AN TON V BO MT THNG TIN

GVTH: ThS. Trn Phng Nhung

Ni dung

Chng 1: Tng quan v an ton v bo mt thng tin. Chng 2: Cc phng php m ha c in Chng 3: Chun m d liu DES Chng 4: Mt m cng khai Chng 5: Cc s ch k s Chng 6: Hm bm

Chng 1: Tng quan v an ton v bo mt thng tin.

1. Ti sao phi bo v thng tin

Thng tin l mt b phn quan trng v l ti sn thuc quyn s hu ca cc t chc S thit hi v lm dng thng tin khng ch nh hng n ngi s dng hoc cc ng dng m n cn gy ra cc hu qu tai hi cho ton b t chc Thm vo s ra i ca Internet gip cho vic truy cp thng tin ngy cng tr nn d dng hn

2. Khi nim h thng va tai sn cua h thng

Khai nim h thng :H thng la mt tp hp cac may tinh bao gm cc thanh phn, phn cng, phn mm va d liu lam vic c tich luy qua thi gian. Tai san cua h thng bao gm: Phn cng Phn mm D liu Cac truyn thng gia cac may tinh cua h thng Mi trng lam vic Con ngi

3. Cc mi e doa i vi mt h thng va cac bin phap ngn chn

Co 3 hinh thc chu yu e doa i vi h thng: Pha hoai: ke th pha hng thit bi phn cng hoc phn mm hoat ng trn h thng. Sa i: Tai san cua h thng bi sa i trai phep. iu nay thng lam cho h thng khng lam ung chc nng cua no. Chng han nh thay i mt khu, quyn ngi dung trong h thng lam ho khng th truy cp vao h thng lam vic. Can thip: Tai san bi truy cp bi nhng ngi khng c thm quyn. Cac truyn thng thc hin trn h thng bi ngn chn, sa i.

3. Cc mi e doa i vi mt h thng va cac bin phap ngn chn

Cac e doa i vi mt h thng thng tin c th n t ba loai i tng nh sau: Cac i tng t ngay bn trong h thng (insider), y la nhng ngi co quyn truy cp hp phap i vi h thng. Nhng i tng bn ngoai h thng (hacker, cracker), thng cac i tng nay tn cng qua nhng ng kt ni vi h thng nh Internet chng han. Cac phn mm (chng han nh spyware, adware ) chay trn h thng.

3. Cc mi e doa i vi mt h thng va cac bin phap ngn chn

Lp ng dng

Kim sot truy nhp Chng thc

Nguy c

Ph hy

Lp ng dng

Lp dch v

Chng chi b Bo mt s liu

Sa i

Ct b

Lp h tng

An ton lung tin Nguyn vn s liu

Bc, tit l

Mc ngi s dng Mc kim sot

Mc qun l

Kh dng Ring t

Gin on

Tn cng

3. Cc mi e doa i vi mt h thng va cac bin phap ngn chn

Cc bin php ngn chn: iu khin thng qua phn mm: da vao cac c ch an toan bao mt cua h thng nn (h iu hanh), cac thut toan mt ma hoc iu khin thng qua phn cng: cac c ch bao mt, cac thut toan mt ma hoc c cng ha s dung iu khin thng qua cac chinh sach cua t chc: ban hanh cac qui inh cua t chc nhm am bao tinh an toan bao mt cua h thng.

4. Mc tiu chung cua an toan bo mt thng tin

Ba muc tiu chnh cua an toan bao mt thng tin:

n nv to nh T

T nh b m t

Bo mt thng tin

Tnh sn sng

4. Mc tiu chung cua an toan bo mt thng tin

Tnh b mt (Confidentiality): - m bo rng thng tin khng b truy cp bt hp php Thut ng privacy thng c s dng khi d liu c bo v c lin quan ti cc thng tin mang tnh c nhn. Tnh ton vn (Integrity): - m bo rng thng tin khng b sa i bt hp php. Tinh sn dng (availability): - Tai san lun sn sang c s dung bi nhng ngi co thm quyn.

4. Mc tiu chung cua an toan bo mt thng tin

Thm vo s chnh xc ca thng tin cn c nh gi bi:

Tnh xc thc (Authentication): - m bo rng d liu nhn c chc chn l d liu gc ban u Tnh khng th chi b (Non-repudation): - m bo rng ngi gi hay ngi nhn d liu khng th chi b trch nhim sau khi gi v nhn thng tin.

5. Cc chin lc an ton h thng

Gii hn quyn hn ti thiu (Last Privilege):theo nguyn tc ny bt k mt i tng no cng ch c nhng quyn hn nht nh i vi ti nguyn mng. Bo v theo chiu su (Defence In Depth):Khng nn da vo mt ch an ton no d cho chng rt mnh, m nn to nhiu c ch an ton tng h ln nhau. Nt tht (Choke Point): To ra mt ca khu hp, v ch cho php thng tin i vo h thng ca mnh bng con ng duy nht chnh l ca khu ny.

