc nhiu u ra (output). Trong thut ton
trn cc u ra l m v j.
C th thy rng thut ton va m t tha mn cc yu cu ca mt thut
ton ni chung, l:
-
Tnh hu hn: Thut ton cn phi kt thc sau mt s hu hn bc. Khi

thut ton ngng lm vic ta phi thu c cu tr li cho vn t ra.
Thut ton m r rng tha mn iu kin ny, v mi bc ta lun ch t
vic xem xt mt s sang s ng trc n v s cc s l hu hn.
Tnh xc nh: mi bc thut ton cn phi xc nh, ngha l ch r

vic cn lm. Nu i vi ngi c thut ton trn cha tha mn c
iu kin ny th l li ca ngi vit.
Ngoi nhng yu t k trn, ta cn phi xt n tnh hiu qu ca thut

ton. C rt nhiu thut ton v mt l thuyt l hu hn bc, tuy nhin thi
gianhu hn vt qu kh nng lm vic ca chng ta. Nhng thut ton
s khng c xt n y, v chng ta ch quan tm nhng thut ton c
th s dng thc s trn my tnh.
Cng do mc tiu trn, ta cn phi ch n phc tp ca cc thut
ton. phc tp ca mt thut ton c th c o bng khng gian tc l
dung lng b nh ca my tnh cn thit thc hin thut ton v bng
thi gian, tc l thi gian my tnh lm vic. y khi ni n phc tp
ca thut ton ta lun hiu l phc tp ca thi gian.
1.3.2. phc tp ca thut ton.

Thi gian lm vic ca my tnh khi chy mt thut ton no khng ch
ph thuc vo thut ton m cn ph thuc vo my tnh c s dng. V
th, c mt tiu chun chung, ta s o phc tp ca mt thut ton bng
s cc php tnh phi lm khi thc hin thut ton. Khi tin hnh cng mt
thut ton, s cc php tnh phi thc hin cn ph thuc vo c ca bi ton,
tc l ln ca u vo. V th phc tp ca thut ton s l mt hm s
ca ln u vo. Trong nhng ng dng thc tin, chng ta khng cn bit
chnh xc hm ny m ch cn bit c ca chng, tc l cn c mt c
lng tt ca chng.
Trong khi lm vic, my tnh thng ghi cc ch s bng bng n sng,
tt, bng n sng ch s 1, bng n tt ch s 0. V th thun tin nht l
dng h m c s 2, trong biu din mt s, ta ch cn dng hai k
hiu 0 v 1. Mt k hiu 0 hoc 1 c gi l 1bt vit tt ca binary digit.
Mt s nguyn n biu din bi k ch s 1 v 0 c gi l mt s k- bt.
phc tp ca mt thut ton c o bng s cc php tnh bt. Php
tnh bt l mt php tnh logic hay s hc thc hin trn cc bt 0 v 1.
c lng phc tp ca thut ton ta dng khi nim bc O ln.
nh ngha 1.1: Gi s f [ n ] v g [ n ] l hai hm xc nh trn tp hp cc
s nguyn dng. Ta ni f [ n ] c bc O-ln ca g [ n ] v vit f [ n ] = O ( g [ n ]) ,
nu tn ti mt s C > 0 sao cho vi n ln. Cc hm f [ n ] v g [ n ] u
dng th f [ n ] < C g [ n ] .
V d :
1. Gi s f [ n ] l a thc: f [ n ] = a d n d + a d 1 n d 1 + ... + a1 n + a 0 trong
( )
a d > 0 . D chng minh f [ n ] = O n d .
2. Nu f [ n ] = O ( g [ n ]) , f2 [ n ] = O ( g [ n ]) th f1 + f2 = O ( g ) .
3. Nu f1 = O ( g1 ) , f2 = O ( g2 ) th f1 f2 = O ( g1g2 ) .
4. Nu tn ti gii hn hu hn:
lim
f [ n]
g [ n]
th f = O ( g )
( )
5. Vi mi s > 0 , log n = O n
nh ngha 1.2: Mt thut ton c gi l c phc tp a thc hoc

c thi gian a thc, nu s cc php tnh cn thit thc hin thut ton
khng vt qu O log d n , trong n l ln ca u vo v d l s nguyn

dng no .
Ni cch khc nu u vo l cc s k bt th thi gian thc hin thut ton
( )
l O k d , tc l tng ng vi mt a thc ca k.
( )
Cc thut ton vi thi gian O n , > 0 c gi l thut ton vi

phc tp m hoc thi gian m.
Ch rng nu mt thut ton no c phc tp O ( g ) th cng c th
ni n c phc tp O ( h ) vi mi hm h > g . Tuy nhin ta lun lun c
gng tm c lng tt nht c th trnh hiu sai v phc tp thc s ca
thut ton.
Cng c nhng thut ton c phc tp trung gian gia a thc v m.
Ta thng gi l thut ton di m. Chng hn thut ton nhanh nht
c bit hin nay phn tch mt s nguyn n ra tha s l thut ton c
phc tp:
exp =
log n log log n
Khi gii mt bi ton khng nhng ta ch c gng tm ra mt thut ton

no , m cn mun tm ra thut ton tt nht. nh gi phc tp l
mt trong nhng cch phn tch, so snh v tm ra thut ton ti u. Tuy
nhin phc tp khng phi l tiu chun duy nht nh gi thut ton.
C nhng thut ton v l thuyt th c phc tp cao hn mt thut ton
khc, nhng khi s dng li c kt qu (gn ng) nhanh hn nhiu. iu ny
cn ty thuc nhng bi ton c th, nhng mc tiu c th v c kinh nghim
ca ngi s dng.
Chng ta cn lu thm mt s im sau y. Mc d nh ngha thut
ton m chng ta a ra cha phi l cht ch, n vn qu cng nhc trong
nhng ng dng thc t. Bi vy chng ta cn cn n cc thut ton xc
sut, tc l cc thut ton ph thuc vo mt hay nhiu tham s ngu nhin.
Nhng thut ton ny v nguyn tc khng c gi l thut ton v chng
c th khng bao gi kt thc cho d vi xc sut rt b. Tuy nhin thc
nghim ch ra rng, cc thut ton xc sut thng hu hiu hn cc thut

ton khng xc sut. Thm ch trong rt nhiu trng hp, ch c cc thut
ton nh th l s dng c.
Khi lm vic vi cc thut ton xc sut, ta thng hay phi s dng cc s
ngu nhin. Khi nim chn s ngu nhin cng cn c chnh xc ha.
Thng th ngi ta s dng mt my sn xut s gi ngu nhin no .
Tuy nhin y khi ni n vic chn s ngu nhin ta hiu l c thc
hin trn my.
Cn ch ngay rng, i vi cc thut ton xc sut, khng th ni n
thi gian tuyt i, m ch c th ni n thi gian hy vng (expected).
hnh dung c phn no phc tp ca cc thut ton khi lm vic
vi nhng s ln, ta xem bng di y cho khong thi gian cn thit
phn tch mt s nguyn n ra tha s nguyn t bng thut ton nhanh nht
c bit hin nay.
S ch s thp
phn
S php tnh bt
Thi gian
50
1, 4.1010
3,9 gi
75
9.1012
104 ngy
100
2,3.1015
74 nm
200
1,2.1023
3,8.109 nm
300
1,5.1029
4,9.1015 nm
500
1,3.1039
4,2.1025 nm
T bng trn, ta thy rng ngay vi mt thut ton di m, thi gian lm

vic vi cc s nguyn ln l qu lu. V th ni chung ngi ta lun c gng
tm nhng thut ton a thc.
1.4.
L thuyt thng tin trong cc h mt.
Nm 1949, Shannon cng b mt bi bo c nhan " L thuyt

thng tin trong cc h mt" trn tp ch " The Bell System Technical Journal".
Bi bo c nh hng ln n vic nghin cu khoa hc mt m. Trong
chng ny ta s tho lun mt vi tng trong l thuyt ca Shannon.
1.4.1. mt hon thin.

C hai quan im c bn v an ton ca mt h mt.
an ton tnh ton.
o ny lin quan n nhng n lc tnh ton cn thit ph mt h
mt. Mt h mt l an ton v mt tnh ton nu mt thut ton tt nht
ph n cn t nht N php ton, N l s rt ln no . Vn l ch, khng
c mt h mt thc t bit no c th c chng t l an ton theo nh
ngha ny. Trn thc t, ngi ta gi mt h mt l "an ton v mt tnh ton"
nu c mt phng php tt nht ph h ny nhng yu cu thi gian ln n
mc khng chp nhn c. (iu ny tt nhin l rt khc vi vic chng
minh v an ton).
Mt quan im chng minh v an ton tnh ton l quy an ton
ca mt h mt v mt bi ton c nghin cu k v bi ton ny c
coi l kh. V d, ta c th chng minh mt khng nh c dng " Mt h mt
cho l an ton nu khng th phn tch ra tha s mt s nguyn n cho
trc". Cc h mt loi ny i khi gi l "An ton chng minh c". Tuy
nhin cn phi hiu rng, quan im ny ch cung cp mt chng minh v
an ton c lin quan mt bi ton khc ch khng phi l mt chng minh
hon chnh v an ton. (Tnh hnh ny cng tng t nh vic chng minh
mt bi ton l NP y : C th chng t bi ton cho ch t cng kh
nh mt bi ton NP y khc, song khng phi l mt chng minh hon
chnh v kh tnh ton ca bi ton).
an ton khng iu kin.
o ny lin quan n an ton ca cc h mt khi khng c mt
hn ch no c t ra v khi lng tnh ton m Oscar(ngi nhn-gii
m) c php thc hin. Mt h mt c gi l an ton khng iu kin nu
n khng th b ph thm ch vi kh nng tnh ton khng hn ch.
Khi tho lun v an ton ca mt h mt, ta cng phi ch ra kiu tn
cng ang c xem xt. Trong chng sau ta thy rng, khng mt h mt
no trong cc h m dch vng, m thay th v m Vigenre c coi l an
ton v mt tnh ton vi phng php tn cng ch vi bn m (Vi khi
lng bn m thch hp).
iu m ta s lm trong phn ny l pht trin l thuyt v cc h mt

c an ton khng iu kin vi phng php tn cng ch vi bn m. C
th thy rng, c ba h mt nu trn u l cc h mt an ton v iu kin ch
khi mi phn t ca bn r c m ho bng mt kho cho trc.
R rng l an ton khng iu kin ca mt h mt khng th c
nghin cu theo quan im phc tp tnh ton v thi gian tnh ton cho
php khng hn ch. y l thuyt xc sut l nn tng thch hp nghin
cu v an ton khng iu kin. Tuy nhin ta ch cn mt s kin thc s
ng trong xc sut; cc nh ngha chnh s c nu di y.
nh ngha 1.3.
Gi s X v Y l cc bin ngu nhin. K hiu xc sut X nhn gi tr
x l p(x) v Y nhn gi tr y l p ( y ) . Xc sut ng thi p ( x, y ) l xc sut
X nhn gi tr x v Y nhn gi tr y. Xc sut c iu kin p ( x y ) l xc
sut X nhn gi tr x vi iu kin Y nhn gi tr y. Cc bin ngu nhin X
v Y c gi l c lp nu p ( x, y ) = p ( x ) p ( y ) vi mi gi tr c th x ca X
v y ca Y.
Quan h gia xc sut ng thi v xc sut c iu kin c biu th theo
cng thc:
p ( x, y ) = p ( x y ) p ( y )
i ch x v y ta c :
p ( x, y ) = p ( y x ) p ( x )
T hai biu thc trn ta c th rt ra kt qu sau:(c gi l nh l Bayes)

nh l 1.1: (nh l Bayes).
Nu p ( y ) > 0 th: p ( x y ) =
p (x) p (y x)
p (y)
H qu 1.1.
X v Y l cc bin c lp khi v ch khi: p ( x y ) = p ( x ) vi mi x,y.
Trong phn ny ta gi s rng, mt kho c th ch dng cho mt bn
m. Gi s c mt phn b xc sut trn khng gian bn r P. K hiu xc sut
tin nghim bn r xut hin l pP (x). Cng gi s rng, kha K c chn

(bi Alice(bn gi-m ha) v Bob(bn nhn-gii m)) theo mt phn b xc
sut xc nh no . (Thng thng kho c chn ngu nhin, bi vy tt
c cc kho s ng kh nng, tuy nhin y khng phi l iu bt buc). K
hiu xc sut kha K c chn l pK(K). Cn nh rng kha c chn
trc khi Alice bit bn r. Bi vy c th gi nh rng kho K v bn r x l
cc s kin c lp.
Hai phn b xc sut trn P v K s to ra mt phn b xc sut trn C.
Tht vy, c th d dng tnh c xc sut pC(y) vi y l bn m c gi i.
Vi mt kho K K, ta xc nh:
C ( K ) = {e K ( x ) : x P }
y C(K) biu th tp cc bn m c th nu K l kha. Khi vi mi y

C, ta c :
pC ( y ) =
{K:yC ( K )}
pK ( K ) pP ( d K ( y ) )
Nhn thy rng, vi bt k y C v x P, c th tnh c xc sut c

iu kin pC ( y x ) . (Tc l xc sut y l bn m vi iu kin bn r l x):
pC ( y x ) =
{K:x = dK ( y )}
pK ( K )
By gi ta c th tnh c xc sut c iu kin pP ( x y ) (tc xc sut

x l bn r vi iu kin y l bn m) bng cch dng nh l Bayes. Ta thu
c cng thc sau:
pP ( x ) =
pP ( y x ) =
{K:x = dK ( y )}
{K:yC ( K )}
pK ( K )
pK ( K ) pP ( d K ( y ) )
Cc php tnh ny c th thc hin c nu bit c cc phn b xc sut.

Sau y s trnh by mt v d n gin minh ho vic tnh ton cc
phn b xc sut ny.
V d 1.1.
Gi s P = {a, b} vi pP ( a ) = 1 4 , pP ( b ) = 3 4 . Cho K = {K1, K 2 , K3 }
vi pK ( K1 ) = 1 2 , pK ( K 2 ) = pK ( K3 ) = 1 4 . Gi s C = {1,2,3, 4} v cc hm
10
m c xc nh l eK1(a) = 1, eK1(b) = 2, eK2(a) = 2, eK2(b) = 3, eK3(a) = 3,

eK3(b) = 4. H mt ny c biu th bng ma trn m ho sau:
a
K1
1 2
K2
2 3
K3
3 4
Tnh phn b xc sut pC ta c:

pC (1) = 1/8
pC (2) = 3/8 + 1/16 = 7/16
pC (3) = 3/16 + 1/16 = 1/4
pC (4) = 3/16
By gi ta c th cc phn b xc sut c iu kin trn bn r vi iu
kin bit bn m. Ta c :
pP(a | 1) = 1
pP(b | 1) = 0
pP(a | 3) = 1/4 pP(b | 3) = 3/4
pP(a | 2) = 1/7
pP(b | 2) = 6/7
pP(a | 4) = 0
pP(b | 4) = 1
By gi ta c iu kin xc nh khi nim v mt hon

thin. Mt cch khng hnh thc, mt hon thin c ngha l Oscar vi bn
m trong tay khng th thu c thng tin g v bn r. tng ny s c
lm chnh xc bng cch pht biu n theo cc thut ng ca cc phn b xc
sut nh ngha trn nh sau:
nh ngha 1.4.
Mt h mt c mt hon thin nu pP ( x y ) = pP ( x ) vi mi x P , y
C. Tc xc sut hu nghim bn r l x vi iu kin thu c bn m y
l ng nht vi xc sut tin nghim bn r l x.
Trong v d trn ch c bn m 3 mi tho mn tnh cht mt hon
thin, cc bn m khc khng c tnh cht ny.
Sau y s chng t rng, MDV (xem chng 2) c mt hon thin.
V mt trc gic, iu ny dng nh qu hin nhin. Vi m dch vng, nu
bit mt phn t bt k ca bn m y Z26, th mt phn t bt k ca bn
r x Z26 cng c th l bn m gii ca y tu thuc vo gi tr ca kho.
11
nh l sau cho mt khng nh hnh thc ho v c chng minh theo cc

phn b xc sut.
nh l 1.2.
Gi s 26 kho trong MDV c xc sut nh nhau v bng1/26.Khi
MDV s c mt hon thin vi mi phn b xc sut ca bn r.
Chng minh: Ta c P = C = K = Z26 v vi 0 K 25, quy tc m ho eK l
e K ( x ) = x + K mod 26 (x 26). Trc tin tnh phn b PC . Gi s y Z26, khi
:
pC ( y ) =
pK ( K ) pP ( d K ( y ) )
1 26 pP ( y K )
KZ 26
KZ 26
= 1 26
KZ 26
pP ( y K )
Xt thy vi y c nh, cc gi tr y K mod 26 s to thnh mt hon v ca

Z26 v pP l mt phn b xc sut. Bi vy ta c:
KZ 26
Do
pP ( y K ) =
pC ( y ) = 1 26
KZ 26
pP ( y ) = 1
vi bt k y Z26.
Tip theo ta c:
pC ( y x ) = pK ( y x mod 26 ) = 1 26
Vi mi x,y v vi mi cp x,y, kha duy nht K (kho m bo eK(x) = y) l

kho K = y-x mod 26. By gi s dng nh l Bayes, ta c th d dng tnh:
pC ( x y ) =
=
pP ( x ) pC ( y x )
pC ( y )
pP ( x ) . (1 26 )
(1 26 )
= pP ( x )
Bi vy, MDV c mt hon thin.

12
Nh vy, m dch vng l h mt khng ph c min l ch dng mt

kho ngu nhin dng xc sut m ho mi k t ca bn r.
Sau y s nghin cu mt hon thin trong trng hp chung. Trc
tin thy rng,(s dng nh l Bayes) iu kin pP (x | y) = pP (x) vi mi
xP , yP l tng ng vi pC (y | x) = pC (y) vi mi xP , yP .
Gi s rng pC (y) > 0 vi mi yC (pC (y) = 0 th bn m s khng
c dng v c th loi khi C). C nh mt gi tr no xP. Vi mi
yC ta c
pC (y | x) = pC (y) > 0. Bi vy, vi mi yC phi c t nht
mt kho K v mt x sao cho eK(x) = y. iu ny dn n |K | | C | . Trong

mt h mt bt k ta phi c
|C | | P | v mi quy tc m ho l mt n nh. Trong trng hp gii hn,
|K | = | C | = | P |, ta c nh l sau (Theo Shannon).
nh l 1.3
Gi s (P,C, K, E, D) l mt h mt , trong |K | = | C | = | P | . Khi ,
h mt c mt hon thin khi v ch khi kho K c dng vi xc sut
nh nhau bng 1/|K | , v vi mi x P, mi y C c mt kho duy nht K
sao cho eK(x) = y.
Chng minh
Gi s h mt cho c mt hon thin. Nh thy trn, vi mi
x P v y C , phi c t nht mt kho K sao cho eK(x) = y. Bi vy ta c bt
ng thc:
C = {e K ( x ) : K K } = K
Tuy nhin, ta gi s rng |C | = |K | . Bi vy ta phi c:
{e K ( x ) : K C } = K
Tc l y khng tn ti hai kho K1 v K2 khc nhau
e K1 ( x ) = eK2 ( x ) = y . Nh vy ta chng t c rng, vi bt k x P v y
C c ng mt kho K eK(x)=y.
13
K hiu n = | K | . Gi s P = { xi: 1 i n } v c nh mt gi tr y
C. Ta c th k hiu cc kho K1,K2,. . .,Kn sao cho eKi (xi ) = yi, 1 i n. S
dng nh l Bayes ta c:
pP ( x i y ) =
=
pC ( y x i ) pP ( x i )
pC ( y )
pK ( K i ) . ( p P ( x i ) )
pC ( y )
Xt iu kin mt hon thin pP ( x i y ) = pP ( x i ) iu kin ny ko theo

pK ( K i ) = pC ( y ) vi 1 i n. Tc l kho c dng vi xc sut nh nhau
(chnh bng pC(y)). Tuy nhin v s kho l | K | nn ta c pK(K) =1/ |K | vi

mi K K .
Ngc li, gi s hai iu gi nh u tho mn. Khi d dng thy
c h mt c mt hon thin vi mi phn b xc sut bt k ca bn r
( tng t nh chng minh nh l 1.2). Cc chi tit dnh cho bn c xem
xt.
Mt m kho s dng mt ln ca Vernam (One-Time-Pad:OTP) l mt
v d quen thuc v h mt c mt hon thin. Gillbert Vernam ln u tin
m t h mt ny vo nm 1917. H OTP dng m v gii m t ng cc
bn tin in bo. iu th v l trong nhiu nm OTP c coi l mt h mt
khng th b ph nhng khng th chng minh cho ti khi Shannon xy dng
c khi nim v mt hon thin hn 30 nm sau .
M t v h mt dng mt ln nu trn hnh 1.2.
Hnh 1.2. H mt s dng kho mt ln (OTP)
Gi s n 1 l s nguyn v P = C = K = (Z2)n. Vi K thuc (Z2)n , ta xc
nh eK(x) l tng vc t theo modulo 2 ca K v x (hay tng ng vi php
hoc loi tr ca hai dy bit tng ng). Nh vy, nu x = (x1,..., xn ) v K =
(K1,..., Kn ) th:
eK(x) = (x1 + K1,..., xn + Kn) mod 2.
Php m ho l ng nht vi php gii m. Nu y = (y1,..., yn ) th:
14
dK(y) = (y1 + K1,..., yn + Kn) mod 2.

S dng nh l 1.3, d dng thy rng OTP c mt hon thin. H thng
ny rt hp dn do d thc hin m v gii m.
Vernam ng k pht minh ca mnh vi hy vng rng n s c ng
dng thng mi rng ri. ng tic l c nhng nhc im quan trng i
vi cc h mt an ton khng iu kin, chng hn nh OTP. iu kin |K | |
P | c ngha l lng kha (cn c thng bo mt cch b mt) cng ln nh
bn r. V d , trong trng hp h OTP, ta cn n bit kho m ho n bit ca
bn r. Vn ny s khng quan trng nu c th dng cng mt kho
m ho cc bn tin khc nhau; tuy nhin, an ton ca cc h mt an ton
khng iu kin li ph thuc vo mt thc t l mi kho ch c dng cho
mt ln m. V d OTP khng th ng vng trc tn cng ch vi bn r
bit v ta c th tnh c K bng php hoc loi tr xu bt bt k x v eK(x).
Bi vy, cn phi to mt kha mi v thng bo n trn mt knh bo mt
i vi mi bn tin trc khi gi i. iu ny to ra kh khn cho vn qun
l kho v gy hn ch cho vic s dng rng ri OTP. Tuy nhin OTP vn
c p dng trong lnh vc qun s v ngoi giao, nhng lnh vc ny
an ton khng iu kin c tm quan trng rt ln.
Lch s pht trin ca mt m hc l qu trnh c gng to cc h mt
c th dng mt kho to mt xu bn m tng i di (tc c th dng
mt kho m nhiu bn tin) nhng ch t vn cn gi c an ton tnh
ton. Chun m d liu (DES) l mt h mt thuc loi ny.
1.4.2. ENTROPY
Trong phn trc ta tho lun v khi nim mt hon thin v t
mi quan tm vo mt trng hp c bit, khi mt kho ch c dng cho
mt ln m. By gi ta s xt iu s xy ra khi c nhiu bn r c m bng
cng mt kho v bng cch no m thm m c th thc hin c kt qu
php tn cng ch vi bn m trong thi gian ln.
Cng c c bn trong nghin cu bi ton ny l khi nim entropy.
y l khi nim trong l thuyt thng tin do Shannon a ra vo nm 1948.
C th coi entropy l i lng o thng tin hay cn gi l bt nh. N
c tnh nh mt hm ca phn b xc sut.
15
Gi s ta c mt bin ngu nhin X nhn cc gi tr trn mt tp hu

hn theo mt phn b xc sut p(X). Thng tin thu nhn c bi mt s kin
xy ra tun theo mt phn b p(X) l g? Tng t, nu s kin cn cha xy
ra th ci g l bt nh v kt qu bng bao nhiu? i lng ny c gi
l entropy ca X v c k hiu l H(X).
Cc tng ny c v nh kh tru tng, bi vy ta s xt mt v d
c th hn. Gi s bin ngu nhin X biu th php tung ng xu. Phn b xc
sut l: p(mt xp) = p(mt nga) = 1/2. C th ni rng, thng tin (hay
entropy) ca php tung ng xu l mt bit v ta c th m ho mt xp bng 1
v mt nga bng 0. Tng t entropy ca n php tung ng tin c th m
ho bng mt xu bt c di n.
Xt mt v d phc tp hn mt cht. Gi s ta c mt bin ngu nhin
X c 3 gi tr c th l x1, x2, x3 vi cc xc sut tng ng bng 1/2, 1/4, 1/4.
Cch m hiu qu nht ca 3 bin c ny l m ho x1 l 0, m ca x2 l 10 v
m ca x3 l 11. Khi s bt trung bnh trong php m ho ny l:
1/2 1 +1/4 2 + 1/4 2 = 3/2.
Cc v d trn cho thy rng, mt bin c xy ra vi xc sut 2 n c th
m ho c bng mt xu bt c di n. Tng qut hn, c th coi rng,
mt bin c xy ra vi xc sut p c th m ho bng mt xu bt c di
xp x log2 p . Nu cho trc phn b xc sut tu p1, p2,. . ., pn ca bin
ngu nhin X, khi o thng tin l trng s trung bnh ca cc lng
log2 p i . iu ny dn ti nh ngha hnh thc ho sau.
nh ngha 1.5
Gi s X l mt bin ngu nhin ly cc gi tr trn mt tp hu hn
theo phn b xc sut p(X). Khi entropy ca phn b xc sut ny c
nh ngha l lng:
n
H ( X ) = p i log2 p i
i =1
Nu cc gi tr c th ca X l xi ,1 i n th ta c:
n
H ( X ) = p ( X = x i ) log2 p ( X = x i )
i =1
16
Nhn xt:
Nhn thy rng, log2 pi khng xc nh nu pi =0. Bi vy i khi
entropy c nh ngha l tng tng ng trn tt c cc xc sut khc 0. V
lim x log2 x = 0 nn trn thc t cng khng c tr ngi g nu cho pi = 0 vi
x 0
gi tr i no . Tuy nhin ta s tun theo gi nh l khi tnh entropy ca mt

phn b xc sut pi , tng trn s c ly trn cc ch s i sao cho pi 0. Ta
cng thy rng vic chn c s ca logarit l tu ; c s ny khng nht thit
phi l 2. Mt c s khc s ch lm thay i gi tr ca entropy i mt hng
s.
Ch rng, nu pi = 1/n vi 1 i n th H(X) = log2n. Cng d dng
thy rng H(X) 0 v H(X) = 0 khi v ch khi pi = 1 vi mt gi tr i no
v pj = 0 vi mi j i.
Xt entropy ca cc thnh phn khc nhau ca mt h mt. Ta c th
coi kho l mt bin ngu nhin K nhn cc gi tr tun theo phn b xc sut
pK v bi vy c th tnh c H(K). Tng t ta c th tnh cc entropy H(P)
v H(C) theo cc phn b xc sut tng ng ca bn r v bn m.
V d 1.1: (tip)
Ta c:
H ( P ) = 1 4 log2 1 4 3 4 log2 3 4
= 1 4 ( 2 ) 3 4 ( log2 3 2 )
= 2 3 4 log2 3
0,81
bng cc tnh ton tng t, ta c H(K) = 1,5 v H(C) 1,85.

1.4.3. Cc tnh cht ca Entropy
Trong phn ny s chng minh mt s kt qu quan trng lin quan n
entropi. Trc tin ta s pht biu bt ng thc Jensen. y l mt kt qu c
bn v rt hu ch. Bt ng thc Jensen c lin quan n hm li c nh
ngha nh sau.
17
nh ngha 1.6.
Mt hm c gi tr thc f l li trn khong I nu:
x + y f (x) + f (y)
f
2
2
vi mi x,y I. f l hm li thc s trn khong I nu:

x + y f (x) + f (y)
f
>
2
2
vi mi x,y I,x y.
Sau y ta s pht biu m khng chng minh bt ng thc Jensen.
nh l 1.4.(Bt ng thc Jensen).

Gi s f l mt hm li thc s v lin tc trn khong I,
n
ai = 1
i =1
v ai >0,1 i n. Khi :
n
a
f
(x
)
f
i i ai xi
i =1
i =1
trong xi I,1 i n. Ngoi ra du "=" ch xy ra khi v ch khi x1=. . . =

xn.
By gi ta s a ra mt s kt qu v entropy. Trong nh l sau s s
dng khng nh: hm log2x l mt hm li thc s trong khong (0, ) (iu
ny d dng thy c t nhng tnh ton s cp v o hm cp 2 ca hm
logarit l m trn khong (0, )).
nh l 1.5.
Gi s X l bin ngu nhin c phn b xc sut p1, p2,... , pn, trong
pi > 0 , 1 i n. Khi H(X) log2n. Du "=" xy ra khi v ch khi pi = 1 n ,
1 i n.
18
Chng minh:
p dng bt ng thc Jensen, ta c:
n
i =1
i =1
H(X ) = pi log2 pi = pi log2 (1 / pi )

n
log2 ( pi 1 / pi )
i =1
= log2 n
Ngoi ra, du "=" ch xy ra khi v ch khi pi = 1/n, 1 i n.

nh l 1.6.
H(X,Y) H(X) +H(Y)
ng thc (du "=") xy ra khi v ch khi X v Y l cc bin c c lp
Chng minh.
Gi s X nhn cc gi tr xi,1 i m;Y nhn cc gi tr yj,1 j n. K
hiu: pi = p(X= xi), 1 i m v qj = p(Y = yj ), 1 j n. K hiu ri j = p(X = xi
,Y = yj ), 1 i m, 1 j n. (y l phn b xc sut hp).
Nhn thy rng
n
pi = rij
(1 i m)
j =1
q j = rij
(1 j n)
i =1
Ta c
m
i =1
j =1
H(X ) + H(Y) = ( pi log2 pi + q j log2 q j )

m n
n m
i =1 j =1
j =1 i =1
= ( rij log2 pi + rij log2 q j )

m n
= rij log2 pi q j
i =1 j =1
m n
Mt khc
H(X ,Y) = rij log2 rij

i =1 j =1
19
Kt hp li ta thu c kt qu sau:
m n
m n
i =1 j =1
i =1 j =1
H(X ,Y) H(X ) H(Y ) = rij log2 (1 / rij ) + rij log2 pi q j

m n
log2 pi q j
i =1 j =1
= log2 1
=0
( y p dng bt ng thc Jensen khi bit rng cc rij to nn mt

phn b xc sut ).
Khi ng thc xy ra, c th thy rng phi c mt hng s c sao cho pij /
rij = c vi mi i,j. S dng ng thc sau:
m n
= rij log2 ( pi q j / rij )

i =1 j =1
n m
n m
j =1 i =1
j =1 i =1
rij = pi q j = 1
iu ny dn n c = 1. Bi vy ng thc (du "=") s xy ra khi v ch
khi rjj = pjqj, ngha l:
p(X = xj, Y = yj ) = p(X = xj )p(Y = yj )
vi 1 i m, 1 j n. iu ny c ngha l X v Y c lp.
Tip theo ta s a ra khi nim entropi c iu kin
nh ngha 1.7.
Gi s X v Y l hai bin ngu nhin. Khi vi gi tr xc nh bt k
y ca Y, ta c mt phn b xc sut c iu kin p(X|y). R rng l :
H(X | y) = p(x | y) log2 p(x | y)
x
Ta nh ngha entropi c iu kin H(X|Y) l trung bnh c trng s (ng

vi cc xc sut p(y)) ca entropi H(X|y) trn mi gi tr c th y. H(X|y) c
tnh bng:
20
H(X | Y ) =
y
p(y) p(x | y) log2 p(x | y)

x
Entropi c iu kin o lng thng tin trung bnh v X do Y mang li.

Sau y l hai kt qu trc tip ( Bn c c th t chng minh)
nh l 1.7.
H(X,Y) = H(Y) + H(X | Y)
H qu 1.2.
H(X |Y) H(X)
Du bng ch xy ra khi v ch khi X v Y c lp.
1.4.4. Cc kho gi v khong duy nht
Trong phn ny chng ta s p dng cc kt qu v entropy trn cho cc
h mt. Trc tin s ch ra mt quan h c bn gia cc entropy ca cc
thnh phn trong h mt. Entropy c iu kin H(K|C) c gi l bt nh
v kho. N cho ta bit v lng thng tin v kho thu c t bn m.
nh l 1.8.
Gi s(P, C, K, E, D) l mt h mt. Khi :
H(K|C) = H(K) + H(P) - H(C)
Chng minh:
Trc tin ta thy rng H ( K, P,C ) = H ( C K, P ) + H ( K, P ) . Do y = eK(x) nn
kho v bn r s xc nh bn m duy nht. iu ny c ngha l
H ( C K, P ) = 0 . Bi vy H ( K, P,C ) = H ( K, P ) . Nhng K v P c lp nn
H ( K, P ) = H ( K ) + H ( P ) . V th:
H ( K, P,C ) = H ( K, P ) = H ( K ) + H ( P )
Tng t v kho v bn m xc nh duy nht bn r (tc x = dK(y)) nn ta c

H(P | K,C) = 0 v bi vy H(K,P,C) = H(K,P). By gi ta s tnh nh sau:
21
H ( K C ) = H ( K,C ) H ( C )
= H ( K, P,C ) H ( C )
= H ( K ) + H ( P ) H (C )
y l ni dung ca nh l.
Ta s quay li v d 1.1 minh ho kt qu ny.
V d 1.1 (tip)
Ta tnh c H(P) 0,81, H(K) = 1,5 v H(C) 1,85. Theo nh l
1.8 ta c H ( K C ) 1,5 + 0,81 0,85 0, 46 . C th kim tra li kt qu ny
bng cch p dng nh ngha v entropi c iu kin nh sau. Trc tin cn

phi tnh cc xc sut xut p(Kj | Cj), 1 i 3, 1 j 4. thc hin iu
ny c th p dng nh l Bayes v nhn c kt qu nh sau:
P(K1 | 1) = 1
p(K2 | 1) = 0
P(K1 | 2) = 6/7
p(K2 | 2) = 1/7
p(K3 | 2) = 0
P(K1 | 3) = 0
p(K2 | 3) = 3/4
p(K3 | 3) = 1/4
P(K1 | 4) = 0
p(K2 | 4) = 0
p(K3 | 1) = 0
p(K3 | 4) = 1
By gi ta tnh:
H(K | C) = 1/8 0 +7/16 0,59 + 1/4 0,81 + 3/16 0 = 0,46
Gi tr ny bng gi tr c tnh theo nh l 1.8.
Gi s (P, C, K, E, D ) l h mt ang c s dng. Mt xu ca bn r
x1x2 . . .xn s c m ho bng mt kho to ra bn m y1y2 . . .yn. Nh li
rng, mc ch c bn ca thm m l phi xc nh c kho. Ta xem xt
cc phng php tn cng ch vi bn m v coi Oscar c kh nng tnh ton
v hn. Ta cng gi s Oscar bit bn r l mt vn bn theo ngn ng t
nhin (chng hn vn bn ting Anh). Ni chung Oscar c kh nng rt ra mt
s kho nht nh (cc kho c th hay cc kho chp nhn c) nhng trong
ch c mt kho ng, cc kho c th cn li (cc kho khng ng) c
gi l cc kho gi.
V d, gi s Oscar thu c mt xu bn m WNAJW m bng phng
php m dch vng. D dng thy rng, ch c hai xu bn r c ngha l
river v arena tng ng vi cc kho F(= 5) v W(= 22). Trong hai kho ny
ch c mt kho ng, kho cn li l kho gi. (Trn thc t, vic tm mt
bn m ca MDV c di 5 v 2 bn gii m c ngha khng phi qu kh
khn, bn c c th tm ra nhiu v d khc). Mc ch ca ta l phi tm ra
22
gii hn cho s trung bnh cc kho gi. Trc tin, phi xc nh gi tr ny

theo entropi (cho mt k t) ca mt ngn ng t nhin L (k hiu l HL). HL l
lng thng tin trung bnh trn mt k t trong mt xu c ngha ca bn r.
(Ch rng, mt xu ngu nhin cc k t ca bng ch ci s c entropi trn
mt k t bng log2 26 4,76). Ta c th ly H(P) l xp x bc nht cho HL.
Trong trng hp L l Anh ng, ta tnh c H(P) 4,19.
D nhin cc k t lin tip trong mt ngn ng khng c lp vi nhau
v s tng quan gia cc k t lin tip s lm gim entropy. V d, trong
Anh ng, ch Q lun ko theo sau l ch U. lm xp x bc hai, tnh
entropy ca phn b xc sut ca tt c cc b i ri chia cho 2. Mt cch
tng qut, ta nh ngha Pn l bin ngu nhin c phn b xc sut ca tt c
cc b n ca bn r. Ta s s dng tt c cc nh ngha sau:
nh ngha 1.8
Gi s L l mt ngn ng t nhin. Entropy ca L c xc nh l lng
sau:
H(P n )
H L = lim
n
n
d ca L l:
RL = 1 - (HL / log2 | P | )
Nhn xt: HL o entropi trn mi k t ca ngn ng L. Mt ngn ng ngu

nhin s c entropi l log2 |P | . Bi vy i lng RL o phn "k t vt tri"
l phn d.
Trong trng hp Anh ng, da trn bng cha mt s ln cc b i v
cc tn s, ta c th tnh c H(P2). c lng theo cch ny, ta tnh c
( )
H P 2 3,90 . C tip tc nh vy bng cch lp bng cc b ba v.v... ta thu
c c lng cho HL. Trn thc t, bng nhiu thc nghim khc nhau, ta
c th i ti kt qu sau 1,0 HL 1,5. Tc l lng thng tin trung bnh
trong ting Anh vo khong 1 bt ti 1,5 bt trn mi k t!.
Gi s ly 1,25 l gi tr c lng ca gi tr ca HL. Khi d vo
khong 0,75. Tc l ting Anh c d vo khong 75%! (iu ny khng c
23
ngha loi b tu 3 trn 4 k t ca mt vn bn ting Anh m vn c kh

nng c c n. N ch c ngha l tm c mt php m Huffman (y l
mt php m ha nn thc hin theo nguyn tc cc tin c xc sut xut hin
ln phi c m ha bng cc t m c di nh v ngc li) cho cc b n
vi n ln, php m ny s nn vn bn ting Anh xung cn 1/4 di ca
bn gc).
Vi cc phn b xc sut cho trn K v Pn. C th xc nh phn b xc
sut trn C n l tp cc b n ca bn m. (Ta lm iu ny trong trng hp
n =1). Ta xc nh P n l bin ngu nhin biu din b n ca bn r. Tng
t C n l bin ngu nhin biu th b n ca bn m.
Vi
Cn,
nh
ngha:
K ( y ) = K K; x P n , pP n ( x ) > 0, eK ( x ) = y ngha l K(y) l tp cc kho K
sao cho y l bn m ca mt xu bn r di n c ngha, tc l tp cc kho

"c th" vi y l bn m cho. Nu y l dy quan st c ca bn m th s
kho gi s l K ( y ) 1 v ch c mt kho l kho ng trong s cc kho c
th. S trung bnh cc kho gi (trn tt c cc xu bn m c th di n)
c k hiu l s n v n c tnh nh sau:
sn =
p ( y ) ( K ( y ) 1)
yC n
p (y) K (y) p (y)
yC n
yC n
p (y) K (y) 1
yC n
T nh l 1.8 ta c:
( ) ( )
H K Cn = H (K) + H Pn H Cn
C th dng c lng sau:
( )
H P n nH L = n (1 R L ) log2 P
vi iu kin n ln. Hin nhin l:
( )
H C n n log2 C
Khi nu P = C th:
24
H K C n H ( K ) nR L log2 P
(1.1)
Tip theo xt quan h ca lng H(K | Cn) vi s kho gi s n . Ta c:
H K Cn =
p (y)( K y)
yC n
p ( y ) log2 K ( y )
yC n
p (y) K (y)
yC n
= log2 s n + 1
y ta p dng bt ng thc Jensen (nh l 1.5) vi f(x) = log2x. Bi vy

ta c bt ng thc sau:
H(K C n ) log2 (s n + 1)
(1.2)
Kt hp hai bt ng thc (1.1) v (1.2), ta c :

log2 (sn + 1) H(K) nR L log2 P
Trong trng hp cc kho c chn ng xc sut (Khi H(K) c gi tr

ln nht) ta c kt qu sau.
nh l 1.9
Gi s (P, C, K, E, D ) l mt h mt trong |C | = |P| v cc kho c chn
ng xc sut. Gi s RL l d ca ngn ng gc. Khi vi mt xu bn
m di n cho trc (n l s ln), s trung bnh cc kho gi s n tho
mn bt ng thc nh sau:
{ ( P nRL )} 1
sn K
Lng K
( P nR L ) 1
tin ti 0 theo hm m khi n tng. c lng
ny c th khng chnh xc vi cc gi tr n nh. l do H(Pn)/ n khng phi

l mt c lng tt cho HL nu n nh.
Ta a ra y mt khi nim na
nh ngha 1.9.
Khong duy nht ca mt h mt c nh ngha l gi tr ca n m
ng vi gi tr ny, s kho gi trung bnh bng 0 (k hiu gi tr ny l n0).
25
iu c ngha l n0 l di trung bnh cn thit ca bn m thm m

c th tnh ton kho mt cch duy nht vi thi gian ln.
Nu t s n = 0 trong nh l 1.9 v gii theo n ta s nhn c c
lng cho khong duy nht:
n 0 log2 K R L log2 P
V d vi MTT, ta c |P| = 26 v |K| =26 !. Nu ly RL =0,75 th ta nhn

c c lng cho khong duy nht bng:
n0 88,4/ (0,75 4,7) 25
iu c ngha l thng thng nu m thm c c xu bn m vi di
ti thiu l 25, anh ta c th nhn c bn gii m duy nht.
1.5.
bi tp.
1. Cho n l mt s nguyn dng. Mt hnh vung ln latin cp n(L) l mt

bng n n cc s nguyn 1, , n sao cho mi mt s trong n s nguyn
ny ch xut hin ng mt ln hng v mi ct ca L. V d hnh
vung Latin cp 3 c dng:
1
Vi mt hnh vung Latin L bt k cp n, ta c th xc nh mt h m

tng ng. Gi s K = C = P = {1,...,n} . Vi 1 i n , quy tc m ha e1
c xc nh l e1 ( j) = L(i, j) (Do mi hng ca L s cho mt quy tc

m ha).
Chng minh rng h mt hnh vung Latin ny c mt hon thin.
2. Hy chng t rng m Affine c mt hon thin
3. Gi s mt h mt t c hon thin vi phn b xc sut p 0 no
ca bn r. Hy chng t rng mt hon thin vn cn gi c i vi
mt phn b xc sut bt k ca bn r.
4. Hy chng t rng nu mt h mt c hon thin v K = C = P th
mi bn m l ng xc sut.
26
5. Hy chng t rng H(X, Y ) = H(Y ) + H(X Y ) . Sau hy chng minh b

l H(X Y ) H(X ) , ng thc ch xy ra khi v ch khi X v Y c lp.
6. Chng minh rng mt h mt c mt hon thin khi v ch khi

H(P C ) = H(P ) .
7. Chng minh rng trong mt h mt H ( K C ) H ( P C ) (v mt trc gic
kt qu ny ni rng vi bn m cho trc bt nh ca thm m v
kha t nht cng ln bng bt nh khi thm m r).
8. Xt mt h mt trong P = {a,b,c} , = K1 , K 2 , K 3 v C = {1,2,3,4} .

