Professional Documents
Culture Documents
BI GING
AN TON V BO MT
THNG TIN
(Lu hnh ni b)
BI GING
AN TON V BO MT
THNG TIN
Bin son: Trn Minh Vn
(Ti liu tham kho chnh: Cryptography and Network Security Principles and Practices,
4th Edition William Stallings Prentice Hall 2005)
MC LC
CHNG 1. GII THIU V AN TON V BO MT THNG TIN .................. 8
1.1
Gii thiu................................................................................................................. 8
1.2
Bo v thng tin trong qu trnh truyn thng tin trn mng .................................. 8
1.2.1
1.2.2
1.2.3
1.2.4
1.3
1.4
Cu hi n tp ....................................................................................................... 13
M ha Ceasar ....................................................................................................... 14
2.2
2.3
2.4
M ha thay th a k t ....................................................................................... 19
2.4.1
2.4.2
M Playfair .................................................................................................... 19
M Hill ........................................................................................................... 20
2.5
2.6
2.7
2.8
Tng kt ................................................................................................................ 25
2.9
Cu hi n tp ....................................................................................................... 27
2.10 Bi Tp .................................................................................................................. 27
2.11 Bi Tp Thc Hnh ............................................................................................... 28
CHNG 3. M HA I XNG HIN I .......................................................... 30
3.1
3.1.1
3.1.2
3.2
3.2.1
3.2.2
3.2.3
3.3
A5/1 ............................................................................................................... 32
RC4 ................................................................................................................ 34
M khi an ton l tng ............................................................................... 37
Mng SPN ...................................................................................................... 38
M hnh m Feistel ........................................................................................ 38
M TinyDES ......................................................................................................... 40
3.3.1
Cc vng ca TinyDES.................................................................................. 40
3
3.3.2
3.3.3
3.3.4
3.4
3.4.1
3.4.2
3.4.3
3.4.4
3.4.5
3.5
3.5.1
3.5.2
3.6
3.6.1
3.6.2
3.6.3
3.6.4
3.6.5
3.7
3.8
3.9
3.10 Cu hi n tp........................................................................................................ 58
3.11 Bi tp.................................................................................................................... 58
3.12 Bi tp thc hnh ................................................................................................... 59
CHNG 4. M HA KHA CNG KHAI ............................................................. 61
4.1
L thuyt s ........................................................................................................... 63
4.1.1
4.1.2
4.1.3
4.2
RSA ....................................................................................................................... 66
4.2.1
4.2.2
4.3
4.3.1
4.3.2
4.4
Mt s khi nim........................................................................................... 63
nh l Fermat ............................................................................................... 64
Php logarit ri rc ......................................................................................... 64
4.5
4.6
4.6.1
4.6.2
4.7
4.8
Cu hi n tp ....................................................................................................... 76
4.9
Bi tp ................................................................................................................... 77
5.2
Hm bm Hash function..................................................................................... 82
5.2.1
5.2.2
5.2.3
5.3
Hm bm v ch k in t .................................................................................. 95
5.4
5.4.1
5.4.2
5.4.3
Lu tr mt khu ........................................................................................... 92
u gi trc tuyn .......................................................................................... 93
Download file ................................................................................................ 94
5.5
Cu hi n tp ....................................................................................................... 96
5.6
Bi tp ................................................................................................................... 97
5.7
6.2
6.2.1
6.2.2
6.3
Cu hi n tp ..................................................................................................... 103
6.4
Bi tp ................................................................................................................. 103
7.2
7.2.1
7.2.2
7.2.3
7.3
Giao thc bo mt web Secure Socket Layer version 3 - SSLv3 ........................ 110
7.3.1
7.3.2
7.3.3
7.4
7.4.1
7.5
Cu hi n tp...................................................................................................... 119
7.6
8.2
8.3
9.1.1
9.1.2
9.1.3
9.2
9.3
9.3.1
9.3.2
9.3.3
9.3.4
9.3.5
9.3.6
9.3.7
9.4
9.4.1
9.4.2
9.4.3
9.4.4
9.4.5
9.4.6
172
174
1.2 Bo v thng tin trong qu trnh truyn thng tin trn mng
1.2.1 Cc loi hnh tn cng
xem xt nhng vn bo mt lin quan n truyn thng trn mng, chng ta
hy ly mt bi cnh sau: c ba nhn vt tn l Alice, Bob v Trudy, trong Alice v Bob
thc hin trao i thng tin vi nhau, cn Trudy l k xu, t thit b can thip vo knh
truyn tin gia Alice v Bob. Sau y l cc loi hnh ng tn cng ca Trudy m nh
hng n qu trnh truyn tin gia Alice v Bob:
1) Xem trm thng tin (Release of Message Content)
Trong trng hp ny Trudy chn cc thng ip Alice gi cho Bob, v xem c
ni dung ca thng ip.
Trudy
c ni dung thng
ip ca Alice
Network
Alice
Bob
Hnh 1-1. Xem trm thng ip
Trudy
Sa thng ip ca
Alice gi cho Bob
Network
Alice
Bob
Hnh 1-2. Sa thng ip
3) Mo danh (Masquerade)
Trong trng hp ny Trudy gi l Alice gi thng ip cho Bob. Bob khng bit
iu ny v ngh rng thng ip l ca Alice.
Trudy
Trudy gi l Alice gi
thng ip cho Bob
Network
Alice
Bob
Hnh 1-3. Mo danh
Trudy
Sao chp thng ip ca
Alice v gi li sau cho Bob
Network
Alice
Bob
Hnh 1-4. Pht li thng ip
10
chuyn i
lin quan n
an ton
Bn gi
chuyn i
lin quan n
an ton
thng tin
b mt
thng tin
b mt
Bn nhn
i th
thc hin vic bo v ny, ngi ta dng khi nim kim sot truy cp
(Access Control). Khi nim kim sot truy cp ny c hai yu t sau:
Chng thc truy cp (Authentication): xc nhn rng i tng (con ngi hay
chng trnh my tnh) c cp php truy cp vo h thng. V d: s dng
my tnh th trc tin i tng phi logon vo my tnh bng username v
password. Ngoi ra, cn c cc phng php chng thc khc nh sinh trc hc
(du vn tay, mng mt) hay dng th (th ATM).
Phn quyn (Authorization): cc hnh ng c php thc hin sau khi truy
cp vo h thng. V d: bn c cp username v password logon vo h
iu hnh, tuy nhin bn ch c cp quyn c mt file no . Hoc bn ch
c quyn c file m khng c quyn xa file.
Vi nguyn tc nh vy th mt my tnh hoc mt mng my tnh c bo v khi
s thm nhp ca cc i tng khng c php. Tuy nhin thc t chng ta vn nghe ni
n cc v tn cng ph hoi. thc hin iu , k ph hoi tm cch ph b c ch
Authentication v Authorization bng cc cch thc sau:
Dng cc on m ph hoi (Malware): nh virus, worm, trojan, backdoor
nhng on m c ny pht tn lan truyn t my tnh ny qua my tnh khc
da trn s bt cn ca ngi s dng, hay da trn cc li ca phn mm. Li
dng cc quyn c cp cho ngi s dng (chng hn rt nhiu ngi login vo
my tnh vi quyn administrator), cc on m ny thc hin cc lnh ph hoi
hoc d tm password ca qun tr h thng gi cho hacker, ci t cc cng
hu hacker bn ngoi xm nhp.
Thc hin cc hnh vi xm phm (Intrusion): vic thit k cc phn mm c nhiu
l hng, dn n cc hacker li dng thc hin nhng lnh ph hoi. Nhng
lnh ny thng l khng c php i vi ngi bn ngoi, nhng l hng ca
phn mm dn n c php. Trong nhng trng hp c bit, l hng phn
mm cho php thc hin nhng lnh ph hoi m ngay c ngi thit k chng
trnh khng ng ti. Hoc hacker c th s dng cc cng hu do cc backdoor
to ra xm nhp.
khc phc cc hnh ng ph hoi ny, ngi ta dng cc chng trnh c chc
nng gc cng, phng chng. Nhng chng trnh ny d tm virus hoc d tm cc hnh
vi xm phm n ngn chn chng, khng cho chng thc hin hoc xm nhp. l cc
chng trnh chng virus, chng trnh firewall Ngoi ra cc nh pht trin phn mm
cn c quy trnh xy dng v kim li phn mm nhm hn ch ti a nhng l hng bo
mt c th c.
12
- D liu
- Cc tin trnh
- Phn mm
Chc nng
gc cng
- Cc ti nguyn mng
1.4 Cu hi n tp
1) Nu cc hnh thc tn cng trong qu trnh truyn tin trn mng.
2) Bo v thng tin trong qu trnh truyn i trn mng l g?
3) Bo v h thng khi s tn cng bn ngoi l g?
13
CHNG 2. M HA I XNG CN BN
Trong chng ny chng ta s tm hiu mt s khi nim c bn v phng php m
ha i xng. y l phng php ch yu trong vic bo m tnh bo mt
(confidentiality) ca mt h truyn tin. Trc tin, chng ta s tm hiu phng php m
ha Ceasar v sau l m hnh tng qut ca phng php m ha i xng cng mt s
tnh cht lin quan. Phn cn li ca chng trnh by mt s phng php m ha c in
ph bin khc.
2.1 M ha Ceasar
Th k th 3 trc cng nguyn, nh qun s ngi La M Julius Ceasar ngh ra
phng php m ha mt bn tin nh sau: thay th mi ch trong bn tin bng ch ng
sau n k v tr trong bng ch ci. Gi s chn k = 3, ta c bng chuyn i nh sau:
Ch ban u: a b c d e f g h i j k l m n o p q r s t u v w x y z
Ch thay th: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
(sau Z s vng li l A, do x A, y B v z C)
Gi s c bn tin gc (bn r):
Nh vy bn tin m ha (bn m) s l:
B
1
C
2
D
3
E
4
F
5
G
6
H
7
I
8
J K L M N O P Q R S T U V W X Y Z
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
14
KEY
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
og
nf
me
ld
kc
jb
ia
hz
gy
fx
ew
dv
cu
bt
as
zr
yq
xp
wo
vn
um
tl
sk
rj
qi
chvgt
bgufs
after
zesdq
ydrcp
xcqbo
wbpan
vaozm
uznyl
tymxk
sxlwj
rwkvi
qvjuh
puitg
othsf
nsgre
mrfqd
lqepc
kpdob
jocna
inbmz
hmaly
glzkx
fkyjw
ejxiv
vjg
uif
the
sgd
rfc
qeb
pda
ocz
nby
max
lzw
kyv
jxu
iwt
hvs
gur
ftq
esp
dro
cqn
bpm
aol
znk
ymj
xli
vqic
uphb
toga
snfz
rmey
qldx
pkcw
ojbv
niau
mhzt
lgys
kfxr
jewq
idvp
hcuo
gbtn
fasm
ezrl
dyqk
cxpj
bwoi
avnh
zumg
ytlf
xske
rctva
qbsuz
party
ozqsx
nyprw
mxoqv
lwnpu
kvmot
julns
itkmr
hsjlq
grikp
fqhjo
epgin
dofhm
cnegl
bmdfk
alcej
zkbdi
yjach
xizbg
whyaf
vgxze
ufwyd
tevxc
K
ni gi
M ha
knh thng
Gii m
C
Ph m
ni nhn
M hnh trn gm 5 yu t:
15
Bn r P (plaintext)
Thut ton m ha E (encrypt algorithm)
Kha b mt K (secret key)
Bn m C (ciphertext)
Thut ton gii m D (decrypt algorithm)
Trong :
C = E (P, K)
P = D (C, K)
Thut ton m ha v gii m s dng chung mt kha, thut ton gii m l php
ton ngc ca thut ton m ha (trong m ha Ceasar, E l php cng cn D l php tr).
V vy m hnh trn c gi l phng php m ha i xng.
Bn m C c gi i trn knh truyn. Do bn m C c bin i so vi bn r
P, cho nn nhng ngi th ba can thip vo knh truyn ly c bn m C, th khng
hiu c ngha ca bn m. y chnh l c im quan trng ca m ha, cho php
m bo tnh bo mt (confidentiality) ca mt h truyn tin cp trong chng 1.
Mt c tnh quan trng ca m ha i xng l kha phi c gi b mt gia
ngi gi v ngi nhn, hay ni cch khc kha phi c chuyn mt cch an ton t
ngi gi n ngi nhn. C th t ra cu hi l nu c mt knh an ton chuyn
kha nh vy th ti sao khng dng knh chuyn bn tin, ti sao cn n chuyn m
ha? Cu tr li l ni dung bn tin th c th rt di, cn kha th thng l ngn. Ngoi ra
mt kha cn c th p dng truyn tin nhiu ln. Do nu ch chuyn kha trn knh
an ton th tn km chi ph.
c tnh quan trng th hai ca mt h m ha i xng l tnh an ton ca h m.
Nh thy phn m ha Ceasar, t mt bn m c th d dng suy ra c bn r ban
u m khng cn bit kha b mt. Hnh ng i tm bn r t bn m m khng cn
kha nh vy c gi l hnh ng ph m (cryptanalysis). Do mt h m ha i
xng c gi l an ton khi v ch khi n khng th b ph m (iu kin l tng) hoc
thi gian ph m l bt kh thi.
Trong phng php Ceasar, l do m phng php ny km an ton l ch kha k
ch c 25 gi tr, do k ph m c th th c ht tt c cc trng hp ca kha rt
nhanh chng. Phng php tn cng ny c gi l phng php vt cn kha (bruteforce attack). Ch cn ni rng min gi tr ca kha th c th tng thi gian ph m n
mt mc c coi l bt kh thi. Bng di y lit k mt s v d v thi gian ph m
trung bnh tng ng vi kch thc ca kha.