5. Cc chin lc an ton h thng

im ni yu nht (Weakest Link):Chin lc ny da trn nguyn tc: Mt dy xch ch chc ti mt duy nht, mt bc tng ch cng ti im yu nht. Tnh ton cc: Cc h thng an ton i hi phi c tnh ton cc ca cc h thng cc b. Tnh a dng bo v: Cn phi s dng nhiu bin php bo v khc nhau cho h thng khc nhau, nu khng c k tn cng vo c mt h thng th chng cng d dng tn cng vo cc h thng khc.

6. Cc mc bo v trn mng

Quyn truy nhp: L lp bo v trong cng nhm kim sot cc ti nguyn ca mng v quyn hn trn ti nguyn . ng k tn /mt khu: Thc ra y cng l kim sot quyn truy nhp, nhng khng phi truy nhp mc thng tin m mc h thng. M ho d liu: D liu b bin i t dng nhn thc c sang dng khng nhn thc c theo mt thut ton no v s c bin i ngc li trm nhn (gii m). Bo v vt l: Ngn cn cc truy nhp vt l vo h thng.

6. Cc mc bo v trn mng

Tng la:

Ngn chn thm nhp tri php v lc b cc gi tin khng mun gi hoc nhn v cc l do no bo v mt my tnh hoc c mng ni b (intranet).

6. Cc mc bo v trn mng

Qun tr mng: Cng tc qun tr mng my tnh phi c thc hin mt cch khoa hc m bo cc yu cu sau : Ton b h thng hot ng bnh thng trong gi lm vic. C h thng d phng khi c s c v phn cng hoc phn mm xy ra. Backup d liu quan trng theo nh k. Bo dng mng theo nh k. Bo mt d liu, phn quyn truy cp, t chc nhm lm vic trn mng.

7. Cc phng php bo mt
Cc phng php quan trng

Vit mt m: m bo tnh b mt ca thng tin truyn thng Xc thc quyn: c s dng xc minh, nhn dng quyn hn ca cc thnh vin tham gia.

8. An ton thng tin bng mt m

Mt m l mt ngnh khoa hc chuyn nghin cu cc phng php truyn tin b mt. Mt m bao gm : Lp m v ph m.

Lp m bao gm hai qu trnh: m ha v gii m.Cac san phm cua linh vc nay la cac h ma mt , cac ham bm, cac h ch ky in t, cac c ch phn phi, quan ly kha va cac giao thc mt ma. Ph ma: Nghin cu cac phng phap pha ma hoc tao ma gia. San phm cua lnh vc nay la cac phng phap ph ma , cac phng phap gia mao ch ky, cac phng phap tn cng cac ham bm va cac giao thc mt ma

8. An ton thng tin bng mt m

Cch hiu truyn thng: gi b mt ni dung trao i
GI v NHN trao i vi nhau trong khi TRUNG GIAN tm cch nghe ln

GI

NHN

TRUNG GIAN

8. An ton thng tin bng mt m

Mt trong nhng ngh thut bo v thng tin l bin i n thnh mt nh dng mi kh c. Vit mt m c lin quan n vic m ho cc thng bo trc khi gi chng i v tin hnh gii m chng lc nhn c

8. An ton thng tin bng mt m

C 2 phng thc ma hoa c ban: thay th va hoan vi:

Phng thc ma hoa thay th: la phng thc ma hoa ma tng ky t gc hay mt nhm ky t gc cua ban r c thay th bi cac t, cac ky hiu khac hay kt hp vi nhau cho ph hp vi mt phng thc nht inh va khoa. Phng thc ma hoa hoan vi: la phng thc ma hoa ma cac t ma cua ban r c sp xp lai theo mt phng thc nht inh.

9. H mt m

Vai tr ca h mt m: H mt m phi che du c ni dung ca vn bn r (PlainText). To cc yu t xc thc thng tin, m bo thng tin lu hnh trong h thng n ngi nhn hp php l xc thc (Authenticity). T chc cc s ch k in t, m bo khng c hin tng gi mo, mo danh gi thng tin trn mng.

9. H mt m

Khi nim c bn Bn r X c gi l l bn tin gc. Bn r c th c chia nh c kch thc ph hp. Bn m Y l bn tin gc c m ho. y ta thng xt phng php m ha m khng lm thay i kch thc ca bn r, tc l chng c cng di. M l thut ton E chuyn bn r thnh bn m. Thng thng chng ta cn thut ton m ha mnh, cho d k th bit c thut ton, nhng khng bit thng tin v kha cng khng tm c bn r.

9. H mt m

Khi nim c bn Kho K l thng tin tham s dng m ho, ch c ngi gi v ngui nhn bit. Kha l c lp vi bn r v c di ph hp vi yu cu bo mt. M ho l qu trnh chuyn bn r thnh bn m, thng thng bao gm vic p dng thut ton m ha v mt s qu trnh x l thng tin km theo. Gii m chuyn bn m thnh bn r, y l qu trnh ngc li ca m ha.

