Professional Documents
Culture Documents
ÌQGUXP WRUGHODERUDWRU
5RGLFD LUWHD
2008
Cuprins
Cuprins........................................................................................................................................3
Introducere..................................................................................................................................6
1R LXQLLQWURGXFWLYH.........................................................................................................6
&HULQ HSHQWUXDFWLYLWDWHDGHODERUDWRU.............................................................................7
6FRSXOOXFU ULL..................................................................................................................9
6FRSXOOXFU ULL................................................................................................................13
6FRSXOOXFU ULL................................................................................................................19
6FRSXOOXFU ULL................................................................................................................27
6SHFLILFD LLOHDOJRULWPXOXL5LMQGDHO........................................................................30
4.3.2. Setarea cheii............................................................................................................34
4.3.3. Cifrul.......................................................................................................................35
4.3.4. Cifrul invers............................................................................................................36
$YDQWDMHúLOLPLW UL .................................................................................................39
4.4. Teme propuse ................................................................................................................40
6FRSXOOXFU ULL................................................................................................................41
&ULWHULLOHGHHYDOXDUHúLVHOHF LH...............................................................................44
$OJRULWPLGHVHOHF LH1(66,( ................................................................................45
5.4. Teme propuse ................................................................................................................46
4
Tehnici de securitate a datelor
'HVSUHVHOHF LLOHGLQ86$(XURSD-DSRQLD..................................................................48
Bibliografie...............................................................................................................................51
5
ÌQGUXP WRUGHODERUDWRU
Introducere
1R LXQLLQWURGXFWLYH1
• &RQILGHQ LDOLWDWHD – PHVDMXO FULSWDW WUHEXLH V ILH LQWHOLJLELO GRDU pentru destinatarul
acestuia;
• Autentificarea – GHVWLQDWDUXO WUHEXLH V DLE SRVLELOLWDWHD V FXQRDVF FX VLJXUDQ
originea mesajului.
• - Integritatea –GHVWLQDWDUXOWUHEXLHV DLE SRVLELOLWDWHDV YHULILFHGDF PHVDMXODIRVW
sau nu modificat în timpul trDQVPLVLHLXQ LQWUXV QX DU WUHEXL V DLE SRVLELOLWDWHD V
modifice mesajul original.
• - Nerefuzarea / nerepudierea (nonrepudiation) – ([SHGLWRUXO QX WUHEXLH V DLE
SRVLELOLWDWHDGHDQHJDF HODIRVWH[SHGLWRUXOúLDOWHOH
Un algoritm criptografic, sau cifru HVWH R IXQF LH PDWHPDWLF IRORVLW SHQWUX
codificarea/criptarea WH[WXOXL FODU LQL LDO vQ WH[W FLIUDW úL GH DVHPHQHD SHQWUX
decodificarea/decriptarea FHOXL GLQ XUP SHQWUX DRE LQHWH[WXO LQL LDO'HRELFHL VXQWGRX
IXQF LLXQDSHQWUXFRGLILFDUHúi una pentru decodificare). Criptosistemul se compune dintr-un
DOJRULWPvPSUHXQ FXWRDWHtextele clare posibile, textele cifrateúLcheile.
'DF VHFXULWDWHD XQXL DOJRULWP VH ED]HD] SH S VWUDUHD VHFUHWXOXL DVXSUD PRGXOXL GH
IXQF LRQDUHDDOJRULWPXOXLDFHVWDOJRULWPVHQXPHúWHDOJRULWPUHVWULFWLY$OJRULWPLLUHVWULFWLYL
DX XQ LQWHUHV LVWRULF GHRDUHFH QX FRUHVSXQG VWDQGDUGHORU GH DVW ]L &D U VSXQV V-a introdus
QR LXQHDGHcheie$FHDVW FKHLHSRDWHILXQQXP URDUHFDUHGLQWU-un domeniu mare de valori.
AceVW GRPHQLX VH QXPHúWH VSD LXO FKHLORU $WkW RSHUD LD GH FRGLILFDUH FkW úL RSHUD LD GH
GHFRGLILFDUHIRORVHVFDFHDVW FKHLHúLGHSLQGGHHD
1
A. J. Menezes, P. C. van Oorschot, S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996,
available at: http://www.cacr. math.uwaterloo.ca/hac/
6
Tehnici de securitate a datelor
6FRSXO FULSWRJUDILHL HVWH GH D LQH vQ VHFUHW WH[WXO FODU úL VDX FKHLD vQ ID D XQRU LQWUXúL
&ULSWDQDOL]DHVWHúWLLQ DFDUHRE LQHWH[WXOFODUI U DDYHDDFFHVODFKHLHSULQHDSXWHPRE LQH
cheia sau textul clar. O încerFDUH GH FULSWDQDOL] VH QXPHúWH atac 2 WHRULH IXQGDPHQWDO vQ
FULSWDQDOL] HQXQ DW SHQWUX SULPD GDW GH F WUH 'XWFKPDQ $ .HUFNKRIIV vQ VHFROXO ;,;
HVWHF VHFUHWXOWUHEXLHV UH]LGHvQvQWUHJLPHvQcheie.HUFNKRIIVSUHVXSXQHF XQFULSWDQDOLVW
FXQRDúWHvQDP QXQWDOJRULWPLLFULSWRJUDILFLúLPRGXOORUGHLPSOHPHQWDUH'DF DO LLQXSRW
V VSDUJ DOJRULWPLLDLF URUIXQF LRQDUHVHFXQRVFDWXQFLHVWHVLJXUF HLQXSRWVSDUJHQLFL
DOJRULWPLLDLF URUPRGGHIXQF LRQDUHQX-l cunosc.
