Professional Documents
Culture Documents
Chuk y So Elliptic
Chuk y So Elliptic
1
I. t vn
Nh nu, ch k s RSA c xy dng da trn h m ha kha cng khai
RSA. an ton ca h m ha ny ph thuc vo kh ca bi ton phn tch mt s
n ra tha s nguyn t n = p*q [1]. Ni cch khc, c th s dng h m ha RSA
cng nh ch k s RSA mt cch an ton, ngi dng cn phi la chn hai s nguyn
t p v q ln sao cho bi ton phn tch ra tha s k trn kh khng b ph v
trong thi gian a thc. Tuy nhin vi s pht trin tut bc ca nng lc tnh ton ca
my tnh, nm 2005, s ln nht c th c phn tch ra tha s nguyn t c di 663
bit vi phng php phn tn; nm 2010, cc nh khoa hc thuc i hc Michigan
cng b pht hin cch ph v h thng RSA v ly kho c di 1024 bit ch trong vi
ngy. Do , cc nh nghin cu khuyn co ngi dng la chn kha c di ti
thiu l 2048 bit. Bn cnh , bn thn h m ha kha cng khai RSA c tc thc
hin chm hn ng k so vi DES, AES v cc thut ton m ha i xng khc. V
vy, mt i hi cp thit l cn tm ra ch k s mi c tc thc hin nhanh hn ch
k s RSA trong khi vn m bo c an ton ca ch k ngi s dng.
2
2.1.2.1. nh ngha
xR = 2 xP xQ
3
yR = yP + (xP xR)
= 0; xR = 1 v yR = 0. Vy P + Q = R(1, 0) E
- im ti v cng O l im cng vi bt k im no cng s ra chnh im .
Ngha l: P E, P+O = O+P = P
4
- V kha cnh i s, xc nh im R(xR, yR) = 2P(xP, yP) vi yP 0, ta tnh xR
v yR nh sau [2]:
2
3 +a 2
xR = ( ) 2xP
2
2
3 +a
yR = ( )( xP xR) yP
2
- M rng ra, php nhn kP thc hin bng cch lp k ln php cng.
2.1.3. ng cong Elliptic trn trng Zp vi p l s nguyn t
2.1.3.1. nh ngha
Cho p l s nguyn t (p > 3), ng cong elliptic E trn trng Zp l tp hp cc
im (x,y) Zp x Zp tha mn phng trnh:
xR = (2 xP xQ) mod p
5
- im ti v cng O l im cng vi bt k im no cng s ra chnh im .
Ngha l: P E, P+O = O+P = P.
xR = (2 2xP) mod p
2.2.2. To kha
6
2. Tnh im kG = (x1, y1)
3. Tnh r = x1 mod n. Nu r = 0, quay li bc 1.
4. Tnh k-1 (theo mod n)
5. Tnh s = [k-1 (m + dr)] mod n. Nu s = 0 quay li bc 1.
2.2.4. Kim tra ch k
8
cc lc mt m m to ra mt b tin on c th tr v ly tha kha b mt ca n
vi mt u vo bt k (v d nh lc ch k s m s dng trong an ton giao dch
in t). n nm 2009, tn cng ny mi c xem xt a vo chun ISO v FIPS.
Cc chun khc nh ANSI hoc SECG khng c cp nht v tn cng. Ngay c trong
chun ISO v FIPS, cc iu kin a ra i vi tiu chun chng tn cng ny cng c
nhng im khc nhau c bn. Nm 2012, s dng gi thuyt Diffi-Hellman, Masaya
Yasuda v cc cng s [4] a ra mt bng chng ph v mt m elliptic da trn cp
(pairing-based cryptography) vi di kha l 160 bit ( di kha 131 bit hin vn
cha gii c theo cc cng b cng khai, 160 bit l an ton m hu ht cc chun
trn th gii a ra).
Do , ng dng v trin khai ch k s trn ng cong Elliptic, chng ta phi
thng xuyn cp nht nhng nghin cu phn tch v nh gi mi nht v cc tiu
chun an ton, cc tn cng i vi h mt c c s l thuyt, c s ton hc vng
chc, a ra cc tiu chun an ton ring cho cc tham s.
9
Ti liu tham kho
[2] W. Stallings, Cryptography And Network Security 5th Edition, Prentice Hall Pearson
Education, Inc, 2011.
[3] J. M. Pollard, "A Monte Carlo method for factorization," BIT Numerical Mathematics 15
(3), 1975, p. 331334.
[5] Yumi Sakemi, Goichiro Hanaoka, Tetsuya Izu, Masahiko Takenaka, Masaya Yasuda,
"Solving a discrete logarithm problem with auxiliary input on a 160-bit elliptic curve,"
in International Workshop on Public Key Cryptography, 2012.
10