Gi s ma trn m ha nh sau:
a
K1
K2
K3
Gi s cc kha c chn ng xc sut v phn b xc sut ca bn

r l pP ( a ) = 1/ 2 , pP ( b ) = 1/ 3 , pP ( c ) = 1/ 6 . Hy tnh H(P), H(C),
H(K), H(K C ) v H(P C ).
27
Chng 2 - Mt m kha b mt
Chng 2. Mt m kha b mt
C ba phng php chnh trong mt m kho b mt (mt m kho ring
hay mt m c in):
- Hon v
- Thay th
- X l bit (ch yu nm trong cc ngn ng lp trnh)
Ngoi ra cn c phng php hn hp thc hin kt hp cc phng php
trn m in hnh l chun m d liu (DES Data Encryption Standard) ca
M.
2.1. S khi mt h truyn tin mt.
(Oscar)
Thm m
Bn r
Ngun tin
(Alice)
Bn m
B m ho
Bn r
Bn m
Knh m
(khng an ton)
KE
B gii m
Nhn tin
KD
(Bob)
Knh an ton
Ngun kho
nh ngha 2.1:
Mt h mt l mt b 5 (P , C , K , E , D ) tho mn cc iu kin sau:
a)
b)
c)
d)
P l mt tp hu hn cc bn r c th
C l mt tp hu hn cc bn m c th
K l mt tp hu hn cc kho c th (khng gian kho)
i vi mi k K c mt quy tc m ek E
ek : P C
v mt quy tc gii m tng ng d k D
dk : C P
28
sao cho: d k (e k (x )) = x vi x P .
2.2. Mt m thay th
2.2.1. Mt m dch vng (MDV)
Gi s P = C = K = Z26 vi 0 k 25 , ta nh ngha:
e k (x ) = x + k mod 26
d k (y ) = y k mod 26
(x, y Z26 )
Ta s dng MDV (vi modulo 26) m ho mt vn bn ting Anh

thng thng bng cch thit lp s tng ng gia cc k t v cc thng d
theo mod 26 nh sau:
K t
M tng ng
10
11
12
K t
M tng ng
13
14
15
16
17
18
19
20
21
22
23
24
25
V d 2.1:
Gi s kho cho MDV l k = 5 v bn r l meetmeatsunset.
Trc tin, ta bin i bn r thnh dy cc s nguyn theo bng trn:
12.4.4.19.12.4.0.19.18.20.13.18.4.19
Sau ta cng 5 vo mi gi tr trn v rt gn tng theo mod 26, ta c dy
s sau:
17.9.9.24.17.9.5.24.23.25.18.23.9.24
Cui cng, ta li bin i dy s nguyn trn thnh cc k t tng ng, ta c
bn m sau:
RJJYRJFYXZSXJY
gii m cho bn m ny, trc tin ta bin bn m thnh dy s nguyn ri
tr mi gi tr cho 5 (rt gn theo modulo 26), v cui cng l li bin i li
dy s nhn c ny thnh cc k t.
Nhn xt:
Khi k = 3 , h mt ny thng c gi l m Caesar tng c Hong

Caesar s dng.
MDV (theo mod 26) l khng an ton v n c th b thm theo phng
php tm kho vt cn (thm m c th d dng th mi kho d k c th
29
cho ti khi tm c bn r c ngha). Trung bnh c th tm c bn r

ng sau khi th khong (26 2) = 13 quy tc gii m.
T v d trn ta thy rng, iu kin cn mt h mt an ton l php

tm kho vt cn phi khng th thc hin c. Tuy nhin, mt khng
gian kho ln vn cha m bo mt.
2.2.2. M thay th (MTT).

Cho P = C = Z26 . K cha mi hon v c th c ca 26 k t t 0 n 25.
Vi mi php hon v K , ta nh ngha:
e (x ) = (x )
v
d (y ) = 1 (y )
trong 1 l hon v ngc ca
Sau y l mt v d v php hon v ngu nhin to nn mt hm m

ho (tng t nh trn, cc k t ca bn r c vit bng ch thng, cn
cc k t ca bn m c vit bng ch in hoa).
K t bn r
K t bn m
K t bn r
K t bn m
Nh vy, e (a ) = X, e (b ) = N, ...
Hm gii m l php hon v ngc. iu ny c thc hin bng cch vit
hng th hai ln trc ri sp xp theo th t ch ci. Ta c:
K t bn m
K t bn r
K t bn m
K t bn r
a
d
b
l
c
r
d
y
e
v
f
o
g
h
h
e
i
z
j
x
k
w
l
p
m
t
n
b
o
g
p
f
q
j
r
q
s
n
t
m
u
u
v
s
w
k
x
a
y
c
z
i
V d 2.2:
Vi php thay th trn, t bn r:

meetmeatsunset
ta thu c bn m sau:
THHMTHXMVUSVHM
S dng php hon v ngc, ta d dng tm li c bn r ban u.
30
Mi kho ca m thay th l mt php hon v ca 26 k t. S cc hon

v ny l 26 !> 4.10 26 . y l mt s rt ln nn kh c th tm c kho
bng php tm kho vt cn. Tuy nhin, bng phng php thng k, ta c th
d dng thm c cc bn m loi ny.
2.2.3. Mt m Vigenre
Trong hai h MDV v MTT trn, mt khi kho c chn th mi k

t s c nh x vo mt k t duy nht. V vy, cc h trn cn c gi l
cc h thay th n biu. Sau y ta s trnh by mt h thay th a biu c
gi l h mt Vigenere.
S dng php tng ng A 0, B 1, ..., Z 25 m t trn, ta c
th gn cho mi kho k mt chui k t c di m, c gi l t kho. Mt
m Vigenre s m ho ng thi m k t: mi phn t ca bn r tng
ng vi m k t.
V d 2.3:
Gi s m = 6 v t kho l CIPHER. T kho ny tng ng vi dy s k = (2,

8, 15, 7, 4, 17). Gi s bn r l:
meetmeatsunset
Ta s bin i cc phn t ca bn r thnh cc thng d theo mod 26, vit
chng thnh cc nhm 6 ri cng vi t kho theo modulo 26 nh sau:
12
2
14
4
8
12
4
15
19
19
7
0
12
4
16
4
17
21
0
2
2
19
8
1
18
15
7
20
7
1
13
4
17
18
17
9
4
2
6
19
8
1
Bn r
Kho
Bn m
Nh vy, dy k t tng ng vi xu bn m s l:
OMTAQVCBHBRJGB
Ta c th m t mt m Vigenre nh sau:
Cho m l mt s nguyn dng c nh no .
Ta nh ngha P = C = K = ( Z26 )
Vi kho k = k 1 , k 2 , ..., k m , ta xc nh:

v
e k (x 1 , x 2 , ..., x m ) = (x 1 + k 1 , x 2 + k 2 , ..., x m + k m )
d k (y1 , y 2 , ..., y m ) = (y1 k 1 , y 2 k 2 , ..., y m k m )
trong tt c cc php ton c thc hin trong Z 26 .
31
Ch : gii m, ta c th dng cng t kho nhng thay cho cng, ta tr n

theo modulo 26.
Ta thy rng, s cc t kho c th vi di m trong mt m Vigenere
l 26 m .Bi vy, thm ch vi m kh nh, phng php tm kim vt cn cng

yu cu thi gian kh ln. V d, vi m = 6 th khng gian kho cng c kch
thc ln hn 3.108 kho.
2.3.
Mt m hon v (MHV)
Khc vi MTT, tng ca MHV l gi cc k t ca bn r khng thay

i nhng s thay i v tr ca chng bng cch sp xp li cc k t ny.
y khng c mt php ton i s no cn thc hin khi m ho v gii m.
V d 2.4:
Gi s m = 6 v kho l php hon v sau:

1
3
2
5
3
1
4
6
5
4
6
2
3
1
4
5
5
2
6
4
Khi , php hon v ngc s l:

1
3
2
6
Gi s ta c bn r: asecondclasscarriageonthetrain
Trc tin, ta nhm bn r thnh cc nhm 6 k t:
a sec on dclass carria geonth etrain
Sau , mi nhm 6 ch ci li c sp xp li theo php hon v , ta c:

EOANCS LSDSAC RICARA OTGHNE RIENAT
Cui cng, ta c bn m sau:

EOANCSLSDSACRICARAOTGHNERIENAT
Khi s dng php hon v ngc 1 trn dy bn m (sau khi nhm
li theo cc nhm 6 k t), ta s nhn li c bn r ban u.
T v d trn, ta c th nh ngha MHV nh sau:
32
Cho m l mt s nguyn dng xc nh no .

Cho P = C = ( Z26 ) v cho K l tt c cc hon v c th c ca
m
{ 1, 2, ..., m }.
i vi mt kho (tc l mt php hon v no ), ta xc nh:
e = (x 1 , ..., x m ) = x (1) , ..., x (m )
d = ( x 1 , ..., x m ) = y 1 , ..., y 1
(m )
(1)
trong 1 l php hon v ngc ca
2.4. Mt m Hill
Trong phn ny s m t mt h mt thay th a biu khc c gi l

mt m Hill. Mt m ny do Lester S.Hill a ra nm 1929. Gi s m l mt
s nguyn dng, t P = C = ( Z26 ) . tng y l ly m t hp tuyn tnh
m
ca m k t trong mt phn t ca bn r to ra m k t mt phn t ca

bn m.
V d nu m = 2 ta c th vit mt phn t ca bn r l x = (x1 , x 2 ) v
mt phn t ca bn m l y = (y1 , y 2 ) . y, y1 cng nh y 2 u l mt t
hp tuyn tnh ca x1 v x 2 . Chng hn, c th ly:
y1 = 11x1 + 3x 2
y 2 = 8 x1 + 7 x 2
Tt nhin c th vit gn hn theo k hiu ma trn nh sau:
(y1
11 8
y 2 ) = (x1 x 2 )
3
7
Ni chung, c th ly mt ma trn k kch thc m m lm kho. Nu

mt phn t hng i v ct j ca k l k i, j th c th vit k = (k i, j ) , vi
x = (x 1 , x 2 , ..., x m ) P v k K , ta tnh y = e k (x ) = (y1 , y 2 , ..., y m ) nh

sau :
33
k1,1 k1, 2 ... k1, m

k
k 2, 2 ... k 2, m
2,1
( y1, ..., ym ) = ( x1, ..., x m ) M

M
M
k
k
...
k
m,1
m,
2
m,
m
Ni cch khc, y = xk .
Chng ta ni rng bn m nhn c t bn r nh php bin i tuyn
tnh. Ta s xt xem phi thc hin gii m nh th no, tc l lm th no
tnh x t y. Bn c lm quen vi i s tuyn tnh s thy rng phi dng
ma trn nghch o k 1 gii m. Bn m c gii m bng cng thc
x = yk 1 .
Sau y l mt s nh ngha v nhng khi nim cn thit ly t i s

tuyn tnh. Nu A = (x i, j ) l mt ma trn cp l m v B = (b l, k ) l mt ma
trn cp m n th tch ma trn AB = (c l, k ) c nh ngha theo cng thc :
m
ci, k = a i, j b j, k
j=1
vi 1 i l v 1 k l . Tc l cc phn t hng i v ct th k ca AB c
to ra bng cch ly hng th i ca A v ct th k ca B, sau nhn tng
ng cc phn t vi nhau v cng li. Cn rng AB l mt ma trn cp
l n .
Theo nh ngha ny, php nhn ma trn l kt hp (tc (AB)C = A(BC) )
nhng ni chung l khng giao hon (khng phi lc no AB = BA , thm ch
i vi ma trn vung A v B).
Ma trn n v m m (k hiu l I m ) l ma trn cp m m c cc s 1
nm ng cho chnh, v cc s 0 v tr cn li. Nh vy, ma trn n v
2 2 l:
Im
1 0
I 2 =
0 1
c gi l ma trn n v v AI m = A vi mi ma trn cp l m v
I m B = B vi mi ma trn cp m n . Ma trn nghch o ca ma trn A cp

m m (nu tn ti) l ma trn A 1 sao cho AA 1 = A 1A = I m . Khng phi
mi ma trn u c nghch o, nhng nu tn ti th n duy nht.

Vi cc nh ngha trn, c th d dng xy dng cng thc gii m
nu: V y = xk , ta c th nhn c hai v ca ng thc vi k 1 v nhn c:
34
( )
yk 1 = (xk ) k 1 = x kk 1 = xI m = x
(Ch : s dng tnh cht kt hp)

C th thy rng, ma trn m ho trn c nghch o trong Z 26 :
11 8
3 7
7 18
=
23 11
v
11 8 7 18 11 7 + 8 23 11 18 + 8 11
3 7 23 11 = 3 7 + 7 23 3 18 + 7 11
261 286 1 0
=
=
182 131 0 1
(Hy nh rng mi php ton s hc u c thc hin theo modulo 26).

Sau y l mt v d minh ho cho vic m ho v gii m trong h mt
m Hill.
V d 2.5:
11 8
k =
3 7
Gi s kho
T cc tnh ton trn, ta c:

7 18
k 1 =
23 11
Gi s cn m ho bn r "July" . Ta c hai phn t ca bn r m

ho: (9, 20) (ng vi Ju) v (11, 24) (ng vi ly). Ta tnh nh sau:
(9
(11
11 8
= (99 + 60 72 + 140 ) = (3 4 )
20 )
3 7
11 8
= (121 + 72 88 + 168) = (11 22 )
24 )
3 7
Bi vy, bn m ca July l DELW. gii m, Bob s tnh
(3
4 ).k 1 = (9 20) v (11 22 ).k 1 = (11 24 )
Nh vy, Bob nhn c bn ng.

Cho ti lc ny, ta ch ra rng c th thc hin php gii m nu k c
mt nghch o. Trn thc t, php gii m l c th thc hin c, iu
kin cn l k phi c nghch o. (iu ny d dng rt ra t i s tuyn tnh
s cp, tuy nhin s khng chng minh y). Bi vy, ta ch quan tm ti
cc ma trn k kh nghch.
35
Tnh kh nghch ca mt ma trn vung ph thuc vo gi tr nh thc

ca n. trnh s tng qut ho khng cn thit, ta ch gii hn trong trng
hp 2 2 .
nh ngha 2.2:
nh thc ca ma trn A = (a i, j ) cp 2 2 l gi tr
det A = a1,1a 2, 2 a1, 2 a 2,1
Nhn xt: nh thc ca mt ma trn vung cp m x m c th c tnh

theo cc php ton hng s cp (hy xem mt gio trnh bt k v i s tuyn
tnh).
Hai tnh cht quan trng ca nh thc l det I m = 1 v quy tc nhn
det (AB) = det A det B .
Mt ma trn thc k l c nghch o khi v ch khi nh thc ca n khc

0. Tuy nhin, iu quan trng cn nh l ta ang lm vic trn Z 26 . Kt qu
tng ng l ma trn k c nghch o theo modulo 26 khi v ch khi

UCLN(det k , 26) = 1 .
Sau y s chng minh ngn gn kt qu ny.
Trc tin, gi s rng UCLN(det k , 26) = 1 . Khi det k c nghch o
trong Z 26 . Vi 1 i m , 1 j m , nh ngha k i j l ma trn thu c t k
bng cch loi b hng th i v ct th j. V nh ngha ma trn k * c phn t
(i, j) ca n nhn gi tr ( 1)i + j det k j i ( k * c gi l ma trn b i s ca

k). Khi , c th chng t rng:
k 1 = (det k )1 k *
Bi vy k l kh nghch.
Ngc li, k c nghch o k 1 . Theo quy tc nhn ca nh thc:
1 = det I = det k k 1 = det k det k 1
Bi vy det k c nghch o trong Z 26 .

Nhn xt: Cng thc i vi k 1 trn khng phi l mt cng thc tnh
ton c hiu qu tr cc trng hp m nh (chng hn m = 2, 3). Vi m ln,
phng php thch hp tnh cc ma trn nghch o phi da vo cc php
ton hng s cp.
Trong trng hp 2 2 , ta c cng thc sau:
36
nh l 2.1:
Gi s
( )
A = ai j
l mt ma trn cp
22
trn
Z 26
sao cho
det A = a1,1a 2, 2 a1, 2 a 2,1 c nghch o. Khi :

a 2, 2 a1, 2
A 1 = (det A )1
a
a
1,1
2, 1
Tr li v d xt trn. Trc ht ta c:
11 8
= 11 7 8 3 mod 2
det
3 7
= 77 24 mod 26 = 53 mod 26
=1
V 11 mod 26 = 1 nn ma trn nghch o l:

11 8
3 7
7 18
=
23 11
y chnh l ma trn c trn.

By gi ta s m t chnh xc mt m Hill trn Z 26 (hnh 2.1).
Cho m l mt s nguyn dng c nh. Cho P = C = ( Z26 ) v cho
m
K = { cc ma trn kh nghch cp m m trn Z 26 }

Vi mt kho k K , ta xc nh:
e k (x ) = xk
d k (y ) = yk 1
Tt c cc php ton c thc hin trong Z 26

Hnh 2.1: Mt m Hill
2.5. H mt xy dng trn cc cp s nhn xyclic

trn vnh a thc.
Trong phn ny ta xt mt ng dng ca nhm nhn xyclic trn vnh a

thc Z 2 [x ] x n + 1 vi n = 2 k . y l mt trng hp c bit khng c xem
37
xt ti khi xy dng cc m khng ch sai.Tuy nhin, trng hp ny li c

nhng ng dng kh l th trong mt m [4].
2.5.1 Nhm nhn ca vnh.
B 2.1:
Trong vnh Z 2 [x ] x n + 1 vi n = 2 k , tp cc a thc c trng s l s to

nn mt nhm nhn cc a thc theo modulo x n + 1 .
Chng minh:
V n = 2 k nn : (x n + 1) = (1 + x )n .
Do , mi a thc a (x ) c trng s l u tho mn iu kin:
(a(x ), (1 + x ) ) = 1
n
(2.1)
Cc a thc ny s to nn mt nhm nhn G c lu ng e(x ) = 1 v c cp

bng: G = 2 n 1 .
2
Ch : a thc e(x ) c gi l ly ng nu e (x ) = e(x )

B 2.2:
Mi phn t trong nhm nhn G c cp l 2 k hoc c cp l c ca 2 k .

Chng minh:
Ta c th chng minh bng qui np:
k = 1: vnh ny cha nhm nhn cp 2 l nhm nhn xyclic n v I.
k = i : Gi s A = {a (x ), a 2 (x ), a 3 (x ), ..., a n (x )} l mt nhm nhn xyclic cp
n trong vnh ( n = 2i ).
k = i+1: Bnh phng cc phn t ca A ta c nhm nhn xyclic sau:
A 2 = {a 2 (x ), x 4 (x ), a 6 (x ), ..., a 2n (x )}
Nhm nhn xyclic ny hin nhin l nhm con ca nhm nhn xyclic cp
2.2 = 2i+1 c phn t sinh l mt trong cc cn bc hai ca a (x ) .
i
Gi Q l tp cc thng d bc hai trong G. Ta c b sau :
B 2.3:
S cc thng d bc hai trong nhm nhn G ca vnh c xc nh theo biu

thc sau :
38
Q = 22
k 1
(2.2)
Chng minh: Xt f (x ) Q . Gi s cn bc hai ca f (x ) l g(x ) , tc l:

g 2 (x ) = f (x ) mod x n + 1
Nu g(x ) = g i x i th g 2 (x ) =
g i x 2i .
Tc l f (x ) (c trng s l) ch gm mt s l cc n thc c m chn.

S lng cc a thc ny bng.
1
(n 2 )1 = 2 (n 2 )1
Q = C n 2 + C n 2 + ... + C n 2
2.5.2 Cc phn t cp n v cc nhm nhn xyclic cp n.
Xt a (x ) G . a (x ) = a i x i . Ta c b sau:
B 2.4:
a thc a (x ) l phn t cp n khi n c cha mt s l cc n thc c m l
c cp n v mt s chn cc n thc c m chn c cp l c ca n. S cc
a thc cp n bng 2 n 2 .
Chng minh: V a (x ) G nn n c trng s l. S lng cc n thc
c cp n l (n/2) v s lng cc n thc cn li l (n/2) . Nh vy, s cc a
thc a (x ) c cp n bng:
2 i 1
n 2
C
j
2j
n 2
= 2 (n 2 )12 (n 2 )1 = 2 n 2
V d 2.6: n = 8
C tt c 26 = 64 cc phn t cp n.
Ta c th s dng cc phn t ny xy dng cc nhm nhn xyclic cp
n.
A i = { a i (x ), a i2 (x ), a 3i (x ), K a in 1 (x ), a in (x ) = a i0 (x ) = 1}
C tt c 2 n 2 cc nhm nhn xyclic cp n v nhm nhn I cng thuc

vo lp cc nhm nhn ny. Ta gi n l nhm nhn xyclic n v.
39
2.5.3 H mt xy dng trn cc cp s nhn xyclic

2.5.3.1. Cc cp s nhn xyclic cp n
Nu ta nhn cc phn t ca mt nhm nhn xyclic cp n vi mt phn t

bt k trong nhm nhm nhn G ca vnh a thc ta s thu c mt cp s
nhn xyclic c cng bi l phn t sinh ca nhm nhn v c s hng ban u
l a thc em nhn.
B 2.5:
S cc cp s nhn xyclic cp n xy dng c trong G c xc nh theo

biu thc sau:
N = 22
.2 2
(2.3)
V d 2.7:
n=8
N = 281.282 = 213 = 8.192
n = 16
N = 2161.2162 = 2 29 = 65.011.712
n = 32
N = 2321.2322 = 2 61
n = 64
N = 2 641.2 642 = 2125
n = 128
N = 21281.21282 = 2 253
2.5.3.2. H mt xy dng trn cc cp s nhn xyclic
Mi cp s nhn xyclic cp n c th coi l mt php bin i tuyn tnh

ca vector m ban u (c coi l nhm nhn xyclic n v I) .
Gi l phn t sinh ca mt nhm nhn xyclic cp n. Ta c b sau:
B 2.6:
Tng cc s hng ca mt cp s nhn xyclic cp n c cng bi v s hng

u c xc nh theo biu thc sau:
i
k 1
Sn =
1 + 2
i =0
(2.4)
Hin nhin l Sn 0 .
H mt xy dng trn cc cp s nhn ny c th c m t theo s
khi sau:
40
I
Vo
M ho
Vo
Ra
A(, )
Kho
A(, )
A(, )
H mt
I
Gii m
A 1 (, )
Kho
Ra
Mi php bin i (m ho) A c th c c trng bi mt ma trn

vung cp n c dng sau:
.
A=
. 2
M
. 0
A l mt ma trn khng suy bin v bi vy, lun tn ti A 1 tho mn:

A.A 1 = A 1 .A = I
Tp cc php bin i ny l mt tp kn i vi php tnh (nhn ma trn)

v to nn mt nhm nhn c phn t n v l php bin i ng nht (ma
trn n v I).
Nhm nhn trong vnh cc ma trn vung ny l nhm tuyn tnh y
v c k hiu l GL(n, GF(2)).
Thut ton m ho kh.n gin, ch da trn php ton nhn v bnh
phng mt a thc a (x ) G theo modulo (x n + 1) (a(x) c cp n) vi mt a

thc b(x) bt k G .
2.5.3.3. Vn gii m
gii m ta phi tm php bin i ngc A 1 l ma trn nghch o

ca ma trn A. Tuy nhin ta c th d dng thc hin gii m da trn b
sau:
41
B 2.7:
Ma trn A c cp (order) hoc l n, hoc l c ca n. Tc l ta lun c:

An = I
(( ) )
2 22
K
A
14
4244
3
Hay
k ln
y, A c xem l phn t sinh ca mt nhm nhn xyclic c cp bng n

hoc bng c ca n.
V d 2.8:
n=8
A, = { (012 ), (024 ), 01356, (4 ), (456 ), (046 ), (12457 ), (0 )}
Ma trn tng ng:

1
0
1
0
A=
0
0
1
0
1
1
0
0
0
0
1
0
0
0
1
0
0
0
0
0
0
1
0
1
1
1
1
0
0
0
1
0
1
0
1
0
0
0
1
0
1
1
0
0
0
0
0
0
0
0
1
0
1
1
1
0
0
1
0
1
A 2 = { (014 ), (2 ), (236), (4 ), (045), (6 ), (267 ), (0 ) }
A 3 = { (124 ), (024 ), (01235), (4 ), (046 ), (046 ), (14567 ), (0 ) } = A 1

A 4 = I = { (1), (2 ), (3), (4 ), (5), (6), (7 ), (0 ) }
Ch : y ta biu din cc a thc qua cc s m ca cc thnh phn
khc khng. V d: (012345) = 1 + x + x 2 + x 3 + x 5 .

Vo
I
M ho
A
Ra
A
Vo
A
Gii m Ra
(A2)2 = I
V d 2.9:
Xt cp s nhn c cng bi (023) vi s hng u (023) (012) = (015).
B = { (015), (12457), (03467), (456), (145), (01356), (02347), (012) }
B2 = { (124), (136), (346), (035), (056), (257), (027), (147) }
B3 = { (02567), (047), (167), (23567), (12346), (034), (235), (12367) }
B4 ={ (02456), (13567), (02467), (01357), (01246), (12357), (02346), (13457)}
B5 = { (347), (12345), (01245), (146), (037), (01567), (012346), (013457) }
42
B6 = { (245), (123), (467), (345), (016), (567), (023), (017) }

B7 = { (24567), (236), (127), (01347), (01236), (267), (356), (03457) } = B-1
B8 = I = { (1), (2), (3), (4), (5), (6), (7), (0) }
(( ) )
2 2
I = B2
Thut ton gii m ch l mt thut ton lp ca thut ton m ho. S ln

lp ti a l k.
2.5.3.4. Cc ma trn lun hon
Khi s dng cp s nhn c cng bi x v c s hng u l mt a thc
a (x ) G ta s c mt lp cc bin i c bit, c c trng bi mt loi
ma trn c bit, c gi l ma trn lun hon.
nh ngha 2.3:
Ma trn vung A nn trn trng F c gi l ma trn lun hon nu n c
dng sau:
a (x )
A=
xa (x )
K
n 1
x a (x )
a0
=
a1 K a n 1
a n 1 a 0 K a n 2
M
M
M
a1
a2 K
aF
a0
B 2.8:
i s cc ma trn lun hon cp n trn trng F ng cu vi i s
F[x ] x n 1 i vi php nh x cc ma trn lun hon thnh cc a thc
dng:
a (x ) =
n 1
a x
i =0
B 2.9:
Tng v tch ca hai ma trn lun hon l mt ma trn lun hon.

Ta c:
A.B = C
Trong : c(x ) = a (x ).b(x ) mod (x n 1)
B 2.10:
Ma trn lun hon A l kh nghch khi v ch khi a thc a(x) l nguyn t
cng nhau vi (x n 1) . Ma trn nghch o B nu tn ti s tng ng vi b(x)

tho mn iu kin:
43
a (x ).b(x ) 1 mod x 2 1
k
Trong trng hp vnh GF2 [x ] (x n + 1) v a (x ) G , ta lun c:
(a(x ), (x
2k
)) (
+ 1 = a (x ), (x + 1)
2k
)= 1
B 2.11:
Tp cc ma trn lun hon A ng vi a (x ) G s to nn mt nhm con

nhn Abel trong nhm nhn ca vnh cc ma trn vung. Trong nhm ny tn
ti cc nhm con l cc nhm nhn xyclic c cp bng n hoc c ca n.
Mi quan h gia nhm nhn ca vnh a thc v nhm nhn ca vnh
cc ma trn vung c m t trn hnh sau (Hnh 2.2).
B 2.12:
Cp ca ma trn lun hon A bng cp ca a thc a(x) tng ng ca

n.
Khi ord (a(x)) = 2 th ma trn lun hon A tng ng l mt ma trn t
nghch o.
B 2.13:
S cc ma trn lun hon dng lp m bng s cc phn t ca nhm

nhn trong vnh a thc.
Trong trng hp ma trn lun hon, thut ton m ho ch l mt php
cng vi n bc dch vng.
Thut ton gii m bao gm mt php tnh nghch o ca mt a thc
theo modulo (x n + 1) v n bc dch vng tng ng ca phn t nghch o

ny.
V d 2.10:
a (x ) = 1 + x + x 2
A= { (012), (123), (234), (345), (456), (567) (670), (701) }

A2 = { (124), (135), (246), (357), (460), (571), (602), (713) }
A3 ={(01356), (12467), (23570), (34601), (45712), (56023), (67134), (70245)}
A4 = { (4), (5), (6), (7), (0), (1), (2), (3) }
A5 = { (456), (567), (670), (701), (012), (123), (234), (345) }
A6 = { (460), (571), (602), (713), (024), (135), (246), (357) }
A7 = {(12457), (23560), (34671), (45702), (56031), (67124), (70235), (01346)}
= A-1.
A8 = { (1), (2), (3), (4), (5), (6), (7), (0) } = I.
44
Vnh GF2 [x ] x 2 + 1
k
Nhm nhn G
Nhm nhn
lun hon
I
Vnh cc ma trn vung cp 2k

Nhm nhn ca vnh ma trn
Nhm nhn cc ma trn
lun hon c a (x ) G
Ma trn n v
Hnh 2.2: Quan h gia vnh a thc v vnh ma trn
Vo
(7)
(6)
(5)
(4)
(3)
(2)
(1)
(0)
(10110101)
A = {(0 )' , (1)' , K, (7 )'}
Hnh 2.3: S thit b m ho
(00001000)
Ra
45
Vo
(7)
(6)
(5)
(4)
(3)
(2)
(1)
(0)
(00001000)
a 1 (x ) = x + x 2 + x 4 + x 5 + x 7
(10110101)
Ra
A = {(0 ), (1), K, (7 )}
Hnh 2.4: S thit b m ho
Ta c:
A.A 1 =
1 1 1 0 0 0 0 0
0 1 1 0 1 1 0 1
0 1 1 1 0 0 0 0
1 0 1 1 0 1 1 0
0 0 1 1 1 0 0 0
0 1 0 1 1 0 1 1
0 0 0 1 1 1 0 0
0 0 0 0 1 1 1 0
1 0 1 0 1 1 0 1
1 1 0 1 0 1 1 0
0 0 0 0 0 1 1 1
0 1 1 0 1 0 1 1
0 0 0 0 0 0 1 1
1 0 1 1 0 1 0 1
0 0 0 0 0 0 0 1
1 1 0 1 1 0 1 0
1 0 0 0 0 0 0 0
0 1 0 0 0 0 0 0
0 0 1 0 0 0 0 0
=
0 0 0 1 0 0 0 0
0 0 0 0 1 0 0 0
=I
0 0 0 0 0 1 0 0
0 0 0 0 0 0 1 0
0 0 0 0 0 0 0 1
2.6. M Affine
MDV l mt trng hp c bit ca MTT ch gm 26 trong s 26! cc

hon v c th ca 26 phn t. Mt trng hp c bit khc ca MTT l m
Affine c m t di y. Trong m Affine, ta gii hn ch xt cc hm m
c dng:
e(x ) = ax + b mod 26
a , b Z 26 . Cc hm ny c gi l cc hm Affine (ch rng khi a = 1 , ta
c MDV).
46
vic gii m c th thc hin c, yu cu cn thit l hm Affine

phi l n nh. Ni cch khc, vi bt k y Z 26 , ta mun c ng nht thc
sau:
ax + b y (mod 26 )
phi c nghim x duy nht. ng d thc ny tng ng vi:

ax y b (mod 26 )
V y thay i trn Z 26 nn y b cng thay i trn Z 26 . Bi vy, ta ch

cn nghin cu phng trnh ng d:
ax y (mod 26 )
(y Z 26 )
Ta bit rng, phng trnh ny c mt nghim duy nht i vi mi y khi

v ch khi UCLN(a , 26 ) = 1 ( y hm UCLN l c chung ln nht ca cc
bin ca n). Trc tin ta gi s rng, UCLN(a , 26 ) = d > 1. Khi , ng d

thc ax 0 (mod 26 ) s c t nht hai nghim phn bit trong Z 26 l x = 0 v
x = 26 d . Trong trng hp ny, e(x ) = ax + b mod 26 khng phi l mt hm
n nh v bi vy n khng th l hm m ho hp l.
V d 2.11: Do UCLN(4, 26) = 2 nn 4x + 7 khng l hm m ho hp l: x v
x + 13 s m ho thnh cng mt gi tr i vi bt k x Z 26 .
Ta gi thit UCLN(a , 26 ) = 1 . Gi s vi x1 v x 2 no tho mn:

ax1 ax 2 (mod 26 )
Khi :
a (x1 x 2 ) 0 (mod 26 )
bi vy
26 a (x1 x 2 )
By gi ta s s dng mt tnh cht ca php chia sau: Nu USLN(a , b ) = 1 v

a bc th a c . V 26 a (x1 x 2 ) v UCLN(a , 26 ) = 1 nn ta c:
26
(x 1 x 2 )
tc l
x1 x 2 (mod 26 )
47
Ti y ta chng t rng, nu UCLN(a , 26 ) = 1 th mt ng d thc
dng ax y (mod 26 ) ch c (nhiu nht) mt nghim trong Z 26 . Do , nu
ta cho x thay i trn Z 26 th ax mod 26 s nhn c 26 gi tr khc nhau

theo modulo 26 v ng d thc ax y (mod 26 ) ch c mt nghim y duy
nht.
Khng c g c bit i vi s 26 trong khng nh ny. Bi vy, bng
cch tng t, ta c th chng minh c kt qu sau:
nh l 2.2:
ng d thc ax b mod m ch c mt nghim duy nht x Z m vi mi
b Z m khi v ch khi UCLN(a , m ) = 1 .
V 26 = 2 13 nn cc gi tr a Z 26 tho mn UCLN(a , 26 ) = 1 l a = 1,
3, 5, 7, 9, 11, 15, 17, 19, 21, 23 v 25. Tham s b c th l mt phn t bt k
trong Z 26 . Nh vy , m Affine c 12 26 = 312 kho c th (d nhin, con s
ny l qu nh bo m an ton).
By gi, ta s xt bi ton chung vi modulo m. Ta cn mt nh ngha
khc trong l thuyt s.
nh ngha 2.4:
Gi s a 1 v m 2 l cc s nguyn. UCLN(a , m ) = 1 th ta ni rng a v
m l nguyn t cng nhau . S cc s nguyn trong Z m nguyn t cng nhau

vi m thng c k hiu l (m ) (hm ny c gi l hm phi-Euler) .
Mt kt qu quan trng trong l thuyt s cho ta gi tr ca (m ) theo cc

tha s trong php phn tch theo lu tha cc s nguyn t ca m. (Mt s
nguyn p > 1 l s nguyn t nu n khng c c dng no khc ngoi 1 v
p). Mi s nguyn m > 1 c th phn tch c thnh tch ca cc lu tha cc
s nguyn t theo cch duy nht. V d 60 = 23 3 5 v 98 = 2 7 2 ).
Ta s ghi li cng thc cho (m ) trong nh l sau:
nh l 2.3:
n
Gi s
m=
ei
i
i =1
48
Trong cc s nguyn t p i khc nhau v e i > 0, 1 i n . Khi :

(m ) =
(p
ei
i
e 1
pi i
i =1
nh l ny cho thy rng, s kho trong m Affine trn Z m bng

m(m ) , trong (m ) c cho theo cng thc trn. (S cc php chn ca b
l m v s cc php chn ca a l (m ) vi hm m ho l e(x ) = ax + b ).
V d, khi m = 60, (60 ) = 2 2 4 = 16 v s cc kho trong m Affine l

960.
By gi, ta s xt xem cc php ton gii m trong mt m Affine vi
modulo m = 26. Gi s UCLN(a , 26) = 1 . gii m cn gii phng trnh
ng d y ax + b (mod 26) theo x. T tho lun trn thy rng, phng trnh
ny c mt nghim duy nht trong Z 26 . Tuy nhin, ta vn cha bit mt
phng php hu hiu tm nghim. iu cn thit y l c mt thut
ton hu hiu lm vic . Rt may l mt s kt qu tip sau v s hc
modulo s cung cp mt thut ton gii m hu hiu cn tm.
nh ngha 2.5:
Gi s a Z m . Phn t nghch o (theo php nhn) ca a
l phn t
a 1 Z m sao cho a.a 1 = a 1.a = 1 (mod m ) .
Bng cc l lun tng t nh trn, c th chng t rng a c nghch o

theo modulo m khi v ch khi UCLN(a , m ) = 1 , v nu nghch o ny tn ti
th n phi l duy nht. Ta cng thy rng, nu b = a 1 th a = b 1 . Nu p l s
nguyn t th mi phn t khc khng ca Z p u c nghch o. Mt vnh
trong mi phn t khc 0 u c nghch o c gi l mt trng.
Trong [3] c mt thut ton hu hiu tnh cc nghch o ca Z m vi
m tu . Tuy nhin, trong Z 26 , ch bng phng php th v sai cng c th
tm c cc nghch o ca cc phn t nguyn t cng nhau vi 26: 11 = 1 ,
31 = 9, 5 1 = 21, 7 1 = 15, 111 = 19, 17 1 = 23, 25 1 = 25 . (C th d dng kim
chng li iu ny, v d: 7 5 = 105 1 mod 26 , bi vy 7 1 = 15 ).

Xt phng trnh ng d y ax + b (mod 26) . Phng trnh ny tng
ng vi
ax y b (mod 26 )
49
V UCLN(a , 26 ) = 1 nn a c nghch o theo modulo 26. Nhn c hai v ca

ng d thc vi a 1 , ta c:
a 1 (ax ) a 1 (y b ) (mod 26 )
p dng tnh kt hp ca php nhn modulo:
a 1 (ax ) a 1.a x = 1.x = x
Kt qu l x a 1 (y b ) (mod 26) . y l mt cng thc tng minh cho

x. Nh vy hm gii m l:
d(y ) = a 1 (y b ) mod 26
Hnh 2 .5 cho m t y v m Affine. Sau y l mt v d nh.