Kch thc kha
(bt)
S lng kha
32
35.8 pht
56
1142 nm
10.01 gi
128
5.4 x 1024 nm
5.4 x 1018 nm
5.9 x 1030 nm
168
hon v 26 k t
16
26! 4 x 1026
6.4 x 1012 nm
6.4 x 106 nm
(tc CPU hin nay khong 3x109 Hz, tui v tr vo khong 1010 nm)
Bng 2-1. Thi gian vt cn kha theo kch thc kha
: Z P B Y J R S K F L X Q N W V D H M G U T O I A E C
Nh vy bn r
c m ha thnh:
Cm 2 ch (%)
TH
3.16
IN
1.54
ER
1.33
RE
1.30
AN
1.08
HE
1.08
AR
1.02
EN
1.02
TI
1.02
TE
0.98
AT
0.88
ON
0.84
HA
0.84
OU
0.72
IT
0.71
ES
0.69
ST
0.68
OR
0.68
NT
0.67
HI
0.66
EA
0.64
VE
0.64
CO
0.59
DE
0.55
RA
0.55
RO
0.55
Cm 3 ch (%)
THE
4.72
ING
1.42
AND
1.13
ION
1.00
ENT
0.98
FOR
0.76
TIO
0.75
ERE
0.69
HER
0.68
ATE
0.66
VER
0.63
TER
0.62
THA
0.62
ATI
0.59
HAT
0.55
ERS
0.54
HIS
0.52
RES
0.50
ILL
0.47
ARE
0.46
CON
0.45
NCE
0.45
ALL
0.44
EVE
0.44
0.44
ITH
0.44
TED
T (%)
THE
6.42
OF
4.02
AND
3.15
TO
2.36
A
2.09
IN
1.77
THAT
1.25
IS
1.03
I
0.94
IT
0.93
FOR
0.77
AS
0.76
WITH
0.76
WAS
0.72
HIS
0.71
HE
0.71
BE
0.63
NOT
0.61
BY
0.57
BUT
0.56
HAVE
0.55
YOU
0.55
WHICH
0.53
ARE
0.50
ON
0.47
OR
0.45
18
2
2
0
6
6
F
G
H
I
J
3
3
6
1
0
K
L
M
N
O
0
0
7
0
9
P 17
Q 3
R 0
S 10
T 4
U
V
W
X
Y
9
5
4
5
2
Z 13
2
2
3
3
2
HZ
MO
OH
OP
PD
2
2
2
3
3
PE
PO
PP
SX
SZ
2
3
2
3
2
TS
UD
UZ
VU
WS
2
2
3
2
2
XU
ZO
ZS
ZU
ZW
2
2
2
2
3
2.4 M ha thay th a k t
2.4.1 M Playfair
M ha Playfair xem hai k t ng st nhau l mt n v m ha, hai k t ny
c thay th cng lc bng hai k t khc. Playfair dng mt ma trn 5x5 cc k t nh
sau:
19
I/J
B
1
C
2
D
3
E
4
F
5
G
6
H
7
I
8
J K L M N O P Q R S T U V W X Y Z
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
20
Ba phng trnh trn c th biu din thnh vector v php nhn ma trn nh sau:
c1
c2
c3
p1
p2
p3
mod 26
K=
17 17 5
21 18 21
2 2 19
5
0
24
mod 26 =
11
13
18
= LNS
K-1
4 9 15
15 17 6
24 0 17
V :
4 9 15
15 17 6
24 0 17
17 17 5
21 18 21
2 2 19
mod 26 =
1 0 0
0 1 0
0 0 1
21
key
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
a
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
b
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
c
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
d
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
e
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
f
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
g
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
h
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
i
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
j
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
k
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
l
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
m
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
n
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
o
O
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
p
P
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
q
Q
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
r
R
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
s
S
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
t
T
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
u
U
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
v
V
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
w
W
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
x
X
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
y
Y
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
z
Z
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
wearediscoveredsaveyourself
Kha K1:
FHWYKLVMKVKXCVKDJSFSAPXZCVP
Bn m C:
BLWPOODEMJFBTZNVJNJQOJORGGU
Bn m C:
BLWPOODEMJFBTZNVJNJQOJORGGU
Kha K2:
IESRLKBWJFCIFZUCJLZXAXAAPSY
Bn gii m:
theydecidedtoattacktomorrow
(they decided to attack tomorrow)
Trng hp 2:
Bn m C:
BLWPOODEMJFBTZNVJNJQOJORGGU
Kha K3:
FHAHDDRAIQFIASJGJWQSVVBJAZB
Bn gii m:
wewillmeetatthepartytonight
(we will meet at the party tonight)
t
s
u
i
t
t
n
s
a
p
t
n
c
o
i
o
k
n
l
o
khi
kt
xut
theo
tng
AODHTSUITTNSAPTNCOIOKNLOPETN
p
e
t
n
ct
th
bn
m:
O
t
s
u
i
N
t
t
n
s
A
a
p
t
n
R
c
o
i
o
C
k
n
l
o
H
p
e
t
n
A
a
p
t
n
C
k
n
l
o
H
p
e
t
n
M
a
o
d
h
N
t
t
n
s
O
t
s
u
i
R
c
o
i
o
O
p
p
h
u
N
t
e
t
i
A
n
t
t
c
R
k
n
n
o
C
n
a
s
i
H
l
o
t
o
A
n
t
t
c
C
n
a
s
i
H
l
o
t
o
M
a
o
d
s
N
t
e
t
i
O
p
p
h
u
R
k
n
n
o
2.8 Tng kt
Cc phng php m ha c in thng da trn hai phng thc. Cch th nht l
dng phng thc thay th mt ch ci trong bn r thnh mt ch ci khc trong bn m
(substitution). Cc m ha dng phng thc ny l m ha Ceasar, m ha thay th n
bng, a bng, one-time pad. Cch th hai l dng phng thc hon v thay i th t
25
C1
P2
C2
P3
C3
Ngi ph m ch
bit C1, C2, C3 cn
tm ra P1, P2, P3
C1
P2
C2
P3
C3
26
2.9 Cu hi n tp
1)
2)
3)
4)
5)
6)
7)
8)
9)
10)
2.10 Bi Tp
1. Gii m bn m sau, gi s m ha Ceasar c s dng m ha vi k=3:
IRXUVFRUHDQGVHYHQBHDUVDJR
2. Nu mt my tnh c th th 240 kha /giy, tnh thi gian ph m bng phng
php vt cn kha nu kch thc kha l 128 bt (p n tnh theo n v nm).
3. M ha bn r sau: enemy coming, dng phng php m ha thay th n
bng vi kha hon v K l: IAUTMOCSNREBDLHVWYFPZJXKGQ
4. M ha t explanation bng phng php Vigenere, t kha l LEG.
5. M ha thng ip sau bng phng php hon v:
we are all together
bit kha 24153
6. Ph m bn m sau, gi s m ha Ceasar c s dng:
CSYEVIXIVQMREXIH
7. Ph m bn m sau (ting Anh), bit phng php m ha s dng l phng php
thay th n bng:
GBSXUCGSZQGKGSQPKQKGLSKASPCGBGBKGUKGCEUKUZKGGBSQEICA
CGKGCEUERWKLKUPKQQGCIICUAEUVSHQKGCEUPCGBCGQOEVSHUNSU
GKUZCGQSNLSHEHIEEDCUOGEPKHZGBSNKCUGSUKUASERLSKASCUGB
SLKACRCACUZSSZEUSBEXHKRGSHWKLKUSQSKCHQTXKZHEUQBKZAEN
NSUASZFENFCUOCUEKBXGBSWKLKUSQSKNFKQQKZEHGEGBSXUCGSZQ
GKGSQKUZBCQAEIISKOXSZSICVSHSZGEGBSQSAHSGKHMERQGKGSKR
EHNKIHSLIMGEKHSASUGKNSHCAKUNSQQKOSPBCISGBCQHSLIMQGKG
SZGBKGCGQSSNSZXQSISQQGEAEUGCUXSGBSSJCQGCUOZCLIENKGCA
USOEGCKGCEUQCGAEUGKCUSZUEGBHSKGEHBCUGERPKHEHKHNSZKGGKAD
28
29
attack
M ASCII:
Nh phn
A
B
C
D
E
F
G
H
000
001
010
011
100
101
110
111
(head)
(FBCG)
30
11
1 1
1 1
1 1
11
p0
s0
p1
s1
c0
pn-1
sn-1
c1
cn-1
Nh vy c th thy m ha dng tng t nh m ha Vigenere v m ha OneTime Pad. im quan trng nht ca cc m dng l b sinh s ngu nhin. Nu chn kha
c chiu di ngn nh m ha Vigenere th khng bo m an ton, cn nu chn kha c
chiu di bng chiu di bn tin nh One-Time Pad th li khng thc t. B sinh s ca
m dng cn bng gia hai im ny, cho php dng mt kha ngn nhng dy s sinh ra
bo m mt ngu nhin cn thit nh kha ca One-time Pad, dng rng khng hon
ton thc s ngu nhin.
31
Phn tip theo trnh by hai phng php m ha dng tiu biu l A5/1 v RC4.
3.1.1 A5/1
A5/1 c dng trong mng in thoi GSM, bo mt d liu trong qu trnh lin
lc gia my in thoi v trm thu pht sng v tuyn. n v m ha ca A5/1 l mt
bt. B sinh s mi ln s sinh ra hoc bt 0 hoc bt 1 s dng trong php XOR. n
gin, trc tin chng ta s xem xt mt m hnh thu nh ca A5/1 gi l TinyA5/1.
1) TinyA5/1
C ch thc hin ca b sinh s TinyA5/1 l nh sau:
B sinh s gm 3 thanh ghi X, Y, Z. Thanh ghi X gm 6 bit, k hiu l (x0, x1, ,
x5). Thanh ghi Y gm 8 bit (y0, y1, , y7). Thanh ghi Z lu 9 bit (z0, z1, , z8). Kha K ban
u c chiu di 23 bt v ln lt c phn b vo cc thanh ghi: K XYZ . Cc thanh
ghi X, Y, Z c bin i theo 3 quy tc:
1) Quay X gm cc thao tc:
t = x2
x4
x5
xj = xj-1 vi j = 5, 4, 3, 2, 1
x0 = t
1 0
0 1
t = y6
y7
yj = yj-1 vi j = 7, 6, 5, ..., 1
y0 = t
3) Quay Z:
1 0
1 0 0
0 1
0 0
t = z2
z7 z8
zj = zj-1 vi j = 8, 7, 6, ..., 1
z0 = t
y7
z8
Y = 10100111
s0= 0 1 0 = 1
Z = 100110000
Bc 1: x1= 1, y3=0, z3= 1 m = 1 quay X, quay Z
X = 111001
Y = 10100111
s1= 1 1 0 = 0
Z = 010011000
Bc 2: x1= 1, y3=0, z3= 0 m = 0 quay Y, quay Z
X = 111001
Y = 01010011
s2= 1 1 0 = 0
Z = 001001100
Vy bn m l C = 111
2) A5/1
V nguyn tc b sinh s A5/1 hot ng ging nh TinyA5/1. Kch thc thanh ghi
X, Y, Z ln lt l 19, 22 v 23 bt. Cc bc quay X, Y, Z c th nh sau:
1) Quay X:
t = x13 x16 x17 x18
xj = xj-1 vi j = 18, 17,16 ..., 1
x0 = t
2) Quay Y:
t = y20
y21
yj = yj-1 vi j = 21, 20, 19, ..., 1
y0 = t
3) Quay Z:
t = z7 z20 z21 z22
zj = zj-1 vi j = 22, 21, 20, ..., 1
z0 = t
y21
Hm maj c tnh trn 3 bt x8, y10, z10. Sau khi quay xong bt sinh ra l: si = x18
z22. Ton b qu trnh sinh dy s ca A5/1 c minh ha qua hnh bn di:
33
1 2 3
5 6
7 8 9 10 11 12 13 14 15 16 17 18
t
si
1 2 3
5 6
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
t
1 2
3 4
5 6
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
t
Hnh 3-2. M dng A5/1
Khi to S v T
S
0 1
2 3
2 1
3 2
Hon v S
T
i=0
2
j
S[i]+T[i]=2
0
Swap(S[i], S[j])
i=1
1
3
j
S[i]+T[i]=2
0
Swap(S[i], S[j])
i=2
3
1
j
S[i]+T[i]=3
5
Swap(S[i], S[j])
35
Bc 0:
i
j
S
S[i]
6
s0 = 5 = 101[2]
s1 = 1 = 001[2]
S[i]+S[j]=0+6
Bc 1:
1
S[i]
j
S
S[i]+S[j]=4+7
Bc 2:
S[i]
j
6
s2 = 4 = 111[2]
S[i]+S[j]=1+6
Vy bn m l C = 001.000.110
2) RC4
C ch hot ng ca RC4 cng ging nh TinyRC4 vi cc c tnh sau:
-
36
b) Giai on sinh s:
i, j = 0;
while (true)
i = (i + 1) mod 256;
j = (j + S[i]) mod 256;
Swap (S[i], S[j]);
t = (S[i] + S[j]) mod 256;
k = S[t];
end while;
(head)
(FBCG)
Bn m
0000
0001
0010
0011
0100
0101
0110
0111
1000
1001
1010
1011
1100
1101
1110
1111
1110
0100
1101
0001
0010
1111
1011
1000
0011
1010
0110
1100
0101
1001
0000
0111
37
Lc ny kha l ton b bng trn. Ngi gi cng nh ngi nhn phi bit ton b
bng trn m ha v gii m. i vi ngi ph m, nu bit mt s cp bn r - bn
m th cng ch bit c mt phn ca bng tra cu trn. Do khng suy ra c bn r
cho cc bn m cn li. Hay ni cch khc, mun ph m th phi bit c tt c cc cp
bn r v bn m. Nu chn kch thc ca khi l 64 bt th s dng ca bng kha l 264,
mt con s rt ln (v c khong 264! bng kha nh vy). Lc ny vic nm tt c cc cp
bn r-bn m ca bng kha l iu khng th i vi ngi ph m. Trng hp ny ta
gi l m khi an ton l tng.
Tuy nhin, khi kch thc khi ln th s dng ca bng kha cng ln v gy tr
ngi cho vic lu tr cng nh trao i kha gia ngi gi v ngi nhn. Bng kha c
264 dng mi dng 64 bt do kch thc kha s l 64x 264= 270 1021 bt. Do m
khi an ton l tng l khng kh thi trong thc t.
3.2.2 Mng SPN
Trong thc t, ngi ta ch tm cch ch cn dng mt kha c kch thc ngn
gi lp mt bng tra cu c an ton xp x an ton ca m khi l tng. Cch thc
hin l kt hp hai hay nhiu m ha n gin li vi nhau to thnh mt m ha tng
(product cipher), trong m ha tng an ton hn rt nhiu so vi cc m ha thnh phn.
Cc m ha n gin thng l php thay th (substitution, S-box) v hon v
(Permutation, P-box). Do ngi ta hay gi m ha tng l Substitution-Permutation
Network (mng SPN). Hnh di minh ha mt mng SP.
Bt u vo
0
1
2
S1
P1
11
Bt u ra
S2
S3
0
1
2
S4
P2
S5
P3
S6
11
K1
K2
C1
C2
K3
Kn-1
Cn
K1
Ci = (Li, Ri) i = 1, 2, n
Quy tc bin i cc na tri phi ny qua cc vng c thc hin nh sau:
Li = Ri-1
Ri = Li-1
F(Ri-1, Ki)
K
R0
F
L1
R1
Ln-1
Rn-1
F
Ln
K1
Kn
Rn
ciphertext
(theo m ha Li = Ri-1 )
F(Ri-1, Ki)
(theo m ha Ri = Li-1
F(Ri-1, Ki) )
39
3.3 M TinyDES
Vo nm 1973, khi lnh vc my tnh ngy cng pht trin, nhu cu ng dng bo
mt vo cc mc ch dn s c t ra. Lc ny Cc tiu chun quc gia Hoa K ku
gi cc cng ty M thit lp mt chun m ha quc gia. M ha Lucifer ca cng ty IBM
c chn v sau mt vi sa i ca c quan an ninh Hoa K, m ha Lucifer tr
thnh m tiu chun DES (Data Encryption Standard). Qua qu trnh s dng m DES
chng t an ton cao v c s dng rng ri.
Tng t nh m dng A5/1 v RC4, chng ta cng s xem xt mt m hnh thu nh
ca m DES l TinyDES.
M TinyDES c cc tnh cht sau:
Kha 8 bt
6
Vng 1
8
Vng 2
8
Vng 3
8
Nn kha
Nn kha
Nn kha
Bn m 8 bt
Hnh 3-4. Cc vng Feistel ca m TinyDES
Li-1
Ri-1
KLi-1
4
KRi-1
4
Expand
Left Shift
Left Shift
Ki
4
Compress
6
S-box
4
P-box
4
Li
Ri
KLi
KRi
Ki))
b0b5
00
1110 0100 1101 0001 0010 1111 1011 1000 0011 1010 0110 1100 0101 1001 0000 0111
01
0000 1111 0111 0100 1110 0010 1101 0001 1010 0110 1100 1011 1001 0101 0011 1000
10
0100 0001 1110 1000 1101 0110 0010 1011 1111 1100 1001 0111 0011 1010 0101 0000
11
1111 1100 1000 0010 0100 1001 0001 0111 0101 1011 0011 1110 1010 0000 0110 1101
b0b5 1
2
42
L0
R0
Expand
X
K1
S-box
Y
P-box
Z
L1
R1
Bn r 64 bt
Kha 64 bt
Hon v khi to
64
Hon v kha
56
48
Vng 1
64
Nn kha
48
Vng 2
64
.
56
56
Nn kha
48
Vng 16
64
56
Nn kha
i 2 na u, cui
64
Hon v kt thc
Bn m 64 bt
Hnh 3-6. Cc vng Feistel ca m DES
57
49
41
33
25
17
59
51
43
35
27
19
11
61
53
45
37
29
21
13
63
55
47
39
31
23
15
56
48
40
32
24
16
58
50
42
34
26
18
10
60
52
44
36
28
20
12
62
54
46
38
30
22
14
44
39
47
15
55
23
63
31
38
46
14
54
22
62
30
37
45
13
53
21
61
29
36
44
12
52
20
60
28
35
43
11
51
19
59
27
34
42
10
50
18
58
26
33
41
49
17
57
25
32
40
48
16
56
24
Hon v kt thc chnh l hon v nghch o ca hon v khi to. i vi knownplaintext hay chosen-plaintext attack, hon v khi to v hon v kt thc khng c
ngha bo mt, s tn ti ca hai hon v trn c nhn nh l do yu t lch s.
3.4.2 Cc vng ca DES
Hnh sau minh ha mt vng Feistel ca DES
Li-1
32
Ri-1
KLi-1
KRi-1
32
28
28
Expand
Left Shift
Left Shift
48
Ki
28
28
Compress
48
S-boxes
32
P-box
32
32
Li
Ri
KLi
KRi
Ki))
Trong hm Expand va m rng va hon v Ri-1 t 32 bt ln 48 bt. Hm Sboxes nn 48 bt li cn 32 bt. Hm P-box l mt hon v 32 bt. M t ca cc hm trn
l nh sau:
Expand: nh s cc bt ca Ri-1 theo th t t tri sang phi l 0, 1, 2, , 31.