/LVWDOXFU ULORU
(YDOXDUHDDFWLYLW LLGHODERUDWRU
0&HULQ HSHQWUXDFWLYLWDWHDGHODERUDWRU
A. ÌQVXúLUHD XQRU QR LXQL GH ED] FULSWRORJLH FULSWRJUDILH FULSWDQDOL]D DOJRULWPL VLPHWULFL
DOJRULWPLFXFKHLSXEOLFHFRQILGHQ LDOLWDWHLQWHJULWDWHDXWHQWLILFDUHHWF
C. 5HDOL]DUHD WHPHORU SHQWUX OXFU ULOH GH ODERUDWRU 3UHVXSXQH F XWDUHD
GRFXPHQWD LHL VL SUH]HQWDUHDVXFFLQWD DVXELHFWHORU SURpuse + prezentare pentru colegi (.doc
úLSSW
(YDOXDUHDDFWLYLW LLGHODERUDWRU
7
ÌQGUXP WRUGHODERUDWRU
8
/XFUDUHD&ULSWDUHDVLPHWULF &LIUXULVXEVWLWX LH
6FRSXOOXFU ULL
/XFUDUHD SURSXQH IDPLOLDUL]DUHD FX DOJRULWPLL VLPHWULFL VLPSOL GH FULSWDUH úL GHFULSWDUH ÌQ
FDGUXODFHVWHLOXFU ULVHYRULPSOHPHQWDFLIUXULED]DWHSHVXEVWLWX LDSROLDOIDEHWLF VLUHVSHFWLY
SROLJUDPLF úLVHYDIDFHRDQDOL] DDOJRULWPLORU
EK(M)=C, DK(C)=M.
În DFHDVW OXFUDUH vor fi prezentate metode de codificare orientate pe caracter, metode utilizate
úL vQDLQWH GH DSDUL LD FDOFXODWRDUHORU ÌQ OXFU ULOH XUP WRDUH YRU IL SUH]HQWD L DOJRULWPL FDUH
XWLOL]HD] FRGLILFDUHDELQDU
6XEVWLWX LDSROLDOIDEHWLF
&LIUXULOH VXEVWLWX LH înlocuiesc fiecare caracter din alfabetul mesajelor A cu un caracter din
alfabetul criptogramelor C 'DF A={a1, a2, ... , an} atunci C={f(a1), f(a2), ... ,f(an)} unde
f:A CHVWHIXQF LDGHVXEVWLWX LHFRQVWLWXLQGFKHLDFLIUXOXL Cifrarea unui mesaj M=m1m2 ...
mn se face astfel:
'HFL VXEVWLWX LLOH VXQW WUDQVIRUP UL SULQ FDUH FDUDFWHUHOH OLWHUHOH VDX JUupurile de caractere
ale alfabetului primar sunt înlocuite cu caracterele sau grupurile de caractere ale alfabetului
secundar.
ÌQGUXP WRUGHODERUDWRU
Un mesaj clar M=m1m2 ... mdmd+1 ... m2d ...YDILFLIUDWSULQUHSHWDUHDVHFYHQ HORUGHIXQF LL
f1,..., fd la fiecare al d-lea caracter: EK(M)=f1(m1) ... fd(md) f1(md+1) ...
ÌQ VXEVWLWX LD n-DOIDEHWLF FDUDFWHUXO m1 al mesajului clar este înlocuit cu un caracter din
alfabetul A1 , m2 cu un caracter din alfabetul A2, …, mn cu un caracter din alfabetul An, mn+1
din nou printr-un caracter din alfabetul A1 etc., conform tabelului:
AlfabetGHVXEVWLWX LHA1 A2 A3 … An A1 …
Cifrul Vigenere este un exemplu de cifru XWLOL]kQG VXEVWLWX LH DOIDEHWLF . Pentru cifrul
Vigenere, cheia K este oVHFYHQ GHOLWHUHGHIRUPD
K = k1k2… kd,
Cheie: ACADEMIE
ÌQ FD]XO FLIU ULL OLWHUHORU individuale IUHFYHQ D GH DSDUL LH D unei litere în textul cifrat este
DFHHDúLFXIUHFYHQ DGHDSDUL LHDOLWHUHiFRUHVSXQ] WRDUHGLQWH[WXOFODU$FHDVW LQYDULDQ D
IUHFYHQ HORUIXUQL]HD] RFDQWLWDWHGHLQIRUPD LHVXILFLHQW SHQWUXVSDUJHUHDFLIUXOXLAstfel, în
10
Tehnici de securitate a datelor
urma unor analize statistice, s-D FRQVWDWDW F QXP UXO GH DSDUL LH D OLWHUHORU vQWU-un text din
OLPEDHQJOH] GHFDUDFWHUHHVWH(75«4-=
Deoarece caracterele E, T sau R au R IUHFYHQ PDL PDUH GH DSDUL LH VXQ PDL XúRU GH
determinat.