V d 2.12:
Gi s k = (7, 3) . Nh nu trn, 7 1 mod 26 = 15 . Hm m ho l:

e k (x ) = 7 x + 3
V hm gii m tng ng l:
d k (x ) = 15(y 3) = 15 y 19
y, tt c cc php ton u thc hin trn Z 26 . Ta s kim tra liu

d k (e k (x )) = x vi mi x Z 26 khng?. Dng cc tnh ton trn Z 26 , ta c:
d k (e k (x )) = d k (7 x + 3)
= 15(7 x + 3) 19
= x + 45 19
=x
Cho P = C = Z26 v gi s:
K = { (a , b ) Z 26 Z 26 : UCLN(a , 26 ) = 1 }
Vi k = ( a, b ) K , ta nh ngha:
e k (x ) = ax + b mod 26
d k (y ) = a 1 (y b ) mod 26
Hnh 2.5: M Affine
50
minh ho, ta hy m ho bn r "hot". Trc tin, bin i cc ch h,

o, t thnh cc thng d theo modulo 26. Ta c cc s tng ng l 7, 14 v
19. By gi s m ho:
7 7 + 3 mod 26 = 52 mod 26 = 0
7 14 + 3 mod 26 = 101 mod 26 = 23
7 19 + 3 mod 26 = 136 mod 26 = 6
Bi vy, ba k hiu ca bn m l 0, 23 v 6, tng ng vi xu k t

AXG. Vic gii m s do bn c thc hin nh mt bi tp.
2.7. CC H MT M TCH
Mt pht minh khc do Shannon a ra trong bi bo ca mnh nm 1949

l tng kt hp cc h mt bng cch to tch ca chng. tng ny c
tm quan trng to ln trong vic thit k cc h mt hin nay (chng hn,
chun m d liu - DES ).
n gin, trong phn ny ch hn ch xt cc h mt trong C = P :
cc h mt loi ny c gi l t ng cu. Gi s S1 = (P , P , K 1 , E1 , D1 ) v
S2 = (P , P , K 2 , E 2 , D 2 ) l hai h mt t ng cu c cng cc khng gian bn
m v r. Khi , tch ca S1 v S2 (k hiu l S1 S2 ) c xc nh l h

mt sau:
(P , P , K 1 K 2 , E , D )
Kho ca h mt tch c dng k = (k1 , k 2 ) trong k1 K 1 v k 2 K 2 .
Cc quy tc m v gii m ca h mt tch c xc nh nh sau: Vi mi
k = (k1 , k 2 ) , ta c mt quy tc m e k xc nh theo cng thc:
e ( k 1 , k 2 ) (x ) = e k 2 e k 1 (x )
v quy tc gii m:
d (k 1 , k 2 ) ( y ) = d k 1 d k 2 ( y )
Ngha l, trc tin ta m ho x bng e k 1 ri m li bn kt qu bng

e k 2 . Qu trnh gii m tng t nhng thc hin theo th t ngc li:
( ( ))
(d k (e k (e k (x ))))
(e k (x ))
d (k 1 , k 2 ) e (k 1 , k 2 ) (x ) = d (k 1 , k 2 ) e k 2 e k 1 (x )
= d k1
= d k1
=x
51
Ta bit rng, cc h mt u c cc phn b xc sut ng vi cc khng

gian kho ca chng. Bi vy, cn phi xc nh phn b xc sut cho khng
gian kho K ca h mt tch. Hin nhin ta c th vit:
p K (k1 , k 2 ) = p K 1 (k1 ) p K 2 (k 2 )
Ni mt cch khc, ta chn k1 c phn b p K 1 ri chn mt cch c lp

k 2 c phn b p K 2 (k 2 ) .
Sau y l mt v d n gin minh ho khi nim h mt tch. Gi s

nh ngha h mt m nhn nh trong hnh 2.6 sau.
Gi s P = C = Z26 v gi s:
K = { a Z26 : UCLN ( a, 26 ) = 1 }
Vi a K , ta xc nh:
e a (x ) = ax mod 26
d a (y ) = a 1 y mod 26
Hnh 2.6: M nhn
Cho M l mt h m nhn (vi cc kho c chn ng xc sut) v S l

MDV ( vi cc kho chn ng xc sut). Khi d dng thy rng M S
chnh l h m Affine (cng vi cc kho c chn ng xc sut). Tuy
nhin, vic chng t S M cng l h m Affine kh hn mt cht (cng vi
cc kha ng xc sut).
Ta s chng minh cc khng nh ny. Mt kho dch vng l phn t
k Z 26 v quy tc gii m tng ng l e k (x ) = x + k mod 26 . Cn kho trong
h m nhn l phn t a Z 26 sao cho UCLN(a , 26) = 1 . Quy tc m tng
ng l e a (x ) = a mod 26 . Bi vy, mt kho trong m tch M S c dng
(a , k ) , trong
e (a , k ) (x ) = ax + k mod 26
y chnh l nh ngha v kho trong h m Affine. Hn na, xc sut

ca mt kho trong h m Affine l: 1 312 = (1 12) (1 26 ) . l tch ca xc
sut tng ng ca cc kho a v k. Bi vy M S l h m Affine.
By gi ta s xt S M . Mt kho ny trong h m ny c dng (k, a ) ,
trong :
e (k , a ) (x ) = a (x + k ) = ax + ak mod 26
52
Nh vy, kho (k, a ) ca m tch S M ng nht vi kho (a , ak ) ca h

m Affine. Vn cn li l phi chng t rng mi kho ca m Affine xut
hin vi cng xc sut 1/312 nh trong m tch S M . Nhn thy rng ak = k1
khi v ch khi k = a 1k1 , ( hy nh li rng UCLN(a , 26) = 1 , bi vy a c phn
t nghch o). Ni cch khc, kho (a , k1 ) ca h m Affine tng ng vi
kho a 1k1 , a ca m tch S M . Bi vy, ta c mt song nh gia hai khng

gian kho. V mi kho l ng xc sut nn c th thy rng S M thc s l
m Affine.
Ta chng minh rng M S = S M . Bi vy, hai h mt l giao hon. Tuy
nhin, khng phi mi cp h mt u giao hon; c th tm ta c cc cp
phn v d. Mt khc ta thy rng php tch lun kt hp:
(S1 S2 ) S3 = S1 (S2 S3 )
Nu ly tch ca mt h mt t ng cu vi chnh n th ta thu c h
mt S S (k hiu l S 2 ). Nu ly tch n ln th h mt kt qu l S n . Ta gi
Sn l h mt lp.
Mt h mt S c gi l lu ng nu S2 = S . C nhiu h mt
nghin cu trong chng ny l h mt lu ng. Chng hn cc h MDV,
MTT, Affine, Hill, Vigenre v hon v u l lu ng. Hin nhin l nu h
mt S l lu ng th khng nn s dng h mt tch S 2 v n yu cu lng
kho ln hn m khng c bo mt cao hn.
Nu mt h mt khng phi l lu ng th c th lm tng mt bng
cch lp nhiu ln. tng ny c dng trong chun m d liu (DES).
Trong DES dng 16 php lp, tt nhin h mt ban u phi l h mt khng
lu ng. Mt phng php c th xy dng cc h mt khng lu ng n
gin l ly tch ca hai h mt n gin khc nhau.
Nht xt:
C th d dng chng t rng, nu c hai h mt S1 v S2 l lu ng v

giao hon th S1 v S2 cng l lu ng. iu ny rt ra t cc php ton i
s sau:
(S1 S2 ) (S1 S2 ) = S1 (S2 S1 ) S2

= S1 (S1 S 2 ) S2
= (S1 S1 ) (S2 S2 )
= S1 S2
(Ch : Dng tnh cht kt hp trong chng minh trn).

53
Bi vy, nu c S1 v S 2 u l lu ng v ta mun S1 S2 l khng lu

ng th iu kin cn l S1 v S 2 khng giao hon.
Rt may mn l nhiu h mt n gin tho mn iu kin trn. K thut
thng c s dng trong thc t l ly tch cc h m kiu thay th v cc
h m kiu hon v.
2.8. Cc h m dng
Trong cc h mt nghin cu trn, cc phn t lin tip ca bn r u

c m ho bng cng mt kho k. Tc xu bn m y nhn c c dng:
y = y1y 2 K = e k (x1 )e k (x 2 )K
Cc h mt thuc dng ny thng c gi l cc m khi. Mt quan

im s dng khc l mt m dng. tng c bn y l to ra mt dng
kho z = z1z 2 K v dng n m ho mt xu bn r x = x1x 2 K theo quy
tc:
y = y1y 2 K = e z1 (x1 )e z 2 (x 2 )K
M dng hot ng nh sau. Gi s k K l kho, v x = x1x 2 K l xu

bn r. Hm f i c dng to z i ( z i l phn t th i ca dng kho), trong
f i l mt hm ca kho k v i 1k t u tin ca bn r:
z i = f i (k , x1 , K , x i 1 )
Phn t z i ca dng kho c dng m x i to ra yi = eiz (x i ) . Bi

vy, m ho xu bn r x1x 2 K ta phi tnh lin tip z1 , y1 , z 2 , y 2 , K
Vic gii m xu bn m y1y 2 K c th c thc hin bng cch tnh
lin tip z1 , x1 , z 2 , x 2 , K
Sau y l nh ngha di dng ton hc:
nh ngha 2.6.
Mt m dng l mt b (P , C , K , L , F , E , D ) tho mn cc iu kin sau:
1.
2.
3.
4.
5.
P l mt tp hu hn cc bn r c th.
C l tp hu hn cc bn m c th.
K l tp hu hn cc kho c th (khng gian kho)
L l tp hu hn cc b ch ca dng kho.
F = ( f1f 2 K) l b to dng kho . Vi i 1
54
f i : K P i1 L
6. Vi mi z L c mt quy tc m ez E v mt quy tc gii m tng
ng d z D . ez : P C
v d z : C P
l cc hm tho mn
d z (e z (x )) = x vi mi bn r x P .
Ta c th coi m khi l mt trng hp c bit ca m dng, trong

dng kho khng i: Zi = k vi mi i 1 .
Sau y l mt s dng c bit ca m dng cng vi cc v d minh
ho. M dng c gi l ng b nu dng kho khng ph thuc vo xu
bn r, tc l nu dng kho c to ra ch l hm ca kho k. Khi , ta coi
k l mt "mm" m rng thnh dng kho z1z 2 K
Mt h m dng c gi l tun hon vi chu k d nu z i + d = z i vi mi
s nguyn i 1 . M Vigenre vi di t kho m c th coi l m dng tun
hon vi chu k m. Trong trng hp ny, kho l k = (k1 , K , k m ) . Bn thn
k s to m phn t u tin ca dng kho: z i = k i , 1 i m . Sau , dng
kho s t lp li. Nhn thy rng, trong m dng tng ng vi mt m
Vigenre, cc hm m v gii m c dng ging nh cc hm m v gii
m c dng trong MDV:
e z (x ) = x + z v d z (y ) = y z
Cc m dng thng c m t trong cc b ch nh phn tc l
P = C = L = Z2 . Trong trng hp ny, cc php ton m v gii m l php
cng theo modulo 2.
e z (x ) = x + z mod 2 v d z (y ) = y z mod 2
Nu ta coi "0" biu th gi tr "sai" v "1" biu th gi tr "ng" trong i

s Boolean th php cng theo modulo 2 s ng vi php hoc c loi tr. Bi
vy, php m (v gii m ) d dng thc hin bng mch cng.
Ta xem xt mt phng php to mt dng kho (ng b) khc. Gi s
bt u vi (k1 , K , k m ) v z i = k i , 1 i m (cng ging nh trc y), tuy
nhin by gi ta to dng kho theo mt quan h quy tuyn tnh cp m:
m 1
zi + m =
c z
j i+ j
mod 2
j= 0
trong c 0 , K , c m 1 Z 2 l cc hng s cho trc.

Nhn xt:
55
Php quy c ni l c bc m v mi s hng ph thuc vo m s

hng ng trc. Php quy ny l tuyn tnh bi v Zi + m l mt hm tuyn
tnh ca cc s hng ng trc. Ch ta c th ly c 0 = 1 m khng lm mt
tnh tng qut. Trong trng hp ngc li, php quy s l c bc m- 1.
y kho k gm 2m gi tr k1 , K , k m , c 0 , K , c m 1 . Nu (k1 , K , k m ) =
(0, K , 0) th dng kho s cha ton cc s 0. D nhin phi trnh iu ny v

khi bn m s ng nht vi bn r. Tuy nhin, nu chn thch hp cc
hng s c 0 , K , c m 1 th mt vector khi u bt k khc (k1 , K , k m ) s to
nn mt dng kho c chu k 2 m 1. Bi vy, mt kho ngn s to nn mt
dng kho c chu k rt ln. y l mt tnh cht rt ng lu tm v ta s
thy phn sau, mt m Vigenre c th b thm nh tn dng yu t dng
kho c chu k ngn.
Sau y l mt v d minh ho:
V d 2.13:
Gi s m = 4 v dng kho c to bng quy tc:

z i + 4 = z i + z i +1 mod 2
Nu dng kho bt u mt vector bt k khc vi vector (0, 0, 0, 0) th ta thu

c dng kho c chu k 15 . V d bt u bng vector (1, 0, 0, 0) , dng
kho s l:
1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 1
Mt vector khi u khc khng bt k khc s to mt hon v vng (cyclic)
ca cng dng kho.
Mt hng ng quan tm khc ca phng php to dng kho hiu qu
bng phn cng l s dng b ghi dch hi tip tuyn tnh (hay LFSR). Ta
dng mt b ghi dch c m tng. Vector (k1 , K , k m ) s c dng khi to
(t cc gi tr ban u) cho thanh ghi dch. mi n v thi gian, cc php
ton sau s c thc hin ng thi.
1. k1 c tnh ra dng lm bit tip theo ca dng kho.
2. k 2 , K , k m s c dch mt tng v pha tri.
3. Gi tr mi ca k m s c tnh bng:
m 1
c k
j j+1
j= 0
(y l hi tip tuyn tnh).

56
Ta thy rng, thao tc tuyn tnh s c tin hnh bng cch ly tn hiu
ra t mt s tng nht nh ca thanh ghi (c xc nh bi cc hng s c j
c gi tr "1") v tnh tng theo modulo 2 (l php hoc loi tr). Hnh 2.7 cho
m t ca LFSR dng to dng kho cho v d 2.13.
k1
k2
k3
k4
Hnh 2.7: Thanh ghi dch hi tip tuyn tnh (LFSR)
Mt v d v m dng khng ng b l m kho t sinh c cho hnh

2.8. Hnh nh mt m ny do Vigenre xut.
Cho P = C = K = L = Z26
Cho z1 = k v z i = x i 1 (i 2 )
Vi 0 z 25 , ta xc nh
e z (x ) = x + z mod 26
d z (y ) = y z mod 26
(x, y Z 26 )
Hnh 2.8: Mt m kho t sinh
L do s dng thut ng "kho t sinh" l ch bn r c dng lm

kho (ngoi "kho khi thu" ban u k).
Sau y l mt v d minh ho.
V d 2.14:
Gi s kho l k = 8 v bn r l rendezvous. Trc tin, ta bin i bn

r thnh dy cc s nguyn:
17 4 13 3 4 25 21 14 20 18
Dng kho nh sau:
8 17 4 13 3 4 25 21 14 20
By gi ta cng cc phn t tng ng ri rt gn theo modulo 26:
57
25 21 17 16 7 3 20 9 8 12
Bn m dng k t l: ZVRQHDUJIM .
By gi ta xem Bob gii m bn m ny nh th no. Trc tin, Bob bin i
xu k t thnh dy s:
25 21 17 16 7 3 20 9 8 12
Sau anh ta tnh:
x1 = d 8 (25) = 25 8 mod 26 = 17
x 2 = d17 (21) = 21 17 mod 26 = 4
v c tip tc nh vy.
Mi khi Bob nhn c mt k t ca bn r, c ta s dng n lm phn t
tip theo ca dng kho.
D nhin l m dng kho t sinh l khng an ton do ch c 26 kho.
2.9. Chun m d liu
2.9.1. M u
Ngy 15.5.1973. U ban tiu chun quc gia M cng b mt khuyn

ngh cho cc h mt trong H s qun l lin bang. iu ny cui cng dn
n s pht trin ca Chun m d liu (DES) v n tr thnh mt h mt
c s dng rng ri nht trn th gii. DES c IBM pht trin v c
xem nh mt ci bin ca h mt LUCIPHER. DES c cng b ln u tin
trong H s Lin bang vo ngy 17.3.1975. Sau nhiu cuc tranh lun cng
khai, DES c chp nhn chn lm chun cho cc ng dng khng c
coi l mt vo 5.1.1977. K t c 5 nm mt ln, DES li c U ban
Tiu chun Quc gia xem xt li. Ln i mi gn y nht ca DES l vo
thng 1.1994 v sau l 1998. Ti thng 10.2000 DES khng cn l chun
m d liu na.
2.9.2. M t DES
M t y ca DES c nu trong Cng b s 46 v cc chun x l

thng tin Lin bang (M) vo 15.1.1977. DES m ho mt xu bit x ca bn
r di 64 bng mt kho 56 bit. Bn m nhn c cng l mt xu bit c
di 64. Trc ht ta m t mc cao v h thng.
Thut ton tin hnh theo 3 giai on:
1.Vi bn r cho trc x, mt xu bit x 0 s c xy dng bng cch
hon v cc bit ca x theo php hon v c nh ban u IP. Ta vit:
58
x 0 = IP(x ) = L 0 R 0 , trong L 0 gm 32 bit u v R 0 l 32 bit cui.
2. Sau tnh ton 16 ln lp theo mt hm xc nh. Ta s tnh Li R i ,

1 i 16 theo quy tc sau:
L i = R i 1
R i = L i 1 f (R i 1 , k i )
trong k hiu php hoc loi tr ca hai xu bit (cng theo modulo 2). f
l mt hm m ta s m t sau, cn k1 , k 2 , K , k16 l cc xu bit di 48
c tnh nh hm ca kho k. ( trn thc t mi k i l mt php chn hon v
bit trong k).
k1 , k 2 , K , k16 s to thnh bng kho. Mt vng ca php m ho c m t
trn hnh 2.9.

L i 1
R i 1
Ki
+
Li
Ri
Hnh 2.9: Mt vng ca DES
3. p dng php hon v ngc IP 1 cho xu bit R16 L16 , ta thu c

bn m y. Tc l y = IP 1 (R16 L16 ) . Hy ch th t o ca L16 v R16 .
Hm f c hai bin vo: bin th nht A l xu bit di 32, bin th hai J
l mt xu bit di 48. u ra ca f l mt xu bit di 32. Cc bc sau
c thc hin:
1. Bin th nht A c m rng thnh mt xu bit di 48 theo mt
hm m rng c nh E. E(A ) gm 32 bit ca A (c hon v theo cch c
nh) vi 16 bit xut hin hai ln.
2. Tnh E (A ) J v vit kt qu thnh mt chui 8 xu 6 bit l
B1B 2 B3 B 4 B5 B6 B7 B8 .
3.Bc tip theo dng 8 bng S1 , S2 , K, S8 ( c gi l cc hp S ).
Vi mi Si l mt bng 416 c nh c cc hng l cc s nguyn t 0 n
15. Vi xu bit c di 6 (k hiu Bi = b1b 2 b3b 4 b5 b 6 ), ta tnh S j (B j ) nh

59
sau: hai bit b1b 6 xc nh biu din nh phn ca hng r ca S j (0 r 3) v

bn bit (b 2 b 3b 4 b5 ) xc nh biu din nh phn ca ct c ca S j (0 c 15) .
Khi , S j (B j ) s xc nh phn t S j (r, c ) ; phn t ny vit di dng nh

phn l mt xu bit c di 4. (Bi vy, mi S j c th c coi l mt hm
m m u vo l mt xu bit c di 2 v mt xu bit c di 4, cn u
ra l mt xu bit c di 4). Bng cch tng t tnh cc
C j = S j (B j ), 1 j 8 .
4. Xu bit C = C1C 2 K C8 c di 32 c hon v theo php hon v
c nh P. Xu kt qu l P(C ) c xc nh l f (A, J ) .
A
E(A)
B1
B2
B3
B4
B5
B6
B7
B8
S1
S2
S3
S4
S5
S6
S7
S8
c1
c2
c3
c4
c5
c6
c7
c8
f(A, J)
Hnh 2.10: Hm f ca DES
Hm f c m t trong hnh 2.10. Ch yu n gm mt php th (s

dng hp S), tip sau l php hon v P. 16 php lp ca f s to nn mt h
mt tch nu nh phn 2.5.
Trong phn cn li ca mc ny, ta s m t hm c th c dng
trong DES. Php hon v ban u IP nh sau:
60
58
60
62
64
57
59
61
63
50
52
54
56
49
51
53
55
42
44
46
48
41
43
45
47
IP
34 26
36 28
38 30
40 32
33 25
35 27
37 29
39 31
18
20
22
24
17
19
21
23
10
12
14
16
9
11
13
15
2
4
6
8
1
3
5
7
Bng ny c ngha l bit th 58 ca x l bit u tin ca IP(x ) ; bit th

50 ca x l bit th hai ca IP(x ) , .v.v . . .
Php hon vi ngc IP 1 l:
40
39
38
37
36
35
34
33
8
7
6
5
4
3
2
1
48
47
46
45
44
43
42
41
IP -1
16 56
15 55
14 54
13 53
12 52
11 51
10 50
9 49
24
23
22
21
20
19
18
17
64
63
62
61
60
59
58
57
32
31
30
29
28
27
26
25
Hm m rng E c xc inh theo bng sau:

32
4
8
12
16
20
24
28
Bng chn E bit

1 2 3 4
5 6 7 8
9 10 11 12
13 14 15 16
17 18 19 20
21 22 23 24
25 26 27 28
29 30 31 32
5
9
13
17
21
25
29
1
Tm hp S l:
S1
14 4
0 15
4
1
15 12
13
7
14
8
1 2
4 14
8 13
2 4
15
2
6
9
11 8 3 10 6
13 1 10
6 12
2 11 15 12 9
1 7 5 11 3
61
12 5 9
11 9 5
7 3 10
14 10 0
0 7
3 8
5 0
6 13
S2
15 1 8
3 13 4
0 14 7
13 8 10
14 6
7 15
11 10
1 3
11 3 4 9
2 8 14 12
4 13 1 5
15 4 2 11
7 2 13 12
0 1 10 6
8 12 6 9
6 7 12 0
0
9
3
5
5 10
11 5
2 15
14 9
S3
10 0 9
13 7 0
13 6 4
1 10 13
7 13 14
13 8 11
10 6 9
3 15 0
14
9
9
0
6
3
8
6
5 1 13 12 7 11 4
2
10 2 8 5 14 12 11 15
0 11 1 2 12 5 10 14
7 4 15 14 3 11 5 2
3 0 6 9 10
5 6 15 0 3
0 12 11 7 13
6 10 1 13 8
2 12 4 1 7
14 11 2 12 4
4
2 1 11 10
11 8 12 7 1
12 1 10 15
10 15 4 2
9 14 15 5
4
3 2 12
4
13
1
6
3 15
4 6
15 3
9 8
9
7
2
9
11 2 14 15
0 11 7 4
4 11 13 12
11 13 8 1
10 11
7 13
13 7
14 2
2
7
1
4
8 5 11 12 4 15
2 12 1 10 14 9
3 14 5 2 8 4
5 11 12 7 2 14
S5
6 8 5
1 5 0
8 15 9
13 6 15
3 15 13 0 14 9
15 10 3 9
8 6
12 5 6 3
0 14
0
9 10 4
5 3
2 6 8
12 9 5
8 12 3
5 15 10
0 8
9 1
3 7
4 10
S4
1
4
15
9
8
1
7
12
S6
0 13 3 4 14 7 15 11
6
1 13 14 0 11 3 8
7
0 4 10 1 13 11 6
11 14 1 7
6 0
8 13
S7
13 3 12
10 14 3
14 10 15
7
9 5
62
9 7 5 10
5 12 2 15
6 8 0
5
0 15 14
2
6 1
8 6
9 2
3 12
13 2 8
1 15 13
7 11 4
2 1 14
4 6 15 11 1
8 10 3 7 4
1 9 12 14 2
7 4 10 8 13
S8
10
12
0
15
9 3 14 5 0 12
5 6 11 0 14 9
6 10 13 15 3 5
12 9 0 3
5 6
7
2
8
11
V php hon v P c dng:
P
16
29
1
5
32
19
22
7
12
15
18
27
13
11
20
28
23
31
3
30
4
21
17
26
10
9
6
25
Cui cng, ta cn m t vic tnh ton bng kho t kho k. Trn thc t,
k l mt xu bit di 64, trong 56 bit l kho v 8 bit kim tra tnh
chn l nhm pht hin sai. Cc bit cc v tr 8,16, . . ., 64 c xc nh sao
cho mi byte cha mt s l cc s "1". Bi vy, mt sai st n l c th pht
hin c trong mi nhm 8 bit. Cc bit kim tra b b qua trong qu trnh
tnh bng kho.
1. Vi mt kho k 64 bit cho trc, ta loi b cc bit kim tra tnh chn
l v hon v cc bit cn li ca k theo php hon v c nh PC-1. Ta
vit:
PC 1(k ) = C 0 D 0
2. Vi i thay i t 1 n 16:
Ci = LSi (C i 1 )
D i = LSi (D i 1 )
Vic tnh bng kho c m t trn hnh 2.11
63
K
PC - 1
C0
D0
LS1
LS1
C0
D0
LS16
LS16
C16
D 16
PC - 2
K1
PC - 2
K16
Hnh 2.11: Tnh bng kho DES
Cc hon v PC-1 v PC-2 c dng trong bng kho l:
57
1
10
19
63
7
14
21
49 41
58
50
2
59
11
3
55 47
62 54
6
61
13
5
14
3
23
16
41
30
44
46
17
28
19
7
52
40
49
42
PC-1
33
42
51
60
39
46
53
28
PC-2
11 24
15
6
12
4
27 20
31 37
51 45
39 56
50 36
64
25
34
43
52
31
38
45
20
1
21
26
13
47
33
34
29
17
26
35
44
23
30
37
12
9
18
27
36
15
22
29
4
5
10
8
2
55
48
53
32
By gi ta s a ra bng kho kt qu. Nh ni trn, mi vng s

dng mt kho 48 bit gm 48 bit nm trong K. Cc phn t trong cc bng
di y biu th cc bit trong K trong cc vng kho khc nhau.
Vng 1
10 51 34 60 49 17 33 57 2 9
3 35 26 25 44 58 59 1 36 27
22 28 39 54 37 4 47 30 5 53
61 21 38 63 15 20 45 14 13 62
19
18
23
55
42
41
29
31
2 43 26 52 41
60 27 18 17 36
14 20 31 46 29
53 13 30 55 7
Vng 2
9 25 49
50 51 58
63 39 22
12 37 6
51
44
61
37
Vng 3
58 9 33 43 50 60 18
34 35 42 41 3 59 17
47 23 6 12 29 62 5
63 21 53 20 38 31 7
35
57
45
21
19
41
29
5
27 10
11 2
4 15
28 14
11
60
55
12
60
44
39
63
36
1
30
39
25
49
13
54
59 1 11 34
57 19 10 33
28 45 15 21
5 54 47 23
Vng 4
9 42 58 17 27 34 44 2
33 18 19 26 25 52 43 1
28 31 7 53 63 13 46 20
38 47 5 37 4 22 15 54
59
51
62
61
49
50
14
23
43
35
46
45
Vng 5
33 58 26 42 1 11 18 57 51
34 17 2 3 10 9 36 27 50
61 12 15 54 37 47 28 30 4
7 22 31 20 21 55 6 62 38
Vng 6
3 44 27 17 42 10 26
25 57 19 18 1 51 52
13 23 30 45 63 62 38
20 47 29 54 6 15 4
65
50 60 2 41 35
59 58 49 11 34
21 31 12 14 55
5 39 53 46 22
Vng 7
52 57 11 1 26 59 10 34 44 51 25 19
9 41 3 2 50 35 36 43 42 33 60 18
28 7 14 29 47 46 22 5 15 63 61 39
4 31 13 38 53 62 55 20 23 37 30 6
36
58
12
55
41
25
54
15
Vng 8
60 50 10 43 59 18 57 35 9 3
52 51 34 19 49 27 26 17 44 2
61 13 31 30 6 20 62 47 45 23
28 22 37 46 39 4 7 21 14 53
Vng 9
57 33 52 42 2 35 51 10 49 27 1 60
50 17 44 43 26 11 41 19 18 9 36 59
4 46 53 5 23 22 61 12 54 39 37 15
47 7 20 14 29 38 31 63 62 13 6 45
Vng 10
41 17 36 26 51 19 35 59 33 11 50 44
34 1 57 27 10 60 25 3 2 58 49 43
55 30 37 20 7 6 45 63 38 23 21 62
31 54 4 61 13 22 15 47 46 28 53 29
25 1 49 10
18 50 41 11
39 14 21 4
15 38 55 45
Vng 11
35 3 19 43 17 60
59 44 9 52 51 42
54 53 29 47 22 7
28 6 62 31 30 12
34 57
33 27
5 46
37 13
Vng 12
9 50 33 59 19 52 3 27 1 44 18 41
2 34 25 60 43 57 58 36 35 26 17 11
23 61 5 55 38 37 13 31 6 54 20 30
62 22 39 29 12 53 46 15 14 63 21 28
58 34 17 43 3
51 18 9 44 27
7 45 20 39 22
46 6 23 13 63
Vng 13
36 52 11
41 42 49
21 28 15
37 30 62
66
50
19
53
61
57
10
38
47
2
1
4
5
25
60
14
12
27
57
23
28
Vng 14
52 49 36 60 34 41 51
11 25 26 33 3 59 50
6 5 12 62 37 22 55
47 21 14 46 45 31 20
42
35
54
30
18 1
2 58
29 4
53 7
26
19
38
14
Vng 15
2 50 11 36 33 49 44
51 42 41 60 9 10 17
13 55 7 53 20 63 46
37 54 12 31 5 61 30
18
52
21
29
25
43
6
15
9
44
61
63
35 58
34 57
39 45
4 47
Vng 16
18 59 42 3 57 25 41 36 10 17 27
11 43 34 33 52 1 2 9 44 35 26
30 5 47 62 45 12 55 38 13 61 31
6 29 46 4 23 28 53 22 21 7 63
50
49
37
39
Php gii m c thc hin nh dng cng thut ton nh php m nu

u vo l y nhng dng bng kho theo th t ngc li K16,...K1. u ra ca
thut ton s l bn r x.
2.9.3. Mt v d v DES.
Sau y l mt v d v php m DES. Gi s ta m bn r ( dng m
hexa- h m 16):
0123456789ABCDEF
Bng cch dng kho
123457799BBCDFF1
Kho dng nh phn ( khng cha cc bit kim tra) l:
00010010011010010101101111001001101101111011011111111000
S dng IP, ta thu c L 0 v R 0 ( dng nh phn) nh sau:
L0 = 11001100000000001100110011111111
L1 =R0 = 11110000101010101111000010101010
Sau thc hin 16 vng ca php m nh sau:

E(R0) = 011110100001010101010101011110100001010101010101
K1 = 000110110000001011101111111111000111000001110010
E(R0) K1 = 011000010001011110111010100001100110010100100111
S-box outputs 01011100100000101011010110010111
f(R0,K1) = 00100011010010101010100110111011
L2 = R1 = 11101111010010100110010101000100
67
E(R1) = 011101011110101001010100001100001010101000001001
K2 = 011110011010111011011001110110111100100111100101
E(R1) K2 = 000011000100010010001101111010110110001111101100
S-box outputs 11111000110100000011101010101110
f(R1,K2) = 00111100101010111000011110100011
L3 = R2 = 11001100000000010111011100001001
E(R2) = 111001011000000000000010101110101110100001010011
K3 = 010101011111110010001010010000101100111110011001
E(R2) K3 = 101100000111110010001000111110000010011111001010
S-box outputs 00100111000100001110000101101111
f(R2,K3) = 01001101000101100110111010110000
L4 =R3 = 10100010010111000000101111110100
E(R3) =01010000010000101111100000000101011111111010100
K4 = 011100101010110111010110110110110011010100011101
E(R3) K4 = 001000101110111100101110110111100100101010110100
S-box outputs 00100001111011011001111100111010
f(R3,K4) = 10111011001000110111011101001100
L5 = R4 = 01110111001000100000000001000101
E(R4) = 101110101110100100000100000000000000001000001010
K5 = 011111001110110000000111111010110101001110101000
E(R4) K5 = 110001100000010100000011111010110101000110100010
S-box outputs 01010000110010000011000111101011
f(R4,K5) = 00101000000100111010110111000011
L6 = R5 = 10001010010011111010011000110111
E(R5) = 110001010100001001011111110100001100000110101111
K6 = 011000111010010100111110010100000111101100101111
E(R5) K6 =101001101110011101100001100000001011101010000000
S-box outputs 01000001111100110100110000111101
f(R5,K6) = 10011110010001011100110100101100
L7 = R6 = 11101001011001111100110101101001
E(R6) = 111101010010101100001111111001011010101101010011
K7 = 111011001000010010110111111101100001100010111100
E(R6) K7 = 000110011010111110111000000100111011001111101111
S- box outputs 00010000011101010100000010101101
f(R6,K7) = 10001100000001010001110000100111
L8 = R7 = 00000110010010101011101000010000
E(R7) = 000000001100001001010101010111110100000010100000
K8 = 111101111000101000111010110000010011101111111011
E(R7) K8 = 111101110100100001101111100111100111101101011011
S-box outputs 01101100000110000111110010101110
f(R7,K8) = 00111100000011101000011011111001
L9 = R8 = 11010101011010010100101110010000
68
E(R8) = 011010101010101101010010101001010111110010100001
K9 = 111000001101101111101011111011011110011110000001
E(R8) K9 = 100010100111000010111001010010001001101100100000
S-box outputs 00010001000011000101011101110111
f(R8,K9) = 00100010001101100111110001101010
L10 = R9 = 00100100011111001100011001111010
E(R9) = 000100001000001111111001011000001100001111110100
K10 = 101100011111001101000111101110100100011001001111
E(R9) K10 = 101000010111000010111110110110101000010110111011
S-box outputs 11011010000001000101001001110101
f(R9,K10) = 01100010101111001001110000100010
L11 = R10 = 10110111110101011101011110110010
E(R10) = 010110101111111010101011111010101111110110100101
K11 = 001000010101111111010011110111101101001110000110
E(R10) K11 = 011110111010000101111000001101000010111000100011
S-box outputs 01110011000001011101000100000001
f(R10,K11) = 11100001000001001111101000000010
L12 = R11 = 11000101011110000011110001111000
E(R11) = 011000001010101111110000000111111000001111110001
K12 = 011101010111000111110101100101000110011111101001
E(R11) K12 = 000101011101101000000101100010111110010000011000
S-box outputs 01110011000001011101000100000001
f(R11,K12) = 11000010011010001100111111101010
L13 = R12 = 01110101101111010001100001011000
E(R12) = 001110101011110111111010100011110000001011110000
K13 = 100101111100010111010001111110101011101001000001
E(R12) K13 = 101011010111100000101011011101011011100010110001
Sbox outputs 10011010110100011000101101001111
f(R12,K13) = 11011101101110110010100100100010
L14 = R13 = 00011000110000110001010101011010
E(R13) = 000011110001011000000110100010101010101011110100
K13 = 010111110100001110110111111100101110011100111010
E(R13) K14 = 010100000101010110110001011110000100110111001110
S-box outputs 01100100011110011001101011110001
f(R13,K14) = 10110111001100011000111001010101
L15 = R14 = 11000010100011001001011000001101
E(R14) = 111000000101010001011001010010101100000001011011
K15 = 101111111001000110001101001111010011111100001010
E(R14) K15 = 010111111100010111010100011101111111111101010001
S-box outputs 10110010111010001000110100111100
f(R14,K15) = 01011011100000010010011101101110
R15 = 01000011010000100011001000110100
69
E(R15) = 001000000110101000000100000110100100000110101000
K16 = 110010110011110110001011000011100001011111110101
E(R15) K16 = 111010110101011110001111000101000101011001011101
S-box outputs 10100111100000110010010000101001
f(R15,K16) = 11001000110000000100111110011000
R16 = 00001010010011001101100110010101
Cui cng, p dng IP 1 vo L16 , R16 ta nhn c bn m hexa l:

85E813540F0AB405
2.9.4. Mt s kin tho lun v DES.
Khi DES c xut nh mt chun mt m, c rt nhiu kin ph
phn. Mt l do phn i DES c lin quan n cc hp S. Mi tnh ton lin
quan n DES ngoi tr cc hp S u tuyn tnh, tc vic tnh php hoc loi
tr ca hai u ra cng ging nh php hoc loi tr ca hai u vo ri tnh
ton u ra. Cc hp S - cha ng thnh phn phi tuyn ca h mt l yu t
quan trng nht i vi mt ca h thng (Ta thy l cc h mt tuyn
tnh - chng hn nh Hill - c th d dng b m thm khi b tn cng bng
bn r bit). Tuy nhin, tiu chun xy dng cc hp S khng c bit
y . Mt s ngi gi l cc hp S phi cha cc "ca sp" c du
kn, cho php Cc An ninh Quc gia M (NSA) gii m c cc thng bo
nhng vn gi c mc an ton ca DES. D nhin ta khng th bc b
c khng nh ny, tuy nhin khng c mt chng c no c a ra
chng t rng trong thc t c cc ca sp nh vy.
Nm 1976 NSA khng nh rng, cc tnh cht sau ca hp S l tiu
chun thit k:
- Mi hng trong mi hp S l mt hon v ca cc s nguyn 0, 1, . . . , 15.
- Khng mt hp S no l mt hm Affine hoc tuyn tnh cc u vo ca
n.
- Vic thay i mt bit vo ca S phi to nn s thay i t nht l hai bit ra.
- i vi hp S bt k v vi u vo x bt k S(x ) v S(x 001100) phi
khc nhau ti thiu l hai bit (trong x l xu bit di 6).
Hai tnh cht khc nhau sau y ca cc hp S c th coi l c rt ra t tiu
chun thit k ca NSA.
- Vi hp S bt k, u vo x bt k v vi e, f { 0, 1 } : S(x ) S(x 11ef 00 ) .
- Vi hp S bt k, nu c nh mt bit vo v xem xt gi tr ca mt bit u

ra c nh th cc mu vo bit ra ny bng 0 s xp x bng s mu ra
70
bit bng 1. (Ch rng, nu c nh gi tr bit vo th nht hoc bit vo

th 6 th c 16 mu vo lm cho mt bit ra c th bng 0 v c 16 mu vo
lm cho bit ny bng 1. Vi cc bit vo t bit th hai n bit th 5 th iu
ny khng cn ng na. Tuy nhin, phn b kt qu vn gn vi phn b
u. Chnh xc hn, vi mt hp S bt k, nu ta c nh gi tr ca mt bit
vo bt k th s mu vo lm cho mt bit ra c nh no c gi tr 0
(hoc 1) lun nm trong khong t 13 n 19).
Ngi ta khng bit r l liu c cn mt chun thit k no y hn
c dng trong vic xy dng hp S hay khng.
S phn i xc ng nht v DES chnh l kch thc ca khng gian
kho: 256 l qu nh m bo an ton thc s. Nhiu thit b chuyn dng
c xut nhm phc v cho vic tn cng vi bn r bit. Php tn
cng ny ch yu thc hin tm kho theo phng php vt cn. Tc vi bn
r x 64 bit v bn m y tng ng, mi kho u c th c kim tra cho ti
khi tm c mt kho k tho mn e k (x ) = y . (Cn ch l c th c nhiu
hn mt kho k nh vy).
Ngay t nm 1977, Diffie v Hellman gi rng c th xy dng mt
chip VLSI (mch tch hp mt ln) c kh nng kim tra c
106kho/giy. Mt my c th tm ton b khng gian kho c 106 trong
khong 1 ngy. H c tnh chi ph to mt my nh vy khong 2.107$.
Trong cuc hi tho ti hi ngh CRYPTO'93, Michael Wiener a ra
mt thit k rt c th v my tm kho. My ny xy dng trn mt chip tm
kho, c kh nng thc hin ng thi 16 php m v tc ti 5107
kho/giy. Vi cng ngh hin nay, chi ph ch to khong 10,5$/chip. Gi
ca mt khung my cha 5760 chip vo khong 100.000$ v nh vy n c
kh nng tm ra mt kho ca DES trong khong 1,5 ngy. Mt thit b dng
10 khung my nh vy c gi chng 106 $ s gim thi gian tm kim kho
trung bnh xung cn 3,5 gi.
Mc d vic m t DES kh di dng song ngi ta c th thc hin DES
rt hu hiu bng c phn cng ln phn mm. Cc php ton duy nht cn
c thc hin l php hoc loi tr cc xu bit. Hm m rng E, cc hp S,
cc hon v IP v P v vic tnh ton cc gi tri K1 , K , K16 u c th thc
hin c cng lc bng tra bng (trong phn mm) hoc bng cch ni cng
chng thnh mt mch.
Cc ng dng phn cng hin thi c th t c tc m ho cc
nhanh. Cng ty Digital Equipment thng bo ti hi ngh CRYPTO'92 rng
71
h ch to mt chip c 50 ngn tranzistor c th m ho vi tc 1 Gbit/s

bng cch dng nhp c tc 250MHz. Gi ca chip ny vo khong 300$.
Ti nm 1991 c 45 ng dng phn cng v chng trnh c s ca DES
c U ban tiu Chun quc gia M (NBS) chp thun.
Mt ng dng quan trng ca DES l trong giao dch ngn hng M (ABA) DES c dng m ho cc s nh danh c nhn (PIN) v vic
chuyn ti khon bng my th qu t ng (ATM). DES cng c H thng
chi tr gia cc nh bng ca Ngn hng hi oi (CHIPS) dng xc thc
cc giao dch vo khong trn 1,51012 USA/tun. DES cn c s dng
rng ri trong cc t chc chnh ph. Chng hn nh B nng lng, B T
php v H thng d tr lin bang.
2.9.5. Cc ch hot ng ca DES
C 4 ch lm vic c pht trin cho DES: Ch quyn m in
t (ECB), ch phn hi m (CFB), ch lin kt khi m (CBC) v ch
phn hi u ra (OFB). Ch ECB tng ng vi cch dng thng thng
ca m khi: vi mt dy cc khi bn r cho trc x1 , x 2 , K ( mi khi c
64 bit), mi x i s c m ho bng cng mt kho k to thnh mt chui

cc khi bn m y1 , y 2 , K theo quy tc y i = e k (y i 1 x i ), i 1 . Vic s dng
ch CBC c m t trn hnh 2.12.
Trong cc ch OFB v CFB dng kho c to ra s c cng mod
2 vi bn r (tc l n hot ng nh mt h m dng, xem phn 3.8). OFB
thc s l mt h m dng ng b: dng kho c to bi vic m lp
vector khi to 64 bit (vector IV). Ta xc nh z 0 = IV v ri tnh dng kho
z1 , z 2 , K theo quy tc z i = e k (z i 1 ), i 1 . Dy bn r x1 , x 2 , K sau s
c m ho bng cch tnh y i = x i z i , i 1 .
72
x1
x2
ek
ek
y1
y2
y1
y2
dk
dk
IV = y 0
Gii m
(Decrypt)
x1
x2
IV = y 0
M ho
(Encrypt)
Hnh 2.12: Ch CBC

x2
x1
IV = y 0
ek
ek
M ho
(Encrypt)
IV = y 0
ek
y1
y2
y1
y2
ek
Gii m
(Decrypt)
x1
x2
Hnh 2.13: Ch CFB
73
Trong ch CFB, ta bt u vi y 0 = IV (l mt vector khi to 64 bit)

v to phn t z i ca dng kho bng cch m ho khi bn m trc . Tc
z i = e k (y i 1 ), i 1 . Cng nh trong ch OFB: y i = x i z i , i 1 . Vic s
dng CFB c m t trn hnh 2.13 (ch rng hm m DES e k c dng

cho c php m v php gii m cc ch CFB v OFB).
Cng cn mt s bin tu ca OFB v CFB c gi l cc ch phn
hi k bit (1 < k < 64 ) . y, ta m t cc ch phn hi 64 bit. Cc ch
phn hi 1 bit v 8 bit thng c dng trong thc t cho php m ho
ng thi 1 bit (hoc byte) s liu.
Bn ch cng tc c nhng u, nhc im khc nhau. ch ECB
v OFB, s thay i ca mt khi bn r x i 64 bit s lm thay i khi bn
m yi tng ng, nhng cc khi bn m khc khng b nh hng. Trong
mt s tnh hung, y l mt tnh cht ng mong mun. V d, ch OFB
thng c dng m khi truyn v tinh.
Mt khc cc ch CBC v CFB, nu mt khi bn r x i b thay i
th y i v tt c cc khi bn m tip theo s b nh hng. Nh vy cc ch
CBC v CFB c th c s dng rt hiu qu cho mc ch xc thc. c
bit hn, cc ch ny c th c dng to m xc thc bn tin ( MAC message authentication code). MAC c gn thm vo cc khi bn r
thuyt phc Bob tin rng, dy bn r thc s l ca Alice m khng b
Oscar gi mo. Nh vy MAC m bo tnh ton vn (hay tnh xc thc) ca
mt bn tin (nhng tt nhin l MAC khng m bo mt).
Ta s m t cch s dng ch CBC to ra mt MAC. Ta bt u
bng vector khi to IV cha ton s 0. Sau dng ch CBC to cc
khi bn m y1 , K , y n theo kho K. Cui cng ta xc nh MAC l y n . Alice
s pht i dy cc khi bn r x1 , K , x n cng vi MAC. Khi Bob thu c x1.
. .xn anh ta s khi phc li y1 , K , y n bng kho K b mt v xc minh xem
liu y n c ging vi MAC m mnh thu c hay khng?.
Nhn thy Oscar khng th to ra mt MAC hp l do anh ta khng bit
kho K m Alice v Bob ang dng. Hn na Oscar thu chn c dy khi
bn r x1 , K , x n v thay i t nhiu ni dung th th chc chn l Oscar
khng th thay i MAC c Bob chp nhn.
Thng thng ta mun kt hp c tnh xc thc ln bo mt. iu
c th thc hin nh sau: Trc tin Alice dng kho K1 to MAC cho
x1 , K , x n . Sau Alice xc nh x n +1 l MAC ri m ho dy x1 , K , x n +1
74
bng kho th hai K2 to ra bn m y1 , K , y n +1 . Khi Bob thu c

y1 , K , y n +1 , trc tin Bob s gii m (bng K 2 ) v kim tra xem x n +1 c
phi l MAC i vi dy x1 , K , x n dng K1 hay khng.