Hm Expand thc hin va hon v va m rng 32 bt thnh 48 bt theo quy tc:
45
31
10
11
12
11
12
13
14
15
16
15
16
17
18
19
20
19
20
21
22
23
24
23
24
25
26
27
28
27
28
29
30
31
48 bt
S-boxes:
Hm S-boxes ca DES bin i mt s 48 bt thnh mt s 32 bt. Tuy nhin,
nu ch lp mt bng tra cu nh TinyDES th bng ny phi c 216 dng v 232
ct, dn n s phn t ca bng rt ln. gim kch thc ca bng tra cu, ngi
ta chia hm S-boxes thnh 8 hm S-box con, mi hm bin i s 6 bt thnh s 4 bt
(hnh di)
48 bt
S1
S2
S3
S4
S5
S6
S7
S8
32 bt
b0b5
00
1110 0100 1101 0001 0010 1111 1011 1000 0011 1010 0110 1100 0101 1001 0000 0111
01
0000 1111 0111 0100 1110 0010 1101 0001 1010 0110 1100 1011 1001 0101 0011 1000
10
0100 0001 1110 1000 1101 0110 0010 1011 1111 1100 1001 0111 0011 1010 0101 0000
11
1111 1100 1000 0010 0100 1001 0001 0111 0101 1011 0011 1110 1010 0000 0110 1101
19
20
28
11
27
16
14
22
25
17
30
23
13
31
26
18
12
29
21
10
24
46
48
40
32
24
16
57
49
41
33
25
17
58
50
42
34
26
18
10
59
51
43
35
62
54
46
38
30
22
14
61
53
45
37
29
21
13
60
52
44
36
28
20
12
27
19
11
56 bt
1 2 9 16
16
10
23
27
14
20
22
18
11
25
15
26
19
12
40
51
30
36
46
54
29
39
50
44
32
47
43
48
38
55
33
52
45
41
49
35
28
31
48 bt
47
Vng th
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
S bt khc nhau
1
6
21
35
39
34
32
31
29
42
44
32
30
30
26
29
34
Vng th
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
a)
S bt khc nhau
0
2
14
28
32
30
32
35
34
40
38
31
33
28
26
34
35
b)
49
3.6
p0
K
p1
K
c0
c1
c0
K
p0
c1
K
cn-1
Qu trnh m ha
cn-1
K
p1
pn-1
K
a)
pn-1
b) Qu trnh gii m
Hnh 3-8. M hnh ECB ca m khi
50
Hnh 3-9. M ha ECB khng che du ht thng tin (ngun: trch t [3])
51
p0
IV
p1
pn-1
c0
c1
a)
IV
cn-1
Qu trnh m ha
c0
c1
p0
p1
cn-1
pn-1
b) Qu trnh gii m
Hnh 3-10. M hnh CBC ca m khi
Ngi m ha v ngi gii m phi dng chung vector khi to IV. Vector khi to
khng cn gi b mt nn thng c gn vo trc bn m trc khi truyn thng ip
(
).
C th thy rng ni dung ca bn m Ci khng ch ph thuc vo bn r Pi m cn
ph thuc vo tt c cc bn r ng trc v IV. Do nu c hai bn r ging nhau th
hai bn m s khng ging nhau (do IV ngu nhin). iu ny khc phc c hn ch ca
m hnh ECB, t bn m ngi ph m khng th pht hin ra nhng c tnh thng k ca
d liu.
Ngc li, i vi vic gii m, bn r Pi khng ch ph thuc vo bn m Ci m cn
ph thuc vo bn m Ci-1 ng trc. Do nu xy li trn ng truyn, ch cn mt bt
b hng th dn n khng th gii m c bn m v bn m tip theo sau.
52
Hnh 3-11. Bc nh sau khi m ha dng m hnh CBC (ngun: trch t [3])
p0
s0
p1
s1
c0
pn-1
sn-1
c1
cn-1
53
// ly s bt u ca Ti
IV
K
M khi
P0
M khi
M khi
b bt
s
s bt
P1
P2
C1
C0
s
C2
54
IV
K
M khi
P0
P1
s
s bt
C0
M khi
M khi
s
s
P2
C1
C2
55
56
KAB
KAC
KAE
KBC
KAD
C
D
KDC
Phng php trao i kha bng trung tm phn phi kha (Key Distribution Center
KDC) gip n gin ha vn ny. Trong m hnh s dng KDC, mi ngi s dng
ch cn c mt kha b mt vi KDC. Cn kha dng trao i d liu gia cc ngi s
dng s do KDC cung cp.
B
KA
KE
KB
KDC
KD
KC
C
KDC
1. REQUEST to B
2. E(KAB, KA)||E(KAB, KB)
4. E(KAB, KB)
5. E(P, KAB)
Hnh 3-14. Trao i kha bt mt dng KDC
Nh vy, kha KAB ch c KDC, Alice v Bob bit. Trch nhim ca KDC l gi b
mt kha ny. Alice v Bob dng kha KAB m ha d liu. Khi kt thc qu trnh
57
3.10 Cu hi n tp
1) M ha i xng hin i v m ha i xng c in khc nhau im no.
2) M dng hot ng da trn nguyn tc thay th hay hon v?
3) T nguyn tc sinh s ca m ha A5/1 v RC4, hy cho bit l do m dng li
dng b sinh s sinh ra dy bt? Ti sao khng dng trc tip kha K thc
hin php XOR ?
4) H m Fiestel c thun li g trong vic thc hin m khi?
5) Ti sao m ha DES li dng cc php bin i phc tp ch m ha mt khi
64 bt?
6) Xt m hnh ECB, m ha mt bn tin di bng m DES, chng ta phi ln
lt m ha tng khi 64 bt. Vic thc hin nh vy ging v khc vi m dng
nhng im no?
7) M hnh CBC c c tnh g m cc phng php m ha theo nguyn tc thay
th (nh ECB) khng c?
8) Ti sao ni m hnh CTR, OFB v CFB thc ra l m dng?
9) Mt bn r phi c c im g th mi c th ni phng php m ha i xng
c tnh chng thc? Nu Trudy khng bit kha b mt ca Alice v Bob, Trudy
c th mo danh Alice gi thng ip m Trudy mun cho Bob c khng?
10) Trong m ha i xng, vic hai ngi cng bit kha dn n nhc im g
ca phng php m ha ny?
11) Hy nu li ch ca vic dng kha ch v kha phin.
3.11 Bi tp
1. Xt thut ton TinyA5/1, gi s ban u X=21, Y = 55, Z=60. Tnh bt th 1, 2, 3
c sinh ra bi b sinh kha.
2. Trong bc khi to ca thut ton RC4, u tin S l dy cc gi tr tng dn t 1
n 255. Tm kha K sau khi hon tt khi to, S khng i (vn l dy tng dn
t 1 n 255).
58
3. Alice v Bob trao i d liu bng thut ton A5/1, tuy nhin h mun trnh vic
dng mt kha mi cho mi ln truyn d liu. Alice v Bob b mt chia s mt
kha k ban u gm 128 bit. m ha thng ip m, Alice tin hnh nh sau:
- Chn mt gi tr v bt k gm 80 bt.
- M ha bng RC4: C = A51(v||k) m
- Gi i dy bt v||C
a. M t cc bc thc hin ca Bob gii m thng ip
b. Gi s Trudy quan st thy dy (v1||C1), (v2||C2), (v3||C3), gi i gia Alice v
Bob, nu gii php Trudy c th ph m.
4. Chng minh rng sau mt s bc thc hin, kha sinh ra bi thut ton A5/1 s
lp li.
5. Chng minh rng sau mt s bc thc hin, kha sinh ra bi thut ton RC4 s
lp li.
6. Xt mt m khi thuc h Feistel gm 4 vng v P = (L0, R0). Cho bit bng m C
ng vi cc trng hp sau ca hm F:
a.
b.
c.
d.
F(Ri1, Ki ) = 0.
F(Ri1, Ki ) = Ri1.
F(Ri1, Ki ) = Ki
F(Ri1, Ki ) = Ri1
Ki .
1. Vit chng trnh m ha v gii m file bng thut ton A5/1, kha l X, Y, Z
nhp t bn phm.
2. Vit chng trnh m ha v gii m file bng thut ton RC4, kha l dy N byte
nhp t bn phm.
3. Vit chng trnh m ha v gii m file bng thut ton DES v m hnh m khi
CBC. Kha K c lu trong 1 file text ring di dng ch s thp lc phn.
4. Tm hiu v th vin m ha ca mi trng lp trnh .NET (namespace
System.Security.Cryptography). Vit chng trnh m ha v gii m mt file dng
thut ton DES, TripleDES, Rijndael v AES trong th vin m ha ca .NET.
Kha K c lu trong 1 file text ring di dng ch s thp lc phn.
60
K
ni gi
M ha
knh thng
Gii m
ni nhn
Ph m
P = D(C, K2)
62
4.1 L thuyt s
4.1.1 Mt s khi nim
1. Php chia modulo:
Php chia modulo l php chia ly phn d. V d: 27 mod 8 = 3, 35 mod 9 = 8.
Mt cch tng qut:
1
r
0 1
2n
qn
(q+1)n
[
[
[
Nu
(vit cch khc
cho n, hay n l c s ca a.
]
]
]
) th c ngha l a chia ht
0
0
1
7
2
4
3
1
4
8
5
5
6
2
7
9
8
6
9
3
- n = 10, a = 2 khng phi l hai s nguyn t cng nhau, ta c bng php nhn sau:
a-1
a-1 x 2
0
0
1
2
2
4
3
6
4
8
5
0
6
2
7
4
8
6
9
8
Trong bng trn khng tn ti s a-1 no sao cho a.a-1 1 mod 10. Vy khng tn ti
phn t nghch o.
tnh
4.1.2 nh l Fermat
nh l:
Nu p l s nguyn t v a l s nguyn khng chia ht cho p th
Chng minh:
Xt tp X gm p 1 phn t sau:
X = { a mod p, 2a mod p, , (n1)a mod p }
Ta c hai nhn xt sau:
Khng c phn t no ca tp X bng 0 v a nguyn t cng nhau vi p.
Khng tn ti hai phn t th i v th j (ij) sao cho: ia mod p = ja mod p.
V a nguyn t cng nhau vi p nn tn ti a-1 trong php modulo p. Do
nu ia ja mod p th iaa-1 jaa-1 mod p ngha l i j mod p. iu ny
tri vi gi thit ij.
T hai nhn xt trn ta suy ra cc phn t ca X s l mt hon v ca cc gi tr {1, 2,
, p1 }. Do :
2
[1
1 ]
(pcm)
Sau y l mt s v d ca nh l Fermat:
p = 5, a = 7 74 = 49.49 = 2401 , 2401 1 mod 5
p = 7, a = 4 46 = 64.64 = 4096 , 4096 1 mod 7
4.1.3 Php logarit ri rc
Ta nh ngha php ly tha modulo nh sau, tnh y t a, x v n l cc s nguyn:
vi x s a nhn vi nhau
64
a2
a3
a4
a5
a6
a7
a8
a9
2
3
4
4
9
16
8
8
7
16
5
9
13
15
17
7
7
11
14
2
6
9
6
5
18
18
1
17
16
4
15
10
16
11
11
7
3
14
9
6
4
17
12
12
11
5
17
6
10
13
5
1
1
1
5
6
7
6
17
11
11
7
1
17
4
7
9
5
11
7
11
1
16
9
7
4
16
11
1
1
1
5
6
7
6
17
11
11
7
1
17
4
7
9
5
11
7
11
1
16
9
7
4
16
11
1
1
1
8
9
7
5
18
7
11
6
12
16
1
11
8
4
7
17
18
1
11
9
12
5
1
7
8
6
7
16
18
11
11
4
12
17
1
1
10
11
12
5
7
11
12
1
18
6
11
7
3
7
8
11
1
1
15
11
12
17
7
11
18
1
18
9
11
7
14
7
8
7
1
1
13
11
12
16
7
11
8
1
18
4
11
7
2
7
8
1
1
1
13
14
17
6
12
8
4
17
14
10
11
7
10
3
16
4
18
18
6
5
2
13
7
11
15
2
5
9
8
12
9
16
3
15
1
1
15
16
17
16
9
4
12
11
11
9
5
16
2
4
6
11
7
7
13
17
5
5
6
9
18
1
1
4
16
17
3
9
4
7
11
11
10
5
16
17
4
6
8
7
7
6
17
5
14
6
9
1
1
1
18
18
18
18
18
18
18
18
18
111 11 mod 19
(*)
112 = 121 7 mod 19
113 = 1331 1 mod 19
114 113.11 11 mod 19 ( ging nh hng (*))
115 112 mod 19
.
4.2 RSA
Phng php RSA l mt phng php m ha kha cng khai. RSA c xy dng
bi cc tc gi Ron Rivest, Adi Shamir v Len Adleman ti hc vin MIT vo nm 1977,
v ngy nay ang c s dng rng ri. V mt tng qut RSA l mt phng php m
ha theo khi. Trong bn r M v bn m C l cc s nguyn t 0 n 2i vi i s bt ca
khi. Kch thc thng dng ca i l 1024 bt. RSA s dng hm mt chiu l vn
phn tch mt s thnh tha s nguyn t.
4.2.1 Nguyn tc thc hin ca RSA
thc hin m ha v gii m, RSA dng php ly tha modulo ca l thuyt s.
Cc bc thc hin nh sau:
1) Chn hai s nguyn t ln p v q v tnh N = pq. Cn chn p v q sao cho:
M < 2i-1 < N < 2i . Vi i = 1024 th N l mt s nguyn di khong 309 ch s.
2) Tnh n = (p 1)(q 1)
3) Tm mt s e sao cho e nguyn t cng nhau vi n
4) Tm mt s d sao cho
1
(d l nghch o ca e trong php modulo n)
5) Hy b n, p v q. Chn kha cng khai KU l cp (e, N), kha ring KR l cp
(d, N)
6) Vic m ha thc hin theo cng thc:
Theo phng n 1, m ha bo mt:
Theo phng n 2, m ha chng thc:
7) Vic gii m thc hin theo cng thc:
Theo phng n 1, m ha bo mt:
Theo phng n 2, m ha chng thc:
Bn r M c kch thc i-1 bt, bn m C c kch thc i bt.
m bo rng RSA thc hin ng theo nguyn tc ca m ha kha cng khai, ta
phi chng minh hai iu sau:
a) Bn gii m chnh l bn r ban u:
, xt phng n 1:
T bc 4 ta suy ra:
1
Vy:
vi k l mt s nguyn no
66
M chia ht cho p:
. Xt hai trng hp
o
(theo nh l Fermat)
9
bn r
15
33
33
153 mod 33 = 9
9 (v 15
15
3375
(v 9
bn m
9
KU = (3, 33)
1 2
4 782 696
33
9)
144 938
97 mod 33 = 15
33
15 )
33
27 )
bn r
15
KR = (7, 33)
33
27 (v 15
17 859 375
5177 556
67
7) Gii m bn m C = 9:
27
33
15
(v 27
19 683
596
33
15 )
Chng ta c th s dng tnh cht ny n gin php tnh ly tha modulo thng
qua mt phng php gi l bnh phng lin tip. V d cn tnh x16 mod n , u tin s
tnh
a = x mod n , tip theo l b = x2 mod n = a2 mod n, tip theo l c = x4 mod n = b2
mod n, tip theo l d = x8 mod n = c2 mod n, v cui cng x16 mod n = d2 mod n. Cc s a,
b, c, d lun nh hn n do trnh c vic tnh s ly tha ln ng thi nng cao tc
tnh ton.
Trong trng hp tng qut tnh xb mod n, ta vit b di dng s nh phn.
b = bkbk-1 b2b1b0
Nh vy:
Do
trong bi l cc bt 0, 1
68
while (b>0);
return y;
Vi cch thc hin trn, chng ta ch tnh php modulo trn cc s p, q c kch thc
nh hn N.
Chng minh:
Tng t nh cch chng minh RSA, t
1, ta c:
(v N chia ht cho p)
69
Vy:
(pcm).