9. H mt m

Cc thnh phn ca mt h mt m : Mt h ma mt l b 5 (P, C, K, E, D) tho man cc iu kin sau: - P l khng gian bn r: l tp hu hn cc bn r co th co. - C l khng gian bn ma: l tp hu hn cc bn ma co th co. - K l kkhng gian kho: l tp hu hn cc kho co th co. i vi mi k K c mt quy tc m eK: P C v mt quy tc gii m tng ng dK D. Vi mi eK: P C v dK: C P l nhng hm m dK (eK(x))=x vi mi bn r x P. Hm gii ma dk chinh l nh x ngc ca hm ma hoa ek

9. H mt m

Bn r

M ho

Bn m

Gii m

Bn r

Kho

Qu trnh m ha v gii m thng tin

10. Phn loi h mt m

H mt i xng (hay cn gi l mt m kha b mt): l nhng h mt dng chung mt kho c trong qu trnh m ho d liu v gii m d liu. Do kho phi c gi b mt tuyt i. Mt s thut ton ni ting trong m ho i xng l: DES, Triple DES(3DES), RC4, AES H mt m bt i xng (hay cn gi l mt m kha cng khai): Cc h mt ny dng mt kho m ho sau dng mt kho khc gii m, ngha l kho m ho v gii m l khc nhau. Cc kho ny to nn tng cp chuyn i ngc nhau v khng c kho no c th suy c t kho kia. Kho dng m ho c th cng khai nhng kho dng gii m phi gi b mt. Do trong thut ton ny c 2 loi kho: Kho m ho c gi l kha cng khai-Public Key, kho gii m c gi l kha b mt - Private Key. Mt s thut ton m ho cng khai ni ting: Diffle-Hellman, RSA,

10. Cc phng php m ho

C ba phng php chnh cho vic m ho v gii m S dng kho i xng S dng kho bt i xng S dng hm bm mt chiu

10.1 M ho i xng
input : vn bn thun tu
An intro to PKI and few deploy hints
DES

Vn bn mt m
AxCvGsmWe#4^, sdgfMwir3:dkJeTs Y8R\s@!q3%

output : vn bn thun tu
An intro to PKI and few deploy hints

M ho

Gii m

DES

Hai kho ging nhau

10.1 M ho i xng

Cc kho ging nhau c s dng cho vic m ho v gii m Thut ton m ho s dng kho i xng thng c bit n l DES (Data Encryption Standard) Cc thut ton m ho i xng khc c bit n nh: -Triple DES, DESX, GDES, RDES - 168 bit key -RC2, RC4, RC5 - variable length up to 2048 bits -IDEA - basis of PGP - 128 bit key

10.2 M ho bt i xng
input : vn bn thun tu
An intro to PKI and few deploy hints

Vn bn mt m
Py75c%bn&*)9| fDe^bDzjF@g5= &nmdFgegMs

output : vn bn thun tu
An intro to PKI and few deploy hints

M ho

RSA

Gii m

RSA

Hai kho khc nhau

10.2 M ho bt i xng

Cc kho dng cho m ho v gii m khc nhau nhng cng mt mu v l cp i duy nht(kho private/public) Kho private ch c bit n bi ngi gi Kho public c bit n bi nhiu ngi hn n c s dng bi nhng nhm ngi ng tin cy c xc thc Thut ton m ho s dng kho bt i xng thng c bit n l RSA (Rivest,Shamir and Adleman 1978)

10.3 Hm bm

Mt hm bm H nhn c mt thng bo m vi mt di bt k t u vo v a ra mt xu bt h c di c nh u ra h = H(m). Hm bm l mt hm mt chiu, iu c ngha l ta khng th tnh ton c u vo m nu bit u ra h. Thut ton s dng hm bm thng c bit n l MD5

10.4 To ra ch k s
Thng bo hoc File
This is the document created by Gianni
SHA, MD5

Thng bo sau khi lut ho

(Typically 128 bits)

Ch k s

Py75c%bn

3kJfgf*$&
RSA

Pht sinh hm bm

M ho bt i xng

priv

Signatory's private key Signed Document

11. Xc thc quyn

Xc minh quyn hn ca cc thnh vin tham gia truyn thng Phng php ph bin:

S dng Password : xc thc ngi s dng

11. Xc thc quyn

S dng Kerberos: phng thc m ho v xc thc trong AD ca cng ngh Window S dng Secure Remote Password (SRP): l mt giao thc xc thc i vi cc truy cp t xa S dng Hardware Token S dng SSL/TLS Certificate Based Client Authentication: s dng SSL/TLS m ho, xc thc trong VPN, Web S dng X.509 Public Key S dng PGP Public Key S dng SPKI Public Key S dng XKMS Public Key. S dng XML Digital Signature

12.Tiu chun nh gi h mt m

an ton: Mt h mt c a vo s dng iu u tin phi c an ton cao. Chng phi c phng php bo v m ch da trn s b mt ca cc kho, cn thut ton th cng khai. Ti mt thi im, an ton ca mt thut ton ph thuc: Nu chi ph hay ph tn cn thit ph v mt thut ton ln hn gi tr ca thng tin m ha thut ton th thut ton tm thi c coi l an ton. Nu thi gian cn thit dng ph v mt thut ton l qu lu th thut ton tm thi c coi l an ton. Nu lng d liu cn thit ph v mt thut ton qu ln so vi lng d liu c m ho th thut ton tm thi c coi l an ton Bn m C khng c c cc c im gy ch , nghi ng.