Ngc li, Alice c th dng K1 m ho x1 , K , x n v to ra c
y1 , K , y n , sau dng K 2 to MAC y n +1 i vi dy y1 , K , y n . Bob s
dng K 2 xc minh MAC v dng K1 gii m y1 , K , y n .

2.9.6. Mt s bin th ca DES
2.9.6.1. DES bi hai (Double DES).
S DES bi hai cho trn H.2.14
M
Bn r
DESK 2 ( )
DESK1 ( )
K1
Bn m
K2
a. M ha DES bi hai
C
Bn m
1
DES K 2 (
DES K1 (
M
Bn r
K1
K2
b. Gii m DES bi hai
Hnh 2.14: M ha v gii m DES bi hai
M ha: C = DESK 2 DESK1 (M )
Gii m: M = DESK1 DESK 2 (C )

1
Mc d c 2
56
s la chn cho kha K1 v 2

112
K 2 . iu ny dn ti c 2
56
s la chn i vi kha
s la chn cho cp kha (K1 , K 2 ) nhng sc
mnh ca DES bi hai khng ln ti mc nh vy.

2.9.6.2. DES bi ba (Triple DES TDES)
75
DES bi hai c th b tn cng bng cch thm m t hai pha theo

xut ca Diffie Hellman. khc phc yu im ny ngi ta xy dng
TDES vi hai kha K1 v K 2 nh sau:
{ [
]}
Gii m: M = DES {DES [DES (C )]}
M ha: C = DESK1 DESK12 DESK1 (M )

1
K1
M
Bn r
DESK1 ( )
K1
K2
1
K1
DESK1 ( )
DES1 ( )
K1
C
Bn m
K1
K2
a. M ha TDES vi hai kha
C
Bn m
DES1 ( )
K1
K1
DESK1 ( )
DESK 2 ( )
M
Bn r
K1
K2
b. Gii m TDES vi hai kha
Hnh 2.15: M ha v gii m TDES vi hai kha

112
Vi TDES vic tm kim vt cn yu cu khong 2
= 5,1923.1033
php tnh TDES, bi vy trn thc t kh c th thm m thnh cng.

2.9.6.3. DES vi cc kha con c lp.
C th s dng DES vi 16 kha con c lp tng mt. Nu 16
vct 48 bt c dng cho cc vng m ha ca DES th ngi ta phi to
mt kha k c di 768 bt. Cch tn cng tm kim vt cn yu cu tm
kim trong khng gian kha c kch thc 2

76
768
. Cch tn cng t hai pha c

384
th gim khng gian tm kim xung 2 , gi tr ny vn cn rt ln trong

thc t. Tuy nhin bng cch s dng thm m vi sai h mt ny c th b ph
vi 2
61
bn r c chn.
2.9.6.4. DES tng qut (Generalize DES - GDES).

Vo nm 1981 Johanmuller Bilch a ra GDES nhm tng tc m
ha. Thut ton GDES c m t trn H. 2.16
Thay cho vic s dng cc khi thng bo 64 bt trong DES, GDES chia
thng bo thnh q khi 32 bt. Gi s m l thng bo c dng m ha
bng GDES.
Trong M i = mi1 , mi 2 , ... mi32

vng lp u tin GDES s m ha khi con 32 bt cui cng:
( )
B0q = M q = m q1 , m q 2 , ... m q 32
bng 1 kha con 48 bt K 1
( ( ) ) { [ ( ( ) )]}
( )
S [K E (B )] biu th php
q
f B 0 , K1 = S K1 E B 0
Trong
( ( ))
q
0
q
K1 E B0 .
thay th trn vct 48 bt
( () )
q
Vct 32 bt kt qu f B0 , K1 sau c cng mod 2 theo tng bt

vi cc ni dung ca (q 1) thanh ghi 32 bt cn li:
( ( ) ) ()
( )
( )
( )
B = f (B , K ) B
( )
B12 = f B0q , K1 B01

3
1
q
0
(q 1)
B1
2
0
(q )
(q 2 )
= f B0 , K1 B0
(q )
(q )
(q 1)
B1 = f B0 , K1 B0
(q )
Cc ni dung trc ca thanh ghi B0 s c lu vo thanh ghi tn

(1)
(q )
cng bn tri B1 = B0
77
M1
(1)
B0
M2
..
M q 1
(2 )
B0
B0
(q 1)
Mq
(q )
B0
( () )
K1
f B0 , K1
(1)
(2 )
B1
B1
(1)
(q )
B1
B1
M
(q )
Bn 1
Bn 1
(q )
f B n 1 , K n
(1)
(q 1)
Bn 1
(q 1)
(2 )
Bn 1
(2 )
Bn
Bn1
C1
C2
(q 1)
Bn
Hnh 2.13: Ch CFB

C q 1
..
Kn
(q )
Bn
Cq
Bn m GDES C = C1 , C 2 , ... C q
Hnh 2.16: Thut ton m ha GDES
2.10. Thm m vi sai v thm m tuyn tnh.
Phng php thm m truyn thng i vi cc mt m khi (chng hn

DES) vi bn r bit l tm kim, vt cn trn ton b khng gian kha.
Tuy nhin phng php tn cng tng lc ny khng th p dng c vi
78
DES bi i v DES bi ba. Cc phng php tn cng tinh t hn c

xut trong nhng nm gn y nhm lm gim phc tp tnh ton cho thm
m. Sau y l 2 phng php quan trng nht.
2.10.1. Thm m vi sai (thm m da trn s khc bit).
Thm m vi sai c xut t 1990 thm cc mt m khi nh PES,

LUCIFER
Thm m vi sai xoay quanh vic phn tch phn b ca s khc bit (cng
mod 2 theo tng bt) gia hai bn r X1 v X 2 v hai bn m Y1 v Y2 .
y cc bn r X1 v X 2 l cc ni dung 32 bt ca thanh ghi dch
phi trc php hon v m rng E(X) trong 1 vng DES. Hai bn m Y1 v
Y2 u ra 32 bt t php hon v P(C) sau cc hp thay th.
Hnh 2.16 m t mt vng DES. Gi s X l hiu ca hai bn r

bit X1 v X 2 :
X = X1 X 2
y X1 X 2 biu th php cng mod 2 theo tng bt ca hai vct bn
r. Trong cch tn cng bn r c la chn, hai bn r X1 v X 2 c chn

sao cho c X mong mun.
V X = X1 X 2 v A = E(X ) n gin l mt php hon v m rng
ca cc bt ca bn r A nn ta cng bit c A .
A = A1 A 2
A = E(X1 ) + E (X 2 )
A = E(X )
mi vng ca DES, kha con 48 bt K i c cng vo vct A 48 bt
u ra ca hp hon v m rng:
B1 = A1 K i
B2 = A 2 K i
V K i l cha bit nn B1 v B2 cng cha bit. Tuy nhin ta li bit

c hiu ca chng:
79
B = B1 B2
B = (A1 + K i ) (A 2 + K i )
B = A1 A 2
B = A
B = E(X )
Bi vy bng cch chn X1 v X 2 (tng ng l X ) ta c th tm c

cc u vo ca 8 hp thay th ngay c khi khng bit kha con.
80
Thanh ghi dch phi
R 32 = X
X
Hon v m rng
A = E(X )
Ki
Hon v la chn PC 2
vng lp th i
B cng modulo - 2
b j = a i k ij vi
k i, j
1 j 48
vng lp th i
B
S1
S2
S3
S4
S5
S6
S7
S8
8 hp thay th
C
Hon v
Y = P(C )
Y
L
B cng modulo - 2
x 'j = l j y i
Thanh ghi dch tri
L32 = L
vi 1 j 32
X'
Hnh 2.17: Thm m vi sai ca mt vng DES
T cc bn m bit Y1 v Y2 thu c t vic m ha cc bn r X1

v X 2 ta cng xc nh c hiu Y ca chng:
Y = Y1 Y2
81
C hai vct Y1 v Y2 u l cc hon v ca cc u ra 32 bt C1 v C 2

ca cc hp thay th.
Y1 = P(C1 )
Y2 = P(C 2 )
Ta c th biu th cc u ra C1 v C 2 ca cc hp thay th nh cc hm
ca Y1 v Y2 :
C1 = P 1 (Y1 )
C 2 = P 1 (Y2 )
Nh vy s khc bit u ra ca cc hp thay th C l:

C = C1 C 2
) (
C = P 1 (Y1 ) P 1 (Y2 )
C = P
(Y )
Thm m vi sai s so snh phn b ca X i vi cc cp bn r X1 v
X 2 vi phn b ca Y i vi cc cp bn m Y1 v Y2 tng ng. Trong

cch tn cng vi cp r - m c chn, bn r c chn sao cho to c
X mong mun. C mt thc t l cc sai khc ca bn r X v cc sai
khc ca bn m Y l khng nh nhau. Mt s sai khc trong cc cp bn
r c xc sut gy nn s khc bit trong cc cp bn m ln hn.
Vi mi b 8 hp thay th ca DES ta c th to nn mt bng cho mi
quan h gia X v Y (Xem bng 2.1)
pij trong bng biu th s cc trng hp m X i to nn Yj
Y1
Yj
X1
p11
p1 j
X i
pi1
M
pij
Bng 2.1
82
Biham v Shamin trnh din mt thm m DES16 vng dng 2

55
47
cp
37
r - m c chn hoc 2 cp r - m bit vi 2 php ton DES. iu

ny chng t rng cc thm m ny vi DES cng cha c hiu qu.
2.10.2. Thm m tuyn tnh (TMTT).
tng c bn ca phng php ny l c gng biu th (xp x) mt
vng ca DES bng mt php bin i tuyn tnh. Hnh 2.17 biu th cch m
thm m tuyn tnh c th dng trn mt vng ca DES.
Trong cch tn cng vi bn r bit ta bit c bn r M v bn m C
tng ng. V u ra IP(M) sau php hon v ban u bit nn ta cng bit
c ni dung ca cc thanh ghi dch tri v phi.
Gi s X = x1 , x 2 , ... x 32 l ni dung ca thanh ghi dch phi. 32 bt ny
s qua mt php hon v m rng A = E(X ) : vct 48 bt kt qu
A = a1 , a 2 , ... a 48 s c cng mod 2 theo tng bt vi kha con 48 bt

K i = k i1 , k i 2 , ... k i 48 vng lp th i ly ra t php bin i hon v la chn
PC 2.
Vct 48 bt B = b1, b 2 , ... b 48 s c a qua 8 hp thay th
{Sk }k =1,K,48 . mi vct vo 6 bt (b1, b2 , b3 , b4 , b5 , b6 ) s c thay th

bng mt vct ra 4 bt (c1, c 2 , c3 , c 4 ). Vct 32 bt C = c1, c 2 , ... c32 li c
bin i qua mt php hon v P v vct 32 bt.
Y = y1 , y 2 , ... y32 s c cng vi ni dung ca thanh ghi dch tri.
Thanh ghi dch phi c cp nht bng vct 32 bt kt qu ny.

Y = P(C)
C=P
(Y )
T hnh 2.17 ta thy rng nu bit u vo X (bn r sau php hon v

ban u IP) th u ra ca php hon v m rng A = E(X ) cng bit. Tuy
nhin v kha con K i = k ij vi j = 1, 2, ... 48 vng lp th i (ta c th bt u
vi i = 1) l cha bit nn ta khng th xc nh c tng u ra ca cc b
cng moduo 2: b j = a i k ij vi 1 j 48 .
83
Cc bt u ra cc b cng
({b }j = 1, 2, ...48) l cc bt vo ca 8 hp
j
thay th Sk .
By gi ta quay tr li ni dung ca thanh ghi dch tri L v ni dung
trc ca thanh thanh ghi dch phi X ' (trn thc t: Thanh ghi dch tm
thi TEMP 32 t vng lp trc ca DES), ta c th xc nh c vct 32
bt Y. V Y l kt qu ca php hon v chun P ca u ra t cc hp thay
th:
84
C = P 1 (Y )
Thanh ghi dch phi
R 32 = X
x 32
x1
Hon v m rng
A = E(X )
a 48
k i, j
a1
Hon v la chn PC 2
vng lp th i
B cng modulo - 2
b j = a i k ij vi
k i, j
1 j 48
vng lp th i
k i,48
b1
b 48
S1
S2
S3
S4
S5
S6
S7
S8
8 hp thay th
c 32
c1
Hon v
Y = P(C )
y 32
y1
l1
B cng modulo - 2
x 'j = l j y i
Thanh ghi dch tri
L32 = L
vi 1 j 32
'
x1
'
x 32
l 32
Hnh 2.17: Thm m tuyn tnh ca mt vng DES
Vct 32 bt C = c1, c 2 , ... c32 u ra ca cc hp thay th cng c

xc nh.
85
Cc hp thay th {Sk }k =1,K, 48 phi ngu nhin v khng chch. Vi mt

u vo 6 bt bt k b1 , b 2 , b3 , b 4 , b5 v b6 , cc bt ra phi c phn b chun
u. By gi bng cu to ca bng ca tt c 64 vct vo ca mi hp thay
th, mi bt vo bi = 0 mt na s ln v bi = 1 mt na s ln khc. Ni
mt cch khc, ta c th ni rng mi mt bt vo (trong 6 bt) bng 0 vi xc
1
1
v mi mt bt ra (trong 4 bt) bng 0 vi xc sut p = .
2
2
Tuy nhin ta c th suy ra u vo ca mt hp thay th nu c th khai
thc c mi quan h gia cc u vo v cc u ra ca n. Chng hn nu
ta quan st 4 bt c1, c 2 , c3 v c 4 u ra ca mt hp thay th Sk v cng
sut p =
chng vi nhau theo modulo 2 th i vi 64 vct vo khc nhau b1 , ..., b 6 ,

kt qu s l c1 c 2 c3 c 4 = 0 vi mt na s trng hp (32 trng hp)
v c1 c 2 c3 c 4 = 1 vi mt na s trng hp cn li. (Mi mt gi tr
trong 16 vct ra s xut hin 4 ln trong bng thay th).
Ta c th thy rng quan h vo ra ca cc hp thay th khng hon
ton khng chch. Chng hn, hp thay th S5 l chch nht trong cc hp
thay th v ta c th khai thc n suy ra kha. Bng 2.2 ch ra quan h gia
6 bt vo b 25 , b 26 , b 27 , b 28 , b 29 v b30 v 4 bt ra c17 , c18 , c19 v c 20 trong
hp thay th S5 . T bng 2.2 ta c th thy rng ngay c khi bt vo b 26 = 0
1
trong mt na s trng hp (tc l vi xc sut p = ) v tng
2
c1 c 2 c3 c 4 = 0
1
th phng trnh sau:
2
b 26 = c1 c 2 c 3 c 4
Vi xc sut p =
ch ng c 12 ln trong s 62 ln (ng vi xc sut p =
12 3
= ) 12
64 16
trng hp ny c ch ra ct kim tra trong bng 2.2.
86
6 bt vo
4 bt ra
b1
b2
b3
b4
b5
b6
b 25
b 26
b 27
b 28
b 29
b 30
0
0
0
0
0
0
0
0
0
0
0
1
2
14
0
1
0
1
1
1
0
0
12
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
0
0
1
1
0
1
0
11
4
2
1
1
0
0
0
0
1
0
0
1
0
1
0
1
0
0
1
12
0
0
0
0
1
1
0
0
0
0
0
1
7
4
0
0
1
1
1
0
1
0
10
0
0
0
0
0
0
1
1
1
0
1
1
1
0
0
1
0
1
7
11
13
0
1
1
1
0
1
1
1
0
1
1
1
0
0
0
0
0
0
0
1
1
1
1
1
1
1
0
0
0
0
0
0
0
0
0
0
1
1
1
1
0
1
1
0
0
1
1
1
0
1
0
1
0
1
5
5
0
3
15
15
10
0
0
0
0
1
1
1
1
1
0
0
1
1
0
0
0
0
1
1
1
1
1
1
0
1
1
1
0
13
0
0
0
1
1
1
1
1
1
0
0
0
0
1
1
1
0
1
3
0
9
0
0
1
0
0
0
1
0
0
1
0
1
14
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
0
0
1
1
1
1
1
1
1
1
0
1
9
6
1
0
0
1
0
1
1
0
Ra
c1
c2
c3
c4
c17
c18 c19
c 20
Kim tra
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
Bng 2.2: Quan h vo ra trong hp thay th S5 (bt u)
87
6 bt vo
4 bt ra
b1
b2
b3
b4
b5
b6
b 25
b 26
b 27
b 28
b 29
b 30
1
1
1
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
1
1
0
0
1
0
1
0
4
11
2
8
1
0
1
0
1
0
1
0
0
0
0
0
1
1
0
0
0
1
0
0
1
12
1
1
0
0
0
0
1
1
1
1
0
1
11
7
1
0
0
1
1
1
1
1
10
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
0
0
0
0
0
0
0
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
0
0
0
0
0
0
0
0
1
1
1
0
0
0
1
1
1
1
0
0
0
0
1
1
1
1
0
0
0
0
1
1
0
0
1
1
0
0
1
1
0
0
1
1
0
0
1
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
13
14
7
2
8
13
15
6
9
15
12
0
5
9
6
10
3
0
1
1
0
0
1
1
1
0
1
1
1
0
0
1
0
1
0
0
1
1
1
0
0
1
1
1
0
1
1
0
1
0
1
0
0
0
0
1
1
1
0
0
1
1
0
1
0
0
0
0
1
1
1
1
1
0
1
0
0
1
1
0
1
1
0
0
1
1
0
0
1
1
1
1
1
1
1
1
1
0
0
0
1
0
5
0
0
0
1
0
0
0
1
14
Ra
c1
c2
c3
c4
c17
c18 c19
c 20
Kim tra
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
b 26 = c1 c 2 c 3 c 4
Bng 2.3: Quan h vo ra trong hp thay th S5 (kt thc)
88
Ta c th thy rng xc sut c b 26 = c1 c 2 c 3 c 4 l

dng tr gip cho vic ph DES. Khi vi xc sut p =
3
s c
16
3
16
b 26 = c1 c 2 c 3 c 4
a 26 k i 26 = c1 c 2 c 3 c 4
Nhng v A = E(X ) nn a 26 = x17 .

Tng t vic bit nh x ca hm hon v chun Y = P(C ) gip ta c th
thay c17 , c18 , c19 v c 20 bng cc gi tr ca bn m bit y 3 , y 8 , y14 v
y 25 .
Bi vy, vi xc sut p =
3
16
k i 26 = a 26 c1 c 2 c 3 c 4
k i 26 = a 26 c17 c18 c19 c 20
k i 26 = x17 y 3 y 8 y14 y 25
V cp bn r X v bn m Y mt vng bit nn iu ny cung cp

chng c coi bt k i 26 l phn b ca x17 y3 y8 y14 y 25 .
Phn tch mt vng ny s c tng qu ha ln cho 16 vng ca DES.
iu ny c th thc hin c v cc ni dung ca thanh ghi phi vng lp
th hai l mt hm ca cc kt qu vng lp th nht.
47
Thm m tuyn tnh i vi DES vn cn kh kh thi v n cn ti 2

cp r - m bit tm mt bt kha ring l. Bt kha th hai c th tm
c.
Ngi ta ch ra rng s dng php xp x tuyn tnh cho DES 14 vng
v nh gi (phn on) 6 bt kha con k i 25 , k i 26 , k i 27 , k i 28 , k i 29 v k i30 theo
6 bt vo ca hp thay th S5 cho cc vng 2 v 14, iu ny tng ng vi
12
vic thc hin 2 php phn tch tuyn tnh song song v s to ra 26 bt kha.
iu ny s lm gim khng gian kha cn tm kim t 2
56
(khi tm kim vt
30
cn) xung cn 2 = 1.073.741.824 .
89
2.11. Chun m d liu tin tin (AES)
Vo 1997, Vin tiu chun v cng ngh quc gia (NIST) Ca M pht
ng cuc thi nhm xy dng mt chun m d liu mi thay th cho chun
m d liu c DES c a ra nm 1974. Qua qu trnh tuyn chn vo
thng 10 nm 2000, NIST cng b chun m d liu mi c la chn l
thut ton Rijndael. y l mt mt m khi i xng vi ba kch thc kha
c th la chn (128 bt, 192 bt v 256 bt). Sau y ta s m t thut ton
AES ny.
2.11.1. C s ton hc ca AES
Trong AES cc php ton cng v nhn c thc hin trn cc byte trong
( )
trng hu hn GF 28 .
Php cng:
Php cng gia hai phn t (cc byte) trong trng hu hn c thc hin
bng cch cng theo moulo 2 cc bt tng ng trong biu din ca cc byte
ny. Php cng cc byte A v B vi:
A = ( a1 a 2
B = ( b1 b 2
a3 a 4
a5
a6
a7
b3
b5
b6
b7
b4
l C = A + B vi C = ( c1 c2
c3 c 4
c5
a8 )
b8 )
c6
c7
c8 )
trong Ci = a i + bi mod 2 vi i = 1,8

Cc phn t ca trng hu hn cn c th c biu din di dng a
thc. V d tng ca A = 73H v B = 4E H (vit di dng c s 16 - hexa) l:
73H + 4E H = 3DH
Vit di dng nh phn:
01110011 + 01001110 = 00111101
Vit di dng a thc:
(x
) (
) (
+ x5 + x 4 + x + 1 + x6 + x3 + x 2 + x = x5 + x 4 + x3 + x 2 + 1
Php nhn:
90
( )
Php nhn c thc hin trn GF 28 bng cch nhn hai a thc rt
gn theo moulo ca mt a thc bt kh quy m ( x ) .
Trong AES a thc bt kh quy ny l m ( x ) = x 8 + x 4 + x 3 + x + 1
V d:
A = C3H , B = 85H tng ng vi:

a ( x ) = x 7 + x 6 + x + 1 v b ( x ) = x 7 + x 2 + 1
Khi C = A.B
c ( x ) = a ( x ) .b ( x ) mod x 8 + x 4 + x 3 + x + 1
c ( x ) = x7 + x5 + x3 + x 2 + x
hay C = AE H = 10101110
2.11.2. Thut ton AES.

AES m ha mt khi bn r M 128 bt thnh mt khi bn m C 128 bt
bng cch dng mt kha m K c di 128 bt (hoc 192 hoc 256 bt)
tng ng vi AES 128 (hoc AES 192 hoc AES 256 ). Thut ton thc
hin trn cc byte v kch thc khi i vi u vo u ra v kha c biu
th bng cc t 32 bt (4 byte).
AES s thc hin mt s vng m ha N r ph thuc vo di kha c

s dng (Xem bng 2.4)
Thut ton AES
di u vo/u
ra
di kha
Nk
S vng N r
AES 128
4 t
4 t
10 vng
AES 192
4 t
6 t
12 vng
AES 256
4 t
8 t
14 vng
Bng 2.4: S cc vng m ha ca AES

M ha AES:
Mi vng gm 4 php bin i mt m theo byte
- Thay th byte
91
- Dch cc hng ca mng trng thi (State Array)

- Trn d liu trong mt ct ca State Array
- Cng kha vng vo State Array
Php thay th byte: SubBytes( )

Php bin i AES u tin l mt php thay th byte phi tuyn gi l
php bin i SubBytes( ), n hot ng c lp trn mi byte. Trc tin n
( )
s tnh nghch o ca php nhn trong GF 28 , sau s dng mt php

bin i afin trn nghch o ny.
b'0
1
b1'
' 1
b 2 1
'
b3 = 1
b' 1
4
b' 0
5 0
b'6
' 0
b7
0 0 0 1 1 1 1 b0 1
1 0 0 0 1 1 1 b1 1

1 1 0 0 0 1 1 b 2 0

1 1 1 0 0 0 1 b3 0
+
1 1 1 1 0 0 0 b4 0

1 1 1 1 1 0 0 b5 1
0 1 1 1 1 1 0 b6 1

0 0 1 1 1 1 1 b7 0
trong bi biu th bt th i ca byte b

Dch cc hng ca State Array; Php bin i ShiftRows( )
Php bin i tip theo ca AES l dch cc hng ca State Array. Lng
dch Shift ( r, N b ) ph thuc vo s hng r. Cc khi u vo (bn r) vo cc
khi u ra (bn m) l cc khi 128 bt gm N b = 4 t 32 bt
Php bin i ShiftRows( ) c biu th nh sau:
s'r,c =s r ( c+shift ( r, N b ) ) mod N b
trong 0 c N b
Hng u tin s khng dch, tc l shift ( 0, N b = 4 ) = 0
Vi cc hng cn li lng dch s ty theo s hng
92
shift ( 0,4 ) = 0
shift (1,4 ) = 1
shift ( 2,4 ) = 2
shift ( 3,4 ) = 3
Trn d liu trong mt ct State Array: Php bin i Mixcolumns( )

Php bin i Mixcolumns( ) c dng trn d liu trong mt ct ca
( )
ma trn trng thi. Cc ct c xem nh cc a thc trong GF 28 . u ra

ca Mixcolumns( ) l s' ( x ) c to bng cch nhn ct vi s ( x ) vi a thc
a ( x ) v rt gn theo mod X 4 + 1
s' ( x ) = a ( x ) .s ( x ) mod X 4 + 1
trong : a ( x ) = 03H x 3 + 01H x + 02H

dng ma trn php bin i ny c th vit nh sau:
s'0,c 02
H
'
s1,c
01H
' =
s 2,c 01H
' 03H
s3,c
03H
01H
02H
03H
01H
01H
02H
01H
01H s0,c

01H s1,c
03H s 2,c

02H s3,c
y 0 c < N b
M rng kha AES: KeyExpansion( )

Thut ton AES s to t kha m 128 bt (hoc 192 hoc 256 bt) mt tp
khi to N b t 32 bt v N b t 32 bt cho mi vng bao gm N b ( N r + 1) t
32 bt . Chng trnh gii m KeyExpansion( ) cha cc SubWord( ) v
RotWord( ).
Hm SubWord( ) l mt php thay th (hp S) mt t vo 4 byte bng mt
t ra 4 byte.
93
Hm RotWord( ) thc hin php hon v vng cc byte trong mt t 4 byte

(32 bt) Wi :
RotWord ( a 0 ,a1,a 2 ,a 3 ) = ( a1,a 2 ,a 3 ,a 0 )
KeyExpansion byte key [ 4* N k ] , word w N b* ( N r + 1) , N k
Begin
i=0
while ( i < N k )
w [i ] = word key [ 4* i ] , key [ 4* i + 1] , key [ 4* i + 2] ,key [ 4* i + 3]
i = i +1
end while
i Nk
while ( i < N b* ( N r + 1) )
word temp = w [i 1]
if ( i mod N k = 0 )
temp = SubWord ( RotWord ( temp ) ) xor Rconw [i N k ]
else if ( N k = 8 and i mod N k = 4 )

temp = SubWord ( temp )
end if
w [i ] w [i N k ] = xor temp
i = i +1
end while
end
(ngun trch dn: c t th AES: http://csrc.nist.gov/encryption/aes/ )
Chng trnh gii m ca AES
Cipher bytein [ 4* N b ] ,byteout [ 4* N b ] , word w N b* ( N r + 1)
Begin byte state [ 4, N b ] state = in AddRoundKey(state,w)

94
for round = 1 step 1 to N r 1

SubBytes (state), ShifRows (state),
Mixcolumns(state), AddRoundKey(state,w+round * N b )
end for
SubBytes (state), ShifRows (state)
AddRoundKey(state,w+N r*N b )
out = state
end
(ngun trch dn: c t th AES: http://csrc.nist.gov/encryption/aes/ )
2.12.
Bi tp.
1. Thm m thu c bn m sau:

PSZI QIERW RIZIV LEZMRK XS WEC CSY EVI WSVVC
Bit rng y l bn m ca mt Xeda vi kho k cha bit. Hy dng phng
php tm kho vt cn tm c bn r ting Anh tng ng.
Ghi ch: Phng php tm kho vt cn l phng php th gii m bng mi
kho c th c.
2. Di y l 4 bn m thu c t m thay th Mt bn thu c t m Vigenre,
mt t mt m Affine v mt bn cha xc nh. Nhim v y l xc nh bn
r trong mi trng hp.
Hy m t cc bc cn thc hin gii m mi bn m (bao gm tt c cc
phn tch thng k v cc tnh ton cn thc hin).
Hai bn r u ly t cun " The Diary of Samuel Marchbanks " ca Robertson
Davies, Clack Iriwin,1947; bn r th t ly t " Lake Wobegon Days" ca
Garrison Keillor, Viking Penguin, 1985.
a. M thay th.
EMGLOSUDCGDNCUSWYSFHNSFCYKDPUMLWGYICOXYSIPJCK
QPKUGKMGOUCGINCGACKSNISACYKZSCKXEOCKSHYSXCG
OIDPKZCNKSHICGIWYGKKGKGOLDSILKGOIUSIGLEDSPWZU
GFZCCNDGYYSFUSZCNXEOJNCGYEOWEUPXEZGACGNFGLKNS
ACIGOIYCKXOUOUZCFZCCNDGYYSFEUEKUZCSOCFZCCNC
IACZEJNCSHFZEJZEGMXCYHCIUMGKUSY
Ch dn: F s gii m thnh w.

b. H m Vigenre
KCCPKBGUFDPHQTYAVINRRTMVGRKDNBVFETDGILTXRGUD
DKOTFMBPVGEGLTGCKQRACQCWDNAWCRXLZAKFTLEWRPTVC
95
QKYVXCHKFTPONCQQRHJVAJUWETMCMSPKQDYHJVDAHCTRL
SVSKCGCZQDZXGSFRLSWCWSJTBHAFSLASPRJAHKJRJUMV
GKMITZHFPDLSPZLVLGWTFPLKKEBDPGCEBSHCTJRWXBAFS
PEZQNRWXCVYCGAONWDDKACKAWBBIKFTLOVKCGGHJVLNHI
FFSQESVYCLACNVRWBBIREPBBVFEXOSCDYGZWPFDTKFQLY
CWHJVTNHIQ/BTKH/VNPIST
c. H m Affine.
KQEREJEBCPPCJCRKIEACUZBKRVPKRBCIBQCARBJCVFCUP
KRLOFKPACUZQEPBKRXPEIIEABDKPBCPFCDCCAFIEABKP
BCPFEQPKAZBKRHALBKAPCCIBURCCDKDCCJC/DFUIXPAFF
ERBICZDFKABICBBENEFCUPLCVKABPCYDCCDPKBCOCPERK
IVKSCPICBRKLJPKABL
d. H m cha xc nh c.
BNVSNSIHQCEELSSKKYERIFJKXUMBGVKAMQLJTYAVFBKVT
DVBPVVRJYYLAOKYMPQSCGDLFSRLLPROYGESEBUUALRWXM
MASAZLGLEFJBZAVVPXWI CGJXASCBYEHOSNMULKCEAHTQ
OKMFLEBKFXLRRFDTZXCIWBJSICBGAWDVYDHAVFJXZIBKC
GJIWEAHTTOEWTUHKRQVVRGZBXYIREMMASCSPBNLHJMBLR
FFJELHWEYLWISTFVVYFJCMHYUYRUFSFMGESIGRLWALSVVM
NUHSIMYYITCCQPZSICEHBCCMZFEGVJYOCDEMMPGHVAAUM
ELCMOEHVLTIPSUYILVGFLMVWDVYDBTHFRAYISYSGKVSUU
HYHGGCKTMBLRX
3. C bao nhiu ma trn kh nghch cp 2x2 trn Z 26 .

a. Gi s p l s nguyn t. Hy chng t s cc ma trn kh nghch cp
)(
2x2 trn Z p l p 2 1 p 2 p .
Ch dn V p l s nguyn t nn Z p l mt trng. Hy s dng khng
nh sau: Mt ma trn trn mt trng l kh nghch khi v ch khi cc
hng ca n l cc vc t c lp tuyn tnh (tc khng tn ti mt t
hp tuyn tnh cc hng khc 0 m tng ca chng l mt vc t ton s
0).
b. Vi p l s nguyn t v m l mt s nguyn m 2 . Hy tm cng thc
tnh s cc ma trn kh nghch cp mxm trn Z p .
96
4. Gi s ta bit rng bn r "conversation" s to nn bn m

"HIARRTNUYTUS" (c m theo h m Hill nhng cha xc nh c
m). Hy xc nh ma trn m ho.
5. H m Affine - Hill l h m Hill c sa i nh sau: Gi s m l mt s
nguyn dng v P = C = ( Z 26 ) . Trong h mt ny, kho K gm cc cp
m
(L,b), trong L l mt ma trn kh nghch cp mxm trn

b ( Z 26 )
theo cng thc y = xL + b .
Z 26 v
Bi vy, nu L = ( l ij ) v
b = ( b1,K, b m ) th:
l1,1 l1,2
l
l2,2
( y1,K, y m ) = ( x1,K, x m ) 2,1
.
.
l m,1 l m,2
l1,m
K l2,m
+ ( b1 ,K, b m )
K
.
K l m,m
K
Gi s Oscar bit bn r 1 "adisplayedequation" v bn m tng ng

l "DSRMSIOPLXLJBZULLM". Oscar cng bit m =3. Hy tnh kho v
ch ra tt c cc tnh ton cn thit.
6. Sau y l cch thm m h m Hill s dng phng php tn cng ch vi
bn m. Gi s ta bit m = 2. Chia cc bn m thnh cc khi c di 2
k t (cc b i). Mi b i ny l bn m ca mt b i ca bn r nh
dng mt ma trn m ho cha bit. Hy nht ra cc b i thng gp
nht trong bn m v coi rng l m ca mt b i thng gp trong
danh sch bng 1.1 (v d TH v ST). Vi mi gi nh, hy thc hin
php tn cng vi bn r bit cho ti. khi tm c ma trn gii m
ng.
Sau y l mt v d v bn m bn gii m theo phng php nu:
LMQETXYEAGTXCTUIEWNCTXLZEWUAISPZYVAPEWLMGQWVA
XFTGMSQCADAGTXLMDXNXSNPJQSYVAPRIQSMHNOCVAXFV.
7. Ta s m t mt trng hp c bit ca m hon v. Gi s m, n l cc s

nguyn dng. Hy vit bn r theo thnh tng hng thnh mt hnh ch
nht m x n. Sau to ra bn m bng cch ly cc ct ca hnh ch nht
ny V d, nu m = 4, n = 3 th ta s m ho bn r "cryptography" bng
cch xy dng hnh ch nht :
cryp
togr
aphy
97
Bn m s l: "CTAROPYGHPRY"
a. Hy m t cch Bob gii m mt bn m (vi m, n bit).
b. Hy gii m bn m sau: (nhn c theo phng php nu):
MYAMRARUYIQTENCTORAHROYWSOYEOUARRGERNOGW
8. Hy chng minh rng php gii m DES c th thc hin bng cch p
dng thut ton m ho DES cho bn r vi bng kho o ngc.
9. Cho DES(x,K) l php m ho DES ca bn r x vi kho K. Gi s
y = DES ( x, K ) v y ' = DES ( c ( x ) , c ( K ) ) trong c(.) k hiu l phn b
theo cc bt ca bin. Hy chng minh rng y ' = c ( y ) (tc l nu ly phn

b ca bn r v kho th bn m kt qu cng l phn b ca bn m ban
u). Ch rng kt qu trn c th chng minh c ch bng cch s
dng m t "mc cao" ca DES - cu trc thc t ca cc hp S v cc
thnh phn khc ca h thng khng nh hng ti kt qu ny.
10. M kp l mt cch lm mnh thm cho DES: vi hai kha K1 v K 2
cho trc, ta xc nh y = eK2 ( eK1 ( x ) ) (d nhin y chnh l tch ca DES
vi chnh n). Nu hm m ho eK2 ging nh hm gii m d K1 th K1 v
K 2 c gi l cc kho i ngu (y l trng hp khng mong mun
i vi php m kp v bn m kt qu li trng vi bn r). Mt kho

c gi l t i ngu nu n i ngu vi chnh n.
a. Hy chng minh rng nu C 0 gm ton cc s 0 hoc gm ton cc s
1 v D 0 cng vy th K l t i ngu.
b. Hy t chng minh rng cc kho sau ( cho dng hexa) l t i ngu;
0
F
1
E
1
E
F
0
0
E
1
E
1
F
F
0
0
E
1
E
1
F
F
0
0
E
1
E
1
F
F
0
0
E
0
F
1
F
F
1
0
E
0
F
1
F
F
1
0
E
0
F
1
F
F
1
0
E
0
F
1
F
F
1
c. Hy chag t rng nu C 0 = 0101K 01 hoc 1010K10 ( dng nh

phn) th XOR cc xu bt C i v C17 i l 111K11 , vi 1 i 16 (khng
nh tng t cng ng i vi D i ).
d. Hy chng t cc cp kho sau l i ngu:
E0 0 1 E0 0 1 F1 0 1 F1 0 1
0 1 E0 0 1 E0 0 1 F1 0 1 F1
FE1 FFE1 FF0 EFE0 E