4.3.2 Php tnh sinh kha
Php tnh sinh kha l chn p v q nguyn t tnh N. phn tch s N thnh tch
hai tha s nguyn t p, q, ch c mt cch duy nht l th tng s p v q. Do phi chn
p, q ln vic th l khng kh thi. Hin nay cha c phng php no sinh ra s
nguyn t ln ty . Ch c cch l chn mt s l ngu nhin no v kim tra s c
phi l s nguyn t khng. Vic kim tra tnh nguyn t cng gp nhiu kh khn. Thut
ton kim tra s nguyn t hiu qu hin nay l thut ton Miller-Rabin (xem Ph lc 2),
d rng khng hon ton chnh xc 100%, tuy nhin c th t sai s nh khng ng k.
Da vo l thuyt s nguyn t, ngi ta c tnh rng cn th trung bnh khong 70
s l tm ra mt s nguyn t ln chng 2200.
V chng ta chn e trc l 65537 (hay 3 hoc 17 ), do cn kim tra xem e
c nguyn t cng nhau vi n = (p1)(q1) hay khng. Nu khng ta phi th li vi p v
q khc. Sau khi tm p v q thch hp, cn tm d sao cho
1
. Bng cch
dng thut ton Euclid m rng, chng ta c th kt hp vic kim tra tnh nguyn t cng
nhau ca e v n, ng thi nu e nguyn t cng nhau vi n th thut ton cng cho bit d.
V vy khng cn tin hnh bc tm d ring.
S bt
Nm ph m
Thut ton
100
110
120
129
130
140
155
160
174
200
322
365
398
428
431
465
512
530
576
633
1991
1992
1993
1994
1996
1999
1999
2003
2003
2005
Quadratic sieve
Quadratic sieve
Quadratic sieve
Quadratic sieve
GNFS
GNFS
GNFS
Lattice sieve
Lattice sieve
Lattice sieve
71
b sinh kha
KUB
knh thng
Alice
KRB
knh thng
Bob
m bo tnh chng thc v Alice khng t chi trch nhim gi d liu, Alice
s dng phng n 2: Alice m ha d liu bng kha ring KRA, v Bob dng kha cng
khai KRA ca Alice gii m.
C = E(M, KRA)
M = D(C, KUA)
b sinh kha
KUA
KRA
Alice
knh thng
knh thng
Bob
m ha
chng thc
KUB
m ha
bo mt
KRB
C
knh truyn
gii m
bo mt
KUA
gii m
chng thc
Bob
IDB||KUB
IDA||KUA
.
.
.
IDB||KUB
.
.
.
IDA||KUA
IDB||KUB
IDA||KUA
IDB||KUB
73
tin tng vo trung tm chng thc th Bob s tin tng l KUA l tng ng vi
IDA, tc tng ng vi Alice.
Certificate
Authority
IDB||KUB
IDA||KUA
CA = E(IDA|| KUA , KRAuth)
CA
CB
.
.
.
.
.
CB .
Hnh 4-5. Trao i kha cng khai dng trung tm chng thc
4. E(P, KS)
Hnh 4-6. Thit lp kha phin b mt bng m ha kha cng khai
trao i d liu gia Alice v Bob. Sau phin trao i d liu, KS c hy b nn kha
b mt ny s t c kh nng b l. Lc ny vai tr ca m ha kha cng khai khng phi
l bo mt d liu na (vic ny do m ha i xng m trch) m l bo m tnh b mt
ca kha i xng, ch c A v B bit kha KS.
Alice
gt mod p
gt mod p
Trudy
gb mod p
Bob
75
Trong m hnh trn, d cho sau ny Trudy pht hin ra c kha ring KRA v KRB
ca Alice v Bob, v Trudy tm ra c ga mod p v gb mod p. Tuy vy, Trudy cng
khng th no khi phc li c kha b mt gab mod p. V do khng th khi phc
li cc bn r gia Alice v Bob. y chnh l ngha ca phng php Diffie-Hellman.
4.8 Cu hi n tp
1.
Nu im yu ca m ha i xng.
2. Hm mt chiu l g? Cho v d v hm mt chiu.
3. Trong s hc modulo n, khi no th mt s c s nghch o ca php nhn?
4. Logarit ri rc khc logarit lin tc nhng im no?
5. kim tra tnh nguyn t ca mt s nguyn, thut ton Miller-Rabin c th cho
kt qu sai, vy ti sao ngi ta vn s dng thut ton ny?
6. Ti sao trong thut ton RSA cn dng phng php bnh phng lin tip tnh
ly tha modulo?
7. Nu nguyn tc ca m ha kha cng khai? Ti sao trong m ha kha cng khai
khng cn dng n knh an ton truyn kha?
8. Trong m ha kha cng khai, kha ring v kha cng khai c phi l 2 kha ty
, khng lin quan? Nu c lin quan, ti sao khng th tnh kha ring t kha
cng khai?
9. Ngoi vn truyn kha, m ha kha cng khai cn u im hn m ha i
xng im no?
10. Nu nhc im ca m ha kha cng khai.
11. Diffie-Hellman khng phi l mt phng php m ha kha cng khai. Vy
Diffie-Hellman l g?
76
4.9 Bi tp
1.
Cho a = 13, p = 20. Tm gi tr nghch o ca a trong php modulo p dng thut ton
Euclid m rng (xem ph lc 2).
2. Cho n = 17, lp bng tng t nh Bng 4-1. Lit k cc primitive root ca n.
3. p dng thut ton bnh phng lin tip tnh 721 mod 13
4. Cho p = 5, q= 11, e = 7. Tnh kha ring (d, N) trong phng php RSA.
5. Thc hin m ha v gii m bng phng php RSA vi p = 3, q = 11, e = 7, M =
5 theo hai trng hp m ha bo mt v m ha chng thc.
6. Alice chn p = 7, q = 11, e = 17, Bob chn p = 11, q = 13, e = 11:
a. Tnh kha ring KRA ca Alice v KRB ca Bob
b. Alice mun gi cho Bob bn tin M = 9 va p dng chng thc v bo mt
nh s 4-3. Hy thc hin qu trnh m ha v gii m.
7. Xt thut ton Miller-Rabin (xem ph lc 2). Vi s 37, cho bit kt qu ca thut
ton Miller-Rabin trong cc trng hp sau y ca a: 9, 17, 28.
8. Dng thut ton Miller-Rabin, kim tra tnh nguyn t ca s 169.
77
78
checksum
10011
1011
79
Bn nhn
CSA
M ha
Gii m
CSA
Tnh CS
Tnh CS
Kha b
mt K
Kha b
mt K
CSB
So snh
CSA
Tnh CS
Bn nhn
M ha
Gii m
CSA
KRA
KUA
B sinh kha
M
Tnh CS
CSB
So snh
Hnh 5-2. M hnh chng thc m ha kha cng khai c dng checksum
Bn nhn
M
MACA
MACB
Tnh MAC
Tnh MAC
So snh
Kha b mt K
Kha b mt K
IV
p1
pn-1
c0
c1
cn-1
81
Khng gian
thng ip
Khng gian gi
tr hash
h1
h2
ngy sinh l nh, chc chn nh hn 50%. Tuy nhin nu kim tra bng ton hc th ch
cn 23 ngi l xc sut ln hn 50%. V vy bi ton ny cn c gi di tn
nghch l ngy sinh. Ta c th pht biu li bi ton v chng minh nh sau.
Gi s trong phng c M ngi. Hi M ti thiu phi l bao nhiu tn ti hai
ngi c cng ngy sinh vi xc sut ln hn 50%?
Ta nh s th t ca M ngi ln lt l 0, 1, 2, , M 1. Xc sut ngi th 1
khc ngy sinh vi ngi th 0 l 364/365. Tip theo, xc sut ngi th 2 khc ngy
sinh vi ngi th 0 v th 1 l l 363/365. Tip tc nh vy n ngi th M-1 th xc
sut ngi ny khc ngy sinh vi tt c nhng ngi trc l (365-M+1)/365. Vy xc
sut M ngi ny u c ngy sinh khc nhau l:
364 363
365
1
1
2
1
(
)(
) (
) (1
) (1
) (1
)
365 365
365
365
365
365
Xt hm ly tha ex, chng ta bit mt xp x ca ex khi x nh l ex=1+x. Do
p(M) c th vit li thnh:
1
1
2
1
365
(*)
364 365
2
83
84
N x 512 bt
64 bt
Message
512 bt
512 bt
M1
M2
512
IV (H0)
128
128
10000
Length
512 bt
MN
512
512
H1
128
N block
H2
HN-1
128
HN
Hash value
Trc tin thng ip c thm dy bit padding 100.00. Sau thm vo chiu
di (trc khi padding) ca thng ip c biu din bng 64 bt. Nh vy chiu di ca
dy bt padding c chn sao cho cui cng thng ip c th chia thnh N block 512 bt
M1, M2, , MN.
Qu trnh tnh gi tr bm ca thng ip l qu trnh ly tin. Trc tin block M1
kt hp vi gi tr khi to H0 thng qua hm F tnh gi tr hash H1. Sau block M2
c kt hp vi H1 cho ra gi tr hash l H2 . Block M3 kt hp vi H2 cho ra gi tr H3.
C nh vy cho n block MN th ta c gi tr bm ca ton b thng ip l HN.
H0 l mt dy 128 bt c chia thnh 4 t 32 bt, k hiu 4 t 32 bt trn l abcd. a,
b, c, d l cc hng s nh sau (vit di dng thp lc phn):
a = 01234567
b = 89abcdef
c = fedbca98
d = 76543210
Tip theo ta s tm hiu cu trc ca hm F.
85
512
Hi-1
128
Mi
Message Schedule
32
d
32
Round 0
W0
K0
a
32
d
32
Round 63
W63
K63
Hi
128
86
Wj
Kj
ROTL
s
7
12
17
22
5
9
14
20
4
11
16
23
6
10
15
21
512 bt
512 bt
M1
M2
512
IV (H0)
160
160
10000
Length
512 bt
MN
512
512
H1
160
N block
H2
HN-1
160
HN
Hash value
88
512
Mi
160
Message Schedule
32
Hi-1
c
e
32
Round 0
W0
K0
32
e
32
Round 79
W79
K79
160
Hi
vi
0 i 19
Ki = 6ED9EBA1
vi
20 i 39
Ki = 8F1BBCDC
vi
40 i 59
Ki = CA62C1D6
vi
60 i 79
89
ROTL
ROTL
Wi
Ki
1024 bt
1024 bt
M1
512
90
512
Length
1024 bt
M2
1024
IV (H0)
10000
MN
1024
1024
H1
512
N block
H2
HN-1
512
HN
Hash value
Mi
512
Message Schedule
64
Hi-1
h
64
Round 0
W0
K0
a
64
h
64
Round 79
W79
K79
512
Hi
8
61
7
6
Trong :
: l hm dch phi i bt ca mt s x 64 bt
Ch
Maj
Wi
Ki
a = T0 + T1
e = d + T1
Trong , hm
28
34
39
14
18
41
5.2.3 HMAC
Hm bm cng c th dng tnh MAC bng cch truyn thm kha b mt K vo
hm bm. Lc ny, gi tr kt xut c gi l HMAC.
5.3 Mt s ng dng ca hm bm
5.3.1 Lu tr mt khu
Hu ht cc ng dng phn mm ngy nay, d trn my n hay trn web, u c
chng thc ngi s dng. Ngha l s dng ng dng, ngi s dng phi qua mt c
ch chng thc username v mt khu, v t c cung cp cc quyn s dng phn
mm khc nhau. Do vn bo mt mt khu l vn quan trng i vi mi phn
mm.
Mt khu ngi s dng thng gm cc ch ci thng v hoa, cng thm cc ch
s. Gi s mt khu c lu tr di dng thng, khng m ha, ti mt ni no trn
my tnh c nhn hay my ch, trong mt file d liu hay trong h qun tr c s d liu.
Nh vy s xut hin mt nguy c l c mt ngi khc, hoc l ngi qun tr
administrator, hoc l hacker, c th m c file d liu hoc c s d liu, v xem trm
c mt khu. Nh vy mt khu khng th c gi b mt tuyt i.
Mt phng php bo v mt khu l dng m ha, chng trnh phn mm s
dng mt kha b mt m ha mt khu trc khi lu mt khu xung file hay c s d
liu. Do trnh c vn xem trm mt khu. Tuy nhin phng php ny c yu
92
Tnh Hash
Lu tr
a) Lu tr mt khu
Lu tr
h
m'
Tnh Hash
h'
So snh
Lu tr password khng m ha
93
Trng ti
t1
Np gi
gi
Tnh Hash
So snh
i chiu gi
t2>t1
gi
Tnh Hash
Hnh 5-6. u gi b mt
94
h'
Khi chng ta download file t mng internet, nu cht lng mng khng tt th c
th xy ra li trong qu trnh download lm cho file ti my client khc vi file trn server.
Hm bm c th gip chng ta pht hin ra nhng trng hp b li nh vy.
Gi file cn download trn server l X, v gi tr hash theo MD5 ca file X m server
tnh sn v cung cp trn trang web l HX (c th xem bng mt). Gi Y l file m ngi
s dng download c ti my. Ngi s dng s tnh gi tr MD5 HY cho file Y. Nh vy
nu HX = HY th theo tnh chng trng ca hm hash, file Y hon ton ging file X v qu
trnh download khng xy ra li.
File X
File Y
download
Internet
HX
HY
so snh bng mt, theo tnh cht hm
bm, nu HX=HY th FileX=FileY
5.4 Hm bm v ch k in t
Trong phn ny chng ta tm hiu cch thc ng dng hm bm vo vn chng
thc m ta gi l ch k in t.
Vic s dng kha b mt chung cho ngi gi v ngi nhn trong m chng thc
thng ip MAC s gp phi vn tnh khng t chi tng t nh m ha i xng.
Dng hm bm v m ha kha cng khai khc phc c vn ny.
Trc tin xt mt m hnh n gin:
Bn gi
Bn nhn
M
M
Tnh Hash
HA
M
Tnh Hash
HB
So snh
95
Bn nhn
M
DS
Tnh Hash
HA
M ha
Gii m
HA
Tnh Hash
HB
So snh
KRA
KUA
B sinh kha
DS: Data signature ch k in t
Hnh 5-6. M hnh ch k in t
Trong m hnh ny, Alice sau khi tnh gi tr hash HA cho thng ip M th s m ha
HA bng kha ring ca Alice to thnh ch k in t DS. Alice gi km DS theo M
cho Bob. Bob dng kha cng khai ca Alice gii m ch k in t DS v c c gi
tr hash HA ca Alice. V Trudy khng c KRA nn khng th sa c HA.
Ngoi ra, v Alice l ngi duy nht c KRA, nn ch c Alice mi c th to DS t M.
Do Alice khng th t chi l gi bn tin.
Vy dng ch k in t th c u im g hn so vi cch dng checksum trong m
hnh hnh 5-2? Ch k in t ch cn m ha gi tr hash m khng cn m ha ton b
thng ip M. V phng php m ha kha cng khai tn km thi gian nn nu M l mt
thng ip di, th vic khng m ha M gip tit kim c nhiu thi gian.
5.5 Cu hi n tp
1. bo m tnh chng thc dng m ha i xng hay m ha kha cng khai,
bn r phi c tnh cht g? Ti sao?
2. Nu bn r l mt dy bt ngu nhin, cn lm g bn r tr thnh c cu trc?
3. S dng MAC chng thc c u im g so vi chng thc bng m ha i
xng?
4. V mt l thuyt, gi tr Hash c th trng khng? Vy ti sao ni gi tr Hash c
th xem l du vn tay ca thng ip?
5. Ti sao chng thc mt thng ip M, ngi ta ch cn m ha kha cng khai
gi tr Hash ca M l ? Thc hin nh vy c li ch g hn so vi cch thc m
ha ton b M.
96
5.6 Bi tp
1. Vi s chia trong php tnh checksum CRC l 11001, bn hy tm mt s m c
CRC ging vi s 11101101.
2. Hy xem xt hm hash sau. Thng ip c dng l mt dy cc s thp phn M =
Chng t rng Alice c th la Bob (chng hn, Alice chn X=1, thy Bob
on Z=1 th Alice s la nh th no Bob gii m Y th c X=0). Dng hm hash,
hy sa on giao thc trn Alice khng th la c.
2.