12.Tiu chun nh gi h mt m

Tc m v gii m: Khi nh gi h mt m chng ta phi ch n tc m v gii m. H mt tt th thi gian m v gii m nhanh. Phn phi kha: Mt h mt m ph thuc vo kha, kha ny c truyn cng khai hay truyn kha b mt. Phn phi kha b mt th chi ph s cao hn so vi cc h mt c kha cng khai. V vy y cng l mt tiu ch khi la chn h mt m.

13. M hinh truyn tin c ban cua mt ma hoc va lut Kirchoff

13. M hinh truyn tin c ban cua mt ma hoc va lut Kirchoff

Theo lut Kirchoff (1835 - 1903) (mt nguyn tc c ban trong ma hoa) th: ton b c ch ma/gii ma tr kho l khng bi mt i vi k ch. Y nghia cua lut Kirchoff: s an toan cua cac h ma mt khng phai da vao s phc tap cua thut toan ma hoa s dung.

14. Cc loi tn cng

Cc kiu tn cng khc nhau E bit c Y (ciphertext only attack). Eavesdropper: k nghe trm (Eve) E bit mt s cp plaintext-ciphertext X-Y (known plaintext attack). E bit c cryptogram cho mt s tin X do bn thn son ra (chosen plaintext attack).

15. Mt s ng dng ca m ha trong security

Mt s ng dng ca m ho trong i sng hng ngy ni chung v trong lnh vc bo mt ni ring. l: Securing Email Authentication System Secure E-commerce Virtual Private Network Wireless Encryption

Chng 2: Cc phng php m ha c in

1. Modulo s hoc
- Ta c a b(mod n) nu a = kn + btrong o k la mt s nguyn. - Nu a va b dng va a nho hn n, chng ta c th goi a la phn d cua b khi chia cho n. - Ngi ta con goi b la thng d cua a theo modulo n, va a la ng d cua b theo modulo n

1. Modulo s hoc
V d:
Ta c: 42=4.9+6 vy 42 6 (mod 9) Ta c cu hi; -42 ? (mod9), ta thy -42= -4.9-6 -42 -6 (mod 9) nhng -6 -6+9 3 (mod 9) Vy nn -42 3 (mod 9)

1. Modulo s hoc
- Modulo s hoc cung ging nh s hoc binh thng, bao gm cac phep giao hoan, kt hp va phn phi. Mt khac giam mi gia tri trung gian trong sut qua trinh tinh toan. (a+b) mod n = ((a mod n) + (b mod n)) mod n (a- b) mod n = ((a mod n) - (b mod n)) mod n (ab) mod n = ((a mod n) (b mod n)) mod n (a (b + c)) mod n = (((a b) mod n) + ((a c) mod n)) mod n - Cac php tinh trong cac h ma mt hu ht u thc hin i vi mt modulo N nao o.

2. Vanh ZN
- Tp cac s nguyn ZN = {0, 1, , N-1} trong o N la mt s t nhin dng vi hai phep toan cng (+) va nhn (.) c inh nghia nh sau

- Theo tinh cht cua modulo s hoc chung ta d dang nhn thy ZN la mt vanh giao hoan va kt hp. Hu ht cac tinh toan trong cac h ma mt u c thc hin trn mt vanh ZN nao .

2. Vanh ZN

- Trn vanh ZN s 0 la phn t trung ha v s 1 c goi la phn t n vi v V d N=9

3. Phn t nghich ao trn vnh ZN

- Trn mt vanh s nguyn ZN ngi ta a ra khai nim v s nghich ao cua mt s nh sau: (GCD-Greatest Common Divisor) c s chung ln nht

4. Cc h mt m c in H m dch vng ( shift cipher)

Shift Cipher: Mt trong nhng phng php lu i nht c s dng m ha Thng ip c m ha bng cch dch chuyn xoay vng tng k t i k v tr trong bng ch ci Trng hp vi k=3 gi l phng php m ha Caesar.

4. Cc h mt m c in H m dch vng ( shift cipher)

Phng php n gin, Thao tc x l m ha v gii m c thc hin nhanh chng Khng gian kha K = {0, 1, 2, , n-1} = Zn D b ph v bng cch th mi kh nng kha k

4. Cc h mt m c in H m dch vng ( shift cipher)

V d:

M ha mt thng ip c biu din bng cc ch ci t A n Z (26 ch ci), ta s dng Z26. Thng ip c m ha s khng an ton v c th d dng b gii m bng cch th ln lt 26 gi tr kha k. Tnh trung bnh, thng ip c m ha c th b gii m sau khong 26/2 = 13 ln th kha

4. Cc h mt m c in H m dch vng ( shift cipher)

Ta c s m nh sau: Gi s P = C = K = Z26 vi 0 k 25 M ha: ek(x) = x +k mod 26 Gii m: dk(x) = y -k mod 26 (x,y Z26)

4. Cc h mt m c in H m dch vng ( shift cipher)

V d K=17. Cho bn m X = x1; x2; : : : ; x6 = A T T A C K . X = x1; x2; : : : ; x6 = 0; 19; 19; 0; 2; 10. M ha y1 = x1 + k mod 26 = 0 + 17 mod 26 = 17 = R. y2 = y3 = 19 + 17 mod 26 = 10 = K. y4 = 17 = R. y5 = 2 + 17 mod 26 = 19 = T. y6 = 10 + 17 mod 26 = 1 = B. Gii m Y = y1; y2; : : : ; y6 = R K K R T B .