E0 1 FE0 1 FFF1 0 FF1 0
1 FFE1 FFE0 EFE0 EFE

1FE0 1FE0 0EF1 0EF1
98
Chng 3 - Mt m kho cng khai
Chng III. MT M KHO CNG KHAI.
3.1. gII THIU V MT M KHO CNG KHAI.
Trong m hnh mt m c in trc y m hin nay ang c nghin

cu Alice (ngi gi) v Bob (ngi nhn) chn mt cch b mt kho K. Sau
dng K to lut m ho e k v lut gii m d k . Trong h mt ny d k
hoc ging e k hoc d dng nhn c t n (v d trong h DES qu trnh
gii m hon ton tng t nh qu trnh m nhng th tc kho ngc li).
Cc h mt thuc loi ny c gi l h kho b mt, nu l e k th lm
cho h thng mt an ton.
Nhc im ca h mt ny l n yu cu phi c thng tin trc v kho
K gia Alice v Bob qua mt knh an ton trc khi gi mt bn m bt k.
Trn thc t iu ny rt kh m bo. Chng hn khi Alice v Bob cch xa
nhau v h ch c th lin lc vi nhau bng th tn in t (E.mail). Trong
tnh hung Alice v Bob khng th to mt knh bo mt vi gi phi
chng.
tng xy dng mt h mt kho cng khai (hay dng chung) l tm
mt h mt khng c kh nng tnh ton xc nh d k khi bit e k . Nu thc
hin c nh vy th quy tc m e k c th c cng khai bng cch cng
b n trong mt danh b (bi vy nn c thut ng h mt kho cng khai).
u im ca h mt kho cng khai l ch Alice (hoc bt k ai) c th gi
mt bn tin m cho Bob (m khng cn thng tin trc v kho mt) bng
cch dng mt m cng khai e k . Ngi nhn A s l ngi duy nht c th
gii c bn m ny bng s dng lut gii b mt d k ca mnh.
C th hnh dung h mt ny tng t nh sau. Alice t mt vt vo mt
hp kim loi v ri kho n li bng mt kho s do Bob li. Ch c Bob l
ngi duy nht c th m c hp v ch c anh ta mi bit t hp m ca
kho s ca mnh.
99
tng v mt h mt kho cng khai c Diffie v Hellman a ra vo

nm 1976. Cn vic hin thc ho n th do Rivesrt, Shamir v Adleman a
ra ln u tin vo nm 1977, h to nn h mt ni ting RSA (s c
nghin cu trong chng ny). K t cng b mt s h, mt ca
chng da trn cc bi tnh ton khc nhau. Trong , quan trng nht l cc
h mt kho cng khai sau:
-
H mt RSA:
bo mt ca h RSA da trn kh ca vic phn tch ra tha s
nguyn ln. H ny s c m t trong phn 4.2.
H mt xp ba l Merkle - Hellman:
H ny v cc h lin quan da trn tnh kh gii ca bi ton tng cc tp
con (bi ton ny l bi ton NP y - l mt lp kh ln cc bi ton
khng c gii thut c bit trong thi gian a thc). Tuy nhin tt c cc
h mt xp ba l khc nhau u b chng t l khng mt (ngoi tr h
mt Chor-Rivest).
H mt McEliece:
H ny da trn l thuyt m i s v vn cn c coi l an ton. H
mt McEliece da trn bi ton gii m cho cc m tuyn tnh (cng l
mt bi ton NP y ). H mt McEliece c trnh by phn 4.6.
H mt ElGamal:
H mt ElGamal da trn tnh kh gii ca bi ton logarithm ri rc trn
cc trng hu hn
H mt Chor-Rivest:
H mt Chor-Rivest cng c xem nh mt h mt xp ba l. Tuy nhin
n vn c coi l an ton
H mt trn cc ng cong Elliptic:

Cc h mt ny l bin tng ca cc h mt khc (chng hn nh h mt
ElGamal), chng lm vic trn cc ng cong Elliptic ch khng phi l
100
trn cc trng hu hn. H mt ny m bo mt vi s kho nh hn

cc h mt kho cng khai khc.
Mt ch quan trng l mt h mt kho cng khai khng bao gi c th
m bo c mt tuyt i (an ton v iu kin). S d nh vy v i
phng khi nghin cu mt bn m, y c th m ln lt cc bn tin r bng
lut m ho cng khai e k cho ti khi anh ta tm c bn r duy nht x m
bo y = e k (x ) . Bn r ny chnh l kt qu gii m ca y. Bi vy, ta ch
nghin cu mt v mt tnh ton ca cc h mt ny.
Mt khi nim c ch khi nghin cu h mt kho cng khai l khi nim
v hm ca sp mt chiu. Ta s nh ngha khi nim ny mt cch khng
hnh thc.
Hm m kho cng khai e k ca Bob phi l mt hm d tnh ton. Song
vic tm hm ngc (hm gii m) rt kh khn (i vi bt k ai khng phi
l Bob). c tnh kh tnh ton hm ngc thng c gi l c tnh mt
chiu. Bi vy iu kin cn thit l e k phi l hm mt chiu.
Cc hm mt chiu ng vai tr quan trng trong mt m hc, chng rt
quan trng trong cc h mt kho cng khai v trong nhiu lnh vc khc.
ng tic l mc d c rt nhiu hm c coi l hm mt chiu nhng cho
n nay vn khng tn ti mt hm no c th chng minh c l hm mt
chiu.
Sau y l mt v d v mt hm c coi l hm mt chiu. Gi s n l
tch ca hai s nguyn t ln p v q, gi s b l mt s nguyn dng. Khi
ta xc nh nh x f : Z n Z n l f (x ) = x b mod n (vi b v n c chn
thch hp th y chnh l hm m RSA, sau ny ta s ni nhiu hn v n).
xy dng mt h mt kho cng khai th vic tm c mt hm mt
chiu vn cha . Ta khng mun e k l hm mt chiu i vi Bob v anh ta
phi c kh nng gii m cc bn tin nhn c mt cch hiu qu. iu cn
thit l Bob phi c mt ca sp cha thng tin b mt cho php d dng tm
hm ca e k . Nh vy Bob c th gii m mt cch hu hiu v anh ta c mt
hiu bit tuyt mt no v K. Bi vy mt hm c gi l ca sp mt
chiu nu n l mt hm mt chiu v n tr nn d tnh ngc nu bit mt
ca sp nht nh.
101
3.2.S hc modulo
3.2.1. S nguyn.
Tp cc s nguyn {K , 3, 2, 1, 0,1, 2, 3,K}= Z
-
nh ngha 3.1:
Cho a , b
a l c ca b nu c : b = a .c . K hiu a b
Cc tnh cht chia ht.
a , b , c ta c:
(i)
a a.
(ii) Nu a b v b c th a c
(iii) Nu a b v a c th a (bx + cy ) vi x , y
(iv) Nu a b v b a th a = b
- nh ngha 3.2 (Thut ton chia i vi cc s nguyn)
Nu a v b l cc s nguyn vi b 1
th
a = qb + r
0r<b
q v r l duy nht .
Phn d ca php chia a v b c k hiu a mod b = r
Thng ca php chia a v b c k hiu a div b = q
a
a
a mod b = a b
Ta c a div b = ,
b
b
V d: a = 73, b = 17.
73 div 17 = 4 , 73 mod 17 = 5
- nh ngha 3.3: c chung.

c l c chung ca a v b nu c a & c b
102
- nh ngha 3.4: c chung ln nht (CLN)

S nguyn dng d l CLN ca cc s nguyn a v b (K
hiu d = (a , b ) ) nu:
(i) d l c chung ca a v b.
(ii) Nu c c a v c b th c d .
Nh vy (a , b ) l s nguyn dng ln nht c ca c a v b khng k
(0 , 0 ) = 0 .
V d:
Cc c chung ca 12 v 18 l { 1, 2 , 3 , 6 }
(12 ,18 ) = 6
- nh ngha 3.5: Bi chung nh nht (BCNN)

S nguyn dng d l BCNN ca cc s nguyn a v b (K hiu
d = BCNN (a , b ) ) nu:
(i) a d , b d .
(ii) Nu c a c , b c th d c .
Nh vy d l s nguyn dng nh nht l bi ca c a v b.
- Tnh cht
BCNN (a , b ) =
V d: (12 , 18 ) = 6
a .b
(a , b )
BCNN (12 , 18 ) =
12 .18
= 36
6
- nh ngha 3.6:
Hai s nguyn dng a v b c gi l nguyn t cng nhau nu:
(a , b ) = 1
- nh ngha 3.7:
103
S nguyn P 2 c gi l s nguyn t nu cc c dng ca n ch

l 1 v P. Ngc li P c gi l hp s.
-
nh l c bn ca s hc:
Vi mi s nguyn n 2 ta lun phn tch c di dng tch ca lu
tha ca cc s nguyn t.
n = p 1e1 p e2 2 K p ek k
Trong p i l cc s nguyn t khc nhau v e i l cc s nguyn dng.
Hn na phn tch trn l duy nht.
-
nh ngha 3.8:
Vi n 2 , hm (n ) c xc nh l s cc s nguyn trong khong
[1 , n ] nguyn t cng nhau vi n.

-
Cc tnh cht ca hm (n )
(i) Nu p l cc s nguyn t th (p ) = p 1 .
(ii) Nu (m , n ) = 1 th (m . n ) = (m ). (n ) .
e
(iii)Nu n = p 1 1 p 2 2 K p k k l phn tch ra tha s nguyn t ca n th:
1
1
1
K 1
1
(n ) = n 1
p
p
p
1
2
k
nh l 3.1:
Vi n 5 :
(n ) >
n
6 ln ln n
3.2.2. Cc thut ton trong Z.

Cho a v b l cc s nguyn khng m v nh hn hoc bng n. Cn ch
rng s cc bit trong biu din nh phn ca n l [lg n ] + 1 v s ny xp x
bng lg n . S cc php ton bit i vi bn php ton c bn trn cc s l

cng, tr, nhn v chia s dng cc thut ton kinh in c tm lc trn
104
bng sau. Cc k thut tinh t hn i vi cc php ton nhn v chia s c

phc tp nh hn:
Php ton
phc tp bit
0 (lg a + lg b ) = 0 (lg n )
Cng
a+b
Tr
ab
Nhn
a .b
Chia
a = qb + r
0 (lg a + lg b ) = 0 (lg n )
( )
0 ((lg a ). (lg b )) = 0 ((lg n ) )
0 ((lg a ). (lg b )) = 0 (lg n )
2
2
Bng 3.1: phc tp bit ca cc php ton c bn trong Z
CLN ca 2 s nguyn a v b c th c tnh theo nh l sau:

-
nh l 3.2:
e
Nu a = p1 1 p 2 2 K p k k , b = p1 1 p 2 2 K p k k trong ei 0 , i 0
th UCLN(a , b ) = p1
( e2 , 2 )
(ek , k )
p min
K p min
2
k
v BCNN(a , b ) = p1
(e2 , 2 )
(ek , k )
p max
K p max
2
k
min (e1 , 1 )
max (e1 , 1 )
8
V d: Cho a = 4864 = 2 .19 , b = 3458 = 2 . 7 . 13 .19 . Khi
UCLN (a , b ) = (4864 , 3458 ) = 2 .19 = 38
BCNN (a , b ) = (4864 , 3458 ) = 2 8.7 .13 .19 = 442624

-
nh l 3.3:
Nu
a v b
l cc s nguyn dng vi
a>b
th
UCLN(a , b ) = UCLN(b , a mod b ) . Thut ton Euclide sau s cho ta cch tnh
CLN rt hiu qu m khng cn phi phn tch ra tha s nguyn t.
-
Thut ton Euclide:

Tnh UCLN ca 2 s nguyn
Vo
: Hai s nguyn khng m a v b vi a > b
Ra
: CLN ca a v b.
(1)
While b 0 do
105
r a mod b , a b , b r
(2)
-
Return (a).
nh l 3.4:
Thut ton trn c thi gian chy chng 0 (lg n )
) cc php ton bit.
V d: Sau y l cc bc chia ca thut ton trn khi tnh:
(4864 , 3458 ) = 38
4864
3458
1406
646
76
= 1 .3458
= 2 .1406
= 2 .646
= 5 .114
= 2 .38
+ 1406
+ 646 .
+ 76
+ 38
+0
Thut ton trn c th c m rng khng nhng ch tnh c CLN

ca 2 s nguyn a v b m cn tnh c cc s nguyn x v y tho mn
ax + by = d .
Thut ton Euclide m rng:

Vo
Ra
: Hai s nguyn khng m a v b vi a b
: d = UCLN(a , b) v cc s nguyn x v y tho mn
ax + by = d .
(1)
Nu b = 0 th t d a , x 1 , y 0 v return (d , x , y )
(2)
t x 2 1 , x1 0 , y 2 0 , y1 1
(3)
While b > 0 do
3.1. q a / b , r a qb , x x 2 qx 1 , y y 2 qy1
3.2. a b , b r , x 2 x1 , x1 x , y 2 y1 , y1 y
(4)
-
t d a , x x 2 , y y 2 v return (d , x , y )
nh l 3.5:
2
Thut ton trn c thi gian chy c 0 ( (lg n ) ) cc php ton bit.
106
V d: Bng 3..2 sau ch ra cc bc ca thut ton trn vi cc gi tr vo
a = 4864 v b = 3458
Q
x2
x1
y2
y1
1406
4864
3458
3458
1406
646
1406
646
114
646
114
76
114
76
38
27
32
2
5
1
3
7
38
2
5
1
3
2
5
1
3
76
38
27
32
7
38
91
38
91
45
45
128
27
32
7
38
45
128
Bng 3.2: Thut ton Euclide m rng vi cc u vo a = 4864 v
b = 3458
Bi vy ta c UCLN (4864 , 3458 ) = 38
v (4864
)(32 ) + (3458 )( 45 ) = 38
3.2.3. Cc s nguyn modulo n.

-
nh ngha 3.9:
Nu a v b l cc s nguyn th a c gi l ng d vi b theo modulo
(k hiu l a b mod n ) nu n
(a
b ).
S nguyn n c gi l modulo ng d.
V d: 24 9 mod 5 v 24 9 = 3 . 5
11 17 mod 7 v 11 17 = 4 . 7
Cc tnh cht:
i vi a , a 1 , b , b1 , c ta c:
(1)
a b (mod n ) nu v ch nu a v b cng c phn d khi chia cho
n.
(2) Tnh phn x
: a a (mod n ) .
(3) Tnh i xng : Nu a b (mod n ) th b a (mod n )

(4) Tnh bc cu
: Nu a b (mod n ) v b c (mod n ) th
a c (mod n )
(5) Nu a a 1 (mod n ) v b b 1 (mod n ) th

107
a + b a 1 + b1 (mod n ) v a .b a 1 .b 1 (mod n )
Lp tng ng ca mt s nguyn a l tp cc s nguyn ng d vi a
modulo n. T cc tnh cht (2), (3) v (5) trn ta c th thy rng i vi n
c nh, quan h ng d theo modulo n s phn hoch Z thnh cc lp tng
ng.
Nu a = qn + r vi 0 r n th a r (mod n ) .
Bi vy mi s nguyn a l ng d theo modulo n vi mt s nguyn duy
nht nm trong khong t 0 ti n 1 , s ny c gi l thng d ti thiu
ca a mod n . Nh vy a v r c th c dng biu th cho lp tng
ng ny.
-
nh ngha 3.10:
Cc s nguyn modulo n (k hiu Zn) l tp (cc lp tng ng) ca cc
s nguyn {0 ,1, 2 , K , n 1} . Cc php cng , tr, nhn trong Zn c thc hin
theo modulo n.
V du: Z 25 = {0 , 1, K , 24 } . Trong Z 25 ta c:
13 + 16 = 4 v 13 + 16 = 29 4 (mod 25 )
Tng t 13 .16 = 8 trong Z 25 .

-
nh ngha 3.11 (Phn t nghch o).

Cho a Z n , Phn t nghch o (ngc theo php nhn) ca a mod n l
mt s nguyn x Z n sao cho: a x 1(mod n )

Nu x tn ti th n l duy nht, a c gi l kh nghch. Phn t nghch
1
o ca a c k hiu l a .
nh ngha 3.12:
Php chia ca vi a cho b mod n l tch ca a v b 1 mod n tch ny c

xc nh nu b l phn t kh nghch
-
nh l 3.6:
Cho a Z n , khi a l kh nghch nu v ch nu : (a , n ) = 1
V d: Cc phn t kh nghch trong Z 9 l 1, 2, 4, 5, 7 v 8.
108
Chng hn 4 1 = 7 v 4 .7 1 (mod 9 ) .
- nh l 3.7:
Cho d = (a , n ) . Phng trnh ng d ax b(mod n ) c nghim x nu v ch
nu d b , trong trng hp ny c ng d nghim nm gia 0 v n 1 ,
nhng nghim ny l tt c cc ng d theo modulo n / d .
-
nh l 3.8 (Phn d China).

Nu cc s nguyn n 1 , n 2 , K , n k l nguyn t cng nhau tng i mt th
h cc phng trnh ng d:
x a 1 (mod n 1 )
x a 2 (mod n 2 )
.......... .......... ....
x a k (mod n k )
s c nghim duy nht theo modulo n
(n = n 1 . n 2 K n k )
Thut ton Gausse.

Nghim x ca h phng trnh ng d trong nh l phn d China c th
c tnh bng:
x=
a i N i M i mod n
i =1
Trong N i = n / n i v M i = N i 1 mod n i
Cc tnh ton ny c th c thc hin trong 0 ( (lg n ) ) cc php ton
2
trn bit.
V d: Cp phng trnh ng d x 3 (mod 7 ) , x 7 (mod 13 ) c
nghim duy nht x 59 (mod 91 )
-
nh l 3.9:
Nu (n 1 , n 2 ) = 1 th cp phng trnh ng d.
x a (mod n 1 ) , x a (mod n 2 )
c mt nghim duy nht x a mod( n1 . n 2 )
109
nh ngha 3.13:
Nhm nhn ca Z n l Z*n = {a Z n (a , n ) = 1}
c bit, nu n l s nguyn t th Z*n = {a 1 a n 1}
nh ngha 3.14:
Cp ca Z*n l s cc phn t trong Z*n (k hiu Z*n )
Theo nh ngha ca hm Phi-Euler ta thy:
Z*n = (n )
Cn rng nu a Z*n v b Z*n th a b Z n* v bi vy Z*n l ng

i vi php nhn.
-
nh l 3.10: Cho p l mt s nguyn t:

(1) nh l Euler: Nu a Z*n th a (n ) 1 (mod n ) .
(2) Nu
tch
ca
cc
nguyn
khc
nhau
nu
r s (mod (n )) th a r a s (mod n ) i vi mi s nguyn a. Ni
mt cch khc khi lm vic vi modulo n th cc s m c th c rt

gn theo modulo (n ) .
-
nh l 3.11: Cho p l mt s nguyn t:

(1) nh l Ferma: Nu (a , p ) = 1 th a p 1 1 (mod p ) .
(2) Nu r s mod( p 1) th a r a s (mod p ) i vi mi s nguyn a. Ni
mt cch khc khi lm vic vi modulo ca mt s nguyn t p th cc
lu tha c th c rt gn theo modulo p 1 .
(3) c bit a p a (mod p ) vi mi s nguyn a.
nh ngha 3.15:
Cho a Z*n . Cp ca a (k hiu l ord(a ) ) l s nguyn dng nh nht t
sao cho a t 1 (mod n ) .

-
nh ngha 3.16:
110
Cho a Z*n , ord(a ) = t v a s 1 (mod n ) khi t l c ca s. c bit

t (n ) .
V d: Cho n = 21 , khi Z *21 = {1, 2, 4, 5, 8,10 ,11,13 ,16 ,17 ,19 , 20}
Ch rng (21 ) = (7 ) (3 ) = 12 = Z *21 . Cp ca cc phn t trong
Z*21 c nu trong bng sau:
a Z*21
10
11
13
16
17
19
20
ord(a )
Bng 3.3: Cp ca cc phn t trong Z*21
nh ngha 3.2.17:
Cho Z*n . Nu cp ca l (n ) th c gi l phn t sinh hay
phn t nguyn thu ca Z*n . Nu Z*n c mt phn t sinh th Z*n c gi l

cyclic.
-
*
Cc tnh cht ca cc phn t sinh ca Z n
(1) Z n c phn t sinh nu v ch nu n = 2, 4, p k hoc l 2p k , trong p

*
l mt s nguyn t l v k 1 . , nu p l mt s nguyn t th Z n c
phn t sinh.
*
(2) Nu l mt phn t sinh ca Z n th:
Z*n = { i mod n 0 i (n ) 1}
*
(3) Gi s rng l mt phn t sinh ca Z n khi b = i mod n cng
*
l mt phn t sinh ca Z n nu v ch nu (i, (n )) = 1 . T ta rt ra
*
rng nu Z n l cyclic th s cc phn t sinh l ((n )) .
*
*
(n ) / p
1(mod n )
(4) Zn l mt phn t sinh ca Z n nu v ch nu
i vi mi nguyn t p ca (n )
111

*
V d: Z 21 khng l cyclic v n khng cha mt phn t c cp
(21) = 12 (Ch rng 21 khng tho mn iu kin (1) trn).
Z*25 l cyclic v c mt phn t sinh = 2

-
nh ngha 3.17:
*
Cho a Z n , a c gi l thng d bc hai modulo n (hay bnh phng
*
2
ca modulo n) nu tn ti x Z n sao cho x a (mod n ) . Nu khng tn
ti x nh vy th a c gi l thng d khng bc hai mod n . Tp tt c cc

thng d bc hai modulo n c k hiu l Q n , cn Q n l tp cc khng
*
thng d bc hai. Cn ch rng theo nh ngha 0 Z n . Bi vy 0 Q n v
0 Qn .
-
nh l 3.12:
*
Cho p l mt s nguyn t l v l mt phn t sinh ca Z p . Khi
a Z*p l mt thng d bc hai modulo p nu v ch nu a = i mod p , trong

i l mt s nguyn chn. T rt ra rng Q p =
Qp =
(p 1 ) v
2
(p 1 ) , tc l mt na s phn t trong Z* l cc thng d bc hai

p
2
v na cn li khng thng d bc hai.

*
V d: = 6 l mt phn t sinh ca Z13 . Cc lu tha ca c lit k
bng sau:
i
10
11
i mod13
10
12
11
Bi vy Q13 = {1, 3, 4, 9,10,12} , Q13 = { 2, 5, 6, 7, 8,11}

-
nh l 3.13:
112
Cho n l tch ca hai s nguyn t l khc nhau q v p, n = p.q , khi
a Z*n l mt thng d bc hai modulo n nu v ch nu a Q p v a Q q .

iu dn ti Q n = Q q . Q p =
v
Qn =
(p 1 )(q 1 )
4
3 (p 1 )(q 1 )
4
V d: Cho n = 21. Khi Q 21 = {1, 4,16} Q 21 = {2, 5, 8,10,11,13,17,19, 20}

-
nh ngha 3.18:
*
2
Cho a Q n . Nu x Z n tho mn x a (mod n ) th x c gi l
cn bc hai ca a mod n .
-
nh l 3.14 (S cc cn bc hai).
(1) Nu p l mt s nguyn t l v a Q p th a c gi l thng d
bc hai theo modulo p.
e
(2) Tng qut hn, cho n = p 1 1 p 2 2 K p k k , trong p i l cc s nguyn

k
t l phn bit v e i 1 . Nu a Q n th c ng 2 cn bc hai khc
nhau theo modulo n.

V d: Cc cn bc 2 ca 12 mod 37 l 7 v 30. Cc cn bc 2 ca
121 mod 315 l 11, 74, 101, 151, 164, 214, 241 v 304.
3.2.4. Cc thut ton trong Z n .
Cho n l mt s nguyn dng. Cc phn t ca Z n s c biu th bi
cc s nguyn Z n = {0, 1, 2, ..., n 1} .
Ta thy rng, nu a , b Z n th
a+b
a + b n
(a + b ) mod n =
a+b<n
a+bn
Bi vy php cng (v tr ) theo modulo c th thc hin c m khng

cn php chia d. Php nhn modulo ca a v b c th c thc hin bng
cch nhn cc s nguyn thng thng ri ly phn d ca kt qu sau khi
113
chia cho n. Cc phn t nghch o trong Z n c th c tnh bng cch dng

thut ton Euclide m rng c m t di y:
3.2.4.1. Thut ton (Tnh cc nghch o trong Z n ).
Vo
: a Zn
1
Ra
: a mod n (nu tn ti).
(1) Dng thut ton Euclide m rng tm cc s nguyn x v y sao cho
ax + ny = d trong d = (a , n ) .
1
(2) Nu d > 1 th a mod n khng tn ti. Ngc li return (x ) .
Php lu tha theo modulo c th c thc hin c hiu qu bng thut

ton nhn v bnh phng c lp. y l mt thut ton rt quan trng
trong nhiu th tc mt m. Cho biu din nh phn ca k l:
t
k i 2i
i=0
trong mi k i {0 , 1} khi
k
a =
( ) (a ) K (a )
a ki 2 = a 2
i=0
k0
21
k1
2t
kt
3.2.4.2. Thut ton nhn v bnh phng c lp ly lu tha trong Zn.

Vo
: a Z n v s nguyn k , (0 k < n ) c biu din nh phn:
k=
k i 2i
i=0
Ra
k
: a mod n
(1)
t b 1 . Nu k = 0 th return (b )
(2)
t A a .
(3)
Nu k 0 = 1 th t b a .
(4)
For i from 1 to t do
2
4.1. t A A mod n .
4.2. Nu k i = 1 th t b A .b mod n
(5)
Return (b)
114

596
V d: Bng 3.4 sau ch ra cc bc tnh ton 5 mod 1234 = 1013
ki
A
b
25
625
681
1011
369
421
779
947
925
625
625
67
67
1059 1059 1059 1013
Bng 3.4: Tnh 5
596
mod 1234
S cc php ton bit i vi php ton c bn trong Z n c tm lc trong

bng 3.5.
Php ton
phc tp bit
Cng module
a+b
Tr modulo
ab
Nhn modulo
a .b
a 1 mod n
Nghch o modulo
Lu tha modulo
a k mod n , k < n
0 (lg n )
0 (lg n )
( )
0 ((lg n ) )
0 ((lg n ) )
0 (lg n )2
2
Bng 3.5: phc tp bit ca cc php ton c bn trong Z n
3.2.5. Cc k hiu Legendre v Jacobi.

K hiu Legendre l mt cng c hu ch xem xt liu mt s nguyn a
c l mt thng d bc hai theo modulo ca mt s nguyn t p hay khng?
3.2.5.1. nh ngha 3.19:
Cho p l mt s nguyn t l v a l mt s nguyn. K hiu Legendre
a

p
c xc nh nh sau:
0
a
= 1
p
1
p a
a Qp
a Qp
115
3.2.5.2.
Cc tnh cht ca k hiu Legendre.
Cho p l mt s nguyn t l v a , b Z . Khi k hiu Legendre c

cc tnh cht sau:
a
a (p 1 ) / 2 (mod p ) . c bit
p
(1)
1
1
( p 1 ) / 2
= 1 v = ( 1)
p
p
Bi vy 1 Q p nu p 1(mod 4 ) v 1 Q p nu p 3(mod 4 )
a2
a .b a b
*
. . Bi vy nu a Z p th = 1 .
(2)
p
p p
p
a b
(3) Nu a b (mod p ) th = .
p p
2
(p 2 1 )/ 8
=
(
1
)
. Bi vy
(4)
p
2
= 1 nu p 1 hoc 7 (mod 8 ) v
p
2
= 1 nu p 3 hoc 5(mod 8 ) .
p
(5) Lut thun nghch bc 2:
Gi s p l mt s nguyn t l khc vi q, khi :
p q
( p 1 )(q 1 ) / 4
= ( 1)
q p
p q
Ni mt cch khc = tr phi c p v q l ng d vi

q p
p
q
3(mod 4 ) , trong trng hp ny = .
q
p
Du hiu Jacobi l tng qut ho ca k hiu Legendre i vi cc s
nguyn l n khng nht thit l mt s nguyn t.
3.2.5.3. nh ngha 3.20:
e
e
e
Cho n 3 l cc s nguyn l c phn tch n = p 1 1 . p 2 2 K p k k . Khi
a
c nh ngha l
n
k hiu Jacobi
116
a a
=
n p1
e1
p2
e2
a
K
ek
Ta thy rng nu n l mt s nguyn t th k hiu Jacobi chnh l k hiu

Legendre.
3.2.5.4. Cc tnh cht ca k hiu Jacobi.
Cho n 3 l cc s nguyn l a , b Z . Khi k hiu Jacobi c cc
tnh cht sau:
a
a
= 0 , 1 hoc 1 . Hn na = 0
n
n
UCLN (a , n ) 1 .
(1)
nu v ch nu
a2
a .b a b
*
. . Bi vy a Z n th = 1
(2)
n n n
n
a a a
. .
m
.
n
m n
(3)
a b
= .
n
n
(4) Nu a b (mod n ) th
1
=1
n
(5)
(6)
1
1
(n 1 ) / 2
= ( 1)
. Bi vy = 1 nu n 1(mod 4 )
n
n
1
= 1 nu n 3(mod 4 )
n
2
2
(n 2 1 )/ 8
= ( 1)
. Bi vy = 1 nu n 1 hoc 7 (mod 8 )
n
n
(7)
2
= 1 nu n 3 hoc 5(mod 8 )
n
m n
( m 1 )( n 1 ) / 4
= ( 1)
n m
(8)
117
m n
= tr phi c hai s m v n u ng d vi
n m
Ni mt cch khc
m
n
3(mod 4 ) , trong trng hp ny = .
n
m
e
T cc tnh cht ca k hiu Jacobi ta thy rng n l v a = 2 a 1 trong
a 1 l mt s l th:
e
a 2
=
n n
a1 2
=
n n
n mod a 1
( 1)(a1 1 )(n 1 )/ 4
a1
T cng thc ny ta c th xy dng thut ton quy sau tnh

m khng cn phi phn tch n ra cc tha s nguyn t .
3.2.5.5. Thut ton tnh ton k hiu Jacobi (v k hiu Legendre)
Jacobi (a , n )
Vo
: S nguyn l n 3 s nguyn a , (0 a n )
Ra
: K hiu Jacobi
(1)
Nu a = 0 th return (0 )
t)
a
(S l k hiu Legendre khi n l s nguyn
n
(2)
Nu a = 1 th return (1)
(3)
e
Vit a = 2 a 1 , trong a 1 l mt s l
(4)
Nu e chn th t s 1 . Ngc li hy t s 1 nu n = 1
hoc 7 (mod 8 )
(5)
Nu n 3(mod 4 ) v a 1 3(mod 4 ) th t s s
(6)
t n1 n mod a1
(7)
Return (s.JACOBI(n1 , a1 ))
Thut ton trn c thi gian chy chng 0 ( (lg n ) ) cc php ton bit.
2
3.2.5.6. Nhn xt (tm cc thng d bc hai theo modulo ca s nguyn t p)

118
Cho p l mt s nguyn t l . Mc d bit rng mt na cc phn t

*
trong Zp m khng thng d bc hai theo modulo p nhng khng c mt
thut ton xc nh theo thi gian a thc no c bit tm.

Mt thut ton ngu nhin tm mt s khng thng d bc hai l chn
a
*
= 1 .
a
Z
ngu nhin cc s nguyn
p cho ti khi s tho mn
p
Php lp i vi s c chn trc khi tm c mt thng d bc hai l 2 v
bi vy thut ton c thc hin theo thi gian a thc.
3.2.5.7. V d tnh ton k hiu Jacobi.
158
nh sau:
235
Cho a = 158 v n = 235 . Thut ton trn tnh
235
158 2 79
= ( 1)
79
235 235 235
2
77
76 . 78 / 4
=
=
( 1)
=
79
77
77
78 . 234 / 4
=
( 1)
79
1
a
Khc vi k hiu Legendre, k hiu Jacobi khng cho bit liu a c
n
phi l mt thng d bc 2 theo modulo n hay khng. S thc l nu
a
a
= 1 Tuy nhin = 1 th khng c ngha l a Q n .
n
n
a Q n th
3.2.5.8. V d (Cc thng d bc 2 v khng thng d bc 2).
a Z*21
10
11
13
16
17
19
20
a 2 mod n
16
16
16
16
a

3
a

7
21
119

*
Bng 3.6: Cc k hiu Jacobi ca cc phn t trong Z21

*
Bng 3.6 lit k cc phn t trong Z21 v cc k hiu Jacobi ca chng.
5
T v d trong phn c ta c Q 21 = {1, 4,16} . Ta thy rng
= 1 nhng
21
5 Q 21 .
3.2.5.9. nh ngha 3.21:
a
n
*
Cho n 3 l cc s nguyn t l v cho J n = a Zn = 1 tp cc
) c nh ngha l tp
thng d gi bc 2 theo modulo n (K hiu Q
n
J n Qn .
3.2.5.10. nh l 3.15:
Cho n = p.q l tch ca hai s nguyn t l khc nhau. Khi
~
Q n = Q n = (p 1)(q 1) / 4 tc l mt na cc phn t trong J n l cc thng
d gi bc hai.
3.2.6. Cc s nguyn Blum
-
nh ngha 3.22.
S nguyn Blum l mt hp s c dng n = p.q , trong p v q l cc
s nguyn t khc nhau v tho mn:
p 3 mod 4
q 3 mod 4
- nh l 3.16:
Cho n = p.q l mt s nguyn Blum v cho a Q n . Khi a c ng 4
cn bc hai modulo n v ch c mt s nm trong Q n .
- nh ngha 3.23:
120
Cho n l mt s nguyn Blum v cho a Q n . Cn bc hai duy nht ca a

nm trong Q n c gi l cn bc hai chnh a mod n .
-
V d (S nguyn Blum).
i vi s nguyn Blum n = 21 . Ta c J n = {1, 4, 5,16,17, 20} v
~
Q n = {5,17, 20} . Bn cn bc 2 ca a = 4 l 2, 5, 16 v 19, trong ch c
16 l cng nm trong Q n . Bi vy 16 l cn bc 2 chnh ca 4 mod 21 .
-
nh l 3.17:
Nu n = p.q l mt s nguyn Blum th nh x.
: Q n Q n c xc nh bi (x ) = x 2 mod n l mt php hon v.

(( p1)(q1)+4 / 8 )
1
mod n .
nh x ngc ca l: (x ) = x
3.2.7. Bi ton logarit ri rc.

Gi s cho Z p l mt trng hu hn vi p l mt nguyn t ln.
*
Cho g l phn t sinh ca nhm nhn , Z p tc l vi mt phn t a 0 bt

k Z p ta c th tm c mt s nguyn t x duy nht tha mn:
a = gx
Ta c th vit: log g a = x .
Bi ton logarit ri rc chnh l bi ton tm x.
V d: Xt Z19 , phn t sinh g = 2. Ta c bng sau:
x
10 11 12 13 14 15 16 17 18
log 2 x 18 1 13 2 16 14 6
8 17 12 15 5
7 11 4 10 9
13
T bng trn ta c: 2 3 mod19 .

Nhn chung y l mt bi ton rt kh khi p ln (chng hn
p 10 200 ). Khi ngay c vi cc my tnh cc mnh ta cng phi chu b
tay. Tuy nhin, trn thc t bi ton ny ch thc s kh khi p 1 khng phi
121
l tch ca cc s nguyn t nh. Ni chung bi ton logarit ri rc trn trng
( ).
hu hn GF(p ) c phc tp ln hn so vi trn GF 2
3.3. h mt rsa.
3.3.1. Thut ton 1: To kho.
Tm lc: Mi u cn to mt kho cng khai v mt kha ring tng
ng theo cc bc sau:
(1) To 2 s nguyn t ln ngu nhin v khc nhau p v q. p v q c
ln xp x nhau.
(2) Tnh n = p . q v (n ) = (p 1)(q 1) .
(3) Chn mt s nguyn ngu nhin e, 1 < e < , sao cho (e , ) = 1 .
(4) S dng thut ton Euclide m rng tnh mt s nguyn d duy
nht, 1 < d < tho mn ed 1(mod ) .
(5) Kho cng khai l cp s (n , e ) . Kho ring b mt l d.
3.3.2. nh ngha
Cc s nguyn d v e trong thut ton to kho RSA c gi l s m m
ho v s m gii m. S n c gi l modulus.
3.3.3. Thut ton 2: M ho cng khai RSA.
Tm lc: B m ho mt thng bo m gi cho A bn m cn gii.
3.3.3.1. M ho: B phi thc hin:
(1) Thu nhn kho cng khai (n , e ) ca A.
(2) Biu din bn tin di dng mt s nguyn m trong khong [0 , n 1]
(3) Tnh c = m e mod n .
(4) Gi bn m c cho A.
3.3.3.2. Gii m: Khi phc bn r m t c. A phi thc hin php tnh sau
bng cch dng kho ring m = c d mod n
122
Chng minh hot ng gii m:

V ed 1(mod ) nn lun tn ti mt s nguyn k sao cho ed = 1 + k .
By gi nu (m , p ) = 1 theo nh l Ferma ta c: m p 1 1(mod p ) . Lu tha c
hai v ca ng d thc trn vi s m k (q 1) v ri nhn c hai v vi m ta
c:
m1+ k (q 1)(p 1) m(mod p )
Mt khc nu UCLN(m , p ) = p th ng d thc cui cng trn vn

ng v mi v u ng d vi 0 mod p . Bi vy, trong mi trng hp ta u
c:
m ed m(mod p )
Bng lp lun tng t ta li c:
m ed m(mod q )
Cui cng v p v q l cc s nguyn t khc nhau nn m ed m(mod n ) v
( )
bi vy c d m e
m(mod n ) .
3.3.4. V d
3.3.4.1. To kho
A chn cc s nguyn t p = 2357, q = 2551 v tnh n = p . q = 6012707 v
= (p 1)(q 1) = 6007800 . A chn e = 3674911 v dng thut ton Euclide
m rng tm c d = 422191 tho mn ed 1(mod ) . Kho cng khai ca

A l cp s ( n = 6012707 , e = 3674911 ), kho b mt ca A l d = 422191.
3.3.4.2. M ho
m ho thng bo m = 5234673, B s dng thut ton ly lu tha theo
modulo tnh.
c = m e mod n = 52346733674911 mod 6012707 = 3650502
ri gi c cho A.
3.3.4.3. Gii m
gii m bn m c, A tnh:
c d mod n = 3650502 422191 mod 6012707 = 5234673
123
3.3.4.4. Ch (S m vn nng).
S = BCNN(p 1, q 1) i khi c gi l s m vn nng ca n, c
th c dng thay cho = (p 1)( q 1) khi to kho RSA. Cn ch rng
l c thc s ca . S dng c th thu c s m gii m d nh hn
(lm cho gii m nhanh hn). Tuy nhin, nu p v q c chn ngu nhin th
UCLN(p 1, q 1) s kh nh v bi vy v s l cc s c kch thc
xp x.
3.3.5. Vn im bt ng trong RSA
Gi s rng cp kha cng khai l (e, n ) = (17,35) .
Gi s thng bo c gi tr bng 8.
17
Ta c 8 8 mod 35 .
Nh vy m ha ca thng bo vn l thng bo ban u. Ni mt cch
khc vi kha m l 17 th thng tin khng c che du. R rng l phi
trnh c tnh trng ny nh l sau cho ta tnh c s bn tin khng th che
du c vi mt la chn cho trc ca (e, n ) .
nh l 3.18:
Nu cc thng bo c m bng h mt RSA vi cp kha cng khai

(e, n ) vi n = p.q th s cc thng bo khng th che du c bng:
N = (1 + UCLN(e 1, p 1))(1 + UCLN(d 1, q 1))

Chng minh:
e
Mt thng bo l khng th che u c nu M M mod n

Ta c: M e M mod p v M e M mod q .
Ta c th vit li cc phng trnh trn nh sau:
M e 1 1 mod p hoc M e 1 0 mod p
M e 1 1 mod q hoc M e 1 0 mod q
Ch rng phng trnh ng d M e 1 0 mod p ch c mt nghim

tng t vi q ta c c kt qu ca nh l
- V d: n = 35
124
Gi s e = 3 ta c (1 + UCLN(2,4 ))(1 + UCLN(2,6 )) = 9

Cc thng bo khng th che du c l 9 thng bo sau:
{0,1, 6,14,15, 20, 21, 29, 34}
Gi s e = 17. ta c (1 + UCLN(6,4 ))(1 + UCLN(16,6 )) = 15
Cc thng bo khng th che du c l 15 thng bo sau:
{0,1, 6,7, 8,13, 14,15, 20, 21, 22, 27, 28, 29, 34}
Gi s p = 2p'+1 v q = 2 q'+1 trong p' v q ' l cc s nguyn t.
Khi :
UCLN(e 1, 2p') = 1; 2 hoc p'
Nu UCLN(e 1, 2p') khng phi l p' v UCLN(e 1, 2q') khng phi

l q ' th s thng bo khng th che du ch nhiu nht l 9.
Nu UCLN(e 1, 2p') = p' th s cc thng bo khng th che du ti
thiu l 2(p'+1) . Tuy nhin xc sut xy ra iu ny l rt nh (bng 1 p')
3.4. h mt rabin
3.4.1. Thut ton 1: To kho.
Tm lc: Mi u to mt kho cng khai v mt kho b mt tng ng

theo cc bc sau:
(1) To 2 s nguyn t ln, ngu nhin v phn bit p v q c kch thc
xp x nhau.
(2) Tnh n = p . q .
(3) Kho cng khai l n, kho b mt l cc cp s (p, q).
3.4.2. Thut ton 2: M ho cng khai Rabin.
3.4.2.1. M ho: B phi thc hin cc bc sau:
(1) Nhn kho cng khai ca A: n.
(2) Biu th bn tin di dng mt s nguyn m nm trong di [0 , n 1] .
(3) Tnh c = m 2 mod n .

3.4.2.2. Gii m: khi phc bn r m t c, A phi thc hin cc bc
sau:Tm 4 cn bc hai ca c mod n l m1, m2, m3 hoc m4.
125
(1) Thng bo cho ngi gi l mt trong 4 gi tr m1, m2, m3 hoc m4.