31
ca
ad
51
0b
73
27
74
dd
b5
34
25
1d
9a
7f
cb
02
87
06
e8
d1
c7
79
dd
c5
12
09
f7
dc
f0
30
5f
e6
46
f4
cd
41
eb
d5
c5
ee
7e
b3
c9
7b
fd
5c
d3
c4
ab
02
9f
9c
0c
eb
6d
69
40
83
d9
e4
30
22
b1
3d
04
e4
1d
d8
29
e8
9b
9a
58
88
bd
97
f1
ad
0a
06
3e
83
f2
f4
66
ba
d8
98
b8
25
80
5a
d1
79
35
af
fb
71
37
65
09
cc
cc
f9
7f
41
3c
55
b1
15
a7
5c
89
5a
5b
d5
8f
5c
e3
69
40
83
d9
e4
3d
04
e4
1d
d8
9a
58
88
bd
97
06
3e
83
72
f4
98
b8
25
80
5a
af
fb
f1
37
65
f9
7f
41
3c
55
5c
89
5a
5b
d5
31
ca
ad
51
0b
dd
b5
34
25
1d
02
07
06
e8
d1
c5
12
09
f7
dc
e6
46
f4
cd
41
ee
7e
b3
c9
7b
c4
ab
02
9f
9c
97
35 73 9a 47 f0 eb fd 0c 30 29 f1 66 d1 09 b1 8f
75 27 7f 79 30 d5 5c eb 22 e8 ad ba 79 4c 15 5c
ed 74 cb dd 5f c5 d3 6d b1 9b 0a 58 35 cc a7 e3
3.
Vit chng trnh tnh gi tr MD5 cho mt file trn my tnh tng t nh hnh di
y:
4. Mt gii php dng chng li tnh trng vi phm bn quyn, sao chp phn mm m
khng c s ng ca tc gi, c thc hin nh sau:
a. Sau khi ci t, phn mm s ly thng tin v ID ca CPU (hay ID ca a cng)
trn my ngi mua phn mm v gi v cho nh cung cp phn mm.
b. Dng ch k in t, nh cung cp phn mm k vo ID ca CPU (hay ID ca a
cng) ca ngi mua, sau gi li ni dung k cho ngi mua.
c. Mi khi chy chng trnh, phn mm s gii m ch k ca nh cung cp ly
ID CPU c k, ng thi ly li thng tin v ID CPU ca my ang chy. Nu
hai ID ny khng khp, th ngha l phn mm b sao chp vo mt my tnh
khc khng c bn quyn.
Dng ch k in t RSA (hoc ch k in t DSS xem chng 10), hy vit
chng trnh thc hin c ch chng vi phm bn quyn ni trn cho mt phn mm no
ca bn.
98
99
C=E(P||N, KAB)
M ha i xng
A
N
C=E(M||N, KUB)
100
Khi Bob gii m th s kim tra N m Bob nhn c xem c trng khp vi N Bob
gi i khng. Nh vy Trudy khng th replay thng ip E(P||N, KAB) c v mi ln
Bob s gi mt s N khc nhau. Tuy nhin phng php ny i hi thm mt bc l Bob
phi gi N trc cho Alice. V vy trong thc t ty trng hp m ngi ta s s dng
mt trong 3 k thut trn cho hp l.
Trong phn 3.9 hay phn 4.6.2 v 4.7 chng ta xem mt s giao thc tp trung
vo vic trao i kha phin. Trong phn ny, ta s m rng cc giao thc trn nhm nh
danh c th trao i d liu v chng replay attack.
6.2.1 nh danh v trao i kha phin dng m ha i xng vi KDC
Xt li m hnh phn 3.9 trao i kha phin
KDC
1. REQUEST to B
2. E(KAB, KA)||E(KAB, KB)
4. E(KAB, KB)
5. E(P, KAB)
M hnh trn c th b tn cng replay attack. V d, Trudy c th replay bc 4 m
B vn ngh l A gi v B tip tc dng KAB ny lm kha phin. Da trn c s Trudy
tip tc replay bc 5. (vic replay d liu ti bc 5 s gy ra hu qu khng mong mun
nh chng ta cp trong chng 1).
Needham and Schroeder xut sa i m hnh trn nh sau:
1) A KDC: IDA||IDB||N1
2) KDC A: E(KS||IDB||N1||E(KS||IDA, KB), KA)
101
A B:
B KDC:
KDC A:
A B:
A B:
IDA ||NA
IDB||NB||E(IDA||NA, KB)
E(IDB||NA||KS, KA)|| E(IDA|| KS, KB)|| NB
E(IDA||KS, KB)|| E(NB, KS)
E(P, KS)
Trong giao thc trn A gi NA cho Bob, Bob gi tip cho KDC, KDC nhng NA vo
bn r gi cho A. Do nu A nhn c NA th c ngha l bn m E(IDB||NA||KS, KA)
trong bc 3 khng b replay attack. B gi NB cho KDC, KDC gi li cho A, A gi li NB
cho B di dng m ha. o nu B nhn c NB th c ngha E(IDA||KS, KB) trong
bc 4 khng b replay attack. Do KS m Alice v Bob nhn c l kha phin mi.
Trudy khng th replay li cc bn m E(P, KS) c trong cc ln trc ti bc 5.
6.2.2
102
A
A
5. E(P||KS)
M t:
- Bc 1: A gi chng ch CA cho B.
- Bc 2: B gi chng ch CB v nounce NB cho A.
- Bc 3: A chn mt tin kha phin S v tnh c kha phin KS = H(S||NB).
A gi chng thc v bo mt S cho B. B cng tnh kha phin KS.
- Bc 4: A gi gi tr hash H(KS) cho B, B kim tra gi tr hash ny vi gi tr
hash do B t tnh. Nu khp, B bit c rng bc 3 khng th b replay
attack.
Gi s Trudy replay bc 3 nhng khng bit S, vy Trudy khng tnh
c KS tng ng vi NB mi ca Bob, t Trudy cng khng th tnh c
H(KS). Do Trudy khng th replay bc 4 m khng b Bob pht hin.
- Bc 5: A v B tin hnh trao i d liu.
6.3 Cu hi n tp
1) Tn cng pht li thng ip l g? Nu tc hi ca thao tc tn cng ny v so snh
vi vic sa i thng ip vo mo danh.
2) Nu cc phng php chng li tn cng pht li thng ip.
3) Nu cc mc ch ca giao thc.
6.4 Bi tp
Xt giao thc sau:
1. IDA
2. CB||NB
3. E(S , KUB)
4. H(KS)
A
A
5. E(P||KS)
103
104
PGP
HTTP
SSL
Keberos
Transport Layer
TCP/ UDP
Network Layer
IP/IPSec
S/MIME
SMTP
Link Layer
Physical
Layer
Trong m hnh trn c th thy vic ng dng bo mt vo truyn thng trn mng
c th c tin hnh ti cc tng khc nhau nh tng mng hay tng ng dng. Trong giao
thc TCP/IP, ngi ta c th thay giao thc IP thng bng giao thc IP Security vic
bo mt c thc hin ti tng mng. Do cc ng dng khc trong tng ng dng s
khng cn quan tm n bo mt na, mi vic bo mt c IPSec thc hin. Chi tit
v IPSec c trnh by trong [3].
Cc giao thc SSL, Keberos, PGP hay S/MIME c thc hin trong tng ng dng.
V vy mi giao thc phi thc hin c ch bo mt cho ring mnh.
Tnh Hash
KRCA
M ha bng
kha ring ca
CA to ch k
Chng ch c k
bi CA, ngi s dng
c th kim tra bng
kha cng khai ca CA
105
version 2
version 1
version 3
Version 3
Serial Number
05:A0:4C
Issuer Name
Subject
30 81 89 02 81 81 00 b5 6c 4f ee ef 1b 04 5d be
all
version
50 25 65 10 43 e1 74 83 2f 8f 9c 9e dc 74 64 4e
Hnh 7-3. Xem ni dung mt chng thc trong Firefox 2.0 (dng trong giao thc SSL)
107
X2
Alice
Bob
Vic phn cp chng thc ny khng ch gii hn trong hai trung tm chng thc m
c th thng qua mt dy cc trung tm chng thc to thnh mt mng li chng thc
(Web of Trust). Hnh di minh ha mt v d thc t.
108
109
HTTP Data
TCP/IP
HTTP
TCP/IP
Socket
Hnh sau minh ha d liu ca giao thc HTTP khi thc hin tm kim t Nha
Trang trong website vn.search.yahoo.com.
GET /search?p=Nha+Trang&fcss=on&fr=yfp-t-101&toggle=1&cop=&ei=UTF-8 HTTP/1.1
Host: vn.search.yahoo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.13) Gecko/2009073022
Firefox/3.0.13 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://vn.yahoo.com/?p=us
110
HTTP/1.1 200 OK
Date: Fri, 14 Aug 2009 10:25:49 GMT
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang="vi"><head> </head>
.
</html>
A
A
5. E(P||KS)
Tuy nhin trong thc t khng phi lc no cng cn chng thc t pha ngi s
dng. V d, khi bn mua hng ti ca hng sch Amazon. Amazon khng cn bit bn l
ai, ch cn bn c ti khon mua hng (vic bo mt ti khon ngi mua l trch nhim
ca m ha i xng). Do Amazon khng cn chng thc ngi duyt web. V vy
trong trng hp ny, ngi duyt khng cn c chng ch. Lc ny m hnh trao i kha
l:
1. IDA
2. CB||NB
3. E(S , KUB)
4. H(KS)
A
A
5. E(P||KS)
112
client
server
Server
client_hell
o
llo
server_he
Phase 1
certificate
_request
certificate
Phase 2
llo_done
server_he
certificate
client_exc
hange_key
certificate
_verify
Phase 3
finished
finished
Phase 4
2) Pha 2: chng thc server v trao i kha ca m ha cng khai. Sau khi xc
nhn thut ton m ha vi client, server tip tc thc hin cc thng ip sau:
-
114
115
Trong giao thc truyn s liu, d liu c chia thnh cc khi c kch thc l 214
byte (16384) Sau , d liu ny c nn li. Tuy nhin hin nay trong SSL version 3
cha m t c th mt phng php nn no nn mc nh xem nh l khng nn.
Bc tip theo gi tr MAC ca khi d liu nn c tnh theo cng thc sau:
hash(MAC_key || pad_2 ||hash(MAC_key || pad_1 || seq_num ||type ||length || data))
trong :
-
Sau khi tnh MAC xong, khi d liu cng vi gi tr MAC c m ha bng mt
thut ton m khi c la chn trong giao thc bt tay.
Cui cng mt SSL header c gn vo u khi d liu. SSL header gm cc field
sau:
-
116
Content Type (1 byte): Ngoi vic truyn d liu ca giao thc HTTP, SSL
Record Protocol cn c dng truyn d liu ca giao thc Handshake
cng nh hai giao thc cn li SSL Change Cipher Spec v SSL Alert. Gi tr
HTTP
117
4. Ticket+Session Key
Client A
Thc hin 1 ln ti
mi phin dch v
5. R
equ
est
S
6. P
r
aut ovide
hen se
tica rver
tor
erv
ice
Keberos
Authentication
Server(AS)
`
Thc hin 1
ln lc logon
ett Tick t
ques
1. Re ting Ticke
Gran
n Key
essio
ket+S
ic
T
.
2
3. Request ServiceGranting Ticket
Ticket-Granting
Server (TGS)
Thc hin 1 ln
theo loi dch v
Server B
Sau khi c cp ticket TGT v kha phin KATGS trao i vi server TGS,
client A gi ticket ny cho server TGS cng vi mt autheticator TGS chng thc
client A. Trong thng ip ny client cng yu cu TGS cp kha phin kt ni
vi server dch v B. IDB nhm xc nh server dch v ny. TS3 l timestamp xc
nh thi im A s dng KATGS (chng replay attack).
Sau khi gii m ticket, TGS c c kha phin KATGS. T TGS c th kim
tra tnh chng thc ca client A qua Authenticator. Sau TGS s pht sinh kha
phin KAB v m ha thnh hai bn, mt bn dnh cho A (c m ha bi KATGS ) v
mt bn dnh cho B (c m ha bng KB). Tng t nh TGT, bn dnh cho B
cng c giao cho A qun l v c gi l service ticket. A dng ticket ny trao
i d liu vi B.
TS4 v Lifetime4 l thi im hiu lc v thi hn hiu lc ca ticket ny.
c) Giai on s dng dch v:
5. A B: TicketB|| Authenticator
Authenticator = E(IDA||ADA||TS5 , KAB)
6. B A: E(TS5 + 1, KAB)
Tng t nh thng ip 3, sau khi c cp service ticket v kha phin KAB
trao i vi server B, client A gi ticket ny cho server B cng vi mt
Autheticator B chng thc A (tng t nh authenticator TGS chng thc A).
B gii m ticket ny c c kha phin KAB v t B gii m authenticator
kim tra tnh chng thc ca A. TS5 l timestamp xc nh thi im A s dng KAB
(chng replay attack)
Tip theo B c th gi li TS5+1 cho A A chng thc B. Sau thng ip ny
A v B c th tin hnh trao i d liu thng qua kha phin KAB.
A c th s dng TicketB kt ni vi server B nhiu ln trong thi hn
TicketB cn hiu lc. Khi ticket ny ht hn, A c th gi li yu cu mi cho TGS
TGS cp ticket khc.
7.5 Cu hi n tp
1.
Ti sao nu Bob tin tng vo kha cng khai ca trung tm chng thc X th Bob c
th tin tng vo kha cng khai ca Alice? (kha ny c nhng trong chng ch
X.509 do X cp cho Alice)
119
2. Trong giao thc SSL, client c cn cung cp chng ch X.509 cho server khng?
3. Trong giao thc SSL, d liu Web (HTML) c m ha dng phng php m
ha kha cng khai hay m ha i xng?
4. Giao thc SSL c th bo m d liu truyn trn mng. Vy mc ch ca giao
thc Keberos l g?