5. Cc h mt m c in- H m ha thay th(Substitution Cipher)

Substitution Cipher: Phng php m ha ni ting c s dng ph bin hng trm nm nay Thc hin vic m ha thng ip bng cch hon v cc phn t trong bng ch ci hay tng qut hn l hon v cc phn t trong tp ngun P

5. Cc h mt m c in- H m ha thay th(Substitution Cipher)

5. Cc h mt m c in- H m ha thay th(Substitution Cipher)

n gin, thao tc m ha v gii m c thc hin nhanh chng Khng gian kha K gm n! phn t Khc phc hn ch ca phng php Shift Cipher: vic tn cng bng cch vt cn cc gi tr kha kK l khng kh thi

Tht s an ton???

5. Cc h mt m c in- H m ha thay th(Substitution Cipher)

AO VCO JO IBU RIBU AO VCO JO IBU RIBU AO VCO JO IBU RIBU AO VCO JO IBU Tn cng RIBU ?A H?A ?A ?NG ??NG ?A H?A ?A ?NG ??NG MA HOA VA UNG DUNG MA HOA VA UNG DUNG
da trn tn s xut hin ca k t trong ngn ng

5. Cc h mt m c in- H m ha thay th(Substitution Cipher)

L FDPH L VDZ L FRQTXHUHG L FDPH L VDZ L FRQTXHUHG L FDPH L VDZ L FRQTXHUHG L FDPH L VDZ L FRQTXHUHG i ?a?e i ?a? i ?????e?e? i ?a?e i ?a? i ?????e?e? i came i saw i conquered i came i saw i conquered

5. Cc h mt m c in- H m ha thay th(Substitution Cipher)

Chn mt hon v p: Z26 Z26 lm kho. VD:

M ho ep(a)=X

Gii m dp(A)=d

nguyenthanhnhut SOUDHSMGXSGSGUM

 an ton ca m thay th

Mt kho l mt hon v ca 26 ch ci. C 26! ( 4.1026) hon v (kho) Ph m: Khng th duyt tng kho mt. Cch khc?

5. Cc h mt m c in- H m ha thay th(Substitution Cipher)

Phn tch tn s

K t: E > T > R > N > I > O > A > S Nhm 2 k t (digraph): TH > HE > IN > ER > RE > ON > AN > EN Nhm 3 k t (Trigraph): THE > AND > TIO > ATI > FOR > THA > TER > RES

6. Cc h mt m c in - H ma Affine
Substitution Cipher

Shift Cipher

Affine Cipher

6. Cc h mt m c in - H ma Affine

gii m chnh xc thng tin ??? ek phi l song nh

n , x n , a + y (md y Z ! Z x b o

n)

a v n nguyn t cng nhau: gcd(a,n)=1

6. Cc h mt m c in - H ma Affine

V d: Gi s P = C = Z26.

a v 26 nguyn t cng nhau: gcd(a,n)=1

6. Cc h mt m c in - H ma Affine

M tuyn tnh l mt m thay th c dng e(x) = ax + b (mod 26), trong a, b Z26. Trng hp a = 1 l m dch chuyn. Gii m: Tm x? y = ax + b (mod 26) ax = y b (mod 26) x = a-1(y b) (mod 26). Vn : Tnh a-1. c a-1, i hi (a,26)=1. Tnh a-1: Thut ton Euclide m rng.

VD: bi tp

a = 5, b = 3: y = 5x + 3 (mod 26). M ho: NGUYENTHANHNHUT ?

6. Cc h mt m c in - H ma Affine

V d
Kha

Plain(a): abcdefghijklmnopqrstuvwxyz Cipher(b): DKVQFIBJWPESCXHTMYAUOLRGZN M ha: Plaintext: ifwewishtoreplaceletters Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA

6. Cc h mt m c in - H ma Affine

n kh nng chn gi tr b (n) kh nng chn gi tr a n (n) kh nng chn la kha k = (a, b)

7. Thut ton Euclide m rng

7. Thut ton Euclide m rng

Xy dng dy s:

Nhn xt:

8. Phng php Vigenere

Trong phng php m ha bng thay th: vi mt kha k c chn, mi phn t x P c nh x vo duy nht mt phn t y C. Phng php Vigenere s dng kha c di m. c t tn theo nh khoa hc Blaise de Vigenere (th k 16) C th xem phng php m ha Vigenere bao gm m php m ha bng dch chuyn c p dng lun phin nhau theo chu k Khng gian kha K ca phng php Vigenere c s phn t l nm V d: n=26, m=5 th khng gian kha ~1.1 x 107