Bng mt cch no A s quyt nh m l gi tr no.
3.4.3. Ch :
Tm cc cn bc 2 ca c mod n , n = p . q khi p q 3(mod 4 ) . Trong trng
hp ny , vic tm 4 cn bc 2 ca c mod n c thc hin kh n gin nh

sau:
(1) S dng thut ton Euclide m rng tm cc s nguyn a v b tho
mn ap + bq = 1 . Ch rng a v b c th c tnh trong giai on to
kho.
(2) Tnh r = c (p +1) / 4 mod p .
(3) Tnh s = c (q +1) / 4 mod q .
(4) Tnh x = (aps + bqr ) mod n .
(5) Tnh y = (aps bqr ) mod n .
(6) Bn gi tr cn bc 2 ca c mod n l x, x mod n , y v y mod n
3.4.4. V d
3.4.4.1. To kho.
A chn cc s nguyn t p = 277 v q = 331. A tnh n = p . q = 91687.
Kho cng khai ca A l 91687. Kho b mt ca A l cp s (p = 277 , q =
331).
3.4.4.2. M ho
Gi s rng 6 bit cui cng ca bn tin gc c lp li trc khi thc hin
m ho. Vic thm vo tha ny nhm gip cho bn gii m nhn bit c
bn m ng.
m ho bn tin 10 bit m = 1001111001 , B s lp li 6 bit cui cng ca
m c c bn tin 16 bit sau: m = 1001111001111001, biu din thp
phn tng ng l m = 40596.
Sau B tnh c = m 2 mod n = 40596 2 mod 91687 = 62111 ri gi c cho A

3.4.4.3. Gii m
126
gii m bn m c, A tnh bn gi tr cn bc 2 ca c mod n :

m1 = 69654 , m 2 = 22033 , m 3 = 40596 , m 4 = 51118
Biu din nh phn tng ng ca cc s trn l:

m1 = 10001000000010110 ,
m 2 = 101011000010001
m 3 = 1001111001111001 ,
m 4 = 1100011110101110
V ch c m3 mi c tha cn thit nn A s gii m c bng m3 v khi

phc li bn tin gc l m = 1001111001 .
3.4.4.4. nh gi hiu qu
Thut ton m ho Rabin l mt thut ton cc nhanh v n ch cn thc
hin mt php bnh phng modulo n gin. Trong khi , chng hn vi
thut ton RSA c e = 3 phi cn ti mt php nhn modulo v mt php bnh
phng modulo. Thut ton gii m Rabin c chm hn thut ton m ho,
tuy nhin v mt tc n cung tng ng vi thut ton gii m RSA.
3.5. h mt elgamal.
3.5.1. Thut ton to kho.
Tm lc: Mi u lin lc to mt kho cng khai v mt kho b mt

tng ng :
(1) To 1 s nguyn t p ln v mt phn t sinh ca nhm nhn Z*p
ca cc s nguyn mod p .
(2) Chn mt s nguyn ngu nhin a, 1 a p 2 v tnh a mod p .
(3) Kho cng khai l b 3 s p , , a , kho b mt l a.

3.5.2. Thut ton m ho cng khai ElGamal.
Tm lc: B m ho mt thng tin bo m gi cho A bn m cn gi.
(1) Nhn kho cng khai p , , a ca A.

(2) Biu th bn tin di dng mt s nguyn m trong di
{0 ,1, K , p 1}.
127
(3) Chn s nguyn ngu nhin k, 1 k p 2
( )
(4) Tnh = k mod p v = m a mod p .

(5)Gi bn m c = ( , ) cho A.
3.5.2.2. Gii m: khi phc bn r m t c, A phi thc hin cc bc sau:
(1)S dng kho ring a tnh p 1 a mod p

(Ch p 1 a = a = ak )
( )
(2)Khi phc bn r bng cch tnh a mod p .

Thut ton trn cho php A thu c bn r v:
a a k .m a k m mod p
3.5.3. V d
3.5.3.1. To kho.
A chn p = 2357 v mt phn t sinh = 2 ca Z*2357 . A chn kho b mt

a = 1751 v tnh a mod p = 21751 mod 2357 = 1185 . Kho cng khai ca A l
(p = 2357, = 2 ,
= 1185
3.5.3.2. M ho
m ho bn tin m = 2035, B s chn mt s nguyn ngu nhin k =

1520 v tnh:
= 21520 mod 2357 = 1430
= 2035.11851520 mod 2357 = 697

v
Sau B gi c = (1430 , 697 ) cho A
3.5.3.3. Gii m
gii m A phi tnh:
p 1 a = 1430605 mod 2357 = 872
Sau khi phc bn r m bng cch tnh: m = 872.697 mod 2357 = 2035 .
128
3.6. h mt merkle - hellman.

3.6.1. nh ngha dy siu tng.
nh ngha: Dy cc s nguyn dng (a1 , a 2 , K , a n ) c gi l dy siu
i 1
tng nu a i > a j vi i , 2 i n
j =1
3.6.2. Bi ton xp bal
Cho mt ng cc gi c cc trng lng khc nhau, liu c th xp mt

s gi ny vo ba l ba l c mt trng lng cho trc hay khng. V mt
hnh thc ta c th pht biu bi ton trn nh sau:
Cho tp cc gi tr M1 , M 2 , K , M n v mt tng S. Hy tnh cc gi tr bi
:
S = b1M1 + b 2 M 2 + K + b n M n
vi b i {0 ,1}
bi = 1:
bi = 0:
C ngha l gi Mi c xp vo ba l.
C ngha l gi Mi khng c xp vo ba l.
3.6.3. Gii bi ton xp ba l trong trng hp dy siu tng.
Trong trng hp M = {M1 , M 2 , K , M n } l mt dy siu tng th vic tm

b = (b1 , b 2 , K , b n ) tng ng nh bi ton tm biu din nh phn ca mt s
S. Biu din ny s tm c sau ti a l n bc.

Thut ton gii:
Vo: dy siu tng M = {M1 , M 2 , K , M n } v mt s nguyn S l tng ca
mt tp con trong M
Ra : (b1 , b 2 , K , b n ) trong b i {0 ,1} sao cho:
bi Mi = S
i =1
(1) i n
(2) Chng no i 1 hy thc hin
a. Nu S M i th : x i 1 v S S M i ngc li: x i 0
b. i i 1
(3) Return (b)
129
Nu M khng phi l dy siu tng th li gii ca bi ton l mt trong

2 n phng n c th . y l mt bi ton kh gii nu n ln.
Tm lc: Mi u lin lc to cho mnh mt kho cng khai v mt

kho b mt tng ng.
Chn mt s nguyn xc nh n c xem l mt tham s chung ca h
thng
Mi u lin lc phi thc hin cc bc sau:
(1) Chn mt dy siu tng (M1 , M 2 , K , M n ) v mt modulo M sao
cho M > M1 , M 2 , K , M n .
(2) Chn mt s nguyn ngu nhin W, 1 W M 1 sao cho
(W , M ) = 1 .
(3) Chn mt php hon v ngu nhin ca cc s nguyn
{1, 2 , K , n}
(4) Tnh a i = WM (i ) mod M vi i = 1, 2 , K , n .

(5) Kho cng khai l tp cc s (a1 , a 2 , K , a n )
Kho b mt l (, M, W (M1 , M 2 , K , M n ))
3.6.5. Thut ton m cng khai Merkle-Hellman.
Tm lc: B m ho bn tin m gi cho A bn m cn phi gii m.
(1) Nhn kho cng khai ca A: (a1 , a 2 , K , a n )
(2) Biu th bn tin m nh mt chui nh phn

m = m1 , m 2 , K , m n .
c di n
(3) Tnh s nguyn c = m1a1 + m 2 a 2 + K + m n a n

3.6.5.2. Gii m: khi phc bn r m t c, A phi thc hin cc bc
sau:
(1) Tnh d = W 1c mod M

130
(2)S dng thut gii xp ba l trong trng hp dy siu tng tm

cc s nguyn r1 , r2 , K , rn , ri {0 ,1} sao cho:
d = r1M1 + r2 M 2 + K + rn M n
(3)Cc bit ca bn r l m i = r(i ) ,
i = 1, 2 , K , n
Chng minh: Thut ton trn cho php A thu c bn r v:

-1
dW cW
-1
i =1
i =1
mi a i mi M (i ) mod M
V 0 d < M , d = m i M (i ) mod M , bi vy nghim ca bi ton xp ba

i =1
l bc (b) s cho ta cc bit ca bn r sau khi s dng php hon v

3.6.6. V d:
3.6.6.1. To kho.
Cho n = 6. A chn dy siu tng sau: (12, 17, 33, 74, 157, 316), M = 737,
W = 635 tho mn (W, M) = 1.
Php hon v ca {1, 2, 3, 4, 5, 6} c xc nh nh sau:
(1) = 3 , (2 ) = 6 , (3) = 1 , (4 ) = 2 , (5) = 5 , (6 ) = 4
Kho cng khai ca A l tp (319, 196, 250, 477, 200, 559)

Kho b mt ca A l (, M, W (12 ,17 , 33 , 74 ,157 , 316 ))
3.6.6.2. M ho
m ho bn tin m = 101101, B tnh:
c = 319 + 250 + 477 + 559 = 1605
v gi c cho A.
3.6.6.3. Gii m
gii m A phi tnh:
(W
= 224 = 513
d = W 1c mod M = 136
v gii bi ton xp ba l trong trng hp dy siu tng sau:

136 = 12r1 + 17 r2 + 33r3 + 74r4 + 157 r5 + 316r6
v nhn c 136 = 12 + 17 + 33 + 74
Bi vy r1 = r2 = r3 = r4 = 1 r5 = r6 = 0
131
S dng php hon v s tm c cc bit ca bn r nh sau:

m1 = r3 = 1 , m 2 = r6 = 0 , m 3 = r1 = 1 , m 4 = r2 = 1 , m 5 = r5 = 0
m 6 = r4 = 1
Vy bn r m = 101101.
3.7. h mt chor-rivest (cr)
H mt CR l h mt kho cng khai xp ba l duy nht hin nay khng

s dng php nhn modulo ngu trang bi ton tng tp con.
Tm lc: Mi bn lin lc to mt kho cng khai v mt kho ring
tng ng. A thc hin cc bc sau:
(1) Chn mt trng hu hn Fq c c s q, trong q = p h , p h v i

vi n bi ton logarit ri rc l kh gii.
(2) Chn mt a thc bt kh quy nh chun ngu nhin (x ) bc h trn
Z p . Cc phn t ca Fq s c biu din bng cc a thc trong Z p [x ]
c bc nh hn h vi php nhn c thc hin theo mod (x ) .

(3) Chn mt phn t nguyn thu ngu nhin g(x ) ca Fq .
(4) Vi mi phn t ca trng c s i Z P , tm logarit ri rc
a i = log g ( x ) (x + i ) ca cc phn t x + i theo c s g(x ) .
(5) Chn mt php hon v ngu nhin trn cc s nguyn

{1, 2 , K , p 1} .
(6) Chn mt s nguyn ngu nhin d, 0 d p h 2
(7) Tnh C i = (a (i ) + d ) mod (p h 1) ,0 i p 1 .
(8) Kho cng khai ca A l ((C 0 , C1 , K , C p1 ), p , h )

Kho ring ca A l ( (x ) , g(x ) , , d ) .
3.7.2. Thut ton m ho.
Tm lc: B m ho thng bo m gi cho A.
3.7.2.1. M ho: B thc hin cc bc sau:
a) Nhp kho cng khai ca A ((C 0 , C1 , K , C p1 ), p , h )
132
p
h
b) Biu din thng bo nh mt xu bit c di lg trong

p
p!
=
.
h h !(p h )!
c) Xem m nh l biu din nh phn ca mt s nguyn. Bin i s

nguyn ny thnh mt vct nh phn M = (M 0 , M1 , K , M p1 ) c
di p v c ng h con 1 nh sau:
i. t l h
ii. For i from 1 to n do:
P i
p i
th t M i 1 1, m m
, l l 1 . Nu
Nu m
l
l
khng th t
M i 1 0 CY :
n
= 1
0
vi n 0
0
= 0 vi
l
l 1
p 1
d) Tnh c = M i c i mod (p h 1) .
i =1
e) Gi bn m c cho A.
3.7.2.2. Gii m.
khi phc bn m r m t c, A phi thc hin cc bc lnh sau:
a) Tnh r = (c hd ) mod(p h 1)
b) Tnh u (x ) = g r (x ) mod (x )
c) Tnh s(x ) = u (x ) + (x ) l mt a thc nh chun h trn Z p .
d) Phn tch s(x ) thnh cc nhn t bc nht trn Z p .

s(x ) = (x + t j ) trong t j Z p
h
j1
e) Cc thnh phn c gi tr 1 ca vect M c cc ch s l 1 (t j ) vi

1 j h .
Cc thnh phn cn li bng 0

f) Thng bo m c khi phc li t M nh sau
133
i. t m 0 , l h
ii. For i from 1 to p do:
p i
, l l 1 .
l
Nu M i1 = 1 th t m m +
Ta thy
u (x ) = g 2 (x ) mod (x )
[g (x )]
c hd
p 1
M i ci hd
i=0
[g(x )]
p 1
M i (a ( i ) + d ) hd
i=0
[g(x )]
p 1
Mia (i )
[g(x )]
mod (x )
i =0
p 1
u (x ) g (x )
i =0
p 1
Mi
(x + (i ))
i =0
a (i )
Mi
Mi
p 1
(x + (i ))
i =0
(mod (x ))
v s(x ) l cc a thc nh chun bc h v ng d vi

p 1
Mi
nhau theo modulo (x ) nn s(x ) = u (x ) + (x ) = (x + (i ))

i =0
Bi vy tt c cc cn bc h ca s(x ) u nm trong Z p v p dng 1 i

vi cc cn ny ta s c cc to ca M l 1
3.7.3. V d.
3.7.3.1. To kho: A thc hin cc bc sau:
(1) Chn p = 7 v h = 4 .
(2) Chn a thc bt kh quy (x ) = x 4 + 3x 3 + 5x 2 + 6x + 2 c bc 4 trn

Z 7 . Cc phn t ca trng hu hn F7 c biu din bng cc a
4
thc trong Z 7 [x ].
(3) Chn phn t nguyn thu ngu nhin g(x ) = 3x 3 + 3x 2 + 6 .
(4) Tnh cc logarit ri rc sau:
134
a 0 = log g ( x ) (x )
= 1028
a 1 = log g ( x ) (x + 1) = 1935
a 2 = log g ( x ) (x + 2 ) = 2054
a 3 = log g ( x ) (x + 3) = 1008
a 4 = log g ( x ) (x + 4 ) = 379
a 5 = log g ( x ) (x + 5) = 1780
a 6 = log g ( x ) (x + 6 ) = 223
(5) Chn php hon v ngu nhin trn {0 ,1, 2 , 3 , 4 , 5 , 6} nh sau:

(0 ) = 6
(1) = 4
(2 ) = 0
(3) = 2
(4 ) = 1
(5) = 5
(6 ) = 3
(6) Chn s nguyn ngu nhin d = 1702

(7) Tnh
C 0 = (a 6 + d ) mod 2400 = 1925
C1 = (a 4 + d ) mod 2400 = 2081
C 2 = (a 0 + d ) mod 2400 = 330
C 3 = (a 2 + d ) mod 2400 = 1356

C 4 = (a 1 + d ) mod 2400 = 1237
C 5 = (a 5 + d ) mod 2400 = 1082
C 6 = (a 3 + d ) mod 2400 = 310
(8) Kho cng khai ca A l ((C 0 , C1 , C 2 , C 3 , C 4 , C 5 , C 6 ) , p = 7 , h = 4 )

Kho b mt ca A l
( ( x ) , g (x ) , , d )
3.7.3.2. M ho.
m ho bn tin m = 22 gi cho A, B lm nh sau:
(1) Nhn kho cng khai ca A.
(2) Biu din m nh mt xu bit di 5: m = 1 0 11 0 (Ch rng
7
lg = 5 )
4
(3) Dng phng php nu trn bc c trong thut ton trn bin
i m thnh vct nh phn M c di M: M = (1, 0,1,1, 0, 0,1)
(4) Tnh C = (C 0 + C 2 + C 3 + C 6 ) mod 2400 = 1521
135
(5) Gi C = 1521 cho A

3.7.3.3. Gii m:
(1) Tnh r = (c hd ) mod 2400 = 1913
(2) Tnh u (x ) = g(x )1913 mod (x ) = x 3 + 3x 2 + 2x + 5

(3) Tnh g(x ) = u (x ) + (x ) = x 4 + 4x 3 + x 2 + x
(4) Phn tch s(x ) = x (x + 2)(x + 3)(x + 6)
(Do t 1 = 0, t 2 = 2 , t 3 = 3 , t 4 = 6 )
(5) Cc thnh phn ca M bng 1 c cc ch s
1 (0 ) = 2
1 (2 ) = 3
1 (3) = 6
1 (6 ) = 0
Bi vy M = (1, 0,1,1, 0, 0,1)

(6) S dng bc f trong thut ton gii m bin i M thnh s
nguyn m = 22 v nh vy khi phc c bn r ban u
3.7.4. Ch :
H mt ny c xem l an ton nu khng b l kho b mt.

C th m rng h mt ny cho trng hp Z p vi p l lu tha ca mt s
nguyn t .
lm cho bi ton logarit ri rc l d gii, cc tham s p v h phi chn
sao cho q = p h 1 ch c cc nhn t c gi tr nh.
Trong thc t kch thc khuyn ngh ca cc tham s l p 200 , h 25

(V d p = 197 v h = 24 )
Tr ngi ln nht ca thut ton l kho cng khai vi kch thc chng
p . h log p bit l qu ln. V d vi p = 197 v h = 24 kho cng khai c
chng 36.000 bit.
3.8. h mt trn ng cong Elliptic

3.8.1. Cc ng cong Elliptic.
Mt ng cong Elliptic l mt phng trnh bc 3 c dng sau:
y 2 + axy + by = x 3 + cx 2 + dx + e
Trong a, b, c, d, e l cc s thc.
136
Trn cc ng cong E ta xc nh mt php cng c bit vi mt im

O c gi l im v cc. Nu trn ng thng ct ng cong E ba im
th tng ca chng bng im v cc O (im O ny c vai tr nh phn t
n v trong php cng ny). Hnh 3.1 sau m t cc ng cong E
y 2 = x 3 + 2 x + 5 v y 2 = x 3 2 x + 1
10
10
p1
8
6
2
0
-2
-4
-4
-6
-6
-8
-10
0
-8
p1
-1
-2
-2
p1
p1
-10
5
-2
-1
Hnh 3.1: Cc ng cong y = x + 2 x + 5 v y = x 2 x + 1
3.8.2. Cc ng cong Elliptic trn trng Galois.
Mt nhm E trn trng Galois E p (a , b ) nhn c bng cch tnh

x 3 + ax + b mod p vi 0 x < p . Cc hng s a, b l cc s nguyn khng m
v nh hn s nguyn t p v tha mn iu kin: 4a 3 + 27 b 2 mod p 0 . Vi

mi gi tr x ta cn xc nh xem n c l mt thng d bc hai hay khng?
Nu x l thng d bc hai th c 2 gi tr trong nhm Elliptic. Nu x khng l
thng d bc 2 th im ny khng nm trong nhm E p (a , b ) .
V d: (cu trc ca mt nhm E).
Gi s p = 23 , a = 1 v b = 1 .
Trc tin ta kim tra li:
3
4a + 27b mod p = 4.1 + 27.1 mod 23

= 4 + 27, od 23 = 31mod 23
=80
Sau ta xc nh cc thng d bc 2 Q 23 t Z 23 .
137
p (x )2 mod p
x 2 mod p
2
22 mod 23
21 mod 23
20 mod 23
19 mod 23
18 mod 23
17 mod 23
16 mod 23
15 mod 23
14 mod 23
13 mod 23
12 mod 23
1 mod 23
2 mod 23
3 mod 23
4 mod 23
5 mod 23
6 mod 23
7 mod 23
8 mod 23
9 mod 23
10 mod 23
11 mod 23
Bi vy tp
16
13
18
12
p 1
= 11 cc thng d bc 2 Q 23 bng:
2
Q 23 = {1, 2, 3, 4, 6, 8, 9,12,13,16,18}
Vi 0 x < p ta tnh y 2 = x 3 + x + 1 v xc nh xem liu y 2 c nm

trong tp cc thng d bc 2 Q 23 khng
x
10
11
y2
11
16
16
15
22
y Q 23 ?
y1
10
11
y2
22
16
13
19
19
12
16
20
138
12
13
14
15
16
17
18
19
20
21
22
y2
16
22
10
19
17
14
22
y Q 23 ?
y1
y2
19
16
20
20
18
Nhm Elliptic E p (a , b ) = E 23 (1,1) s gm cc im sau:

(0,1)
(5, 4)
E 23 (1,1) =
(9,16)
(17, 3)
(0,22) (1, 7 )
(5,19) (6,4)
(11,3) (11, 20)
(17, 20) (18, 3)
(1,16)
(6,19)
(12, 4)
(18, 20)
(3,10)
(7,11)
(12,19)
(19,5)
(3,13) (4, 0)
(7,12) (9, 7 )
(13, 7 ) (13,16)
(19,18)
24
22
20
18
16
14
12
10
8
6
4
2
0
0
10
12
14
16
18
20
Hnh 3.2: Nhm E 23 (1,1)

3.8.3. Cc php ton cng v nhn trn cc nhm E.
Gi s P = (x1, y1 ) , Q = (x 2 , y 2 ) l cc im trong nhm E p (a , b ) , O l
im v cc. Cc quy tc i vi php cng trn nhm con E p (a , b ) nh sau:

(1) P + O = O + P = P.
(2) Nu
x 2 = x1
v
y 2 = y1
tc
Q = (x 2 , y 2 ) = (x1 , y1 ) = P th P + Q = 0 .
139
P = (x1, y1 )
(3) Nu Q P th tng P + Q = x 3 , y 3 c cho bi:

x 3 = 2 x1 x 2 mod p
y 3 = x1 x 3 y1 mod p
Trong :
y 2 y1
x 2 x1
2
3x1 + a
2y
nu P Q
nu P = Q
V d: Php nhn trn nhm E p (a , b ) .

Php nhn trn nhm E p (a , b ) thc hin tng t nh php ly tha
modulo trong RSA.
Gi s P = (3,10) E 23 (1,1) , khi d 2P = x 3 , y 3 bng:
2P = P + P = (x1 , y1 ) + (x1, y1 )
V P = Q v x 2 = x1 nn cc gi tr , x 3 v y 3 l:
=
3x12 + a
2 y1
3.32 + 1
5
1
mod p =
mod 23 = mod 23 = 4 mod 23 = 6
2.10
20
x 3 = x1 x 2 mod p = 6 3 3 mod 23 = 30 mod 23 = 7

y 3 = x1 x 3 y1 mod p = 6(3 7 ) 10 mod 23 = 34 mod 23 = 12
Bi vy 2P = x 3 , y 3 = (7,12) .
Php nhn kP nhn c bng cch thc hin lp k ln php cng.
y y1 (nu P Q )
= 2
x 2 x1
1
2
3
4
2
3x1 + a
=
2 y1
(nu P = Q )
6
12
4
x3
2 x 1 x 2 mod 23
7
19
17
140
y3
kP
x1 x 3 y1 mod 23
(x3, y3 )
12
5
3
(3,10)
(7,12)
(19,5)
(17,3)
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
11
1
7
2
19
3
21
16
20
13
13
20
16
21
3
19
2
7
1
11
4
12
6
9
12
11
13
0
6
18
5
1
4
1
5
18
6
0
13
11
12
9
17
19
7
3
19
4
3
16
1
4
20
4
7
0
16
19
3
19
22
7
20
19
7
20
18
11
13
(9,16)
(12,4)
(11,3)
(13,16)
(0,1)
(6,4)
(18,20)
(5,4)
(1,7)
(4,0)
(1,16)
(5,19)
(18,3)
(6,19)
(0,22)
(13,7)
(11,20)
(12,19)
(9,7)
(17,20)
(19,18)
(7,11)
(3,13)
3.8.4. Mt m trn ng cong Elliptic.
Trong h mt ny bn r M c m ha thnh mt im PM trong tp

hu hn cc im ca nhm E p (a , b ) .
Trc ht ta phi chn mt im sinh G E p (a , b ) sao cho gi tr nh
nht ca n m bo nG = 0 phi l mt s nguyn t rt ln. Nhm E p (a , b )
v im sinh G c a ra cng khai.
Mi ngi dng chn mt kha ring n A < n v tnh kha cng khai PA
nh sau: PA = n A G .
141
gi thng bo PM cho bn B, A chn mt s nguyn ngu nhin k v

tnh cp bn m PC bng cch dng kha cng khai PB ca B:
PC = (kG ), (PM + kPB )
Sau khi thu cp im PC , B s nhn im u tin (kG ) vi kha ring n B

ca mnh ri cng kt qu vi im th hai trong cp im PC (im
(PM + kPB ));

(PM + kPB ) n B (kG ) = (PM + kn BG ) n B (kG ) = PM
y chnh l im tng ng vi bn r M. Ch c B mi c kha ring

n B v mi c th tch n B (kG ) khi im th hai ca PC thu thng tin v
bn r PM .
V d:
Xt ng cong E sau: y 2 = x 3 + ax + b mod p
2
y = x x + 188 mod 751
(a = 1, b = 188, p = 751)
Nhm E c to t ng cong E trn l:

E p (a , b ) = E 751( 1, 188)
Cho im sinh G = (0, 376 ) . Khi php nhn kG ca G l (1 k 751) .
G = (0, 376)
5G = (188, 657 )
9G = (582, 736)
762G = (328, 569)

766G = (3, 370)
2G = (1, 376)
6G = (6, 390)
10G = (57, 332)
763G = (677, 158)

767G = (1, 377 )
3G = (750, 375)
7G = (667, 571)
K
764G = (196, 681)

768G = (0, 375)
4G = (2, 373)
8G = (121, 39)
761G = (565, 312)
765G = (417, 320)

769G = 0(dim v cc)
Nu A mun gi cho B bn r m (c m thnh im bn r PM )

PM = (443, 253) E 751( 1, 188) th A phi dng kha cng khai ca B m
ha n.
Gi s kha b mt ca B l n B = 85 , khi kha cng khai ca B l:
PB = n BG = 85 (0, 376 )
PB = (671, 558)
142
A chn s ngu nhin k = 113 v dng PB m ha PM thnh cp

im bn m:
PC = (kG ); (PM + kPB )
PC = [113.(0,376 ), (443,253) + (47, 416 )]

PC = [(34,633), (443,253) + (47, 416 )]
PC = [(34, 633), (217, 606 )]
Da vo PC nhn c, B s dng kha ring n B = 85 tnh PM nh

sau:
(PM + kPB ) n B (kG ) = (217, 606) [85 (34, 633)]

= (217, 606) [(47, 416)]
= (217, 606) + (47, 4 16 ) (v P = (x1, y1 ) )
= (217, 606) + (47, 335) (v 416 335 mod 751 )
= (443, 253)
Sau B nh x im - im bn r PM tr li thng bo gc M.
3.8.5. an ton ca h mt trn ng cong Elliptic.
Sc mnh ECC nm s kh khn i vi thm m khi phi xc nh s
ngu nhin b mt k t kP v P. Phng php nhanh nht gii bi ton ny
l phng php phn tch S - Pollard. ph ECC phc tp tnh ton khi
10
dng phng php S Pollard l 3,8.10 MIPS - nm vi kch thc kha

150 bt (y l s nm cn thit vi mt h thng tnh ton c tc hng
triu lnh/giy). so snh vi phng php nhanh nht ph RSA (l phng
php sng trng s phn tch hp s n thnh tch ca 2 s nguyn t p v
q) ta thy rng vi n c kch thc 768 bt phc tp tnh ton l:
2.108 MIPS - nm , vi n c kch thc 1024 bt, phc tp tnh tan l

3.1011 nm .
Nu di kha ca RSA tng ln ti 2048 bt th cn 3.1020 MIPS nm, trong khi vi ECC ch cn di kha l 234 bt phi yu cu ti
28
1,6.10 MIPS - nm.
143
3.9. h mt McElice.
H mt McEliece s dng nguyn l tng t nh h mt MerkleHellman. Php gii m l mt trng hp c bit ca bi ton NP y
nhng n c ngu trang ging nh trng hp chung ca bi ton. Trong h
thng ny bi ton NP c p dng y l bi ton gii m cho mt m sa
sai (nh phn) tuyn tnh ni chung. Tuy nhin, i vi nhiu lp m c bit
u tn ti cc thut ton gii m vi thi gian a thc. Mt trong nhng lp
m ny l m Goppa, chng c dng lm c s cho h mt McEliece.
3.9.1. nh ngha 3.24.
Gi s k, n l cc s nguyn dng, k n . M C[n , k ] l mt khng gian

k chiu ca (Z 2 )n (khng gian vct ca tt c cc vct nh phn n chiu).
Ma trn sinh ca m C[n , k ] l ma trn nh phn k x n , cc hng ca ma
trn ny to nn c s ca C.
Gi s x , y (Z 2 )n , trong x = (x1 , K , x n ) v y = (y1 , K , y n ) . Ta xc nh
khong cch Hamming: d(x , y ) = {i : 1 i n , x i y i } tc l s cc to m
x v y khc nhau.
Khong cch m C c nh ngha nh sau:
d(C ) = min{d (x , y ) : x , y C , x y}
M [n , k ] c khong cch d c k hiu l m [n , k , d ] .

M sa sai c dng sa cc sai ngu nhin xy ra khi truyn s liu
(nh phn) qua knh c nhiu. iu c thc hin nh sau: Gi s G l
mt ma trn sinh i vi m [n , k , d ] , x l vct nh phn k chiu cn truyn
i. Ngi gi Alice s m ho x thnh mt vct n chiu y = x G ri truyn y
qua knh.
Gi s Bob nhn c vct n chiu r khng ging y, Bob s gii m r
bng chin thut gii m "ngi lng ging gn nht". Theo chin thut ny,
Bob s tm thy t y' c khong cch ti r nh nht. Sau anh ta gii m r
thnh y' , ri xc nh vct k chiu x' sao cho y' = x ' G . Bob hy vng y' = y
v bi vy x ' = x (tc l Bob tin rng cc sai s trn ng truyn c
sa).
144
D dng thy rng, nu sai s trn ng truyn nhiu nht l (d 1) / 2 th

trn thc t chin thut ny s sa c tt c cc sai.
Ta xt trn thc t, thut ton gii m ny c thc hin nh th no? V
C = 2 k nn Bob so snh r vi mi t m anh ta phi kim tra 2 k vct l mt
s ln theo hm m so vi k. Ni cch khc, thut ton ny khng phi l

thut ton chy trong thi gian a thc.
Mt bin php khc (to c s cho nhiu thut ton gii m thc t) da
trn khi nim v syndrom. Ma trn kim tra tnh chn l ca m C[n , k , d ] (c
ma trn sinh G) l mt m trn nh phn (n k ) x n chiu (k hiu l H). Cc
hng ca H s to c s cho cc phn b trc giao ca C (k hiu l C ) v
c gi l m i ngu vi C. Ni cch khc, cc hng ca H l nhng vct
c lp tuyn tnh, cn G H l mt ma trn khng cp k x (n k )
Cho vct r (Z 2 )n , ta xc nh syndrom ca r l H r . Syndrom H r l
mt vct ct c (n k ) thnh phn.
3.9.2. nh l 3.19
Gi s C l mt m [n , k ] c ma trn sinh G v ma trn kim tra tnh chn

l H. Khi x (Z 2 )n l mt t m khi v ch khi H x T = [0 0 K 0]T .
Hn na nu x C , e (Z 2 )n v r = x + e th H x T = H e T .
Ta coi e l vect sai xut hin trong qu trnh truyn t m x. Khi r
biu din vect thu c. nh l trn pht biu rng syndrom ch ph thuc
vo cc sai s m khng ph thuc vo t m c th no c truyn i.
iu ny gi ti mt cch gii m gi l gii m theo syndrom. Trc
tin tnh s = H r T nu s l mt vect khng, th ta gii m r thnh r. Nu khng
th ta s ln lt to tt c cc vct sai c trng s 1. Vi mi vct ny, ta
tnh H e T . Nu c mt vct e no tho mn H e T = s th ta gii m r thnh
r e . Ngc li, li tip tc to cc vect sai c trng s 2, 3, K , [(d 1) / 2] .
Theo thut ton ny, c th gii m cho mt vect nhn c trong nhiu
n
nht 1 + + K +
bc.
d
1
/
2
(
)
1

145
Phng php ny lm vic trn mt m tuyn tnh bt k. i vi mt s

loi m c bit, th tc gii m c th nhanh chng hn. Tuy nhin, trn thc
t, cch gii quyt ny cho chin thut gii m "ngi lng ging gn nht"
vn l mt bi ton NP y . Nh vy, vn cha c mt thut ton gii trong
thi gian a thc bit no cho bi ton gii m theo "ngi lng ging gn
nht" tng qut. (Khi s cc sai s khng b gii hn bi [(d 1) / 2]).
Cng ging nh bi ton tng tp con, c th ch ra mt trng hp c
bit "d", sau ngu trang sao cho n ging vi bi ton chung "kh".
a ra l thuyt s rt di dng, bi vy ta s ch tm lc cc kt qu y.
Mt trng hp kh d c McEliece ngh l dng mt m trong lp cc
m Goppa. Trn thc t, cc m ny c mt thut ton gii m hu hiu. Hn
na cc, cc m ny rt d to v c mt s lng ln cc m Goppa tng
ng c cng tham s.
Cc tham s ca m Goppa c dng n = 2 m , d = 2t + 1 v k = n mt . p
dng trong thc t cho mt h mt kho cng khai, McEliece ngh chn
m = 10 v t = 50 . iu ny ng vi m Goppa [1024 , 524 , 101] . Mi bn r l
mt vct nh phn cp 524 v mi bn m l mt vct nh phn cp 1024.
Kho cng khai l mt ma trn nh phn cp 524 x 1024 . Hnh 3.3 s m t h
mt McEliece.
Cho G l mt ma trn sinh ca mt m Goppa C[n , k , d ] , trong n = 2 m ,
d = 2 t + 1 v k = n mt . Cho s l mt ma trn kh nghch cp k x k trn Z 2 .
Gi s P l mt ma trn hon v cp n x n , ta t G ' = S G P . Cho P = (Z 2 ) ,

2
C = (Z 2 ) v k hiu: K = {(G , S , P , G ')}

n
Trong G, S, P c xy dng nh m t trn v c gi kn, cn G'

c cng khai. Vi K = (G , S , P , G ') , ta nh ngha : e k (x , e ) = x G '+ e . y,
e (Z 2 ) l mt vct ngu nhin c trng s t.
n
Bob gii m bn m y (Z 2 ) theo cc bc sau:

n
1. Tnh y1 = y P 1 .
2. Gii m (Decode) y1 , Bob tm c y1 = x 1 + e1 , x 1 C .
3. Tnh x 0 (Z 2 ) sao cho x 0 G = x 1 .
k
146
4. Tnh x = x 0 S1
Hnh 3.3: H mt McEliece
minh ho cho cc th tc m v gii m (code and decode), xt v d

sau:
V d 1: Ma trn:
1
0
G=
0
0
1
0
0
0
0
1
0
0
0
0
1
1
1
0
1
1
0
1
1
1
1
l ma trn sinh ca m Hamming [7 , 4 , 3] . Gi s Bob chn ma trn S v ma

trn P nh sau:
1
S=
0
1
0
1
1
0
0
1
0
1
v
1
0
0
P = 1
0
1 0 0 0 0 0
0 0 1 0 0 0
0 0 0 0 0 1
0 0 0 0 0 0
0 1 0 0 0 0
0 0 0 0 1 0
0 0 0 1 0 0
Khi ma trn sinh cng khai l:

1
1
G' =
1
1 1 1 0 0 0
1 0 0 1 0 0
0 0 1 1 0 1
1 0 1 1 1 0
By gi gi s Alice m ho bn r x = (1, 1, 0, 1) bng cch dng mt

vect sai ngu nhin trng s 1 c dng: e = (0, 0, 0, 0, 1, 0, 0)
Bn m tnh c l:
147
y = x G' + e
1 1 1 1 0 0 0
1 1 0 0 1 0 0
+ (0, 0, 0, 0, 1, 0, 0)
= (1, 1, 0, 1)
1 0 0 1 1 0 1
0 1 0 1 1 1 0
= (0, 1, 1, 0, 0, 1, 0 ) + (0, 0, 0, 0, 1, 0, 0 )
= (0, 1, 1, 0, 1, 1, 0 )
Khi Bob nhn c bn m y, trc ht anh ta tnh

0
1
0
y1 = y P 1 = (0, 1, 1, 0, 1, 1, 0 ) 0
0
0 0 1 0 0 0
0 0 0 0 0 0
0 0 0 1 0 0
1 0 0 0 0 0 = (1, 0, 0, 0, 1, 1, 1)
0 0 0 0 0 1
0 0 0 0 1 0
0 1 0 0 0 0
Tip theo Bob gii m y1 nhn c x 1 = (1, 0, 0, 0, 1, 1, 0) (Cn l

e1 e do php nhn vi P 1 )
Sau anh ta lp x 0 = (1, 0, 0, 0) (bn thnh phn u tin ca x 1 ).
Cui cng Bob tnh:
1
1
x = S x0 =
0
1 0 1
1 0 0
(1, 0, 0, 0) = (1, 1, 0, 1)
1 1 1
0 0 1
y chnh l bn r m Alice m.
3.10. bi tp.
1. S dng thut ton Euclide m rng tm c chung ln nht ca hai s

a = 1573, b = 308 .
2. Hy tnh 322 mod 23 bng cch dng thut ton nhn v bnh phng c
lp.
3. Hy tnh cc cn bc hai ca 12 mod37 .
148

*
4. Tm tt c cc phn t nguyn thu ca nhm nhn Z19
.
5. Tm phn t nghch o ca 3 trong Z*31 .

6. Vi m, n,s N v p i l cc s nguyn t. Hy chng minh cc tnh cht sau
ca hm -Euler
( )
a. ps = ps 1 .
p
b. ( m, n ) = ( m ) ( n ) nu UCLN ( m, n ) = 1 .
c. ( n ) = m 1
1
1
e1
e1
... 1 trong m = p1 ...p r l phn tch ca m
p1 p r
thnh tch ca tha s nguyn t.

7. Hy tnh ( 490 ) v ( 768 ) .
8. Gii h phng trnh ng d sau:
5x 20 mod 6
6x 6 mod5
4x 5 mod 77
9. Hy dng thut ton Euclide m rng tnh cc phn t nghch o sau:

a. 171 mod 101
b. 3571 mod 1234
c. 31251 mod 9987
10. Ta nghin cu mt s tnh cht ca cc phn t nguyn thu:
a. 97 l mt s nguyn t. Hy chng minh rng x 0 l mt phn t
nguyn thu theo mod ulo 97 khi v ch khi:
x32 1mod 97 v x 48 1mod 97
b. Hy dng phng php ny tm phn t nguyn thu nh nht theo

mod ulo 97 .
c. Gi s p l mt s nguyn t v p 1 c phn tch ra lu tha ca cc
nguyn t sau:
n
p 1 = p eii
i =1
149
y p i l cc s nguyn t khc nhau. Hy chng t rng x 0 l
mt phn t nguyn thu theo

( p 1) p i 1mod p vi 1 i n .
x
mod ulo p
khi v ch khi
11. V d v h mt RSA. Cho p = 7 v q = 17.

a. Tnh n.
b. Cho e (s m m ho) bng 5. Hy tnh s m gii m d.
c. Hy m ho v gii m cho cc s 49 v 12.
Ngi ta bit rng i vi h mt RSA, tp cc bn r bng tp cc bn
m. Tuy nhin bn c cho rng mt s gi tr trong khng gian thng
bo (bn r) l khng mong mun?
12.
13.
a.
b.
c.
14.
Trong h mt Rabin, gi s p = 199, q = 211.

Xc nh 4 cn bc hai ca 1 mod n, trong n = p.q.
Tnh bn m ca 32767.
Xc nh 4 bn gii m c th ca bn m trn.
Xt trng hp n gin ca h mt Merkle-Hellman s dng php hon

v ng nht. Gi s dy siu tng c chn l (2, 3. 6, 13, 27, 52) gi
tr ngu nhin w c chn l 31, modulo M c chn l 105.
a. Hy xc nh kho b mt.
b. Bn tin dng nh phn c dng 011000_110101_101110.
Hy tnh bn m v hy gii m tm li bn tin ban u.
( )
15. y l mt v d v h mt ElGamal p dng trong GF 33 . a thc

x3 + x 2 + 1 l mt a thc bt kh quy trn Z3 [ x ] v bi vy
( )
Z3 [ x ] x3 + x 2 + 1 chnh l GF 33 . Ta c th gn 26 ch ci ca bng
ch ci ting Anh vi 26 phn t khc khng ca trng v nh vy c

th m ho mt vn bn thng thng theo cch truyn thng. Ta s dng
th t theo t in ca cc a thc khc khng thit lp s tng ng.
150
A 1
B2
Cx
D x +1
E x+2
F 2x
G 2x + 1
H 2x + 2
I x2
J x2 + 1
K x2 + 2
L x2 + x
M x2 + x + 1
N x2 + x + 2
O x 2 + 2x
P x 2 + 2x + 1
Q x 2 + 2x + 2
R 2x 2
S 2x 2 + 1
T 2x 2 + 2
U 2x 2 + x
V 2x 2 + x + 1
W 2x 2 + x + 2
X 2x 2 + 2x
Y 2x 2 + 2x + 1
Z 2x 2 + 2x + 2
Gi s Bob dng = x v a = 11 trong h mt ElGamal, khi a = x + 2 .

Hy ch ra cch m Bob s gii m cho bn m sau:
(K, H) (P,X) (N,K) (H, R) (T, F) (V, Y) (E, H) (F, A) (T, W) (J, D)
(V, J).
16. M BCH (15, 7, 5) c ma trn kim tra sau:
1
0
0
0
H=
1
0
0
0 0 0 1 0 0 1 1 0 1 0 1 1 1
1 0 0 1 1 0 1 0 1 1 1 1 0 0
0 1 0 0 1 1 0 1 0 1 1 1 1 0
0 0 1 0 0 1 1 0 1 0 1 1 1 1
0 0 0 1 1 0 0 0 1 1 0 0 0 1
0 0 1 1 0 0 0 1 1 0 0 0 1 1
0 1 1 0 0 0 1 1 0 0 1 1 1 0
1 1 1 1 0 1 1 1 1 0 1 1 1 1
Hy gii m cho cc vect nhn c sau bng phng php gii m theo
syndrom:
a. r =(1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,)
b. r =(1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 0, 0)
c. r =(1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 0, 0)
151
Chng 4 Hm bm, xc thc v ch k s
Chng VI . hm bm, xc thc v ch k s.