ng k ti Verisign
2. Lp trnh xem ni dung ca mt chng ch X509, trch kha cng khai t chng ch.
120
Ri-1
Expand
X
Ki
S-box
Y
P-box
Z
Li
Ri
Cho
th:
121
th:
Cho
X2
X1 X2
Y1
Y2
Y1 Y2
000000
000001
000001
1110
0000
1110
001000
001001
000001
0010
1110
1100
100000
100001
000001
0100
1111
1011
122
Input XOR
(6 bt)
0
1
2
3
4
5
6
7
8
9
A
B
C
D
E
F
10
11
12
13
14
15
16
17
18
19
1A
1B
1C
1D
1E
1F
20
21
22
23
24
25
26
27
28
29
2A
2B
2C
2D
2E
2F
30
31
32
33
34
35
36
37
38
39
3A
3B
3C
3D
3E
3F
0
64
14
8
4
4
6
2
10
2
8
4
4
6
6
4
4
8
2
2
10
2
6
2
6
2
4
2
4
4
2
10
12
6
10
12
4
4
12
4
6
6
2
4
4
4
2
2
2
6
6
2
4
4
8
8
4
8
4
8
4
6
6
6
4
10
2
2
4
2
4
4
8
6
10
6
6
2
4
2
10
4
6
10
4
4
4
2
6
4
4
4
2
2
2
2
2
2
6
2
4
8
2
4
8
2
6
2
6
2
4
6
10
8
8
8
4
4
2
2
2
4
2
2
6
2
2
6
2
6
6
16
4
2
12
2
2
6
4
4
6
2
4
3
6
8
2
6
2
4
4
12
2
10
8
8
8
4
4
2
6
4
8
10
2
8
2
2
2
4
6
4
6
6
2
10
2
10
8
4
4
6
6
10
4
2
8
2
12
10
8
10
6
2
4
2
2
2
10
4
2
6
2
4
2
4
4
2
2
2
4
10
6
8
14
2
4
2
2
4
10
2
2
4
8
2
12
2
4
10
2
8
8
2
2
12
6
12
2
2
4
5
2
4
6
10
4
2
4
8
4
8
2
6
8
6
6
4
6
2
2
6
4
8
6
6
2
2
12
8
8
2
2
4
10
4
6
2
2
6
2
4
2
6
6
2
2
8
4
6
8
2
6
4
2
8
10
2
6
2
4
2
2
12
4
8
6
10
4
4
8
2
2
2
4
2
4
2
4
4
4
4
2
4
4
2
6
2
2
4
4
6
8
2
2
6
2
6
2
14
6
6
6
2
10
6
2
2
6
6
4
12
2
8
2
2
10
4
6
4
4
6
2
8
6
10
4
2
10
6
6
6
12
6
6
4
2
6
14
2
4
2
2
4
4
6
8
2
2
4
2
12
2
10
2
8
6
6
2
8
14
4
2
2
2
4
2
8
6
6
4
6
14
4
4
4
4
2
4
6
4
4
4
10
6
4
4
4
4
4
6
2
4
6
6
6
6
8
6
4
2
2
2
4
4
4
22
2
4
4
8
6
4
2
6
14
2
4
8
2
14
14
2
2
4
4
2
6
4
2
4
6
2
6
4
2
2
12
8
4
6
4
4
8
2
8
6
2
6
4
4
2
6
6
2
6
2
4
6
10
12
2
2
12
4
2
8
10
4
6
6
6
6
2
8
2
2
2
2
2
4
2
6
4
4
2
4
6
4
2
2
8
6
4
6
2
12
6
6
8
4
10
2
6
8
4
2
2
2
10
6
8
4
10
6
2
2
2
6
6
10
2
6
4
6
6
4
4
4
2
6
6
2
4
2
6
8
4
4
10
4
4
2
6
2
8
2
6
4
2
8
2
8
8
6
4
4
2
6
12
4
2
8
2
4
6
4
4
6
6
2
4
2
2
6
2
4
4
4
2
2
4
4
8
4
4
2
6
8
8
12
8
6
2
2
4
6
4
2
2
4
4
8
4
6
2
4
6
6
4
6
8
4
6
6
6
8
4
2
4
6
2
4
2
4
2
2
2
2
14
8
8
4
4
4
6
2
2
2
4
6
4
4
14
6
6
2
4
4
6
2
4
8
6
6
4
2
2
3
2
4
2
6
8
2
4
2
6
4
6
4
4
12
8
6
2
2
2
4
6
2
8
2
6
4
2
10
8
2
14
10
2
10
4
4
6
2
4
4
2
2
6
12
4
4
12
10
12
2
2
8
8
6
6
4
6
2
8
2
2
4
12
8
10
10
4
2
4
2
4
2
4
6
6
4
3
4
8
4
6
4
10
2
4
4
2
123
Y1 Y2=7
Y1
Y2
2
5
E
9
2
5
C
B
E
9
2
5
1
6
Y1 Y2=2
Y1
Y2
D
F
7
5
8
A
A
8
A
8
6
4
9
B
5
7
Ki))
83
(1/4)1
38
(1/4)(1/4)
Xc sut
1/4
K3
2B
2A
21
3E
3D
3B
35
34
X1 X2 = 34
X1=1B K3 X2=2F K3
04
30
05
31
0E
3A
11
25
12
26
14
20
1A
2E
1B
2F
Tng t, chn
v
lan truyn vi sai qua cc vng TinyDES c th hin trong bng bn di.
1
2
3
1
2
1
1
K3
1F
1E
15
0A
09
0F
01
00
1. Qu trnh
Xc sut
7/32
(7/32)1
(7/32)2 0.048
125
83
98
8
9. Do output ca hm Expand trong 2 trng hp l 01 v 11. V input
XOR v output XOR ca S-box trong vng th 3 ny l 10 v 7. Tra bng, ta c cc kha
K3 c th c l:
X1 X2 = 10
X1=01 K3 X2=11 K3
08
18
09
19
0B
1B
23
33
24
34
2C
3C
2D
3D
K3
09
08
0A
22
25
2D
2C
X1 X2 = 10
X1=11 K3 X2=01 K3
08
18
09
19
0B
1B
23
33
24
34
2C
3C
2D
3D
K3
19
18
1A
32
35
3D
3C
1
Vi 64 trng hp ca Y=S-box(X), ta nh ngha s S(a, b) nh sau:
S(a, b) l s trng hp m LX(X, a) = LY(Y, b)
Bng bn di lit k cc gi tr S(a, b) 32 vi a t 1 n 32 v b t 1 n 15.
a
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
1
0
-2
-2
2
-2
0
-4
4
0
-2
2
-2
6
0
0
2
2
4
4
4
0
6
2
2
-2
0
4
-4
4
2
2
0
2
0
-2
-2
-2
-2
0
0
-2
6
0
-8
0
0
-2
-2
2
-2
0
-4
0
4
2
6
8
4
-6
6
2
-2
0
-4
0
3
4
5
0
0
0
-4 -2
0
-4 -2
0
-4 -2
0
0 -2 -4
4
0
4
8
0
0
6 -6 -6
-6 -2 -6
2
0
6
-2 -4 -10
6
0
2
6
4 -2
-2
2
2
6 -2 -2
0 -2
0
-4
2 -4
0 -4
4
-4
0
0
4 -8 -4
-4 -4
4
0
2 -4
-8
6
4
2
0
6
-6
0 -6
2 -2 -2
2 -10
2
2
2 -6
-2
2 -6
-2
4 -2
2 -4 -2
0
0
0
b
6
7
8
0
0
0
-4
6
2
-4
6
2
-4 -6 -2
-4 -2
2
0
0
0
0
4
4
0 -4 -4
4 -4
0
8
2 -2
4
2 -6
0
2
2
-4 -2
2
0
0
4
4 -4 -4
4 -6
0
-4 10 -4
0
4 -6
-8 -12 -2
4
0
2
4 -4 10
0
2
4
0 -2 -12
4
2
4
0
2
4
4
4 -2
-8
4 -2
0 -4 -2
-4
0
2
0 -2
0
4
2
4
0
0
0
9 10 11 12 13 14 15
0
0
0
0
0
0
0
0
0
6
4 -2 -6
4
8
0 -2
4
6 -6 -4
4
8
2
0 -2 -6 12
-4 -4
2
4 -10 -2 -4
-4
4
4
0
0 -4 -8
-4 -8 -4
4
0
0
0
-4
2 -2
2 -2
0
0
-4 -2
6
2 -6
0 -4
0 -2
4 -2
0 -2
4
8
2
4 -2 -4 -2
0
0
6 -4
2 -4
6
0
0
6
4 -2
8 -6 -4
4
6 -2
2
2 -4
4
-4 -2 -2 -2 -2
0
0
6
2 -4
6 -4 -4 -18
2
2 -4 -2 -4
0 -6
2
2
6
2
6
6 -10
-2 -6
6
2
6
2
2
6 -2
2
6
2 -2
2
2
2
2 -6
2
6 -2
2
2
0 -2
0
0
2
-2 -2
0 -6
0
0 -2
-2
4
6
0 -2 -4
2
-6
8
6
0
2
0 -6
-2
0
0 -4
4
2
2
-6
4
0
4
0 -2
2
-2
4
0
0
4
2
2
2 -4
0 -12
0 -6 -6
6 -4 -2
0 -2
0
2
-6
4 -2 -4
2
0
2
0
0
0
0
0
0
0
xy ra vi xc sut 50/64
[3]
[1]
[ 1 2 3]
[ 1 2 3]
[3]
[1]
14/64
127
[ 1 2 3]
[ 1 2 3]
[ 1 2 3]
[ 1 2 3]
[3]
[3]
[1]
[1]
14/64
Suy ra:
[ 1 2 3]
[ 1 2 3]
[3]
[3]
[1]
[ 1 2 3]
[3]
[1]
hay
[1]
3 [1]
3[
1 2 3]
3 [3]
2
[ 1 2 3]
[3]
[3]
1 xut hin 66 ln
[ 1 2 3]
[ 1 2 3]
[3]
[3]
xut hin 34 ln
Th ta c th kt lun
th 2 trong kha K ban u.
[1]
3 [1]
1 hay
1 vi k1, k2 l bt th 1 v
128
s hon
129
V d:
vi
Ngn gn, trong mt vnh, chng ta c th thc hin cc php cng, tr, nhn m
khng ra khi vnh (kt qu cc php ton cng, tr, nhn thuc R)
V d: cho tp cc ma trn vung cp n vi s thc, cc php cng v nhn ma trn
to thnh mt vnh.
Mt vnh c gi l vnh giao hon nu c thm tnh giao hon i vi php nhn:
M4) Tnh giao hon vi php nhn:
V d: cho tp cc s nguyn chn, vi cc php cng v nhn thng thng, to
thnh mt vnh giao hon, tp ma trn vung cp n nh trn khng phi l vnh giao hon.
Mt vnh c gi l min nguyn (integral domain) nu l vnh giao hon v c
thm hai tnh cht sau:
M5) Tn ti phn t n v php nhn: 1
Php cng: c = a + b
nu c
D thy rng tp Zn cng vi php cng trn tha mn cc tnh cht ca mt nhm
Abel vi phn t n v ca php cng l 0 (cc tnh cht t A1 n A5).
Bn cnh , tp Zn cng vi php cng v php nhn trn tha mn cc tnh cht ca
mt min nguyn vi phn t n v ca php nhn l 1 (cc tnh cht t M1 n M6).
V d, vi n = 7 th php nhn v php cng l nh sau:
+
0
1
2
3
4
5
6
0
0
1
2
3
4
5
6
1
1
2
3
4
5
6
0
2
2
3
4
5
6
0
1
3
3
4
5
6
0
1
2
4
4
5
6
0
1
2
3
5
5
6
0
1
2
3
4
6
6
0
1
2
3
4
5
x
0
1
2
3
4
5
6
0
0
0
0
0
0
0
0
1
0
1
2
3
4
5
6
2
0
2
4
6
1
3
5
3
0
3
6
2
5
1
4
4
0
4
1
5
2
6
3
5
0
5
3
1
6
4
2
6
0
6
5
4
3
2
1
Tuy nhin khng phi tp Zn no cng tha tnh cht M7, ngha l mi phn t khc
0 ca Zn phi c phn t nghch o ca php nhn. Ch c vi nhng n l s nguyn t th
Zn mi tha tnh cht M7. (xem khi nim 6 trong phn L thuyt s chng 4). V d vi
n=8 (khng tha M7) v n= 7 (tha M7).
a
-a
0
1
2
3
4
5
6
7
0
7
6
5
4
3
2
1
a-1
1
3
5
7
-a
0
1
2
3
4
5
6
0
6
5
4
3
2
1
a-1
1
4
5
2
3
6
131
Ta cng dng thut ton Euclid m rng tm phn t nghch o php nhn trong
tp Zn.
V d php chia: 5/4 = 5(4-1) = 5.2 = 3.
Nh vy vi n l s nguyn t, th tp Zn tr thnh mt trng hu hn m ta gi l
trng Galois (tn nh ton hc tm hiu v trng hu hn ny). Ta i k hiu Zn
thnh Zp vi quy nh p l s nguyn t. K hiu trng hu hn trn l GF(p)
Php cng:
Php nhn:
Php tr:
V d:
2 ,
1
3
2
2 v a thc phn d
Php cng:
Php nhn:
Php tr:
Php chia:
Trong cc php ton
V d: xt trng
c nh ngha trong tp Zp
1
1 ,
1
1 v
1 l a thc ti gin
1 khng phi l a thc ti gin v
1 l
Ta c:
9.3.4 Trng hu hn GF(2n)
Tp Wpm c pn phn t.
V d:
- p=3, n = 2 tp Wpm c 9 phn t:
12
1
1
22 2
1
12
2
1.
0
0
1
x
x+1
x2
x2+1
x2+x
x2+x+1
1
1
0
x+1
x
2
x +1
x2
x2+x+1
x2+x
x
x
x+1
0
1
2
x +x
2
x +x+1
x2
x2+1
x+1
x+1
x
1
0
2
x +x+1
x2+x
x2+1
x2
x2
x2
x2+1
x2+x
x2+x+1
0
1
x
x+1
x2 + 1
x2 + 1
x2
x2+x+1
x2+x
1
0
x+1
x
x2+x
x2+x
x2+x+1
x2
x2+1
x
x+1
0
1
x2+x+1
x2+x+1
x2+x
x2+1
x2
x+1
x
1
0
x2 + 1
0
2
x +1
1
x2
x
2
x +x+1
x+1
x2+x
x2+x
0
2
x +x
2
x +x+1
1
2
x +1
x+1
x
x2
x2+x+1
0
2
x +x+1
x2+1
x
1
2
x +x
x2
x+1
x
0
1
x
x+1
x2
x2 + 1
x2 + x
x2 + x + 1
0
0
0
0
0
0
0
0
0
1
0
1
x
x+1
x2
x2 + 1
x2 + x
x2+x+1
x
0
x
x2
x2 + x
x+1
1
2
x +x+1
x2+1
x+1
0
x+1
x2 + x
x2 + 1
x2+x+1
x2
1
x
x2
0
x2
x+1
2
x +x+1
x2 + x
x
2
x +1
1
tm phn t nghch o ca php nhn a thc, ta cng s dng thut ton Euclid
m rng tng t nh tm nghch o trong tp Zp.
/* Thut ton Euclid m rng tr v hai gi tr:
/*
- gcd(m(x),b(x));
-1
/*
- nu gcd(m(x),b(x))=1; tr v b (x) mod m(x)
*/
*/
*/
EXTENDED_EUCLID(m(x),b(x))
A1(x) = 1; A2(x) = 0; A3(x) = m(x);
B1(x) = 0; B2(x) = 1; B3(x) = b(x);
while (B3(x)<>0)AND(B3(x)<>1) do
Q(x) = phn thng ca A3(x) / B3(x);
135
T1(x) =
T2(x) =
T3(x) =
A1(x) =
B1(x) =
end while
If B3(x)=0
If B3(x)=1
A1(x) Q(x)B1(x);
A2(x) Q(x)B2(x);
A3(x) Q(x)B3(x);
B1(x); A2(x) = B2(x); A3(x) = B3(x);
T1(x); B2(x) = T2(x); B3(x) = T3(x);
then return A3(x); no inverse;
then return 1; B2(x);
S nguyn tng ng
000
001
010
011
100
101
110
111
136
thp lc phn
0
1
2
3
4
5
6
7
+
0
1
2
3
4
5
6
7
0
0
1
2
3
4
5
6
7
1
1
0
3
2
5
4
7
6
2
2
3
0
1
6
7
4
5
3
3
2
1
0
7
6
5
4
4
4
5
6
7
0
1
2
3
5
5
4
7
6
1
0
3
2
6
6
7
4
5
2
3
0
1
7
7
6
5
4
3
2
1
0
x
0
1
2
3
4
5
6
7
0
0
0
0
0
0
0
0
0
1
0
1
2
3
4
5
6
7
2
0
2
4
6
3
1
7
5
3
0
3
6
5
7
4
1
2
4
0
4
3
7
6
2
5
1
5
0
5
1
4
2
7
3
6
6
0
6
7
1
5
3
2
4
7
0
7
5
2
1
6
4
3
-a
a-1
dng a
thc
dng s
dng a
thc
dng s
dng a
thc
dng s
0
1
x
x+1
x2
x2+1
x2+x
x2+x+1
0
1
2
3
4
5
6
7
0
1
x
x+1
x2
x2+1
x2+x
x2+x+1
0
1
2
3
4
5
6
7
1
2
x +1
x2+x
x2+x+1
x
x+1
x2
1
5
6
7
2
3
4
0
0
0
0
0
0
0
0
0
1
0
1
2
3
4
5
6
7
2
0
2
4
6
0
2
4
6
3
0
3
6
1
4
7
2
5
4
0
4
0
4
0
4
0
4
5
0
5
2
7
4
1
6
3
6
0
6
4
2
0
6
4
2
7
0
7
6
5
4
3
2
1
1
4
7
2
8
7
3
4
7
4
12
7
5
4
7
6
8
7
7
4
7
1) Php cng:
(v
p dng lp li nh vy tnh
vi k bt k, v t tnh c
1 (
V d: tnh
11 11
1)
01010111
01010111
01010111
01010111
01010111
01010111
01010111
00000010 = 10101110
00000100 = 01011100 00011011 = 01000111
00001000 = 10001110
00010000 = 00011100 00011011 = 00000111
00100000 = 00001110
01000000 = 00011100
10000000 = 00111000
1 (
1)
138
V d, xt li trng GF(23) vi
Nh vy g l phn t sinh th
phn t ca trng nh sau:
1
1
1
Biu din ly
tha
0
g0
g1
g2
g3
g4
g5
g6
a thc trong
GF(23)
0
1
g
g2
g+1
g2+g
g2+g+1
g2+1
1
S nguyn tng
ng
000
001
010
100
011
110
111
101
thp lc
phn
0
1
2
4
3
6
7
5
Da vo phn t sinh ta c th thc hin php nhn a thc bng mt php modulo
2n-1. V d, tnh
1
. Ta chuyn thnh
1 (kt
qu ny ging vi kt qu trong bng php nhn trong phn 9.3.4)
9.4 M ha AES
M ha AES l mt m ha theo khi 128 bt khng s dng nguyn tc ca h m
Feistel m s dng m hnh mng SPN. AES dng 4 php bin i chnh m ha mt
khi: Add row key, Substitute bytes, Shift rows, Mix columns. Mi php bin i nhn
tham s u vo c kch thc 128 bt v cho ra kt qu cng c kch thc 128 bt. AES
thc hin 4 php bin i trn nhiu ln to thnh 10 vng bin i nh hnh bn di.