&LIUXULOH ED]DWH SH VXEVWLWX LH SROLJUDILF UHDOL]HD] VXEVWLWXLUHD XQRU EORFXUL GH FDUDFWere
(poligrame) din textul clar distrugând astfel dependen a dat GH IUHFYHQ elor diferitelor
caractere, dependen util vQFULSWDQDOL] .
cid+1=fj(mid+1, … , mid+d)
Exemplu. &HD PDL VLPSO PHWRG GH VXEVWLWX LD SROLJUDPLF VH RE LQH SHQWUX n=2 când
diagrama m1m2 din textul clar se substituie cu diagrama c1c2 din textul cifrat. &RUHVSRQGHQ a
ELXQLYRF GLQWUH GLDJUDPHOH m1m2 úL c1c2 VH SRDWH VWDELOL FX DMXWRUXO XQXL WDEHO GH IRUP
S WUDWLF /LWHUHOH GLQ FRORDQ GLQ VWkQJD S WUDWXOXL úL GLQ UkQGXO GLVSXV GHDVXSUD S WUDWXOXL
servesc drept coordonate pentru diagrama m1m2 din textul clar, iar diDJUDPD FLIUDW c1c2 se
VLWXHD] ODLQWHUVHF LDOLQLHLm1 cu coloana m2 sub forma:
A B C D E …
A QX FN LB YE HJ …
B AS EZ BN RD CO …
C PD RA MG LU OP …
… … … … … … …
Pentru decodificare se poate utiliza un alt tabel. Tabelul pentru decodificare este generat
identificând în tabelul de codificare diagrama c1c2 úLformând diagrama m1m2 FRUHVSXQ] WRDUH
din coordonatele ei. În tabelul de decodificare c1 va fi OLQLD úL c2 coloana pentru diagramei
m1m2. Astfel SRUQLQG GH OD WDEHOXO GH FRGLILFDUH SDU LDO SUH]HQWDW PDL VXV, în tabelul de
decoGLILFDUHSHOLQLD4úLFRORDQD;YRPDYHDJUXSXOGHOLWHUH$$, etc.
6 VH scrie un program (în unul din limbajele de programare cunoscute) FDUH UHDOL]HD]
codificarea unuiILúLHUWH[WXWLOL]kQGFLIUXO9LJHQHUH. 6HYD LQHFRQWGHalfabHWXOúLlungimea
alfabetului ales.
11
ÌQGUXP WRUGHODERUDWRU
4. 6 se realizeze un tabel cheie pentru codificaUHD XWLOL]kQG VXEVWLWX LD SROLJUDPLF . Se vor
considera JUXSXULGHFkWHGRX OLWHUH 6 VHFodificeXQILúLHUWH[WXWLOL]kQGPHWRGDVXEVWLWX LHL
poligramice. Se va folosi unul din limbajele de programare cunoscute.
12
Lucrarea 2. Cifruri bloc. Algoritmul DES
6FRSXOOXFU ULL
/XFUDUHD SUH]LQW FDUDFWHULVWLFLOH FLIUXULORU EORF úL SURSXQH DQDOL]D DOJRULWPXOXL '(6 'DWD
Encryption Standard). Sunt introduse a modurilor de operare ale cifrurilor bloc care vor fi
discutatHvQXUP WRDUHDOXFUDUH
Cifrurile bloc cu chei simetrice sunt cea mai importanta categorie de cifruri. Cifrurile bloc
DVLJXU vQSULQFLSDOFRQILGHQ LDOLWDWHDGDUSRWILLQWHJUDWHúLLQDOWHPHFDQLVPHFXPDUILFHOH
GHVWLQDWHLQWHJULW ii datelor.
3UH]HQWDUHDJHQHUDO DVWDQGDUGXOXL'(6
2
Pentru ELEOLRJUDILH SXWH L YL]LWD VLWH-ul National Institute of Standards and Technology (NIST),
“Recommendation for Block Cipher Modes of Operation, Methods and Techniques”, available at:
http://csrc.nist.gov/publications/ nistpubs/800-38a/sp800-38a.pdf; NIST Special Publication 800-38A 2001
Edition.1
3
Federal Information Processing Standards Publication 46-2, Data Encryption Standard (DES),
http://www.itl.nist.gov/fipspubs/fip46-2.htm
ÌQGUXP WRUGHODERUDWRU
(WDSD 3HUPXWDUHD LQL LDO ,QL LDO EORFXO GH WH[W FODU GH OD LQWUDUH HVWH VXSXV XQHL
SHUPXW ULLQL LDOH,3 (vezi în tabelul 2.1.)
58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7
14
Tehnici de securitate a datelor
Cheia Ki FRUHVSXQ] WRDUH XQHL LWHUD LL i depinde de i úL GH FKHLD LQL LDO KEY GH GH EL L
Ki=KS(i, KEY)&HLGHEL LDLFKHLLKiVHRE LQSULQSURFHGHXOLQGLFDWvQILJXUD
3URFHGHXO GH JHQHUDUH D FKHLORU GH UXQG Ki HVWH XUP WRUXO FKHLDKEY HVWH VXSXV XQHL
SHUPXW UL3WDEHOXOEORFXOHVWHDSRLvPS U LWvQGRX EORFXULGHFkWHGHEL LCiúLDi,
GHSODVDWHDSRLODUkQGXOORUFXFkWHXQDVDXGRX SR]L LLODILHFDUHLWHUD LHFRQIRUPWDEHOXOXL
2.4.