4.1. cc hm bm v tnh ton vn ca d liu.
4.1.1. M u.
Cc hm bm ng vai tr c bn trong mt m hin i. Hm bm s to
ra mt u ra t bn tin u vo. u ra ny c nh ngha l m bm (kt
qu bm, gi tr bm).
Ni mt cch chnh xc hn, hm bm h s to ra nh x cc xu bit c
di hu hn tu thnh cc xu bit c di n c nh.
Hm bm h l mt nh x c di n c nh h : D R v
D > R iu ny c ngha l khng th trnh khi cc va chm (tc l cng
mt gi tr u ra c th c nhiu b gi tr vo khc nhau). Nu hm h l

ngu nhin theo ngha tt c cc u ra l ng xc sut th c chng 2 t n cc
u vo nh x ti mi u ra (t: s bit u vo, n: s bit u ra, t > n) v 2
u vo c chn ngu nhin s c cng u ra vi xc sut 2 n (khng ph
thuc vo t).
tng c bn ca vic s dng cc hm bm trong mt m l s dng
chng nh mt nh biu din rt gn (i khi cn c gi l vt, du tay s
hay tm lc thng bo) ca mt xu vo v c th c dng nh th n
chnh l xu vo .
Cc hm bm c dng cho cc s ch k s kt hp vi vic m
bo tnh ton vn ca d liu, khi bn tin trc ht c bm v ri gi tr
bm (c xem nh i din cho bn tin) s c k thay cho v tr bn tin
gc.
Mt lp cc hm bm c gi l cc m xc thc thng bo (MAC Message Authentication Codes) s cho php xc thc thng bo bng k thut
i xng (mt m kha b mt).
Cc thut ton MAC s dng 2 u vo (bao gm bn tin v mt kho b
mt) to ra mt u ra c kch c c nh (n bit) vi m bo rng
nu khng bit kho th vic to ra cng mt u ra l khng kh thi. MAC c
th c dng m bo tnh ton vn ca d liu, xc thc tnh nguyn bn
ca s liu cng nh nh danh trong s mt m c in.
152
Mt ng dng in hnh ca hm bm (khng dng kho) m bo

tnh ton vn ca d liu c th c m t nh sau:
Gi tr bm tng ng vi mt bn tin ring x s c tnh thi im T1.
Tnh ton vn ca gi tr bm ny (ch khng phi l bn thn bn tin) s
c bo v theo mt cch no . thi im tip theo sau T2 php kim tra
sau s c tin hnh xc nh xem liu thng bo c b sa i hay
khng, tc l xem liu bn tin x ' c ging bn tin gc hay khng. Gi tr bm
ca x ' s c tnh ton v so snh vi gi tr bm c bo v, nu
chng bng nhau th bn thu s chp nhn rng x v x ' l nh nhau v nh
vy c ngha l bn tin khng b sa i. Nh vy vn m bo tnh vn
ton ca mt bn tin ln s c qui v m bo cho mt gi tr bm c kch
c c nh (v nh).
ng dng trn thng c gi l m pht hin s sa i (MDC Manipulation Detection Codes).
4.1.2. Cc nh ngha v tnh cht c bn.
4.1.2.1. nh ngha hm bm.
Hm bm l mt hm h c t nht hai tnh cht sau:
a) Tnh cht nn: h s nh x mt u vo x c di bit hu hn tu
ti mt u ra h (x ) c di bit n hu hn.
b) Tnh cht d dng tnh ton: Vi h cho trc v mt u vo x, c th
d dng tnh c h (x ) .
4.1.2.2. Mt s tnh cht ca cc hm bm khng c kho.
Gi s h l mt hm bm khng c kho, x v x ' l cc u vo v y v
y' l cc u ra. Ngoi hai tnh cht c bn trn ta cn c 3 tnh cht sau:
a) Tnh kh tnh ton nghch nh:
i vi hu ht cc u ra c xc nh trc, khng c kh nng
tnh ton tm mt u vo bt k m khi bm s cho ra u ra tng
ng (Tc l tm mt nghch nh x ' sao cho h (x ') = y vi y cho trc v
khng bit u vo tng ng).
b) Kh tm nghch nh th hai:
153
Khng c kh nng tnh ton tm mt u vo cho trc (Tc

l vi x cho trc phi tm x ' x sao cho h (x ) = h (x ') )
c) Tnh khng va chm. Khng c kh nng v tnh ton tm hai u
vo khc nhau bt k x v x ' h (x ) = h (x ') .
Hm bm c thm ba tnh trn c gi l hm bm mt m hay hm bm an
ton.
4.1.2.3. nh ngha hm bm mt chiu (OWHF - oneway hash function).
OWHF l mt hm bm (c hai tnh cht c bn) c tnh cht b xung l :
- Kh tm nghch nh
- Kh tm nghch nh th hai.
4.1.2.4. nh ngha hm bm (CRHF: Collision resistant HF)
CRHF l mt hm bm (c hai tnh cht c bn) c tnh cht b xung l :
- Kh tm nghch nh th hai
- Kh v chm
4.1.2.5. Ch v cc thut ng
Kh tm nghch nh Mt chiu
Kh tm nghch nh th hai Khng va chm yu.
Khng va chm Khng va chm mnh
OWHF Hm bm mt chiu yu.
CRHF Hm bm mt chiu mnh.
4.1.2.6. V d
r bit kim tra ca mt m xyclic (n , k ) vi k > r c th coi l mt hm
bm tho mn hai tnh cht c bn (d tnh ton v nn). Tuy nhin n khng
tho mn tnh cht kh tm nghch nh th hai.
4.1.2.7. nh ngha thut ton m xc thc thng bo (MAC).
Thut ton MAC l mt h cc hm h k (c tham s ho bng mt kho
b mt k) c cc tnh cht sau:
154
(1) D dng tnh ton: Vi h k bit, gi tr k cho trc v mt u

vo x, h k (x ) c th c tnh d dng ( h k (x ) c gi l gi tr
MAC hay MAC).
(2) Nn: h k nh x mt u vo x c di bit hu hn tu ti mt
u ra h k (x ) c di bit n c nh.
(3) Kh tnh ton: Vi cc cp gi tr (x i , h k (x i )) khng c kh nng
tnh mt cp
(x , h k (x )) vi
x xi
(k c c kh nng
h k (x ) = h k (x i ) vi mt i no ).
Nu tnh cht 3 khng tho mn th thut ton c coi l gi mo MAC.

4.1.2.8. Phn loi cc hm bm mt m v ng dng.
Hm bm
Khng c kho
MDC
OWHF
C kho
Cc ng dng khc
Cc ng dng khc
MDC
CRHF
Hnh 4.1
4.1.3. Cc hm bm khng c kho.

(Cc hm bm da trn mt m khi).
4.1.3.1.
nh ngha 4.1:
Mt m khi (n, r) l mt m khi xc nh mt hm kh nghch t cc
bn r n bit sang cc bn m n bit bng cch s dng mt kho r bit. Nu E l
mt php m ho nh vy th E k (x ) k hiu cho php m ho x bng kho k.
4.1.3.2.
nh ngha 4.2:
155
Cho h l mt hm bm c lp c xy dng t mt mt m khi vi hm

nn thc hin s php m ho khi x l tng khi bn tin n bit. Khi
tc ca h l 1/s.
4.1.3.3.
MDC di n.
Ba s di y c lin quan cht ch vi cc hm bm di n, xy
dng trn cc mt m khi. Cc s ny c s dng cc thnh phn c
xc nh trc nh sau:
- Mt mt m khi n bit khi sinh E k c tham s ho bng mt kho
-
i xng k.
Mt hm g nh x n bit vo thnh kho k s dng cho E (Nu cc
kho cho E cng c di n th g c th l hm ng nht)
Mt gi tr ban u c nh IV thch hp dng vi E.
xi
H i 1
H i 1
xi
E
+
xi
H i 1
E
+
Matyas - Mayer - Oseas
E
+
Hi
Hi
Hi
Davies - Mayer
Miyaguchi - Preneel
Hnh 4.2
4.1.3.3.1. Thut ton bm Matyas - Meyer - Oseas.

Vo: Xu bit x
Ra : M bm n bit ca x
(1) u vo x c phn chia thnh cc khi n bit v c n nu cn
thit nhm to khi cui cng hon chnh. Ta c t khi n bit:
x1 x 2 K x t . Phi xc nh trc mt gi tr ban u n bit (k hiu
IV).
(2) u ra l H t c xc nh nh sau:
H 0 = IV , H i = E g (H ) (x i ) x i , 1 i t
i 1
156
4.1.3.3.2. Thut ton bm Davies - Meyer

Vo: Xu bit x
Ra : M bm n bit ca x
(1) u vo x c phn thnh cc khi k bit (k l kch thc kho) v
c n nu cn thit to khi cui cng hon chnh. Biu th
thng bo n thnh t khi k bit: x1 x 2 K x t . Xc nh trc mt
gi tr ban u n bit (k hiu IV).
(2) u ra l H t c xc nh nh sau:
H 0 = IV , H i = Exi (H i1 ) H i1 , 1 i t
4.1.3.3.3. Thut ton bm Miyaguchi - Preneel

S ny tng t nh C1 ngoi tr H i 1 (u ra giai on trc) c
cng mod 2 vi tn hiu ra giai on hin thi. Nh vy:
H 0 = IV , H i = E g (H ) (x i ) x i H i 1 , 1 i t
i 1
Nhn xt: S D - M c th coi l s i ngu vi s M - M - O

theo ngha x i v H i 1 i vai tr cho nhau.
4.1.3.4.
MDC di kp: MDC -2 v MDC - 4.
MDC -2 v MDC - 4 l cc m pht hin s sa i yu cu tng ng l
2 v 4 php ton m ho khi trn mi khi u vo hm bm. Chng s dng
2 hoc 4 php lp ca s M - M - O to ra hm bm c di kp. Khi
dng DES chng s to ra m bm 128 bit. Tuy nhin trong cu trc tng qut
c th dng cc h mt m khi khc MDC-2 v MDC- 4 s dng cc thnh
phn xc nh nh sau:
- DES c dng lm mt m khi E k c u vo/ ra 64 bit v c tham
s ho bng kho k 56 bit.
- Hai hm g v ~g nh x cc gi tr 64 bit U thnh cc kho DES 56 bit nh
sau:
Cho U = u1 u 2 K u 64 , xo mi bit th 8 bt u t u 8 v t cc bit th 2
v th 3 v "10" i vi g v "01" i vi ~g .
157
g(U ) = u1 1 0 u 4 u 5 u 6 u 7 u 9 u10 K u 63
~
g (U ) = u 0 1 u u u u u u K u
1
10
63
ng thi iu ny cng phi m bo rng chng khng phi l cc

kho DES yu hoc na yu v cc kho loi ny c bit th hai bng bit th
ba. ng thi iu ny cng m bo yu cu bo mt l g(IV ) ~g (IV ) .
Thut ton MDC -2 c th c m t theo s sau:
Xi
int1
H i 1
int3
int 2
~
H i 1
int 4
out 2
out 1
~
Hi
Hi
Hnh 4.3
4.1.3.4.1. Thut ton MDC - 2

Vo: Xu bit x c di r = 64t vi t 2 .
Ra : M bm 128 bit ca x
(1) Phn x thnh cc khi 64 bit x i : x1 x 2 K x t .
~
(2) Chn cc hng s khng b mt IV v IV t mt tp cc gi tr

khuyn ngh c m t trc. Tp ngm nh cc gi tr cho trc
ny l ( dng HEXA)
IV = 0 x 52 52 52 52 52 52 52 52
~
IV = 0 x 25 25 25 25 25 25 25 25
(3) K hiu l php ghp v CiL , CiR l cc na 32 bit phi v tri ca

Ci
158
u ra h (x ) = H t H t c xc nh nh sau: (vi 1 i t )
~
H 0 = IV , k i = g (H i 1 ) , C i = E ki (xi ) xi , H i = C iL C iR
~
~
~
~ ~
~
~
H 0 = IV , k i = g~ H i 1 , C i = E k~ ( xi ) xi , H i = C iL C iR
Thut ton MDC - 4 c th c m t theo s sau:

Xi
int 2
int 1
G i 1
int 3
MDC - 2
~
int 1 G i 1 int 2 G i 1
Hi
int 3
int 4
MDC - 2
~
Hi
out 2
out 1
Gi
~
G i 1
int 4
~
Gi
Hnh 4.4
4.1.4. Cc hm bm c kho (MAC).

Cc hm bm c kho c s dng xc thc thng bo v thng
c gi l cc thut ton to m xc thc thng bo (MAC).
MAC da trn cc mt m khi.
Thut ton
Vo: D liu x, mt m khi E, kho MAC b mt k ca E.
Ra : n bit MAC trn x (n l di khi ca E)
(1) n v chia khi: n thm cc bit vo x nu cn. Chia d liu
n thnh tng khi n bit : x1 x 2 K x t .
(2) X l theo ch CBC.
K hiu E k l php m ho E vi kho k.
Tnh khi H t nh sau:
H1 E k (x1 )
H i K k (H i 1 x i )
2it
(3) X l thm tng sc mnh ca MAC

159
Dng mt kho b mt th hai k ' k . Tnh
( )
H 't E k1' (H t ) , H t = E k H 't
(4) Kt thc: MAC l khi n bit Ht

x1
IV= 0
k
x2
H1
+
E
x3
H2
+
k
xt
H t 1
H3
+
k
E
X
l
thm
K'
Hnh 4.5 Thut ton MAC dng CBC
+
E
Ht
E-1
H 't
4.1.5. Tnh ton vn ca d liu v xc thc thng bo.

4.1.5.1. nh ngha 4.3.
Tnh ton vn ca d liu l tnh cht m bo d liu khng b sa i
mt cch bt hp php k t khi d liu c to ra, c pht hoc c lu
gi bi mt ngun c xc nh.
4.1.5.2. nh ngha 4.4.
Xc thc tnh nguyn bn ca d liu l mt kiu xc thc m bo mt
bn lin lc c chng thc l ngun thc s to ra d liu mt thi
im no trong qu kh.
Xc thc thng bo l mt thut ng c dng tng ng vi xc thc
nguyn gc ca d liu.
C ba phng php cung cp tnh ton vn ca d liu bng cch dng cc
hm bm.
- Ch dng MAC
Thng bo
Thng bo
Thut ton MAC
MAC
160
Kho b mt
Knh khng an ton
Ht
- Dng MDC v m ho
Thng bo
Thut ton MDC
Thng bo
Kho b mt
Thut ton
m ho
MDC
Knh khng an ton

Thng bo
MDC
- S dng MDC v knh tin cy

Thng bo
Thut ton MDC

MDC
Knh tin cy
Knh khng an ton
4.1.5.3. Cc phng php m bo xc thc tnh nguyn vn ca d liu.

- Dng MAC.
- Dng cc s ch k s.
- Gn (trc khi m ho) mt gi tr th xc thc b mt vo vn bn c
m.
4.2. Trao i v tho thun kho.
Gi s A v B mun lin lc s dng h mt kho b mt. tho thun
mt kho K chung cho c hai bn qua mt knh khng an ton m khng ai
khc c th bit c, A v B c th dng th tc tho thun kho Diffie Hellman sau:
(1) Chn trc mt s nguyn t p thch hp v mt phn t sinh ca
Z*p (2 p 2 ) . Cc gi tr p v c cng khai.
(2) A gi cho B gi tr x mod p . (2.1)

B gi cho A gi tr y mod p . (2.2)
(3) Thc hin cc bc sau mi khi cn c kho chung:
161
(a) A chn mt s nguyn b mt x: 1 x p 2 v gi cho B thng bo

(2.1).
(b) B chn mt s nguyn b mt y: 1 y p 2 v gi cho A thng bo
(2.2).
( )
v tnh kho chung k: k = ( )
(c) B thu c x v tnh kho chung k: k = x mod p

(d) A thu c y
y x
mod p
V d: Gi s A v B chn p = 11 v = 2
Nhm nhn xyclic sinh bi :
{ , i = 0 , 9}= {1, 2 , 4 , 8 , 5 ,10 , 9 , 7 , 3 , 6}

i
(Cc phn t sinh ca nhm ny bao gm cc phn t sau: = 2 , 3 = 8 ,

7 = 7 , 9 = 6 )
Gi s A chn gi tr ngu nhin x = 4 v gi cho B gi tr 2 4 mod 11 = 5 .

Gi s B chn gi tr ngu nhin y = 7 v gi cho A gi tr 27 mod 11 = 7 .
B nhn c 5 v tnh kho chung k = 57 mod 11 = 3
A nhn c 7 v tnh kho chung k = 7 4 mod 11 = 3
4.3.
H mt da trn nh danh.
4.3.1. tng c bn.

H mt da trn nh danh do Shamir xut [16] l mt h mt bt i
xng trong thng tin nh danh ca thc th (tn ring) ng vai tr kho
cng khai ca n. Trung tm xc thc T c s dng tnh kho ring
tng ng ca thc th ny. Trong cc h mt kho cng khai thng thng
mi ngi s dng c mt cp kho (s, P) trong s l kho b mt (ch c
ngi dng ny bit) cn P l kho cng khai m mi ngi u c th bit.
Nh vy, cc kho cng khai khng cn phi gi kn m cn cng b rng ri.
Tuy nhin tnh cng khai ny li tr thnh i tng cho cc tn cng tch cc
nh vic thay kho cng khai gi vo v tr kho cng khai thc trong danh b.
Bi vy, ngoi cp kho (s, P) ta cn phi c chui nh danh I v mt du
hiu m bo G bit rng P thc s l kho cng khai ca ngi dng I v
khng phi l mt k gi mo. Khi ta s dng cc h mt da trn nh danh,
kho cng khai s tng ng vi nh danh (P = I). Cn du hiu m bo
162
s tng ng vi kho b mt (tc l G = s). H thng ny c nhiu c tnh

tt do khng phi lu tr chng ch kim tra.
Sau khi tnh kho ring ca mt ngi dng T s chuyn kho ring cho
ngi dng trn mt knh ring an ton. Kho ring ny c tnh khng
ch t thng tin nh danh ca thc th m cn phi l mt hm ca mt thng
tin ring no ch c T mi bit (Kho ring ca T). y l iu cn thit
nhm trnh gi mo v bt chc. iu ch yu l ch T mi c kh nng to
cc kho ring hp l ph hp vi thng tin nh danh.
4.3.2. S trao i kho Okamoto-Tanaka.
Phn ny m t tm lc s trao i kho Okamoto-Tanaka [17] l mt
h thng phn phi kho da trn nh danh. S ny gm 3 pha sau:
a. Pha chun b.
Trung tm xc thc tin cy chn 2 s nguyn t p v q v a cng khai
cc gi tr n, g v e, trong n = p.q, g l phn t sinh ca c Z*p v Z*q , cn
e Z* ( n ) . y, hm Carmichael ca n c xc nh nh sau:
( n ) = BCNN ( p 1, q 1)
Cho d Z* ( n ) l kho b mt ca trung tm tha mn iu kin:

ed 1 ( mod ( n ) )
Trung tm T
sB = ID B d
sA = ID Ad
Ngi dng
Alice
Ngi dng
Bob
x A = sA .g rA
x B = sB .g rB
WK AB = ID B x eB
rA
WK BA = ID A x eA
rB
Hnh 4.6: S trao i kho Okamoto-Tanaka

163
b. Pha tham gia ca ngi dng.

Cho ID i l thng tin nh danh ca ngi dng th i ( i = A, B, C,...) . Cho
si l kho b mt ca ngi dng i tho mn:
si ID i d ( mod n )
Sau trung tm T s cng b (e, n, g, ID i ) v phn pht si ti mi ngi

dng i qua mt knh an ton (hoc bng cch dng th).
c. Pha to kho chung.
Ta gi s y rng hai ngi dng Alice v Bob mun chia s mt kho
chung (chn hn dng cho mt h mt kho b mt).
Trc tin Alice to mt s ngu nhin rA v tnh:
x A sA g rA ( mod n )
v gi n cho Bob.
Tng t, Bob to mt s ngu nhin rB v tnh:
x B sB g rB ( mod n )
v gi n cho Alice.
Tip theo, Alice tnh:
WK AB = ID B x eB
rA
( mod n )
Tng t, Bob tnh

WK BA = ID A x eA
rB
( mod n )
WKAB v WKBA s dng lm kho chung v:
164
WK AB = ID B .x eB
rA
) .g
= ID B sB .g rB
= ID B ID B d
rA
rB e
rA
= g e.rB .rA
= WK BA ( mod n )
V d: p = 11, q = 13, n = p.q = 143

(143 ) = 60
Z * ( ) = {1,7,11,13,17,19,23,29,31,37, 41, 43, 47, 49,53,59}
Gi s e = 43 , khi d = 7
Vi ID i = 2 v ID j = 3 ta c:
si =
si =
27
si = 19
mod143
mod143
37
si = 126
pha to kha chung:

Gi s A chn ri = 3 , khi X i = 19.23 mod143 = 9
A gi X i cho B
Gi s B chn rj = 2 , khi X j = 126.22 mod143 = 75
B gi X j cho A
A tnh WK ij = ID i X ei mod n = 2.9 43
mod143 = 25
B tnh WK ji = 2 43.2.3 mod143 = 25

4.4. cc s ch k s khng nn
4.4.1. Ch k s Shamir
Chui bt thng bo trc ht c tch thnh cc vct k bt M.
165
Gi s M [0, n 1]
M = (m1 ,K, m i ,K, m k )
Mt ma trn nh phn b mt k 2k (ma trn H) c chn ngu nhin

cng vi mt gi tr modulus n, trong n l mt s nguyn t ngu nhin k
bt (thng thng k = 100bt). Mt vect A 2Kbit (c dng lm kha cng
khai) c chn trn c s gii h phng trnh tuyn tnh sau:
h1,1
h 2,1
M
h k ,1
h1,2
h1,2k 1
h 2,2
h 2,2k 1
h k ,2
h k ,2k 1
a
h1,2k 1
20
a
h 2, 2 k 2
21
a mod n =
M 3
M
M
k 1
h k ,2k
a
2
2k
{ }
Ni mt cch khc, cc h s h ij c chn l ngu nhin sao cho tha

mn h phng trnh tuyn tnh sau:
2k
i 1
vi 1 i k
h ija j mod n = 2 mod n
j=1
y l h k phng trnh tuyn tnh moulo vi 2k n. Bi vy k gi tr

u ca vct A c xc nh theo cc phng trnh trn. Vct A cng vi n
(tc l cp (A, n)) l cc thng tin cng khai, trong khi ma trn H c gi
kn.
S = Dk
(M )
S = M H A mod n A
M = Ek
(S)
M = (SA A )mod n B
Hnh 4.7: Xc thc thng bo dng s ch k Shamir
4.4.1.1. Xc thc thng bo dng s Shamir.

Ngi gi A c th chng t cho mt ngi dng khc trn mng B tnh
xc thc ca thng bo M bng cch dng kha ring ca mnh (H A ,n A ) i
vi thng bo M.
166
S = Dk
(M )
S = M H A mod n A
r
Trong M biu th vct o bt ca M, tc l:
M = (m k , m k 1,K, m 2 , m1 )
r
Cc bt ca thng bo k l:
k
si =
mihij
vi 1 j 2k
i =1
si [0, k ]
Ch c A c th to ra 2Kbt {si } t k bt ca thng bo {mi } v ch c A
{ }
mi to c 2.k phn t ca ma trn h i, j
4.4.1.2. Kim tra thng bo.

Mi ngi dng trn mng c th kim tra tnh xc thc ca thng bo do
A gi bng cch dng thng tin cng khai (A A ,n A ):
E k (S) = S A A mod n A
A
E k (S) = M H A A A mod n A
A
E k (S) = M
A
Tc l :
2k k
s ja j mod n A =
mi h ij a j mod n A
j=1 i =1
j=1
2k
2k
s ja j mod n A =
mi
h ija j mod n A
i =1
j=1
j=1
2k
mi 2i1 mod n A
i =1
V d: Cho k = 3, n = 7
Khi thng bo M [0, 6], mi bt ca thng bo mi [0,1]
167
Ma trn H c chn trc nh sau:
H = 1
1
0
1
0
1
1
0
1
0
0
0
1
0
1
1
Chng hn ta chn c k phn t u tin ca vct A l: a1 = 1 , a 2 = 3 ,

a 3 = 4 . Khi k phn t cn li ca A c xc nh bng cch gii:
1
1
0
1
0
1
1
0
1
0
0
1

3
0
1

4
0 mod 7 = 2 mod 7
a
4
1 4

a5

a
6
0
1
1
Kt qu ta c: a 4 = 4 , a 5 = 1 , a 5 = 2 .
Khi vct kha cng khai A l: A = (1, 3, 4, 4,1, 2 ) .
xc thc thng bo M = 3 (tc l M = (0, 1, 1)) ngi gi A dng kha
ring ca mnh l ma trn H v tnh:
r
S= M H
0
S = (1,1, 0 ) 1
1
0
1
0
1
1
0
1
0
0
S = (1,1, 2, 1, 1, 0 )
0
1
1
0
1
pha thu, ngi thu s to li thng bo da trn thng tin v kha cng
khai ca A v n.
1

3
4
M = S A = (1,1, 2, 1, 1, 0 ) mod 7
4
1

2

M = 17 mod 7 = 3
168
Nh vy thng bo M c xc thc v ch c ngi gi A mi c th

to ra mt thng bo c ngha.
S ch k s Shamir c m t trn l khng an ton v vi mt cp
bn r bn m thch hp thm m mi c th xc nh c ma trn H. Bng
cch ngu nhin ha thng bo M trc khi k ta c th trnh c nguy c
ny:
Vct A s c nhn vi mt vect ngu nhin R c 2Kbt:
R = (r1,K, r2k ) ri thc hin php bin i sau:
M ' = (M R A ) mod n
Hay M = (M '+ R A ) mod n
k cho thng bo bin i M ta cng o ngc cc bt v nhn n

vi H. Tuy nhin kt qu ny li c cng vi vct R.
S ' = M 'r H + R
h1,1
h2,1
S ' = mk' ,K , m1'
M
h
k ,1
h1, 2 K h1, 2 k 1
h2, 2 K h2, 2 k 1
M
M
M
hk , 2 K hk , 2 k 1
S ' = (s1 ,K , s 2 k ) + (r1 ,K , r2 k )
S ' = s1' ,K, s 2' k
h1, 2 k
h2, 2 k
+ (r1 , K , r2 k )
M
hk , 2 k
im thu, ngi s dng kim tra tnh xc thc ca thng bo S bng

cch vct kha cng khai A:
)
(
= (M H A + R A )mod n
= (M + R A )mod n
'r
S'A mod n = M H + R A mod n

'r
'
= (M R A + R A ) mod n
=M
Cn ch rng, vo nm 1984 Odlyzko ph c s ch k ny.
V d: Tr li v d trc vi k = 3, n = 7.
Ma trn kha cng khai H c dng:
0
H = 1
1
169
0
1
Vct kha cng khai: A = (1, 3, 4, 4,1, 2)

Gi s ra chn ngu nhin vect R 2Kbt nh sau:
R = (1,1, 0, 0, 0,1)
Khi thng bo M l:
1

3
4
M ' = M (R A ) = 3 (1,1, 0, 0, 0,1) mod 7
4
1

2

M ' = 3 6 mod 7 = 3 mod 7 = 4
Thng bo ngu nhin ha M' = 4 = (1, 0, 0)
Ch k xc thc S c tnh nh sau:
S' = M 'r H + R
0
S' = (0, 0, 1) 1
1
S' = (1, 0, 0, 0,1) + (1,1, 0, 0, 0,1)
0 + (1,1, 0, 0, 0,1)
1
S' = (2,1, 0, 0,1, 2 )
Da trn S nhn c, bn thu s kim tra bng cch s dng vct kha
cng khai A:
1

3
4
M = S'A = (2,1, 0, 0,1, 2 ) mod 7 = 10 mod 7 = 3
4
1

2
4.4.2. S xc thc Ong-Schnorr-Shamir.
S xc thc ny c Ong,Schnorr v Shamir a ra vo 1984.
Trong s ny, ngi gi (ngi s dng A) chn mt s nguyn ln
n A ( n A khng nht thit phi l mt s nguyn t). Sau A chn mt s
170
ngu nhin k A nguyn t cng nhau vi n A (tc l UCLN (k A , n A ) = 1 ).

Kha cng khai k A c tnh nh sau:
K A = (k A ) mod n A
2
Cp (k A , n A ) c a cng khai cho mi ngi dng trong mng.

xc thc mt thng bo M (M nguyn t cng nhau vi n A ), ngi gi s
chn mt s ngu nhin R A ( R A cng nguyn t cng nhau vi n A ) ri tnh
thng bo c xc thc l cp S = (S1, S2 ) sau:
S1 = 2
S2 = 2
[(MR )+ R ]mod n
k [(MR ) R ]mod n
1
A
1
A
Sau A gi S cho bn thu qua mng.

Vic kim tra tnh xc thc bn thu c thc hin nh sau:
S1 + K AS2 mod n A = M
Thc vy ta c:
[ [( ) ]] + K [2 k [(MR ) R ]] mod n
)
[(MR ) + R ] + 4 K k [(MR ) R ] mod n
[(MR ) + R ] 4 k k [(MR ) R ] mod n
[(MR ) + R ] 4 [(MR ) R ] mod n
[M R + 2MR R + R ] [M R 2MR R + R ]mod n
(M R + 2M + R M R + 2M R )mod n
S12 + K A S 22 mod n A = 2 1 MR A1 + R A
=4
1
A
=4
1
A
=4
1
A
=4
=4
=4
2
A
2
A
1
A
2
A
2
A
1
A
2
A
1
A
2
A
1
A
1
A
2
A
2
A
2
A
1
A
2
A
2
A
(2M + 2M ) mod n A
=M
V d: Gi s ngi gi A chn n A = 27 v k A = 5
(ta c .(27, 5) = 1). A tnh K A nh sau:
K A = (k A )2 mod n A = (5) 2 mod 27
( )
2
= 51 mod 27 = (11)2 mod 27
= 121mod 27 = 14
Khi thng tin kha cng khai l (K A , n A ) = (14,27 ) .
171
Sau khi A chn mt cp s ngu nhin R A vi iu kin (R A , n A ) = 1 ri

tnh cp ch k S = (S1, S2 ) t R A v thng bo M (vi iu kin
(M, n A ) = 1). Chng hn R A = 13 v M = 25 .

S1 = 2
[(MR )+ R ]mod n
1
A
= 14[(25.25) + 13]mod 27
= 14.638 mod 27 = 8932 mod 27 = 22
1
[(
S2 = 2 k A MR A R A mod n A
= 14.5[(25.25) 13]mod 27
= 70.612 mod 27 = 42840 mod 27 = 18
(Ta c 2 1 mod 27 = 14 v 131 mod 27 = 25 ).
Sau cp S = (S1 , S2 ) = (22, 18) s c gi qua mng ti ngi nhn B.

B s kim tra tnh xc thc ca thng bo bng kha cng khai ca A l
cp (K A , n A ) = (14,27 ) . B tnh :
S12 + K AS22 mod n A = 22 2 + 14.18 2 mod 27

= 484 + 14.324 mod 27
= 5020 mod 27
= 25 = M
4.5. cc s ch k s c nn
Trong thc t, cc bn tin c th l mt vi trang vn bn hoc l cc file
d liu ln. Trong phn trn ta thy rng cc ch k cho thng bo cng c
ln nh bn thn cc bn tin. Trong phn ny ta s m t mt s s ch k
s m ln ca n thng l nh hn v khng ph thuc vo ln ca
bn tin. l cc ch k s c nn.
4.5.1. Nn ch k.
Hnh 4.8 ch ra mt phng php nn ch k.
S1 = E K (M1 )
S2 = E K (M 2 S1 )
M
172
SJ = E K M J SJ 1
Theo cch ny ta to c mt ch k Sk (M )
SK (M ) = E K M1 M 2 K M J SJ
M1
MJ
M2
EK
EK
EK
SJ 1
EK
S2
S1
SJ
EK
SK (M )
Hnh 4.8: Vng nn ch k
4.5.2. S ch k Diffie Lamport.

Trong s ny mt ch k s cho n bt bn tin c to nh sau:
(1). Chn n cp kha ngu nhin (chng hn nh kha 56 bt ca DES) c
gi b mt:
i =1
K1,0 , K1,1
i=2
M
i=n
(
)
(K 2,0 , K 2,1 )
(K n,0 , K n,1 )
(2). Chn mt dy S gm n cp vct ngu nhin (chng hn nh cc khi

u vo 64 bt ca DES), dy ny c a ra cng khai:
S = S1,0 , S1,1 , S2,0 , S2,1 ,K, Sn ,0 , Sn ,1
{(
)(
) (
)}
(3). Tnh R l dy cc kha m (chng hn l cc dy ra ca DES)

R = R1,0 , R1,1 , R 2,0 , R 2,1 ,K, R n ,0 , R n ,1
{(
)(
( )
) (
)}
Trong : R ij = E K Si, j vi 1 i n v j = 0,1

i, j
Dy R cng c a cng khai.
173
Ch k SG(M) ca mt bn tin n bt M = (m1, m 2 ,K, m n ) chnh l dy

kha sau: M = K1,i , K 2,i ,K, K n , i trong ch s kha i j = m j .
1
2
n
V d : Nu thng bo M l :
M = m1 m 2
M= 1
0
m3
0
m 4 K m n 1 m n
1 K 1
1
K 2,i
Th ch k SG(M) l:
SG (M ) = K1,i
SG (M ) = K1,1
K 2,0
K 3,i
K 3,0
K 4, i
K 4,1
K K n 1, i
n 1
K K n 1,1
K n,i
K n ,1
S ch k Diffie-Lamport c m t trn hnh sau:

M
Bn tin n bt
Khi nn
H(M )
Cc kha
K1,0 , K 2,0 , K , K r ,0
K1,1, K 2,1, K , K r ,1
Chn kha
SG(M)
S1, 0 , S1,1 , S 2, 0 , S 2,1 K , S r , 0 , S r ,1
E K (S)
R 0,1 , R1,1 , R 2,0 , R 2,1 K, R r ,0 , R r ,1
Hnh 4.9: S ch k D-L (u pht)
Bn tin M v ch k SG(M) u c gi ti ni thu.

Bn tin c th kim tra tnh xc thc ca thng bo bng vic m ha cc
vct tng ng ca dy S bit vi ch k SG(M) nhn v so snh bn
m to ra vi dy R bit.
174
EK
S = R
1, i1
1, i1
1,i 1
?
E K S2,i = R 2,i
2 ,i 2
2
2
M
EK
S
= R
n
,
i
n,i n
n ,i n
n
Nu dy n vct ny bng nhau th ch k c xem l xc thc.
R , R
,K, R n , i = E K S1, i ,K, E K Sn , i
1
,
i
2
,
i
1
2
n
n ,i n
n
1,i1 1
Cn ch rng s ch k D-L s m rng di ch k ch khng
phi l nn n ! Nu DES c s dng th mt bn tin n bt s cn mt ch
k s SG(M) c di l 56.n bt. V vy, khc phc nhc im ny bn
tin n cn c nn thnh mt bn tm lc thng bo r bt (r << n ) bng mt
hm bm H(M) trc khi p dng s D-L.
Hnh 4.10 ch ra qu trnh kim tra ch k.
SG(M)
M
Bn tin n bt
SG(M)
K1, i ,K, K n , i
1
H(M)
S
S1,i ,K, Sn ,i
Chn cc phn t ca S
S1,i ,K, Sr ,i
1
R1,i ,K, R r ,i
1
E K (S)
R1,i ,K, R n ,i
Chn cc phn t ca R
K1, i ,K, K r , i
So snh
u ra xc thc
Hnh 4.10: Kim tra ch k D-L (u thu)
Cn ch rng ch k y ch cn l tp r kha.
Mt hn ch khc cn phi ni ti l : v mt na s kha b l sau khi
kim tra nn s ny ch c th c s dng mt ln vi mt cp kha cho
175
trc. khc phc nhc im ny ta c th s dng s ch k da trn

cc h mt kha cng khai.
4.5.3. S ch k RSA
Ch k s c xy dng trn c s kt hp m ho kho cng khai vi
hm bm. Tuy nhin cch s dng kha y khc vi trong cc h mt kha
cng khai.
Cc bc to ch k v kim tra ch k c m t trn hnh sau:
Hp ng
kinh t
.
Thut ton
bm
a3edbf5
Tm lc thng bo
Bn tin gc
3408scj ..
M ho
Kho cng khai
Tm lc m
Kho b mt ca
ngi gi
3408scj ..
Thng bo c k
bng ch k s
Hp ng
kinh t
.
Hnh 4.11: To mt thng bo c k bng ch
176
3408scj ..
Gii m
a3edbf5
Tm lc m
Kho cng khai
ca ngi gi
Hp ng
kinh t
.
Tm lc thng bo
c phc hi
Thut ton
bm
a3edbf5
Tm lc thng bo
Hnh4.12: Cc bc kim tra mt thng bo k
V d: S ch k s RSA.
C th coi bi ton xc thc l bi ton "i ngu" vi bi ton bo mt.
V vy, s dng ngc thut ton RSA ta c th c c mt s ch k s
RSA nh sau:
Gi s n = p.q , trong p v q l cc s nguyn t ln c kch thc tng
ng.
K = (n , e , d ) : d Z n* , ed 1 mod(n )
Vi K = (n , e , d ) ta c D = d l kho b mt, E = (n , e ) l kho cng khai,

m l bn tin cn k.
To ch k
: S = sig D (m ) = m d mod n
Kim tra ch k: verE (m , s ) = ng m Se mod n .
Hot ng ca s ch k RSA c th m t nh sau:
a. Trng hp bn tin r m khng cn b mt (Hnh 4.13.).
A k bn tin m v gi cho B.
B kim tra ch k ca A.
Gi (m , SA ) cho B
A
Cng b E A
DA = d A
E B = (e B , n B )
E A = (e A , n A )
K: SA = m d mod n A
A
Cng b E B
DB = dB
Ly E A
eA
Kim tra: m = SA mod n A
Hnh4.13: S ch k s RSA (khng b mt bn tin)

177
Gi s A mun gi cho B bn tin r m c xc thc bng ch k s ca

mnh. Trc tin A tnh ch k s
SA = sig D (m ) = m d mod n A
A
Sau A gi cho B b i (m , SA ) . B nhn c (m , SA ) v kim tra xem

iu kin m SA e mod n A c tho mn khng. Nu tho mn, th khi B
A
khng nh rng verE (m , SA ) nhn gi tr ng v chp nhn ch k ca A

A
trn m.
b. Trng hp bn tin r m cn gi b mt (Hnh 4.14).
A k bn tin r m c ch k SA . Sau A dng kho m cng khai
E B ca B lp bn m M = E B (m , SA ) ri gi n B. Khi nhn c bn m
M, B dng kho b mt D B ca mnh gii m cho M v thu c m , SA .

Tip dng thut ton kim tra verE xc nhn ch k ca A.
A
Gi M cho B
Ly E B
DA = d A
Cng b E A
E B = (e B , n B )
E A = (e A , n A )
Cng b E B
DB = dB
Ly E A
B tnh:
A tnh:
dB
i.
SA = m d mod n A
i. X = M
ii.
X = m Sa
ii. X = m Sa
mod n B
iii. Kim tra: m = SeA mod n A
iii. M = X e mod n B
Hnh4.14: S ch k s RSA (c b mt bn tin)
4.6. bi tp
1. Gi s p =25307 cn = 2 l cc tham s cng khai dng cho th tc tho
thun kho Diffie-Hellman.
Gi s A chn x = 3578 v B chn y = 19956. Hy tnh kho chung ca A
v B.
178
2. Gi s n = pq , p v q l hai s nguyn t ring bit ln sao cho p = 2p1 + 1

v q = 2q1 + 1 , vi p1 , q1 l cc s nguyn t. Gi s l phn t c cp
*
2p1q1 trong Zn (y l bc ln nht ca phn t bt k trong Zn ). nh
ngha hm bm h : 1,K, n
} Z
*
x
n theo quy tc h (x ) = mod n .
By gi gi s n = 603241 v = 11 c dng xc nh hm bm theo

kiu
ny
v
ta
c
ba
va
chm
i
vi
h : h (1294755) = h (80115359) = h (52738737 ) Dng thng tin ny phn
tch nhn t n
3. v d trong s trao i kha Okamoto Tanaka, hy tnh tt c cc cp
(e, d).
179
Ti liu tham kho
Ti liu tham kho

[1]
A. J. Menezes, P. C. Van Oorschot, S. A. Vanstone.