8. Phng php Vigenere

8. Phng php Vigenere

V d: m = 6 v keyword l CIPHER Suy ra, kha k = (2, 8, 15, 7, 4, 17) Cho bn r: thiscryptosystemisnotsecure

Vy bn m l: vpxzgiaxivwoubttmjpwizitwzt

9. Phng php m ha Hill

Phng php Hill (1929) Tc gi: Lester S. Hill tng chnh:

S dng m t hp tuyn tnh ca m k t trong plaintext to ra m k t trong ciphertext V d:

9. Phng php m ha Hill

9. Phng php m ha Hill

9. Phng php m ha Hill

9. Phng php m ha Hill

9. Phng php m ha Hill

10. Cc h m dng

nh ngha Mt m dng l mt b (P,C,K,L,F,E,D) tho mn dc cc iu kin sau: 1. P l mt tp hu hn cc bn r c th. 2. C l tp hu hn cc bn m c th. 3. K l tp hu hn cc kho c th ( khng gian kho) 4. L l tp hu hn cc b ch ca dng kho. 5. F = (f1 f2...) l b to dng kho. Vi i 1

fi : K P i -1 L

1.

Vi mi z L c mt quy tc m ez E v mt quy tc gii m tng ng dz D . ez : P C v dz : C P l cc hm tho mn dz(ez(x))= x vi mi bn r x P.

10. Cc h m dng
Cc m dng thng c m t trong cc b ch nh phn tc l P= C=L= Z2. Trong trng hp ny, cc php ton m v gii m l php cng theo modulo 2.

10. Cc h m dng

Ch : Nu ta coi "0" biu th gi tr "sai" v "1" biu th gi tr "ng" trong i s Boolean th php cng theo moulo 2 s ng vi php hoc loi tr (XOR). Bng chn l php cng theo modul 2 ging nh bng chn l ca php ton XOR

10. Cc h m dng

Hm m ha v gii m c thc hin bi cng mt php ton l php cng theo modulo 2(hay php XOR) V:

Trong vi zi=0 v zi=1 th

10. Cc h m dng

V d: m ha k t A bi Alice K t A trong bng m ASCII c tng ng vi m 6510=10000012 c m ha bi h kha z1,,z7=0101101 Hm m ha:

Hm gii m:

11. M ha One-time Pad(OTP)

inh nghia 1 :Mt h mt c coi l an ton khng iu kin khi no khng th b ph ngay c vi kh nng tinh ton khng hn ch. OTP xut hin t u th k 20 v cn c tn gi khc l Vernam Cipher, OTP c mnh danh l ci chn thnh ca ngnh m ha d liu. OTP l thut ton duy nht chng minh c v l thuyt l khng th ph c ngay c vi ti nguyn v tn (tc l c th chng li kiu tn cng brute-force). c th t c mc bo mt ca OTP, tt c nhng iu kin sau phi c tha mn: di ca cha kha phi ng bng di vn bn cn m ha. Cha kha ch c dng mt ln. Cha kha phi l mt s ngu nhin thc.

11. M ha One-time Pad(OTP)

inh nghia 2: Trong h m ha OTP ta c |P|=|C|=|K| vi

11. M ha One-time Pad(OTP)

Mi nghe qua c v n gin nhng trong thc t nhng iu kin ny kh c th tha mn c. Gi s Alice mun m ha ch 10MB d liu bng OTP, c ta phi cn mt cha kha c di 10MB. to ra mt s ngu nhin ln nh vy Alice cn mt b to s ngu nhin thc (TRNG - True Random Number Generator). Cc thit b ny s dng ngun ngu nhin vt l nh s phn r ht nhn hay bc x nn v tr. Hn na vic lu tr, chuyn giao v bo v mt cha kha nh vy cng ht sc kh khn. D dng hn, Alice cng c th dng mt b to s ngu nhin o (PRNG - Pseudo Random Number Generator) nhng khi mc bo mt gim xung gn bng zero hay cng lm ch tng ng vi mt thut ton dng nh RC4 m thi. Do c nhng kh khn nh vy nn vic s dng OTP trong thc t l khng kh thi.

12. Ly thuyt thng tin

Ky thut ln xn va rm ra (Confusion and Diffusion) Theo Shannon, c hai ky thut c ban che du s d tha thng tin trong thng bao gc, o la: s ln xn va s rm ra.

12. Ly thuyt thng tin

Ky thut ln xn (Confusion): che du mi quan h gia ban ro va gc. Ky thut nay lam tht bai cac c gng nghin cu ban ma tm kim thng tin d tha va thng k mu. Phng phap d nht thc hin iu nay la thng qua ky thut thay th. Mt h ma hoa thay th n gian, chng han h ma dich vong Caesar, da trn nn tang cua s thay th cc ch cai cua ban r, ngha la ch cai nay c thay th bng ch cai khac

12. Ly thuyt thng tin

Ky thut rm ra (Diffusion): lam mt i s d tha cua ban r bng cach tng s phu ban ma vao ban r (va kha). Cng vic tim kim s d tha cua ngi tham ma s rt mt thi gian va phc tap. Cach n gian nht tao ra s rm ra la thng qua vic i ch (hay con goi la ky thut hon vi). Thng thng cac h ma hin ai thng kt hp ca hai ky thut thay th va hoan vi tao ra cac thut toan ma ha c an toan cao hn.