57 49 41 33 25 17 9 14 17 11 24 1 5
1 58 50 42 34 26 18 3 28 15 6 21 10
10 2 59 51 43 35 27 23 19 12 4 26 8
19 11 3 60 52 44 36 16 7 27 20 13 2
63 55 47 39 31 23 15 41 52 31 37 47 55
7 62 54 46 38 30 22 30 40 51 45 33 48
14 6 61 53 45 37 29 44 49 39 56 34 53
21 13 5 28 20 12 4 46 42 50 36 29 32
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
15
ÌQGUXP WRUGHODERUDWRU
7DEHOXO)XQF LD(7DEHOXO3HUPXWDUHD3
32 1 2 3 4 5 16 7 20 21
4 5 6 7 8 9 29 12 28 17
8 9 10 11 12 13 1 15 23 26
12 13 14 15 16 17 5 18 31 10
16 17 18 19 20 21 2 8 24 14
20 21 22 23 24 25 32 27 3 9
24 25 26 27 28 29 19 13 30 6
28 29 30 31 32 1 22 11 4 25
16
Tehnici de securitate a datelor
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
S1 0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
S2 0 15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10
1 3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5
2 0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15
3 13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9
S3 0 10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8
1 13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1
2 13 6 4 9 8 15 3 0 11 1 2 12 5 10 14 7
3 1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12
S4 0 7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15
1 13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9
2 10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4
3 3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14
S5 0 2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9
1 14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
2 4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14
3 11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3
S6 0 12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11
1 10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8
2 9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6
3 4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13
S7 0 4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1
1 13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6
2 1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2
3 6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12
S8 0 13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7
1 1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2
2 7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8
3 2 1 14 7 4 10 18 13 15 12 9 0 3 5 6 11
Etapa III. Permutarea ILQDO 'XS FDOFXOXO FRPSOH[ IRUPDW GLQ FHOH LWHUD LL GHVFULVH
DQWHULRU EORFXO GH GH EL L HVWH VXSXV XQHL SHUPXW UL LQYHUVH ,3-1 LQYHUVD FHOHL LQL LDOH
(tabelul 2.8).
40 8 48 16 56 24 64 32
39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30
37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28
35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26
33 1 41 9 49 17 57 25
17
ÌQGUXP WRUGHODERUDWRU
3URSULHW LOHOXL'(6
(IHFWXO GH DYDODQú 2ULFH PLF VFKLPEDUH D PHVDMXOXL FODU VDX D FKHLL YD SURGXFH R
VFKLPEDUHPDMRU vQWH[WXOFLIUDW6-DDU WDWF GXS FLQFLLWHUD LLILHFDUHELWDOWH[WXOXLFLIUDW
GHSLQGHGHWR LEL LLPHVDMXOXLúLDLFKHLL
&KHLVODEHúLVHPL-slabe'(6DUHFKHLVODEHúLSHUHFKLGHFKHLVHPL-VODEHRFKHLHVODE
vQGHSOLQHúWH XUP WRDUHD FRQGL LH SHQWUX RULFH WH[W FODU 0 (K(EK(M))=M, iar o pereche de
cheie semi-slabe: EK1(EK20 0IXQF LDGHFULSWDUH FXRFKHLHRSHUHD] LGHQWLFFXFHDGH
decriptare utilizând perechea cheii).
6 VHVWXGLH]HVWDQGDUGXO'(6
36 VHWHVWH]HFULSWDUHDúLGHVFLIUDUHDXWLOL]kQGILúLHUHSHQWUXWH[WXOFODUUHVSHFWLYFLIUDW
6. Tema&RPSDUD L'(6FX7ULSOH-DES.
7. Tema $QDOL]D L VL FRPSDUD L FHOH FLQFL PRGXULOH GH RSHUDUH VWDQGDUGL]DWH DOH FLIUXULORU
bloc: ECB, CBC, CFB, OFB, CTR1.
18
Lucrarea 3. Modurile de operare ale cifrurilor bloc
6FRSXOOXFU ULL
Modurile de operare sunt folosite pentru a cripta mesajHOH GH OXQJLPH DUELWUDU XWLOL]kQG
FLIUXULEORF3HQWUXDILIRORVLWRUXQPRGGHRSHUDUHWUHEXLHV ILHFHOSX LQODIHOGHVLJXUúLGH
HILFLHQW FD úL FLIUXO FX FDUH HVWH IRORVLW 0RGXULOH GH RSHUDUH SRW DYHD SURSULHW L DGL LRQDOH
celor ale cifrului de bD]
Una GLQ FRQGL LLOH SHQWUX R FULSWDUH VLJXU HVWH QHFHVLWDWHD FD WH[WXO FODU V QX FRQ LQ XQ
VWHUHRWLSSDWHUQSHQWUXF DFHVWDVHYDSURSDJDvQWH[WXOFLIUX3HQWUXFDDFHDVW FRQGL LHVD
ILH VDWLVI FXW LQGHSHQGHQW GH WH[WXO FODU FDUH WUHEXLH FULSWDW FLfrul este folosit în anumite
moduri, numite moduri de operare.