139
key 128 bt
Bn r 128 bt
Add round key
128
R1
Substitute bytes
w[0,3]
128
Expand Key
Mix columns
128
w[4,7]
R10
Shift rows
R9
128
Bn r 128 bt
128
128
R9
Substitute bytes
Shift rows
128
Mix columns
Add round key
R10
w[36,39]
128
Substitute bytes
Shift rows
128
w[40,43]
128
R1
128
Add round key
Bn m 128 bt
Bn m 128 bt
a) Giai on m ha
b) Giai on gii m
Cc php bin i Substitute bytes, Shift rows, Mix columns c php bin i ngc
tng ng l Inverse sub bytes, Inverse shift rows, Inverse mix cols. Ring php bin i
Add row key n gin ch l php XOR nn php bin i ngc cng l Add row key.
Vn dng cc php bin i ngc trn, thut ton gii m AES cng gm 10 vng thc
hin theo chiu ngc li.
Kch thc kha ban u l 128 bt (gm 16 byte). AES dng hm Expand key m
rng kch thc kha thnh 44 word 32 bt. 44 word ny c chia thnh 11 cm kha
con, mi kha con 4 word lm tham s cho 11 thao tc Add row key.
140
k0 k4 k8 k12
k1 k5 k9 k13
w0 w1 w2 w3 w4 w5
k2 k6 k10 k14
w42 w43
k3 k7 k11 k15
Expand key
Mi khi bn r gm 16 byte p0 p1 p15 c t chc di dng mt ma trn 4x4
(ma trn state). Chng ta i k hiu cho ma trn ny di dng s00 s10 s20 s30 s01 s11 s23
s33.
p0 p4 p8 p12
p1 p5 p9 p13
p2 p6 p10 p14
p3 p7 p11 p15
Cc php bin i Add row key, Substitute bytes, Shift rows, Mix columns s thc
hin trn ma trn S 4x4 ny.
Cc php tnh s hc trong AES c thc hin trong trng GF(28) vi a thc ti
gin l
1. T y v sau ta ch ni n gin l GF(28). Phn
sau trnh by chi tit cc thao tc Add row key, Substitute bytes, Shift rows, Mix columns
v Expand key.
9.4.1 Substitute bytes
Trong phn ny, ta s dng mt bng tra cu 1616 byte (gi l S-box). Bng ny
c thit lp nh sau:
Bc 1: in cc con s t 0 n 255 vo bng theo tng hng. Vy hng 0 gm cc
con s {00}, {01}, {0F} (thp lc phn). Hng 1 gm cc con s {10},
{11},, {1F}. iu ny c ngha l ti hng x ct y c gi tr {xy}
Bc 2: thay th mi byte trong bng bng gi tr nghch o trong trng GF(28).
Quy c nghch o ca {00} cng l {00}
Bc 3: i vi mi byte trong bng, k hiu 8 bt l b7b6b5b4b3b2b1b0. Thay th
mi bt bng gi tr
c tnh sau:
Vi ci l bt th i ca s {63}, tc
11
11. Vic
8
tnh ton trn tng ng vi php nhn ma trn sau trn GF(2 ) (B = XB C):
141
b0
b1
b2
b3
b4
b5
b6
b7
1
1
1
1
1
0
0
0
0
1
1
1
1
1
0
0
0
0
1
1
1
1
1
0
0
0
0
1
1
1
1
1
1
0
0
0
1
1
1
1
1
1
0
0
0
1
1
1
1
1
1
0
0
0
1
1
1
1
1
1
0
0
0
1
b0
b1
b2
b3
b4
b5
b6
b7
1
1
0
0
0
1
1
0
Trong php cng thc hin nh php XOR. Hnh di trnh by ni dung
bng S-box sau khi tnh ton.
0
0 63 7C 77 7B F2 6B 6F C5 30 01 67 2B FE D7 AB 76
1 CA 82 C9 7D FA 59 47 F0 AD D4 A2 AF 9C A4 72 C0
2 B7 FD 93 26 36 3F F7 CC 34 A5 E5 F1 71 D8 31 15
3 04 C7 23 C3 18 96 05 9A 07 12 80 E2 EB 27 B2 75
4 09 83 2C 1A 1B 6E 5A A0 52 3B D6 B3 29 E3 2F 84
5 53 D1 00 ED 20 FC B1 5B 6A CB BE 39 4A 4C 58 CF
6 D0 EF AA FB 43 4D 33 85 45 F9 02 7F 50 3C 9F A8
7 51 A3 40 8F 92 9D 38 F5 BC B6 DA 21 10 FF F3 D2
8 CD 0C 13 EC 5F 97 44 17 C4 A7 7E 3D 64 5D 19 73
9 60 81 4F DC 22 2A 90 88 46 EE B8 14 DE 5E 0B DB {95} {8A} {2A}
A E0 32 3A 0A 49 06 24 5C C2 D3 AC 62 91 95 E4 79
B E7 C8 37 6D 8D D5 4E A9 6C 56 F4 EA 65 7A AE 08
C BA 78 25 2E 1C A6 B4 C6 E8 DD 74 1F 4B BD 8B 8A
D 70 3E B5 66 48 03 F6 0E 61 35 57 B9 86 C1 1D 9E
E E1 F8 98 11 69 D9 8E 94 9B 1E 87 E9 CE 55 28 DF
F 8C A1 89 0D BF E6 42 68 41 99 2D 0F B0 54 BB 16
0
1
1
1
1
1
0
0
0
0
1
1
1
1
1
0
0
0
0
1
1
1
1
1
1
0
0
0
1
1
1
1
1
1
0
0
0
1
1
1
1
1
1
0
0
0
1
1
1
1
1
1
0
0
0
1
0
1
0
1
0
0
0
1
142
1
1
0
0
0
1
1
0
1
0
0
1
0
0
1
0
1
1
0
0
0
1
1
0
0
1
0
1
0
1
0
0
Da trn bng tra cu S-box, php bin i Substitute bytes thc hin nh sau: Mi
byte trong ma trn state S, di dng thp lc phn l {xy}, c thay th bng gi tr trong
bng S-box ti dng x ct y.
y
87 F2 4D 97
83 45 5D 96
EC 6E 4C 90
5C 33 98 B0
4A C3 46 E7
F0 2D AD C5
8C D8 95 A6
Vi di l bt th i ca s {05}, tc
ma trn tng ng l (B = YB D):
b0
b1
b2
b3
b4
b5
b6
b7
0
1
0
1
0
0
1
0
0
0
1
0
1
0
0
1
1 1. V php nhn
1
0
0
1
0
1
0
0
0
1
0
0
1
0
1
0
0
0
1
0
0
1
0
1
1
0
0
1
0
0
1
0
0
1
0
0
1
0
0
1
1
0
1
0
0
1
0
0
b'0
b1
b2
b3
+
b4
b5
b6
b7
1
0
1
0
0
0
0
0
143
0 52 09 6A D5 30 36 A5 38 BF 40 A3 9E 81 F3 D7 FB
1 7C E3 39 82 9B 2F FF 87 34 8E 43 44 C4 DE E9 CB
2 54 7B 94 32 A6 C2 23 3D EE 4C 95 0B 42 FA C3 4E
{2A} {95}
3 08 2E A1 66 28 D9 24 B2 76 5B A2 49 6D 8B D1 25
4 72 F8 F6 64 86 68 98 16 D4 A4 5C CC 5D 65 B6 92
5 6C 70 48 50 FD ED B9 DA 5E 15 46 57 A7 8D 9D 84
6 90 D8 AB 00 8C BC D3 0A F7 E4 58 05 B8 B3 45 06
7 D0 2C 1E 8F CA 3F 0F 02 C1 AF BD 03 01 13 8A 6B
8 3A 91 11 41 4F 67 DC EA 97 F2 CF CE F0 B4 E6 73
9 96 AC 74 22 E7 AD 35 85 E2 F9 37 E8 1C 75 DF 6E
A 47 F1 1A 71 1D 29 C5 89 6F B7 62 0E AA 18 BE 1B
B FC 56 3E 4B C6 D2 79 20 9A DB C0 FE 78 CD 5A F4
C 1F DD A8 33 88 07 C7 31 B1 12 10 59 27 80 EC 5F
D 60 51 7F A9 19 B5 4A 0D 2D E5 7A 9F 93 C9 9C EF
E A0 E0 3B 4D AE 2A F5 B0 C8 EB BB 3C 83 53 99 61
F 17 2B 04 7E BA 77 D6 26 E1 69 14 63 55 21 0C 7D
Nh vy php bin i Inverse sub bytes thc hin nh sau: Mi byte trong ma trn
state S, di dng thp lc phn l {xy}, c thay th bng gi tr trong bng IS-box ti
dng x ct y.
chng minh Inverse sub bytes l php bin i ngc ca Substitute bytes, ta cn
chng minh Y(XB C) D = B, ngha l YXB YC D = B. Ta c
0
1
0
1
0
0
1
0
0
0
1
0
1
0
0
1
1
0
0
1
0
1
0
0
0
1
0
0
1
0
1
0
0
0
1
0
0
1
0
1
1
0
0
1
0
0
1
0
0
1
0
0
1
0
0
1
1
0
1
0
0
1
0
0
1
1
1
1
1
0
0
0
0
1
0
1
0
0
1
0
0
0
1
0
1
0
0
1
1
0
0
1
0
1
0
0
0
1
0
0
1
0
1
0
0
0
1
0
0
1
0
1
1
0
0
1
0
0
1
0
0
1
0
0
1
0
0
1
1
0
1
0
0
1
0
0
1
1
0
0
0
1
1
0
0
1
1
1
1
1
0
0
0
0
1
1
1
1
1
0
0
0
0
1
1
1
1
1
1
0
1
0
0
0
0
0
1
0
0
0
1
1
1
1
1
1
0
0
0
1
1
1
1
1
1
0
0
0
1
1
1
0
0
0
0
0
0
0
1
1
1
1
0
0
0
1
0
1
0
0
0
0
0
0
b0
b1
b2
b3
b4
b5
b6
b7
0
0
1
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
1
0
0
(YXB = IB v YC = D)
Mc ch ca Substitute bytes:
144
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
1
b0
b1
b2
b3
b4
b5
b6
b7
1
0
1
0
0
0
0
0
1
0
1
0
0
0
0
0
b0
b1
b2
b3
b4
b5
b6
b7
Bng S-box dng chng li hnh thc tn cng known-plaintext. Gia input v
output ca php Substitute bytes khng th m t bng mt cng thc ton n gin.
(xem phn m khi an ton l tng trong chng 3)
9.4.2 Shift rows
Thao tc Shift rows thc hin hon v cc byte trong ma trn state theo cch thc sau:
-
Trong php cng v nhn cc h s c thc hin trong trng GF(28). a thc
kt qu c bc ln hn 3 (v d h s ca bc 6 l {03}s01), tuy nhin ta ch cn s dng 4
h s cho gi tr ct mi nn a thc kt qu s c modulo thm cho a thc
1. Bn byte h s ca
c thay th cho bn byte ban u trong ct.
145
Php nhn a thc trn c th biu din di dng php nhn ma trn nh sau:
s01
s11
s21
s31
02
01
01
03
03
02
01
01
01
03
02
01
s01
s11
s21
s31
01
01
03
02
47 40 A3 4C
6E 4C 90 EC
37 D4 70 9F
46 E7 4A C3
94 E4 3A 42
A6 8C D8 95
ED A5 A6 BC
Trong php bin i ngc Inverse mix cols, mi ct ca ma trn state c nhn vi
a thc
9
v modulo cho a thc
1. Hay
vit di dng ma trn
s01
s11
s21
s31
0E
09
0D
0B
0B
0E
09
0D
0D
0B
0E
09
s01
s11
s21
s31
09
0D
0B
0E
v
0E
09
0D
0B
0B
0E
09
0D
0D
0B
0E
09
09
0D
0B
0E
02
01
01
03
03
02
01
01
01
03
02
01
01
01
03
02
1
0
0
0
0
1
0
0
0
0
1
0
0
0
0
1
v t chng minh c Inverse mix cols l php bin i ngc ca Mix columns
Mc ch ca Mix columns:
Vic nhn mi ct vi a thc
v modulo
l cho mi byte trong ct kt
qu u ph thuc vo bn byte trong ct ban u. Thao tc Mix columns kt hp vi Shift
146
If i mod 4 = 0:
g = SubWord(RotWord(wi-1)) Rcon[i/4]
wi = wi-4 g
If i mod 4 0:
wi = wi-4 wi-1
k2 k6 k10 k14
k3 k7 k11 k15
w0 w1 w2 w3
w4 w5 w6 w7
w8 w9 w10 w11
RotWord: dch vng tri mt byte. Gi s word u vo c 4 byte l [b0, b1, b2, b3]
th kt qu ca RotWord l [b1, b2, b3, b4].
SubWord: thay th mi byte trong word u vo bng cch tra cu bng S-box trong
thao tc Substitute Bytes.
147
RC[ j]
10 20 40 80 1B 36
10
148
n iu tng.
Nu
c 4 trng hp sau: t
27
1
149
-1
-1
1
Trong ng cong Elliptic, chng ta nh ngha thm mt im O (im v cc).
Gi E(a, b) l tp cc im thuc ng cong
nh ngha php cng trn tp cc im thuc E(a, b) nh sau:
cng vi im O. ta
S
P
R= P+Q= -S
R= P+Q= -S
-R
R = P+P
150
, ca im
. Ta tnh ta im
t h s gc ng thng l :
a t nh c:
Chng minh:
ngn gn, k hiu
. Ta c:
(1)
(2)
(3)
(im S thuc ng thng ni P v Q)
(4)
Thay
2
2
(5)
(6)
, t ta c pcm.
, khi
ta c:
151
3
(
3
(
Chng minh:
Khng mt tng qut xt mt na ng cong elliptic:
2
3
2
(
Vy ta c:
)
2
v t suy ra pcm.
1
23
49
23
1
9
739
9
9
7 ta c:
23
23
Khc vi ng cong Elliptic trong trng s thc, chng ta khng th biu din
ng cong Elliptic Zp bng th hm s lin tc. Bng bn di lit k cc im (x, y)
ca ng cong trong trng Z23 vi a=1, b=1:
(0, 1)
(0, 22)
(1, 7)
(1, 16)
(3, 10)
(3, 13)
(4, 0)
152
(6, 4)
(6, 19)
(7, 11)
(7, 12)
(9, 7)
(9, 16)
(11, 3)
(12, 19)
(13, 7)
(13, 16)
(17, 3)
(17, 20)
(18, 3)
(18, 20)
(5, 4)
(5, 19)
(11, 20)
(12, 4)
(19, 5)
(19, 18)
Cng tng t nh khi nim i xng qua trc honh ca ng cong Elliptic s
thc, ng cong Elliptic Zp cng i xng theo ngha i xng modulo. Gi s im (x, y)
thuc ng cong Elliptic Zp trn th im (x, p - y) cng thuc ng cong trn v:
2
V d (1, 7) i xng vi (1, 16) v 7+16 = 0 mod 23. Hnh v bn di minh ha
tnh i xng ny.
22
21
20
19
18
17
16
15
14
13
12
11
10
9
8
7
6
5
4
3
2
1
0
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
Trong :
153
3
(
2
{
(4)
(5)
(6)
(7)
T (3) ta c:
V d: trong
23
11
154
23
23
17
2 4
23
11
cng
11 3
17
23
11
ng cong
By gi chng ta s xt tp
cng vi im v cc O.