13. Ly thuyt phc tp

Ly thuyt thng tin a cho chung ta bit rng mt thut ton ma ho co th b bi l. Cn ly thuyt phc tap cho bit kha nng bi tham ma cua mt h ma mt. an toan tinh ton : inh nghia: Mt h mt c gi l an ton v mt tinh ton nu co mt thut ton tt nht ph no th cn it nht N php ton, vi N l mt s rt ln no o. 2.2. an toan khng iu kin inh nghia 1: Mt h mt c coi l an ton khng iu kin khi no khng th b ph ngay c vi kh nng tinh ton khng hn ch.

Chng 3: Chun m d liu DES (Data Encryption Standard)

1.Gii thiu chung v DES

-

Ngy 13/5/1973 y ban quc gia v tiu chun ca M cng b yu cu v h mt m p dng cho ton quc. iu ny t nn mng cho chun m ha d liu, hay l DES. Lc u Des c cng ty IBM pht trin t h m Lucifer, cng b vo nm 1975. Sau Des c xem nh l chun m ha d liu cho cc ng dng.

2. c im ca thut ton DES

DES l thut ton m ha khi, di mi khi l 64 bit . Kha dng trong DES c di ton b l 64 bit. Tuy nhin ch c 56 bit thc s c s dng; 8 bit cn li ch dng cho vic kim tra. Des xut ra bn m 64 bit. Thut toan thc hin 16 vng M ho v gii m c s dng cng mt kho. DES c thit k chy trn phn cng.

3. M t thut ton

3. M t thut ton

3. M t thut ton

Thut ton c thc hin trong 3 giai on: 1. Cho bn r x (64bit) c hon v khi to IP (Initial Permutation) to nn xu bit x0. x0=IP(x)=L0R0 L0 l 32 bit u tin ca x0. R0 l 32 bit cui ca x0.

3. M t thut ton
B chuyn v IP Hon v khi u nhm i ch khi d liu vo , thay i v tr ca cc bt trong khi d liu vo. V d, hon v khi u chuyn bt 1 thnh bt 58, bt 2 thnh bt 50, bt 3 thnh bt 42,... 58 50 42 34 26 18 10 2 60 62 64 57 59 61 63 52 54 56 49 51 53 55 44 46 48 41 43 45 47 36 38 40 33 35 37 39 28 30 32 25 27 29 31 20 22 24 17 19 21 23 12 14 16 9 11 13 15 4 6 8 1 3 5 7

3. M t thut ton
2. T L0 v R0 s lp 16 vng, ti mi vng tnh:

Li=Ri-1 Ri=Li-1f(Ri-1,Ki)

vi i= 1, 2,,16

vi: l php XOR ca hai xu bit: 0 0=0 , 1 1=0 1 0=1, 0 1=1 f l hm m ta s m t sau. Ki l cc xu c di 48 bit c tnh nh l cc hm ca kha K. K1 n K16 lp nn mt lch kha.

3. M t thut ton
3. Ti vng th 16, R16 i ch cho L16. Sau ghp 2 na R16, L16 cho i qua hon v nghch o ca hon v IP s tnh c bn m. Bn m cng c di 64 bt.

Hon v IP-1
40 8 39 7 38 6 37 5 36 4 35 3 34 2 33 1 48 16 56 24 64 32 47 15 55 23 63 31 46 14 54 22 62 30 45 13 53 21 61 29 44 12 52 20 60 28 43 11 51 19 59 27 42 10 50 18 58 26 41 9 49 17 57 25

3. M t thut ton
Hm f

S tnh hm f(Ri-1,Ki)

Hm f
Hm f ly i s u l xu nhp Ri-1 (32 bit) i s th hai l Ki (48 bit) v to ra xu xut c di 32 bit. Cc bc sau c thc hin.
1.

i s u Ri-1 s c m rng thnh xu c di 48 bit tng ng vi hm m rng E c nh. E(Ri) bao gm 32 bit t Ri, c hon v theo mt cch thc xc nh, vi 16 bit c to ra 2 ln.

Hm f
32 4 8 12 16 20 24 28 1 5 9 13 17 21 25 29 2 6 10 14 18 22 26 30 3 7 11 15 19 23 27 31 4 8 12 16 20 24 28 32 5 9 13 17 21 25 29 1

Hm m rng E

Hm f
2. Tnh E(Ri-1) Ki kt qu c mt khi c di 48 bit. Khi ny s c chia lm 8 khi B=B1B2B3B4B5B6B7B8. Mi khi ny c di l 6 bt. Bc k tip l cho cc khi Bi i qua hp Si s bin mt khi c di 6 bit thnh mt khi Ci c di 4 bt.