În 1980 patru moduri de operare au fost standardizate: modul ECB (Electronic Code Block) -
mod care nu ascunde paternuri; modul CBC (Cipher Block Chaining); modul CFB (Cipher
)HHG%DFNúLPRdul OFB (Output FeedBack). De exemplu, pentru implementare, textul este
vPS U LWvQEORFXULúLDFHVWHEORFXULVXQWFULSWDWHLDUSHQWUX&%&ODILHFDUHEORFGHWH[WFODUVH
4
“DES Modes of Operation”, Federal Information Processing Standard (FIPS), Publication 81, National Bureau
of Standards, US Department of Commerce, Washington D.C., December 1980.
5
American National Standards Institute, American National Standard X3.106-1983 (R1996), Data Encryption
Algorithm, Modes of Operations for DES, 1983.
6
ISO/IEC 10116, “Information technology - Security techniques - Modes of operation of an n-bit block cipher
algorithm,” IS 10116, 1991.
7
NIST Special Publication 800-38A 2001 Edition, Recommendation for Block Cipher Modes of Operation,
Methods and Techniques, available at: http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf.
ÌQGUXP WRUGHODERUDWRU
UHDOL]HD] RSHUD LD6DX-H[FXVLY ;25 FX EORFXOFLIUDW DQWHULRUFULSW ULL FHOXL FXUent, etc. În
1,67 D DG XJDW XQ DO FLQFLOHD PRG PRGXO µFRXQWHU¶ &75 WRDWH FHOH FLQFL ILLQG
recomandate ca moduri de operare pentru a fi folosite cu AES (AES va fi prezentat în lucrarea
XUP WRDUH
'HFULSWDUHDVHUHDOL]HD] GHDVHPHQHDSHEORFXULLQGLYLGXDOH
ÌQUHOD LDGHPDLVXVMi sunt blocurile de text din mesajul M clar înainte de criSWDUHúLCi sunt
EORFXULGHDFHHDúLOXQJLPHDWH[WXOXLFLIUDW&LDU.HVWHFKHLD$FHHDúLQRWD LHHVWHIRORVLW
SHQWUXXUP WRDUHOHPRGXULGHRSHUDUH
(URULOHGLQWH[WXOGHFULSWDWQXVHSURSDJ GLQFRORGHOLPLWHOHEORFXOXL7RWXúLPRGXO(&%QX
ascuQGHSDWHUQXULFXPDUILUHSHWL LLOHGLQWH[WXOFODUDFHVWHDILLQGWUDQVIHUDWHvQWH[WXOFLIUDW
Prin urmare, acest mod poate fi folosit doar în cazurile unde textul clar este deja random, cum
DUILFULSWDUHDFKHLORUFULSWRJUDILFH)LJXUDSUH]LQW Dcest dezavantaj al modului ECB.
8
,PDJLQH SUHOXDW GH SH VLWH-ul Wikipedia, Block cipher modes of operation, http://en.wikipedia.org/
wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
20
Tehnici de securitate a datelor
0RGXO(&%HVWHODIHOGHVLJXUFDúLFLIUXOFXFDUHHVWHXWLOL]DW'HRDUHFHSDWHUQXULOHWH[WXOXL
clar nu sunt mascate, blocuri identice de text clar GHWHUPLQ GXS FLIUDUHEORFXULLGHQWLFHGH
WH[WFLIUDW9LWH]DGHFULSWDUHFXPRGXOGHRSHUDUH(&%HVWHLGHQWLF FXFHDFLIU ULLFXFLIUXO
EORFFXFDUHHVWHXWLOL]DW(&%SHUPLWHSDUDOHOL]DUHDSHQWUXRSHUIRUPDQ PDLEXQ 7RWXúL
nici o preprocesare nX HVWH SRVLELO vQDLQWH FD EORFXO V ILH GLVSRQLELO FX H[FHS LD VHW ULL
cheilor/subcheilor).
9DORDUHD LQL LDO ,9 HVWH IRORVLW SHQWUX D vQFHSH FULSWDUHD EORFXOXL GH WH[W FODU ILJ
9DULLQG DFHDVWD YDORDUH LQL LDO DFHODúL WH[W FODU HVWH FULSWDW LQWU-un text cifrat diferit chiar
GDF HVWHXWLOL]DW DFHHDúLFKHLH(PL WRUXOúLUHFHSWRUXOWUHEXLHV ILHGHDFRUGvQSUHDODELO
FXDFHHDúLYDORDUHLQL LDO ,9
21
ÌQGUXP WRUGHODERUDWRU
SURGXFH EORFXO FLIUDW FXUHQW 6H SRDWH GHILQL PRGXO &)% DVWIHO vQFkW V VH SRDW FRGLILFD
blocuri de date incomplete. Pentru CFB, un YHFWRU GH LQL LDOL]DUH ,9 HVWH IRORVLW FD úL
³V PkQ ´SHQWUXFULSWDUH
9LWH]D GH FULSWDUH HVWH LGHQWLF FX FHD D FLIUXOXL EORF FX FDUH HVWH XWLOL]DW LDU SURFesul de
FULSWDUHQXSRDWHILXúRUSDUDOHOL]DW
22
Tehnici de securitate a datelor
0RGXO2)%HVWHPDLDYDQWDMRVID GHPRGXO&)%GHRDUHFHRULFHHURDUHFDUHDUSXWHDDIHFWD
unELWvQWLPSXOWUDQVPLVLHLQXVHSURSDJ úLQXDIHFWHD] GHFULSWDUHDEORFXULORUFDUHXUPHD]
2SUREOHPDDPRGXO2)%HVWHF WH[WXOFODUHVWHXúRUGHPDQLSXODW'HH[HPSOXXQDWDFDWRU
FDUH úWLH XQ EORF GH WH[W FODU Mi il poate înlocui cu un bloc de text clar x prin realizarea
RSHUD LHL;25vQWUHMi , x úLEORFXOGHWH[WFLIUDWFRUHVSXQ] WRUCi.