Handbook of applied cryptography. CRC Press 1998.
[2] B. Schneier. Applied Cryptography. John Wiley Press 1996.
[3] D. R. Stinson. Cryptography. Theory and Practice. CRC Press 1995.
[4] Nguyen Binh. Crypto-system based on Cyclic Goemetric Progresssions over
polynomial ring (Part 1). Circulant crypto-system over polynomial ring (Part
2) 8th VietNam Conference on Radio and Electronics, 11-2002
[5] M. R. A. Huth. Secure Communicating Systems. Cambridge University Press
2001.
[6] W. Stallings. Network Security Essentials. Applications and Standards.
Prentice Hall. 2000.
[7] C. Pfleeger. Security in Computing. Prentice Hall. 1997.
[8] R. Needham, M. Schroeder. Using Encryption for Authentication in large
Networks of Computers. Comm ACM, v21 n12, Dec 1978.
[9] G. Simmons. Contemporary Cryptology. IEEE Press 1992.
[10] S. Bellovir, M. Merritt. Encrypted Key Exchange.
Proc.
IEEE Symp. Security and Privacy
IEEE Comp Soc Press 1992.
[11] D. Denning, D. Branstad. A Taxonomy of Key Escrow Ecryption Systems.
Comm ACM, v39 n3, Mar 1996.
[12] M. Blum. Coin flipping by Telephone. SIGACT News, 1981.
[13] S. Even. A Randomizing Protocol for Signing Contracts. Comm ACM, v28 n6,
Jun 1985.
[14] R. Merkle, M. Hellman. On the security of Multiple Encryption. Comm ACM,
v24 n7, July 1981.
[15] W. Tuchman, Hellman Presents No Shortcut Solutions to the DES.
IEEE Spectrum, v16 n7, Jun 1979.
[16] A.Shamir. Identity-based cryptorytions and signature schemes.
Advanced in Cryptology - CRYPTO'84, LNCS196
Springer_Verlag, pp.47-53, 1985
[17] E.Okamoto, K.Tanaka. Key distribution system based on indentification
information.
IEEE J.Selected Areas in communications, Vol.7,pp.481-485, 1989.
[18] Secure Communications and Data Encryption. Course notes
Jean Yves Chouirard. University of Ottawa. April 2002.
[19] Nguyn Bnh. Gio trnh mt m hc. NXB Bu in 2004
180
Phu lc 1 - i s tru tng
Ph lc 1 - i s tru tng.
1.1. Nhm.
1.1.1. Php ton hai ngi:
nh ngha 1.1: Php ton hai ngi * trn tp S lmt nh x t S x S vo
S. Tc l * l mt quy tc gn mi cp c sp cc phn t trong S vi mt
phn t ca S.
1.1.2. nh ngha nhm.
Nhm (G,*) cha tp G l mt php ton hai ngi * trong G tho mn ba
tin sau:
(1) Php ton nhm kt hp. Tc l
a * (b * c) = (a * b) * c
a, b, c G .
(2) C mt phn t 1 G c gi l phn t n v tho mn.
a *1 = 1* a
a G
1
(3) Vi mi a G , tn ti mt phn t a G c gi l ngc ca a
1
sao cho a * a = a * a = 1
Nhm c gi l giao hon (hay nhm Abel) nu
(4) a * b = b * a
a, b, G
Cn ch rng khi nim nhm nhn c s dng cho php ton

nhm trn. Nu php ton nhm l php cng th nhm c gi l nhm
cng, phn t n v ca nhm ny c k hiu l 0, cn phn t ngc ca a
c k hiu l a
1.1.3. Nhm hu hn.
nh ngha 1.2: Nhm G hu hn nu G l hu hn. S cc phn t ca
nhm G c gi l cp ca nhm.
V d v nhm:
- Tp cc s nguyn Z vi php ton cng s to nn mt nhm. Phn t n
v ca nhm ny l 0, phn t ngc ca mt s nguyn a l s nguyn
a.
- Tp Z n vi php cng modulo n to nn mt nhm cp n. Tp Z n vi php
ton nhn theo modulo n khng phi l mt nhm v khng phi mi phn
t ca nhm u c nghch o (phn t ngc ca php nhn). Tuy nhin
181

*
tp Z n s l mt nhm cp (n ) vi php ton nhn theo modulo n v c
phn t n v l 1
1.1.4. Nhm con.

nh ngha 1.3: Mt tp con khng trng H ca nhm G c gi l mt
nhm con ca G nu H l mt nhm vi php ton nhm tng ng trong G.
Nu H l mt nhm con ca G v H G th H c gi l nhm con thc s
ca nhm G.
1.1.5. Nhm Xyclic.
1.1.5.1. nh ngha 1.4: Nhm G c gi l nhm xyclic nu tn ti mt
phn t G sao cho vi mi b G c mt s nguyn i vi b = i . Phn t
nh vy c gi l phn t sinh ca G.
1.1.5.2. nh l 1.1: Nu G l mt nhm v a G th tp tt c cc lu tha
ca a s to nn mt nhm con xyclic ca G. Nhm ny c gi l nhm con
sinh bi a v c k hiu l a
1.1.6. Cp ca mt phn t.
1.1.6.1. nh ngha 1.5: Cho G l mt nhm v a G . Cp ca a c xc
nh bng s nguyn dng t nh nht m bo a t = 1. Nu khng tn ti t
nh vy th cp ca a c coi l .
1.1.6.2. nh l 1.2: Cho G l mt nhm v a G l mt phn t c cp t hu
hn. Khi a (lc lng ca nhm con sinh bi a) bng t.
1.1.6.3. nh l 1.3 (Lagrange): Nu G l mt nhm hu hn v H l mt
nhm con ca G, khi H l c ca G . Bi vy, nu a G th cp ca a l
c ca G
1.1.6.4. nh l 1.4 : Mi nhm con ca mt nhm xyclic u l nhm
xyclic. Nu G l mt nhm xyclic cp n th i vi mi c dng d ca n, G
s cha ng mt nhm con cp d.
1.1.6.5. nh l.
182
Cho G l mt nhm.
(1) Nu cp ca mt phn t a G l t th cp ca a k l t / UCLN(t , k ) .
(2) Nu G l mt nhm xyclic cp n v d n th G c ng (d ) phn t

c cp d. c bit G c (n ) phn t sinh.
*
V d: Xt nhm nhn Z19 = {1, 2, ..., 18}c cp 18. Nhm ny l nhm
*
xyclic v c mt phn t sinh l = 2 . Cc nhm con ca Z19 v cc phn t
sinh ca chng c lit k bng sau:

Nhm con
{1}
Cc phn t sinh
Cp
18
7 ,11
8, 12
4, 5, 6, 9, 16 , 17
2, 3, 10 , 13, 14 , 15
18
{1,18 }
{1, 7,11 }
{1, 7, 8,11,12,18 }
{1, 4, 5, 6, 7, 9,11,16,17 }
{1, 2, 3,K,18 }
Bng 1.1: Cc nhm con ca Z19
1.2. Vnh.
1.2.1. nh ngha 1.6.
Vnh (R, +, x) cha tp R vi hai php ton hai ngi (c k hiu l +
(cng) v x (nhn)) trong R tho mn cc tin sau:
(1) (R, +) l mt nhm Aben vi phn t n v 0.

(2) Php ton x l kt hp. Tc l
a x (b x c ) = (a x b ) x c
a , b , c R
(3) Tn ti phn t n v ca php nhn (phn t 1), vi 1 0 sao cho
1x a = a x1 = a
a R
(4) Php x l phn phi i vi php +. Tc l:
a x (b + c ) = (a x b ) + (a x c )
(b + c ) x a = (b x a ) + (c x a )
Vnh c gi l giao hon nu a x b = b x a
a , b , c R
a , b , R
1.2.2. Cc v d:
183
Tp cc s nguyn Z vi cc php ton cng v nhn thng thng l mt

vnh giao hon.
Tp Z n vi php cng v php nhn c thc hin theo modulo n l mt

vnh giao hon.
1.2.3. nh ngha 1.7.

Mt phn t a R c gi l mt phn t kh nghch nu c mt phn t
b thuc R sao cho a x b = 1 .
1.2.4. nh l 1.6:
Tp cc phn t kh nghch trong mt vnh R s to nn mt nhm vi
php nhn c gi l nhm cc n v ca R.
*
V d: Nhm cc n v ca vnh Z n l Z n
1.3. Trng.
1.3.1. nh ngha 1.8.
Trng l mt vnh giao hon trong mi phn t khc khng u c
phn t nghch o (ngc ca php nhn).
1.3.2. c s ca trng.
+42
1+K
+ 1 khng bng 0
nh ngha 1.9: c s ca mt trng l 0 nu 11
43
m ln
vi bt k m 1 . Ngc li , c s ca trng l s nguyn dng nh nht

m
m sao cho
1 = 0 .
i =1
V d: Tp cc s nguyn vi cc php ton cng v nhn thng thng

khng phi l mt trng v ch c cc s nguyn khc khng 1 v 1 l c
nghch o. Tuy nhin, cc s hu t Q, cc s thc R v cc s phc C li l
cc trng c c s 0 vi cc php ton thng thng.
1.3.3. nh l 1.7:
Zn l mt trng (vi cc php ton cng v nhn theo modulo n) nu v

ch nu n l s nguyn t. Nu n l mt s nguyn t th Z n c c s n.
184
1.3.4. nh l 1.8.
Nu c s m ca trng khng bng khng th m phi l s nguyn t.
1.3.5. nh ngha 1.10.
Mt tp con F ca trng E l mt trng con ca E nu F l mt trng
cng vi cc php ton trong E. Khi E c gi l trng m rng ca F.
1.3.6. Trng hu hn.
1.3.6.1. nh ngha 1.11: Trng hu hn l mt trng F c cha mt s
hu hn cc phn t. Cp ca trng F l s cc phn t trong F.
1.3.6.2. Cc tnh cht c bn.
a. nh l 1.9: S tn ti v tnh duy nht ca cc trng hu hn.
m
- Nu F l mt trng hu hn th F cha p phn t vi p l mt s
nguyn t no v m l mt s nguyn dng (m 1) .

m
m
- Vi mi gi tr p tn ti duy nht mt trng hu hn cp p .
Trng ny c k hiu l GF (p m ) .
Hai trng c gi l ng cu nu chng ging nhau v mt cu trc
mc d cch biu din cc phn t c th l khc nhau.
Cn ch rng nu p l mt s nguyn t th Zp l mt trng v bi vy
mi trng cp p u ng cu vi Zp .
b. nh l 1.10:
m
Nu Fq l mt trng hu hn cp q = p , p - s nguyn t, th c s
ca Fq l p. Hn na Fq cha Zp l mt trng con. Bi vy Fq c th c

xem l m rng trng bc m ca Z p .
c. nh l 1.11: Cc trng con ca mt trng hu hn.
m
Cho Fq l mt trng hu hn cp q = p . Khi mi trng con ca
Fq c cp p n vi n l c dng ca m. Ngc li, nu n l mt c dng

n
ca m th c ng mt trng con ca Fq c cp p , phn t a Fq l nm
( )
n
p
=a.
trong trng con F p nu v ch nu a
185
d. nh ngha 1.12:
Cc phn t khc khng ca Fq to nn mt nhm vi php nhn c
*
gi l nhm nhn ca Fq v c k hiu l Fq .
*
q
e. nh l 1.12: Fq l nhm nhn cyclic cp q 1 . Bi vy a = a vi
a Fq
f. nh ngha 1.13:
*
Phn t sinh ca nhm cyclic Fq c gi l phn t
nguyn thu hay phn t sinh ca Fq

g. nh l 1.13: Nu a , b Fq l mt trng hu hn c s p, khi :
(a
+ b)
pt
= ap + bp
t 0
1.4. Vnh a thc.

1.4.1. nh ngha a thc.
Nu R l mt vnh giao hon th mt a thc ca bin x trn vnh R l
mt biu thc c dng:
(x ) = a n x n + K + a 2 x 2 + a 1 x + a 0
i
trong a i R v n 0 . Phn t a i c gi l h s ca x trong (x ) .
S nguyn ln nht m sao cho a m 0 c gi l bc ca (x ) v c
k hiu l deg (x ) , a m c gi l h s cao nht ca (x ) . Nu (x ) = a 0
(a thc hng s) v a 0 0 th (x ) c bc 0. Nu tt c cc h s ca (x )
l 0 th (x ) c gi l a thc khng v bc ca n ( thun tin v mt
ton hc) c xc nh bng . a thc (x ) c gi l nh chun nu

h s cao nht ca n bng 1.
1.4.2. Vnh a thc.
- nh ngha 1.14: Nu R l mt vnh giao hon th vnh a thc R[x] l

mt vnh c to bi tt c cc a thc ca bin x c cc h s trong R.
Hai php ton l php cng a thc v nhn a thc thng thng vi s
hc cc h s c thc hin trong vnh R.
186
- V d vnh a thc:
3
2
Cho (x ) = x + x + 1 v g(x ) = x + x l cc phn t ca vnh a thc
Z2 [x] . Cc php ton trong Z2 [x] :
(x ) + g(x ) = x 3 + x 2 + 1
(x ).g(x ) = x 5 + x 4 + x 3 + x
1.4.3. a thc bt kh quy.
- nh ngha 1.15: Cho (x ) F [x ] vi deg (x ) 1. (x ) c gi l

bt kh quy trn F nu n khng th vit c bng tch ca hai a thc
trong F[x ] u c bc dng.
1.4.4. Thut ton chia i vi cc a thc.
Nu g (x ), h (x ) F [x ] vi h(x ) 0 th php chia a thc thng thng
ca g(x) cho h(x) s dn ti cc a thc q(x) v r (x ) F [x ] tho mn:
g (x ) = q (x ). h (x ) + r (x ) , trong deg r(x ) < deg h(x ) , q(x) v r(x) l duy
nht . q(x) c gi l thng, r(x) c gi l phn d.

i khi r(x) c k hiu g (x ) mod h (x )
g(x) c k hiu g (x )div h (x )
V d:
g(x ) = x 6 + x 5 + x 3 + x 2 + x + 1
h(x ) = x 4 + x 3 + 1 l cc a thc trong Z2 [x] .
Ta c
g(x ) = x 2 h(x ) + x 3 + x + 1
3
2
Bi vy g(x ) mod h(x ) = x + x + 1 v g (x )div h (x ) = x
1.4.5. c ca mt a thc.
1.4.5.1. nh ngha 1.16: Nu g (x ), h (x ) F [x ], khi h(x ) l c ca
g(x ) (k hiu g (x ) h (x ) ) nu g(x ) mod h(x ) = 0
Cho (x ) l mt a thc xc nh trong F[x ] . Tng t nh trng hp

cc s nguyn ta c th nh ngha cc lp ng d ca cc a thc trong
F[x ] da trn php chia cho (x ) .
187
1.4.5.2. nh ngha 1.17: Nu g (x ), h (x ) F [x ], khi g(x ) c gi l

ng d vi h(x ) mod ulo(x ) nu (x ) [g (x ) h (x )] . Ta k hiu
g(x) h(x)mod (x) .
1.4.6. Cc tnh cht ca ng d.
i vi cc a thc g(x ), h(x ), g1 (x ), h1 (x ), s(x ) F[x] ta c:
(1) g(x) h(x) (mod (x)) nu v ch nu g(x ) v h(x ) c cng phn d

khi chia cho (x ) .
(2) Tnh cht phn x: g(x) g(x)(mod (x)) .
(3) Tnh cht i xng: Nu g(x) h(x)(mod(x)) th h(x) g(x)(mod(x))
(4) Tnh cht bc cu: Nu g(x) h(x)(mod(x)) v h(x) s(x)(mod(x))

th g(x) s (x)(mod (x))
(5) Nu g(x) g1(x)(mod(x)) v h(x) h1(x)(mod(x)) th:
g(x) + h(x) (g1 (x) + h1 (x))(mod (x))

g(x). h(x) (g1 (x). h1 (x))(mod (x))
Cho (x ) l mt a thc c nh trong F[x ] , lp tng ng ca mt a
thc g (x ) F[x ] l tp tt c cc a thc trong F[x ] ng d vi
g(x) modulo (x) .
T cc tnh cht 2, 3 v 4 trn ta thy rng quan h ng d mod(x) s
phn hoch F[x ] thnh cc lp tng ng.
Nu g (x ) F[x ] th php chia cho (x) s dn ti mt cp a thc
g (x ), r (x ) F [x ]
tho
mn
g(x ) = q(x ) (x ) + r(x ) ,
trong
deg r (x ) < deg (x ) Bi vy mi a thc g(x) u ng d theo modulo
(x) vi mt a thc duy nht c bc nh hn bc ca (x) . a thc r(x) s

c dng lm i biu cho lp tng ng ca cc a thc (c cha g(x) )
1.4.7. Vnh cc lp ng d.
188
1.4.7.1. nh ngha 1.18: F[x] / ((x )) c k hiu cho tp cc lp tng

ng ca cc a thc trong F[x] c bc nh hn n = deg(x) . Php
cng v php nhn c thc hin theo mod(x) .
1.4.7.2. nh l 1.14: F[x] / ((x )) l mt vnh giao hon.

1.4.7.3. nh l 1.15: Nu (x) l bt kh quy trn F th F[x] / ((x )) l mt
trng.
1.4.8. Thut ton Euclide i vi cc a thc.
1.4.8.1. a thc nh chun:
a thc nh chun l a thc c h s bc cao nht bng 1.
1.4.8.2. c chung ln nht (UCLN):

Cho g (x ) , h (x ) Z p [x ] , cc a thc ny khng ng thi bng khng.
Khi UCLN ca g (x ) v h (x ) . (k hiu UCLN (g (x ) , h (x )) ) l mt a
thc nh chun c bc ln nht l c ca c g (x ) v h (x ) .

Theo nh ngha: UCLN (0 , 0 ) = 0 .
1.4.8.3. nh l 1.16:
Mt a thc khc khng (x) Zp [x] c th phn tch di dng
(x ) = a 1 (x ) 1 2 (x ) 2 K k (x ) k
e
Trong i (x) l cc a thc bt kh quy nh chun khc nhau trong
Zp [x], ei l cc s nguyn dng, a Zp . Phn tch ny l duy nht nu

khng k ti s sp xp li ca cc nhn t.
1.4.8.4. Thut ton Euclide trong Zp [x]
Vo
: Hai a thc g (x ) , h (x ) Z p [x ]
Ra
: UCLN (g (x ), h (x ))
(1) While h(x) 0 do
r(x) g(x) mod h(x) ; g(x) h(x) , h(x) r(x)
189
(2) Return (g(x))

1.4.9. S hc ca cc a thc.
Biu din a thc l cch biu din thng dng nht cho cc phn t ca
m
trng hu hn Fp vi q = p v p l s nguyn t.
1.4.9.1. nh l 1.17:
Vi mi gi tr m 1 , tn ti mt a thc bt kh quy nh chun bc m
trn Zp . Bi vy, mi trng hu hn u c biu din a thc.
( )
m
Cc phn t ca hu hn F p s c biu din bi cc a thc trong
( ) th php cng l php
Z p [x ] c bc nh hn m. Nu g (x ) , h (x ) F p m
cng thng thng ca cc a thc trong Z p [x ] . Tch g (x ). h (x ) c thc

hin bng cch trc tin nhn cc a thc g (x ) v h (x ) theo cch thng
thng, sau ly phn d sau khi chia cho (x) .
Cc phn t nghch o c th c tnh bng cch dng thut ton

Euclide m rng cho vnh a thc Z p [x ] .
1.4.9.2. Thut ton Eulicde m rng trn Z p [x ]
Vo
: Hai a thc g (x ) , h (x ) Z p [x ]
Ra
: d (x ) = UCLN (g (x ) , h (x )) v cc a thc
s (x ), t (x ) Z p [x ] tho mn s (x ). g (x ) + t (x ). h (x ) = d (x )
( )
: a thc khc khng g (x ) F (p ) (Cc phn t trng F(p )
m
1.4.9.3. Thut ton tnh nghch o trong F p .
Vo
c biu din bng cc a thc trong Zp [x]/ ((x )) , trong
(x ) Zp [x] l mt a thc bt kh quy bc m trn Zp )
Ra
( )
m
: g (x ) F p
1
(1) Dng thut ton Euclide m rng ivi cc a thc tm hai a

thc s (x ), t (x ) Z p [x ] sao cho s (x ). g (x ) + t (x ). (x ) = 1
(2) Return (s(x))
190
1.4.9.4. nh ngha 1.19:
a thc bt kh quy (x ) Zp [x] c bc m c gi l a thc nguyn
( )
*
m
thu nu x l phn t sinh ca F p l nhm nhn gm tt c cc phn t
( )
n
khc khng trong F p = Zp [x]/ ((x ))
1.4.9.5. nh l 1.18:
a thc bt kh quy (x ) Zp [x] c bc m c gi l a thc nguyn
k
m
thu nu v ch nu (x ) l c ca x 1 vi k = p 1 v khng l c
ca nh thc ny vi s nguyn dng k nh hn.
1.4.9.6. nh l 1.19:
Vi mi gi tr m1, tn ti mt a thc nguyn thu nh chun bc m
m
trn Zp . Thc s c ng p 1 / m cc a thc nh vy.
( )
1.4.9.7. V d: Trng hu hn F 2 4 cp 16
4
C th thy rng (x ) = x + x + 1 l mt a thc bt kh quy trn Z 2 . Bi
( )
vy trng hu hn F 2 4 c th c biu din bng tp tt c cc a thc

trn F2 c bc nh hn 4. Tc l:
( )
F 2 4 = { a 3 x 3 + a 2 x 2 + a 1 x + a 0 a i {0 , 1}}
Sau y l cc v d v s hc ca trng:
- Php cng
: (1 0 1 1 ) + (1 0 0 1 ) = (0 0 1 0 )
- Php nhn
: nhm hai phn t (1 1 0 1 ) v (1 0 0 1 ) ta nhn
chng nh cc a thc ri ly phn d khi chia tch nhn c cho (x ) .
(x
)(
+ x 2 + 1 . x 2 +1 = x 6 + x 5 + x 2 + 1 x 3 + x 2 + x +1(mod(x ))
Bi vy (1 1 0 1 ) + (1 0 0 1 ) = (1 1 1 1 )
( )
- Phn t n v ca php nhn trong F 2 4 l (0 0 0 1 )

- Nghch o ca (1 0 1 1 ) l (0 1 0 1 ) . kim tra iu ny ta rng:
(x
)(
+ x 2 +1 . x 2 +1 = x 5 + x 2 + x +1
1(mod(x ))
T (1 0 1 1 ). (0 1 0 1 ) = (0 0 0 1 )
191
(x ) l mt a thc nguyn thu hay phn t x = (0 0 1 0 ) l phn t
( )
sinh ca F 2 4 . Ta c th thy rng tt c cc phn t khc khng trong
( )
F 2 4 c th nhn c bng cc lu tha ca x. Ta c bng sau:

Biu din vc t
i
x i mod x 4 + x + 1
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
1
x
x2
x3
x+1
x2 + x
x3 + x2
x3 + x + 1
x2 + 1
x3 + x
x2 + x +1
x3 + x2 + x
x3 + x2 + x + 1
x3 + x2 + 1
x3 + 1
(0001)
(0010)
(0100)
(1000)
(0011)
(0110)
(1100)
(1011)
(0101)
(1010)
(0111)
(1110)
(1111)
(1101)
(1001)
4
Bng cc lu tha ca x theo modulo (x ) = x + x + 1
1.4.10. Nhm nhn xyclic trn vnh a thc.

1.4.10.1. Cp ca mt a thc.
Ta xt vnh a thc Z 2 [x ] / x n + 1 .
- nh ngha 1.20: a thc e (x ) c gi l a thc lu ng
nu
e i2 (x ) = e i (x ) .
Cho a (x ) Z 2 [x ] / x n + 1 cp ca a(x) (k hiu l ord (a (x )) ) l s
nguyn dng nh nht t sao cho:
[a (x )]t
e i (x ) mod x n + 1 .Trong
[a (x )]t +1 a (x ) mod x n + 1 hay

e i (x ) l mt a thc lu ng no
trong vnh.
- nh l 1.20: Cp ln nht ca mt a thc trong vnh Z 2 [x ] / x n + 1

c xc nh nh sau:
1. max ord (a (x )) = 2 k vi n = 2 k
192

m
2. max ord (a (x )) = 2 1 vi n l l v phn tch ca x n + 1 thnh
tch ca cc a thc bt kh quy c dng x n + 1 = g i (x ) vi

i
m = max ord g i (x ) .
i
l m
3. max ord (a (x )) = 2 2 1
n = 2 l u . Trong u l v
vi
phn tch ca x u + 1 c dng x u + 1 = g i (x ) v m = max ord g i (x )

i
- V d: Xt vnh Z 2 [x ] / x 5 + 1
Vy
x 5 + 1 = (1 + x ) 1 + x + x 2 + x 3 + x 4
Ta c
max ord (a (x )) = 2 4 1 = 15
Cp ca mi a thc trong vnh s l 15 hoc c ca 15.

1.4.10.2. Cc nhm nhn
Gi I l s cc a thc bt kh quy trong phn tch ca x n + 1 vi n l l.
Khi s cc nhm nhn trong vnh M c xc nh theo b sau:
B 1.21:
S cc nhm nhn trong vnh bng s cc a thc lu ng v bng :
M = 2I 1
- V d: Xt vnh Z 2 [x ] / x 7 + 1
)(
x 7 + 1 = (1 + x ) 1 + x + x 3 + 1 + x 2 + x 3
Ta c
M = 23 1 = 7
C 7 nhm nhn vi cc ly ng sau (l cc phn t n v):

e1 (x ) = 1 ,
e5 = 1 + x + x 2 + x 4 ,
e 2 (x ) = x i ,
i =1
e3 = x + x 2 + x 4 ,
e6 = x 3 + x 5 + x 6 ,
e4 = 1 + x 3 + x 5 + x 6
6
e 7 (x ) = x i
i =0
B : Nhm nhn vi lu ng e 0 (x ) ch c mt phn t l e 0 (x ) . Mi

a thc khc 0 u nm trong mt nhm nhn no . Cc nhm nhn
xyclic trong cc nhm nhn c cp l c ca max ord (a (x )) .
V d: Xt vnh Z 2 [x ] / x 7 + 1 .
Mi a thc khng nm trong vnh ny (khng k cc lu ng) u c cp l

7.
193
1.4.11. Cc thng d bc 2 v cc phn t lin hp.

1.4.11.1. nh ngha 1.21:
a thc (x ) Z 2 [x ] / x n + 1 c gi l mt thng d bc 2 trong vnh
nu (x ) 0 v tn ti g(x ) sao cho:
g 2 (x ) (x ) mod x n + 1
Gi Q l tp hp cha cc thng d bc 2.
1.4.11.2. B 1.22:
Vi n l mi (x ) 0 u l thng d bc 2. Mi (x ) u c mt cn
bc 2 duy nht. Ta c:
Q = 2n 1
1.4.11.3. B 1.23:
Vi n chn, (x ) Q khi v ch khi (x ) l tng ca cc n thc c m
chn. Ta c: Q =
n
22
1.
1.4.11.4. B 1.24:
Vi n chn, cc cn bc 2 ca mt thng d bc hai c xc nh theo
cng thc sau:
n
g(x ) = 1 + x 2 x t + (x )
t U
n
2
Trong U l mt tp con tu trong tp S = 0 ,1 , K , 1 . Ta c

U=
n
22
. Nu (x ) = i x 2i th
(x ) = i x i ( (x ) c gi l cn bc 2
chnh ca (x ) ).
Cc g(x) c gi l cc phn t lin hp.
- V d: n = 8
Cc cn bc hai ca cc x 2i c cho trong bng sau:
x 2i
TT
1
2
3
4
x2
x4
x6
x8 = 1
(1)
(014)
(126)
(137)
(2)
(024)
(125)
(237)
(3)
(034)
(135)
(236)
(4)
(015)
(016)
(037)
194
5
6
7
8
9
10
11
12
13
14
15
16
(5)
(045)
(256)
(257)
(01246)
(01347)
(12367)
(02456)
(03457)
(23567)
(0123467)
(0234567)
(6)
(046)
(156)
(367)
(01245)
(02347)
(12357)
(01456)
(03467)
(13567)
(0123457)
(0134567)
(7)
(047)
(157)
(267)
(01345)
(02346)
(12356)
(01457)
(02467)
(12567)
(0123456)
(0124567)
(4)
(145)
(246)
(347)
(01256)
(01357)
(02367)
(12456)
(13457)
(23467)
(0123567)
(1234567)
Ch : Trong bng trn ta k hiu cc a thc nh sau:
(01246 ) 1 + x + x 2 + x 4 + x 6
V d:
( a1 + a 2 + K as )p
= a1p n + a 2p n + K + a sp n
195
Ph lc 2 - To s gi ngu nhin
Trong cc s ngu nhin, cc xu bt ngu nhin l mt vn quan

trng trong nhiu bi ton ca mt m hc. V d cc kho mt cn c to
mt cch ngu nhin t mt khng gian kho xc nh; nhiu giao thc yu
cu phi to c cc s ngu nhin trong qu trnh thc hin. To cc s
ngu nhin bng cch tung ng xu hoc bng cc qu trnh vt l i hi
nhiu thi gian v chi ph. Bi th trong thc t ngi ta thng dng cc b
to bt gi ngu nhin. ( k hiu l PRBG). PRBG bt u bng mt xu bt
ngn ( c gi l mm) v s m rng n thnh mt xu bt c v ngu
nhin di hn nhiu rt cn cho cc ng dng.
Sau y ta s a ra mt nh ngha hnh thc hn.
nh ngha
Cho k, l l cc s nguyn dng sao cho l k+1 ( trong l l mt hm
a thc xc nh ca k). Mt b to bt gi ngu nhin (k,l) ( k hiu l (k,l) PRBG) l mt hm f: (Z2)k (Z2)l, hm ny c th tnh c trong thi gian
a thc ( nh mt hm ca k). Gi tr u vo s0 (Z2)k c gi l mm v
u ra f(s0) (Z2)l c gi l xu bt gi ngu nhin.
Hm f l mt hm tt nh, bi vy xu bt f(s0) ch ph thuc vo mm.
Vi iu kin mm c chn ngu nhin, mc ch t ra l phi to c
xu bt gi ngu nhin f(s0) ging nh cc xu bt ngu nhin thc s. Rt kh
a ra mt nh ngha chnh xc, bi vy trong phn ny ta s c gng nu ra
mt m t trc gic cho khi nim ny.
Sau y l mt v d c vai tr thc y vic nghin cu cc PRBG
thuc dng ny. Ta hy nh li khi nim v mt hon thin c
nghin cu trong ph lc 1. Mt th hin ca mt hon thin l h kho
dng mt ln OTP trong bn r v kho l hai xu bt c di xc nh v
bn m c to ra bng cch cng modulo2 bn r v kho theo tng bt.
Kh khn trn thc t ca OTP l kho ( phi c to mt cch ngu nhin
v c truyn i trn mt knh bo mt ) phi di nh bn r bo m
mt hon thin. Cc PRBG cho mt phng php kh d gii quyt vn
ny. Gi s Alice v Bob tho thun s dng mt PRBG v thng bo mm
196
kho trn mt knh bo mt. Sau Alice v Bob u cng tnh mt xu bt

gi ngu nhin, xu ny c dng nh mt OTP. Nh vy, mm kho c
chc nng nh mt kho v PRBG c th coi l mt b to dng kho cho h
m dng.
Sau y ta s m t mt s PRBG quen thuc gii thch v minh ho
mt s khi nim. Trc ht ta thy rng, mt b ghi dch phn hi tuyn tnh
( m t phn 2.8) c th xem nh mt PRBG. Vi mt mm kho k bt,
mt b ghi dch phn hi tuyn tnh (LFSR) bc k c th c dng to ra
2k-k-1 bt tip sau trc khi lp li. PRBG nhn c t mt b ghi dch phn
hi tuyn tnh rt khng an ton. C th thy rng, vic bit 2k bt lin tip bt
k xc nh mm kho v bi vy m thm c th ti to li ton b dy
kho( mc d ta vn cn cha ni v mt ca mt PRBG nhng r rng l
php tn cng ny cng cho ta bit rng b to kiu ny khng an ton).
LFSR s to nn mt dy c chu k ln nht c th c T = 2k 1 nu n

l mt b nh dng ca a thc nguyn thy bc k. Phng trnh to dy c
dng:
a ( X ) .x i mod g ( X )
Vi a ( X ) l mt a thc khc khng c deg a ( X ) k 1 ( a ( X ) l a
thc mm), g ( X ) l mt a thc nguyn thy bc k.
Trong trng hp vnh a thc c hai lp k xyclic, tc l khi:
n 1
X n + 1 = (1 + X ) x i
i =0
( n = 3,5,11,17,19, ...)
n 1
y (1 + X ) v e0 ( X ) = x i u l cc a thc bt kh quy.
i=0
Khi ta c th to c cc dy c chu k cc i theo phng trnh sau:
a ( X ) .bi ( x ) e0 ( X )
Vi a ( X ) l a thc mm c deg a ( X ) n 2 .
b ( X ) l mt a thc c deg b ( X ) n 1 v tha mn iu kin

ord ( b ( X ) ) 2n 1 1 .
V d: n = 5, ta c:
X5 + 1 = (1 + X ) . 1 + X + X 2 + X 3 + X 4
Gi s a ( X ) + 1 , b ( X ) =1 + X 2 + X 4 ( 024 )
Khi ta c dy chu k 24 1 = 15 l nhm nhn xyclic sau :
197
B = {( 024 ) , ( 034 ) , (1) , ( 013) , ( 014 ) , ( 2 ) , (124 ) , ( 012 ) , (1) ,
( 023) , (123) , ( 4 ) , (134 ) , ( 234 ) , ( 0 )}
Mt PRBG khc ( cng khng an ton) c gi l b to ng d tuyn

tnh (LCG) c m t trn hnh 2.1.
Hnh 2.1. B to ng d tuyn tnh.

Cho M 2 l mt s nguyn v cho 1 a,b M-1. t
k=log2M v cho k+1 l M-1.
Vi mt mm s0, trong 0 s0 M-1, ta xc nh
si = (a si-1+b) mod M
vi 1 i l v xc nh
f(s0) = (z1, z2, . . . , zl)
trong
zi = si mod 2
1 i l . Khi f l b to ng d tuyn tnh (k,l)- (LCG)
Sau y l mt v d nh minh ho.
V d 2.1
Ta c th thu c (5,10) PRBG bng cch ly M=31, a=3 v b=5
trong LCG. Nu xt nh x s 3s+5 mod 31 th 1313 v 30 thng d khc
s c hon v trong mt chu trnh c di 30, c th l 0, 5, 20, 3, 14, 16,
22, 9, 1, 8, 29, 30, 2, 11, 7, 26, 21, 6, 23, 12, 10, 4, 17, 25, 18, 28, 27, 24, 15,
19. Nu mm khng phi l 13 th mm s xc nh im xut pht trong chu
trnh ny v 10 phn t tip theo khi c rt gn theo modulo 2 s to nn
dy gi ngu nhin.
31 xu bt gi ngu nhin c th c c to bi b to ny c a ra
trn bng 2.1
Bng 2.1 Cc xu bt c to ra t mt b to ng d tuyn tnh
Mm dy
0
1
2
3
4
5
1010001101
0100110101
1101010001
0001101001
1100011010
0100011010
198
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
1000110010
0101000110
1001101010
1010011010
0110010110
1101000110
0011001011
1111111111
0011010011
1010100011
0110100110
1001011010
0101101010
0101000110
1000110100
0100011001
1101001101
0001100101
1101010001
0010110101
1010001100
0110101000
1011010100
0011010100
0110101000
C th s dng mt s khi nim xy dng cc phn trc to

ra cc PRBG. V d, ch OFB ca DES c th xem nh mt PRBG, hn
na n t ra l c an ton v mt tnh ton.
Mt quan im khc trong vic xy dng cc PRBG tc cao l kt
hp cc LFSR theo mt cch no u ra t tuyn tnh hn. Mt phng
php nh vy(do Copersmith, Krawczyk v Mansour a ra) c gi l b
to kiu co rt (Shrinking generator). Gi s c hai b LFSR, mt b c bc
k1, mt b khc c bc k2. Ta cn (k1+k2) bt lm mm khi to c hai
LFSR. LFSR th nht s to ra mt dy bt a1, a2, . . . v LFSR th hai s to ra
dy bt b1, b2, ... Sau ta xc nh dy bt gi ngu nhin z1, z2, . . . theo quy
tc:
zi = a ik
trong ik l v tr ca s 1 th k trong dy b1, b2, . . . Cc bt gi ngu
nhin ny l mt dy con ca cc bt c to bi LFSR th nht. Phng
199
php to bt gi ngu nhin ny rt nhanh v l mt phng php c

chng t l an ton.
Hnh 2.2 m t mt PRBG xy dng trn hm m RSA
Hnh 2.2. B to kiu RSA
Cho p, q l hai s nguyn t (k/2) bt. Ta xc nh n = p q. Cho b

c chn sao cho UCLN(b,(n)) = 1. Theo thng l n v b c
em cng khai cn p v q c gi kn.
Mm l mt phn t bt k s0 Zn* sao cho s0 c k bt. Vi i 0, ta
nh ngha
si+1 = sib mod n
v
f(s0) = (z1, z2, . . . zl)
trong
zi = si mod 2
1 i l. Khi f l mt b to RSA -(k,l).
Di y l mt v d v b to RSA.
V d 2.2.
Gi s n = 91261 = 263347, b = 1547 v s0 = 75364. 20 bt u tin
to bi b to RSA c tnh theo bng 12.2. Bi vy xu bt to t mm kho
ny l :
10000111011110011000
Bng 2.2. Cc bt c to bi b to RSA
200
i
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
si
75634
31483
31238
51968
39796
28761
14089
5923
44891
62284
11889
43467
71215
10401
77444
56794
78147
72137
89592
29022
13356
201
zi
1
0
0
0
0
1
1
1
0
1
1
1
1
0
0
1
1
0
0
0

Co So Ly Thuyet MM

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Co So Ly Thuyet MM

Uploaded by

Copyright:

Available Formats

Gio trnh

Chng I: Nhp mn mt m hc .........................................

1.1. S khi n gin ca mt h thng thng tin s ...................

Chng II. Mt m kha b mt ..........................................

2.1. S khi mt h truyn tin mt ................................................

2.5.2. Cc phn t cp n v cc nhm nhn xyclic cp n ....................

Chng III. Mt m kha cng khai ...................................

3.1. Gii thiu v mt m kha cng khai. .........................................

3.2.4.1. Thut ton (Tnh cc nghch o trong Z n ) ..................................

3.2.4.2. Thut ton nhn v bnh phng c lp ly lu tha trong Zn ......

3.2.5. Cc k hiu Legendre v Jacobi......................................................

3.5.2. Thut ton m ho cng khai ElGamal ..........................................

Chng IV. Hm bm, xc thc v ch k s .....................

4.1. Cc hm bm v tnh ton vn ca d liu ................................

Ti liu tham kho ...............................................................................

Ph lc 1: i s tru tng. ................................................................

Advanced Encryption Standard

Chun m d liu tin tin

m bo an ton l mt trong nhng ch tiu cht lng c bn ca h

Phn ph lc bao gm mt s vn quan trng cn c thm nhng cha

Hnh 1.1: S khi ca mt h thng thng tin s

Trng hp ngun tin u vo l ngun tin s th khng cn b bin i

Mt m hc l khoa hc nghin cu cch ghi b mt thng tin nhm bin

Khi xy dng mt h mt ngi ta thng xem xt ti cc tiu chun sau:

Thut ton v phc tp.

1.3.1. Khi nim v thut ton.

V j l ln nht c th. iu c ngha l cn tm cc i ca cc s

cc i trong hai s xt v ta phi thay i m v j. t m = X [ n 1] ,

trong s nhng s xt. Bc tip theo l so snh n vi nhng s ng

M1: [Bc xut pht] t j n, k n 1, m X [ n ]

Tnh hu hn: Thut ton cn phi kt thc sau mt s hu hn bc. Khi

Tnh xc nh: mi bc thut ton cn phi xc nh, ngha l ch r

Ngoi nhng yu t k trn, ta cn phi xt n tnh hiu qu ca thut

1.3.2. phc tp ca thut ton.

a d > 0 . D chng minh f [ n ] = O n d .

nh ngha 1.2: Mt thut ton c gi l c phc tp a thc hoc

khng vt qu O log d n , trong n l ln ca u vo v d l s nguyn

Cc thut ton vi thi gian O n , > 0 c gi l thut ton vi

log n log log n

Khi gii mt bi ton khng nhng ta ch c gng tm ra mt thut ton

nghim ch ra rng, cc thut ton xc sut thng hu hiu hn cc thut

T bng trn, ta thy rng ngay vi mt thut ton di m, thi gian lm

L thuyt thng tin trong cc h mt.

Nm 1949, Shannon cng b mt bi bo c nhan " L thuyt

1.4.1. mt hon thin.

iu m ta s lm trong phn ny l pht trin l thuyt v cc h mt

T hai biu thc trn ta c th rt ra kt qu sau:(c gi l nh l Bayes)

tin nghim bn r xut hin l pP (x). Cng gi s rng, kha K c chn

y C(K) biu th tp cc bn m c th nu K l kha. Khi vi mi y

Nhn thy rng, vi bt k y C v x P, c th tnh c xc sut c

By gi ta c th tnh c xc sut c iu kin pP ( x y ) (tc xc sut

Cc php tnh ny c th thc hin c nu bit c cc phn b xc sut.

m c xc nh l eK1(a) = 1, eK1(b) = 2, eK2(a) = 2, eK2(b) = 3, eK3(a) = 3,

Tnh phn b xc sut pC ta c:

pP(a | 3) = 1/4 pP(b | 3) = 3/4

By gi ta c iu kin xc nh khi nim v mt hon

nh l sau cho mt khng nh hnh thc ho v c chng minh theo cc

Xt thy vi y c nh, cc gi tr y K mod 26 s to thnh mt hon v ca

Vi mi x,y v vi mi cp x,y, kha duy nht K (kho m bo eK(x) = y) l

Bi vy, MDV c mt hon thin.

Nh vy, m dch vng l h mt khng ph c min l ch dng mt

pC (y | x) = pC (y) > 0. Bi vy, vi mi yC phi c t nht

mt kho K v mt x sao cho eK(x) = y. iu ny dn n |K | | C | . Trong