3.

S-box

Mi hp S-box l mt bng gm 4 hng v 16 ct c nh s t 0. Nh vy mi hp S c hng 0,1,2,3. Ct 0,1,2,,15. Mi phn t ca hp l mt s 4 bt. Su bt vo hp S s xc nh s hng v s ct tm kt qu ra. Mi khi Bi c 6 bt k hiu l b1, b2, b3, b4, b5 v b6. Bt b1 v b6 c kt hp thnh mt s 2 bt, nhn gi tr t 0 n 3, tng ng vi mt hng trong bng S. Bn bt gia, t b2 ti b5, c kt hp thnh mt s 4 bt, nhn gi tr t 0 n 15, tng ng vi mt ct trong bng S.

S-box

S-box

S-box

S-box

S-box
V d: Ta c B1=011000 th b1b6=00 (xc nh r=0), b2b3b4b5=1100 (xc nh c=12), t ta tm c phn t v tr (0,12) --> S1(B1)=0101 (tng ng vi s 5). b2b3b4b5=1100 b1b6=00 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7 0 4 15 1 7 14 8 4 8 2 14 13 4 2 6 9 13 2 1 1 10 6 12 11 9 3 7 9 3 5 10 0 3 5 6 8 0 13

11 15 12 7 5 11

15 12

14 10

Hp S1 - Mi xu xut 4 bit ca cc hp S c a vo ng: Cj = Sj(Bj) (1<=j<=8). cc Cj tng

Hm f
4. Xu bit C = C1C2C3C4C5C6C7C8 c di 32 bit c hon v tng ng vi hon v c nh P. Kt qu c P(C)= f(Ri,Ki). 16 7 20 21 29 1 12 15 18 8 27 13 11 28 23 31 24 3 30 4 17 26 10 14 9 6 25

Hon v P

5 2 32 19 22

Kha K
-

K l mt xu c di 64 bit trong 56 bit dng lm kha v 8 bit dng kim tra s bng nhau (pht hin li). Cc bit cc v tr 8, 16,, 64 c xc nh, sao cho mi byte cha s l cc s 1, v vy tng li c th c pht hin trong mi 8 bit. Cc bit kim tra s bng nhau l c b qua khi tnh lch kha.

S tnh kha K1, K2, , K16

Kha K
Qu trnh to cc kha con (subkeys) t kha K c m t nh sau:
Cho kha K 64 bit, loi b cc bit kim tra v hon v cc bit cn li ca K tng ng vi hon v c nh PC-1. Ta vit PC1(K) = C0D0, vi C0 bao gm 28 bt u tin ca PC-1(k) v D0 l 28 bit cn li.

Kha K
Cc hon v c nh PC-1 v PC-2:

Gii m

Vic gii m dng cng mt thut ton nh vic m ho. gii m d liu c m ho, qu trnh ging nh m ho c lp li nhng cc cha kho ph c dng theo th t ngc li t K16 n K1, ngha l trong bc 2 ca qu trnh m ho d liu u vo trn Ri-1 s c XOR vi K17-i ch khng phi vi Ki.

c im ca m DES
Tnh cht b ca m DES: DES c tnh cht b:

trong : l phn b ca A theo tng bt (1 thay bng 0 v ngc li). EK l bn m ha ca E vi kha K. P v C l vn bn r (trc khi m ha) v vn bn m (sau khi m ha). Do tnh b, ta c th gim phc tp ca tn cng duyt ton b xung 2 ln (tng ng vi 1 bt) vi iu kin l ta c th la chn bn r.

c im ca m DES
Cc kha yu trong m Des: Ngoi ra DES cn c 4 kha yu (weak keys). Khi s dng kha yu th m ha (E) v gii m (D) s cho ra cng kt qu: EK(EK(P)) = P or equivalently, EK = DK Bn cnh , cn c 6 cp kha na yu (semi-weak keys). M ha vi mt kha trong cp, K1, tng ng vi gii m vi kha cn li, K2: EK1(EK2(P))=P or equivalently EK1=DK2 Tuy nhin c th d dng trnh c nhng kha ny khi thc hin thut ton, c th bng cch th hoc chn kha mt cch ngu nhin. Khi kh nng chn phi kha yu l rt nh.

c im ca m DES
Triple DES: Triple-DES chnh l DES vi hai cha kho 56 bit. Cho mt bn tin cn m ho, cha kho u tin c dng m ho DES bn tin . Kt qu thu c li c cho qua qu trnh gii m DES nhng vi cha kho l cha kho th hai. Bn tin sau qua c bin i bng thut ton DES hai ln nh vy li c m ho DES mt ln na vi cha kho u tin ra c bn tin m ho cui cng. Qu trnh m ho DES ba bc ny c gi l Triple-DES.

 Kim Tra
Mn: ATBMTT Lp: KHMT1K3 Thi gian: 120

Cho ban r mang ni dung: x=0123D56789ABCDE8. Cho khoa K=183457799B3CDFF2 Trong h c s 16, Thc hin m ha vn bn r trn theo thut ton DES

Xin chn thnh cm n!