([LVW DWDFXULVLPLODUHúLODPRGXULOH&%&úL&)%GDUvQDFHOHDWDFXULEORFXOGHWH[WFODUYDIL
modificat într-XQ PRG JUHX GH DQWLFLSDW GH F WUH DWDFDWRU 7RWXúL, primul bloc de text cifrat
YHFWRUXOGHLQL LDOL]DUHvQPRGXO&%&úLXOWLPXOEORFGHWH[WFLIUDWvQPRGXO&)%VXQWODIHO
GHYXOQHUDELOHvQFD]XOXQXLDWDFFDúLEORFXULOHGLQPRGXO2)%$WDFXULOHGHDFHVWJHQSRWIL
SUHYHQLWHXWLOL]kQGVHPQ WXUDGLJLWDO VDXPHFDQLVPHGHDXWHQWLILFDUH
$YkQG R VHFYHQ GH EORFXUL FRQWRU ctr1 , ctr2 … ctrm PRGXO &75 HVWH GHILQLW GXS FXP
XUPHD]
Ci=Mi ⊕ EK(ctri)
Decriptarea cu CTR:
Mi=Ci ⊕ EK(ctri).
23
ÌQGUXP WRUGHODERUDWRU
/D FULSWDUHD FX &75 ILHFDUH EORF FRQWRU HVWH FULSWDW úL EORFXULOH UH]XOWDWH .6 XWLOL]HD]
RSHUD LD6DX-H[FOXVLY;25FXEORFXULOHWH[WXOXLFODU0FRUHVSXQ] WRDUHSHQtru a produce
blocurile cifrate ( C). Pentru ultimul bloc, care poate fi un bloc incomplet (doar de uEL LvQ
timp ce lungimea blocului este n), cei mai semnificativi uEL LDOXOWLPXOXLEORFVXQWXWLOL]D L
pentru criptare în timp ce restul de n-u sunt ignRUD L
/D GHFULSWDUHD FX &75 GH DVHPHQHD ILHFDUH EORF FRQWRU HVWH FULSWDW úL EORFXO UH]XOWDW
UHDOL]HD] RSHUD LD6DX-H[FOXVLY;25FXEORFXOGHWH[WFLIUDWFRUHVSXQ] WRUSHQWUXDRE LQH
blocurile textului clar. Pentru ultimul bloc, care poate fi un blRF SDU LDO GH u EL L FHL PDL
semnificativi u EL L GLQ XOWLPXO EORF VXQW IRORVL L SHQWUX RSHUD LD 6DX-exclusiv, n-u EL L FDUH
U PkQGLQXOWLPXOEORFVXQWLJQRUD L
$WkWODFULSWDUHFkWúLODGHFULSWDUHvQFD]XOPRGXOXL&75IXQF LLOHGHFULSWDUHSRWILUHalizate
în paralel; în plus, orice blocul de text clar poate fi recuperat independent de celelalte blocuri
GHWH[WFODUGDF EORFXOFRQWRUFRUHVSXQ] WRUSRDWHILGHWHUPLQDW3HQWUXRFULSWDUHGHFULSWDUH
PDLUDSLG IXQF LDGHFULSWDUHSRDWHILDSOLFDW EOocurilor contor înainte de a avea disponibil
textul clar sau textul cifrat.
0RGXO GH RSHUDUH &75 HVWH LOXVWUDW vQ ILJXUD 6SHFLILFD LLOH PRGXOXL &75 VXEOLQLD]
necesitatea unui bloc contor unic pentru fiecare bloc de text clar care este criptat cu cheia
GDW SHQWUX WRDWH PHVDMHOH $OWIHO GDF XQ EORF FRQWRU HVWH IRORVLW vQ PRG UHSHWDW
FRQILGHQ LDOLWDWHDWXWXURUEORFXULORUGHWH[WFODUFDUHVXQWFULSWDWHFXDFHODúLEORFFRQWRUHVWH
FRPSURPLV ÌQSOXV GDF VHFXQRDúWHRULFH EORFGHWH[W FODUFDUH este criptat cu un anume
EORFFRQWRUDWXQFLUH]XOWDWXOIXQF LHLGHFLIUDUHSRDWHILXúRUGHWHUPLQDW
ÌQ OXFUDUH D IRVW SUH]HQW PHFDQLVPXO vQ FDUH VH XWLOL]HD] PRGXULOH GH RSHUDUH SHQWUX
FULSWDUH&XPVHUHDOL]HD] GHFULSWDUHDvQFD]XOPRGXULOHGHPDLVXV"5HSUH]HQWD LVFKHPHOH
pentru decriptare.