1. Phn t sinh g
a thc trong
GF(23)
0
1
g
g2
g3
g+1
g2+ g
g3 + g2
S nh
phn
0000
0001
0010
0100
1000
0011
0110
1100
Biu din
ly tha
g7
g8
g9
g10
g11
g12
g13
g14
a thc
trong GF(23)
g3+g+1
g2+ 1
g3 + g
g2+g+1
g3+ g2+g
g3+ g2+g+1
g3+ g2 + 1
g3+ 1
S nh
phn
1011
0101
1010
0111
1110
1111
1101
1001
(g5, g3)
(g5, g11)
(g6, g8)
(g6, g14)
(g9, g10)
(g9, g13)
(g10, g)
(g10, g8)
(g12, 0)
(g12, g12)
.
155
Trong :
c xc nh bng cng thc:
4) php cng
1
Trong :
Xt nhm
23
23
2
6
2 2
73
3
87
14 14
19 2
12 17
45
13 1
Alice
cho Alice.
(nhm Abel c
tnh c
, Trudy phi tm c
iu ny l bt kh thi nh ta thy phn trn.
. Tuy nhin
Trong
v
vi d l mt s b mt do ngi sinh kha chn. Do tnh
cht ca hm mt chiu t E v G khng th suy ra c d.
T chng ta c hai cch thc thc hin m ha/ gii m nh sau:
1) Phng php Elgamal:
Gi s Alice mun gi mt thng ip M cho Bob, trc tin Alice chuyn M t
dng dy bt sang dng im PM =(x, y). Bn m CM (dng kha cng khai ca Bob) c
tnh l mt cp im nh sau:
vi k l mt s ngu nhin do Alice chn
gii m dng kha ring, Bob s nhn im th nht trong CM vi d, sau ly
im th hai tr cho kt qu:
Trong phng thc m ha, Alice che giu PM bng cch cng PM vi kE. gii
m, Bob cn tr ra li kE. Thay v gi trc tip k cho Bob Bob tnh kE (Trudy c th
chn c), Alice gi mt du hiu l kG . Da vo kG v d, Bob c th tnh kE. Cn
Trudy, d bit G v kG, tuy nhin vn khng th tnh c k do tnh cht ca hm mt
chiu.
V d: chn p = 751, a = 1, b = 188 ta c ng cong Elliptic trn Z751 nh sau
751
188
751
157
Tng t nh phng php Elgamal, d bit G v kG, Trudy cng khng th tnh
c k tnh P.
10.4.3 an ton ca ECC so vi RSA
Hin nay, phng php nhanh nht tnh logarit ng cong Elliptic (tnh k bit G
v kG) l phng php Pollar rho. Bng sau y lit k kch thc kha ca phng php
ECC v phng php RSA da trn s tng ng v chi ph ph m.
M ha i xng
(s bt ca kha)
56
80
112
128
192
256
M ha ECC
(s bt ca n)
112
160
224
256
384
512
M ha RSA
(s bt ca N)
512
1024
2048
3072
7680
15360
Bn gi
Bn nhn
M
DS
HA
Tnh Hash
M ha
Gii m
HA
Tnh Hash
HB
So snh
KRA
KUA
B sinh kha
DS: Data signature ch k in t
Bn nhn
M
M
Tnh
Hash
HA
s
r
Sign
M
HB
Verify
Tnh Hash
So snh
KUG
KRA
KUA KUG
B sinh kha
f1
f2
Tnh
Hash
a) Qu trnh k
160
Tnh
Hash
s'
p q g
r'
f3
f4
so snh
Mu
Xanh l
Xanh lam
en
Trng
Vng
sm
Cam
Bt giu
0
1
0
1
Mu kt qu
00110000 (24)
00110001 (25)
01001000 (72)
01001001 (73)
161
11.2 Li phn mm
Cc phn mm lun lun c li. Nhng li ny lm cho phn mm hot ng khng
nh mun ngi dng. Tu h cnh Mars Lander ca NASA m vo sao Ha do li
phn mm trong vic chuyn i t n v o Anh sang n v metric. Li trong phn
mm qun l hnh l khin sn bay Denver khai trng mun 11 thng vi thit hi 1 triu
USD/ngy. Trong phn ny chng ta quan tm n mt s loi li phn mm m hacker c
th li dng xm nhp h thng thc hin cc hnh vi ph hoi.
11.2.1 Trn b m (Buffer Overflow)
Li trn b m thng xy ra i vi loi d liu mng, khi d liu nhp vo vt
qu kch thc mng. V d chng trnh sau:
void checkserial() {
char sn[16];
scanf(%s, sn);
}
int main() {
checkserial();
int i= 7;
return 0;
}
162
Code segment
IP
SP
P
Vng nh
cho bin sn
120
128
132
checkserial()
i=7
ret
hm main()
200
scanf(%s,sn)
ret
hm checkserial()
300
3F0
400
401
128
Stack segment
Sau khi hm checkserial thc hin xong, lnh RET s np li gi tr 128 ti a ch
401 trong stack vo con tr lnh IP quay v li lnh i= 7.
Nu trong hm checkserial, ngi s dng nhp vo chui t hn 16 k t th
chng trnh hot ng bnh thng, tuy nhin nu ngi s dng nhp vo chui 16 k t
tr ln th lc ny nh 401 s b bi k t th 16, tnh trng trn b m xy ra. Lc
ny khi lnh RET ca hm checkserial thc hin, con tr lnh IP s c 1 gi tr khc
ch khng phi l 128, do lnh i= 7 s khng c thc hin. Hacker c th li dng
iu ny tin hnh cc hot ng ph hoi. Xt chng trnh c th sau:
void checkserial() {
char sn[16];
printf(\nEnter a serial number\n);
scanf(%s, sn);
if (!strncmp(sn, S123N456, 8)) {
printf(Serial number is correct);
}
}
int main() {
checkserial();
int i=7;
return 0;
}
163
164
(41 l m ASCII ca k t A)
nh 0022FF2C trong stack by gi c gi tr 004012D4. Do , sau khi hm
checkserial thc hin xong th lnh RETN (ti nh 004012E1) s khng nhy n lnh i=
7 ca hm main na m nhy n lnh in cu Serial number is correct ti nh
004012D4. Lnh ny in ra mn hnh nh bn di.
165
Cu SQL
Kt qu
H Qun
tr CSDL
Khc vi ngn ng lp trnh, cu SQL khng c bin dch sn. Ch khi no phn
mm ng dng to cu SQL v gi cho H qun tr CSDL th lc H qun tr CSDL
mi bin dch v thc hin cu SQL. Trong qu trnh to cu SQL, phn mm ng dng
thng s dng tham s do ngi dng nhp vo. y chnh l c im m hacker c th
li dng, tin hnh thay i cu SQL theo ring ca hacker.
minh ha, chng ta xt chc nng ng nhp m hu ht cc phn mm u c.
qun l ngi dng, ngi lp trnh to mt table Users trong c s d liu nh sau (v
d dng h qun tr SQL Server).
username
admin
nam
son
password
tu8a9xk
34bux8kt
krt87ew
email
admin@xyz.com
nam@xyz.com
son@xyz.com
cho php ngi dng ng nhp, ngi lp trnh thit k mt form nh sau (v d
dng C# v ADO.NET).
166
PDescription
Android, camera 5.0, 3G, Wifi, GPS
Windows Mobile, Wifi, GPS, FM Radio
Android 2.2, camera 8.0, HDMI
167
Email
Content
admin@xyz.com This is a cool website!
nam@xyz.com
Excellent!!!
son@xyz.com
5-stars website!
Ngi lp trnh web thit k mt trang web post bnh lun nh sau:
169
170
2. Vit chng trnh v thc hin tn cng buffer overflow nh trong phn 2.1
171
PH LC 1
Chi Tit cc S-box ca m ha DES
b1b2 b3b4
0
b0b5 1
2
DES S-box 1
b1b2 b3b4
0
b0b5
DES S-box 2
b1b2 b3b4
0
b0b5 1
2
DES S-box 3
b1b2 b3b4
0
b0b5 1
2
DES S-box 4
b1b2 b3b4
0
b0b5 1
2
DES S-box 5
172
b1b2 b3b4
b0b5
DES S-box 6
b1b2 b3b4
0
b0b5 1
2
DES S-box 7
b1b2 b3b4
0
b0b5 1
2
DES S-box 8
173
PH LC 2
Thut ton Euclid
1) Thut ton Euclid
Thut ton Euclid dng tm c s chung ln nht ca hai s nguyn a v b. Ta
k hiu c s chung ln nht ny l gcd(a, b). Thut ton ny da trn nh l sau:
nh l: vi mi s nguyn a 0 v b > 0 th:
gcd(a, b) = gcd(b, a mod b)
Chng minh:
Gi d l c s chung ln nht ca a v b. Gi r l phn d ca php chia a mod b:
a = bq + r
(1)
b v r chia ht cho d:
V a v b u chia ht cho d nn t ng thc (1) ta c r phi chia ht cho d.
Khng tn ti e > d m b v r chia ht cho e:
Gi s tn ti s e > d m b v r chia ht cho e. Nh vy t ng thc (1) ta
c a cng chia ht cho e. Vy a v b u chia ht cho e l tri vi gi thit d
l c s chung ln nht ca a v b.
57 = 42 1 + 15
A2 = B2q + R2
42 = 15 2 + 12
A3 = B3q + R3
15 = 12 1 + 3
12 =
An = Bnq + 0
gcd(a,b)
174
An+1
34 + 0
0
(1)
aB1 + bB2 = B3
(2)
do ln lp th nht:
aR1 + bR2 = aA1 - aQB1 + bA2 - bQB2
= A3 QB3
aR1 + bR2 = R3
(3)
Vy trong sut qu trnh lp ca thut ton cc ng thc (1), (2), (3) lun c tha
mn.
Trong trng hp gcd(a, b) <> 1, thut ton trn hot ng tng t nh thut ton
Euclid chun (A3 v B3 tng t nh A v B trong thut ton chun). Khi kt thc vng lp
B3 = 0, A3 l c s chung ln nht).
Trong trng hp gcd(a, b) = 1. Theo thut ton Euclid chun th A3 = 1, B3= 0. Suy
ra trong ln lp ngay trc B3 = 1. Trong thut ton m rng vng lp s kt thc khi B3
= 1. Ta c:
aB1 + bB2 = B3
aB1 + bB2 = 1
bB2 1 mod a
175
V d: a = 63, b= 35
A3
B3
R3
A2
B2 Q
R2
63 = 35 1 + 28
0 =
35 = 28 1 + 7
1 = -1 1 + 2
28 =
74 + 0
-1 =
11 - 1
2 4 - 9
0
Khng c nghch o
V d: a = 25, b= 7
A3
B3 Q
R3
A2
25 =
7 3 + 4
0 =
7 =
41 +3
1 = -3 1 + 4
4 =
31 + 1
-3 =
B2 Q
R2
13 - 3
4 1 - 7
-7
tn ti mt s m ng d vi
Theo nh l Fermat, ta c
suy ra
hay
Nh vy trong dy s
dng b 1, ta c kt lun sau:
c s cui cng ng d vi 1. Vn
Hoc l
1
v do cc phn t cn li trong dy u ng d vi
1. Trong trng hp ny ta c kt lun *).
Hoc l c mt s
theo b 1 th
**). (pcm)
1
p
tuy nhin
1
. o
. Trong trng hp ny ta c kt lun
/*
TEST(p)
Tm k, q vi k> 0, q l tha mn
2
1
Chn s ngu nhin a trong khong [2, p - 1]
If
1 Then return p c th l s nguyn t;
For j= 0 to k-1 do
If
1 Then return p c th l s nguyn t;
return p khng phi l s nguyn t;
V d 1 : kim tra s p = 29
29
1 do k = 2, q = 7.
55
1 do k = 2, q = 55.
Nu chn a = 5: 555 mod 221 = 112 do ta s tip tc tnh (555)2 mod 29 = 168,
do th tc kim tra s tr v khng phi l s nguyn t. iu ny ng v
221 = 13 x 17.
177
Tuy nhin nu chn a = 21: 2155 mod 221 = 200 do ta s tip tc tnh (2155)2
mod 29 = 220, lc ny th tc s tr v c th l s nguyn t. Ngha l trong
mt s trng hp ca a, thut Miller-Rabin khng xc nh c tnh nguyn t ca 221.
Ngi ta tnh c xc sut trong trng hp p l hp s, thut ton MillerRabin a ra khng nh khng phi l s nguyn t l 75%. Trong 25% cn li,
Miller-Rabin khng xc nh c p nguyn t hay hp s. Do nu chng ta p dng
thut ton t ln (mi ln vi cc gi tr a khc nhau) th xc sut khng xc nh (trong c t
ln) l (0.25)t. Vi t bng 10, xc sut trn l rt b, nh hn 0.000001.
Tm li nguyn tc kim tra tnh nguyn t ca s nguyn p thc hin nh sau:
- Thc hin thut ton Miller-Rabin 10 ln vi 10 s a ngu nhin khc nhau.
- Nu c 10 ln thut ton cho ra kt qu c th l s nguyn t, th ta
khng nh p l s nguyn t.
- Ch cn mt ln thut ton cho ra kt qu khng phi l s nguyn t,
th ta khng nh p l hp s.
V d 3: p = 41, 41
1 do k = 3, q = 5, p-1 = 40 .
aq mod p
38
9
9
3
38
1
14
40
40
1
a
7
8
9
12
13
16
24
25
31
37
a2q mod p
9
40
40
9
9
a4q mod p
40
32
40
40
40
41 l s nguyn t
V d 4: p = 133, 133
a
11
17
27
30
38
58
75
94
102
121
33
aq mod p
1
83
132
1
76
1
132
132
1
1
a2q mod p
106
57
nh l s d Trung Hoa
nh l s d Trung Hoa cho php thay v phi thc hin cc php ton mod T trong
trng hp T ln, ta c th chuyn v tnh ton trn cc php mod ti , vi cc ti nh hn T.
Do nh l s d Trung Hoa gip tng tc tnh ton ca thut ton RSA.
Gi s:
. Trong cc s
tng i mt. Xt tp ZT v tp X l tch Decarte ca cc tp
0 n T-1):
Chng minh:
1) nh x thun: chuyn A thnh (a1, a2, , ak), ta c th tnh ai = A mod ti .
2) nh x nghch: chuyn (a1, a2, , ak) thnh A, ta thc hin nh sau:
Phng n 1 (do nh ton hc ngi Trung Quc Chin Chiu-Shao xut vo nm 1247):
t Ti = T/ti = t1.t2ti-1.ti+1...tk , nh vy Ti 0 mod tj , ij. Ngoi ra cn c Ti
nguyn t cng nhau vi ti (theo gi thit cc ti u nguyn t cng nhau). Suy ra tn ti
phn t nghch o
sao cho :
1
.
Ta tnh A bng cng thc:
bo m nh x nghch l ng, ta cn chng minh ai = A mod ti . Ta c:
(
)
(v T chia ht cho ti)
(v Tj 0 mod ti , ij)
1
(v
(pcm)
Phng n 2 (do nh ton hc H.L.Garner xut vo nm 1959):
Trong phng n ny dng thut ton Euclid m rng, chng ta lp
1
nh sau:
hng s
1
j
i
t1
t2
t3
t4
t1
t2
c12
t3
c13
c23
t4
c14
c24
c34
179
.
(
Ta c:
(
t
, ta c:
Vy ta c kt lun:
V d nh l s d Trung Hoa:
Cho T = 1813 = 37 x 49. Tnh X+Y = 678+973 mod 1813.
Ta c t1 = 37, t2 = 49.
Vy X c biu din thnh: (678 mod 37, 678 mod 49) = (12, 41). Y c biu
din thnh (973 mod 37, 973 mod 49) = (11, 42). Do :
(678+973) mod 1813 = ((12+11) mod 37, (41+42) mod 49) = (23, 34)
V cui cng kt qu ca php cng l:
Theo phng n 1:
T1 = 49, T2 = 37
34
23
4
49
= 38318
= 4335
34
34
5 32
37
1813
1813
1813
973
Theo phng n 2:
c12 = 4
b1 = 23, b2 = (34 23)4 mod 49 = 44
23
44 37 = 1651.
181
[2].
[3].
[4].
[5].
[6].
[7].
[8].
[9].
How Secure Is Your Wireless Network Lee Barken Prentice Hall 2003
182
B GIO DC V O TO
BI GING
AN TON V BO MT
THNG TIN
(Lu hnh ni b)
BI GING
AN TON V BO MT
THNG TIN
Bin son: Trn Minh Vn
(Ti liu tham kho chnh: Cryptography and Network Security Principles and Practices,
4th Edition William Stallings Prentice Hall 2005)
184