6 VHDQDOL]H]HSURSDJDUHDHURULORUSHQWUXFHOHFLQFLPRGXULGHRSHUDUH
6 VHFRPSDUHvQWUHHOHPRGXULOHGHRSHUDUH
&DUHDUILDYDQWDMHOHFDUHDXMXVWLILFDWDG XJDUHDPRGXOXL&75"
24
Tehnici de securitate a datelor
6 VH XWLOL]H]H WRDWH FHOH PRGXUL GH RSHUDUH vQ DSOLFD LD ILQDO GH OD ODERUDWRU SHQWUX
FULSWDUHDGHFULSWDUHDFX'(6úLFXFHLODO LDOJRULWPLFDUHXUPHD] DILGLVFXWD L
25
/XFUDUHD3URFHVXOGHVHOHF LD$(6$OJRULWPXO$(6
6FRSXOOXFU ULL
ÌQ DFHDVW OXFUDUH VXQW SUH]HQWDWH vQ UH]XPDW SURFHVXO GH VHOHF LH SHQWUX VWDQGDUGXO $(6
LQL LDW GH 1,67 vQ FX FHOH GRX HWDSH úL DOJRULWPLL VHOHFWD L vQ ILQDO SUHFXP úL
algoritmul finalist Rijndael care a devenit Advanced Encryption Standard (AES).
3URFHVXOGHVHOHF LH$(6
ÌQ ,QVWLWXWXO 1D LRQDO SHQWUX 6WDQGDUGH úL 7HKQRORJLH NIST (National Institute of
Standards and Technology) dLQ 86$ D LQL LDW XQ SURFHV SHQWUX VHOHFWDUHD XQXL DOJRULWP GH
FULSWDUHFXFKHLHVLPHWULF FDUHV GHYLQ Advanced Ecryption Standard (AES). În 1998, NIST
D DQXQ DW DFFHSWDUHD D DOJRULWPL FDQGLGD L úL D FHUXW DVLVWHQ D FRPXQLW LL GH FHUFHW WRUL
pentru eYDOXDUHDúLDQDOL]DDOJRULWPLORUFDQGLGD L$FHDVW HYDOXDUHDLQFOXVLQL LDODQDOL]DUHD
FDUDFWHULVWLFLORUGHVHFXULWDWHúLHILFLHQ DSHQWUXILHFDUHDOJRULWP
1,67DUHYL]XLWUH]XOWDWHOHDFHVWHLFHUFHW ULSUHOLPLQDUHúLDVHOHFWDW0$565&5LMQGDHO
SerSHQWúL7ZRILVKFDúLDOJRULWPLILQDOLúWLÌQXUPDFHOHLGHDGRXDHWDSHGHVHOHF LH1,67D
GHFLVV SURSXQ DOJRULWPXO5LMQGDHOFDúL$(6
&HULQ HOH$(6úLILQDOLúWLL
&HULQ HOH PLQLPH GH DFFHSWDUH SHQWUX FDQGLGD LL $(6 VWDELOLWH GH F WUH 1,67 DX IRst1: (1)
DOJRULWPXO V ILH VLPHWULF FX FKHLH VHFUHW DOJRULWPXO V ILH FLIUX EORF úL DOJRULWPXO
FDQGLGDWV SRDW ILXWLOL]DWFXSHUHFKLGHOXQJLPLDOHFKHLL- lungimi ale blocului de 128-128,
192-úL-EL L
1
National Institute of Standards and Technology, NIST Report, September 12, 1997 (Volume 62, Number 177).
Docket No. 970725180-7180-01.Pages 48051-48058.
ÌQGUXP WRUGHODERUDWRU
Numele Propus de
CAST-256 Entrust Technologies, Inc. (Carlisle Adams)
CRYPTON Future Systems, Inc. (Chae Hoon Lim)
DEAL Richard Outerbridge, Lars Knudsen
DFC CNRS (Serge Vaudenay)
E2 NTT (Masayuki Kanda)
FROG TecApro Internacional S.A. (Dianelos Georgoudis)
HPC R. Schroeppel
LOKI97 Brown, Pieprzyk
MARS IBM (Nevenko Zunic)
Magenta Deutsche Telekom AG (Dr. Klaus Huber)
RC6 RSA Laboratories (Burt Kaliski)
RIJNDAEL Joan Daemen, Vincent Rijmen
SAFER+ Cylink Corporation (Charles Williams)
SERPENT Ross Anderson, Eli Biham, Lars Knudsen
TWOFISH Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels
Ferguson
1
NIST Report on the Development of the Advanced Encryption Standard (AES), James Nechvatal, Elaine
Barker, Lawrence Bassham, William Burr, and co., October 2, 2000.
28
Tehnici de securitate a datelor
Tabel 4)LQDOLúWLL$(66HWDUHDFKHLORUSHGLIHULWHSODWIRUPH
&RQFOX]LLOHVHOHF LHL
)LHFDUH DOJRULWP ILQDOLVW RIHU DSDUHQW R VHFXULWDWH DGHFYDW úL ILHFDUH RIHU XQ QXP U
considerabil de avantaje. Oricum fiecare algoritm are de asemenea una sau mai multe domenii
XQGHQXDUHRSHUIRUPDQ ODIHOGHEXQ FDúLXQDOWDOJRULWPQLFLXQILQDOLVWQXHFXPXOW
superior restului.
RijndaelDIRVWFRQVLGHUDWFRPSHWLWLYDWkWGSGYDOLPSOHPHQW ULORUKDUGZDUHFkWúLGSGYD
LPSOHPHQW ULORU VRIWZDUH SHQWUX R JDP ODUJ GH PHGLL GH FDOFXO LQGLIHUHQW GH PRGXULOH GH
RSHUDUH IRORVLWH FX VDX I U IHHGEDFN 7LPSXO GH VHWDUH D FKHLL H PDL EXQ GHFkW SHQWUX DO L
DOJRULWPL 5LMQGDHO QX QHFHVLW XQ VSD LX GH PHPRULH PDUH VH SRWULYHúWH IRDUWH ELQH SHQWUX
PHGLLDF URUVSD LXHUHVWUkQVúLvQFDUHSRDWHGHPRQVWUDSHUIRUPDQ DVDH[FHOHQW 5LMQGDHO
HVWH FRQVWUXLW D IL IOH[LELO OD P ULPLOH EORFXOXL úL D FKHLL úL DOJRULWPXO VH SRDWH DGDSWD OD
PRGLILF ULDOHQXP UXOXLGHUXQGH6WUXFWXUDVDLQWHUQ FLUFXODU EHQHILFLD] GHSDUDOHOLVPXO
OD QLYHO GH LQVWUXF LH %D]kQGX-VH SH DFHVWH FRQVLGHUD LL úL SH ED]D HYDOX ULL VHFXULW LL
SHUIRUPDQ HLHILFLHQ HLXúXULQ HLvQLPSOHPHQWDUHúLVHFXULW LL5LMQGDHODIRVWDOHVGH1,67
FDúL$(61.
1
NIST Report on the Development of the Advanced Encryption Standard (AES), James Nechvatal, Elaine
Barker, Lawrence Bassham, William Burr, and co., October 2, 2000.
29
ÌQGUXP WRUGHODERUDWRU
• $OJRULWPXOV ILHUH]LVWHQWODWRDWHWLSXULOHGHDWDFFXQRVFXWHODDFHOPRPHQW
• $OJRULWPXOV DLE RSHUIRUPDQ EXQ SHXQQXP UPDUHGHSODWIRUPHGLIHULWHYLWH]
EXQ úLFHULQ HUHGXVHSHQWUXUHVXUVH
• 6 ILHXQDOJRULWPVLPSOX
/DPXOWHFLIUXULWUDQVIRUPDUHDGHUXQG DUHVWUXFWXUD)HLVWHOH['(6ÌQDFHDVW VWUXFWXU R
parte GLQEL LL VW ULL LQWHUPHGLDUHVXQ GRDU DúH]D L vQ DOW SR]L LH7UDQVIRUPDUHDGH UXQG OD
5LMQGDHO QX DUH VWUXFWXU )HLVWHO ÌQ VFKLPE HVWH FRPSXV GLQ WUHL WUDQVIRUP UL LQYHUVDELOH
uniforme numite layersVWUDWXUL3ULQXQLIRUPVHvQ HOHJHF ILHFDUHELWDOVW ULLHVWHWUDWDWvQ
DFHODúLPRG
6SHFLILFD LLOHDOJRULWPXOXL5LMQGDHO
5LMQGDHOHVWHXQFLIUXEORFFXLWHUD LLFXOXQJLPHDEORFXOXLúLOXQJLPHDFKHLLYDULDELOH
6WDUHDFKHLDFLIUXOXLúLQXP UXOGHUXQGH
7UDQVIRUP ULOHRSHUHD] DVXSUa rezultatului intermediar, numit Stare.
&HOH GRX WDEORXUL VXQW UHSUH]HQWDWH vQILJXUD SHQWUX XQH[HPSOX vQFDUHDYHP EL L
SHQWUXEORFXOVW ULLúLEL LSHQWUXFKHLH
)LJXUD&RQILJXUDUHDVW ULLúLDFKHLL
,QWU ULOH úL LHúLULOH IRORVLWH GH 5LMQGDHO OD LQWHUID D H[WHUQ VXQW FRQVLGHUDWH D IL WDEORXUL
XQLGLPHQVLRQDOHGHRFWH LQXPHURWD LGHODOD[1E-1. Ca urmare aceste blocuri au lungimile
GHVDXRFWH LúLLQGLFLLvQWUH««VDX«&KHLDHVWHFRQVLGHUDW DILXQ
30
Tehnici de securitate a datelor
WDEORX XQLGLPHQVLRQDO GH RFWH L QXPHURWD L GH OD OD
1N-1. Aceste blocuri vor avea
lungimileGHVDXRFWH LúLLQGLFLLGLQWDEORXvQWUHVDX
Nr Nb = 4 Nb = 6 Nb = 8
Nk = 4 10 12 14
Nk = 6 12 12 14
Nk = 8 14 14 14
7UDQVIRUP ULOHGLQFDGUXOXQHLUXQGH
7UDQVIRUPDUHD GLQ FDGUXO XQHL UXQGH HVWH FRPSXV GLQ WUDQVIRUP UL GLIHULWH SubBytes,
ShiftRows, MixColumns, AddRoundKey. Folosind pseudo cod se poate scrie:
31
ÌQGUXP WRUGHODERUDWRU
y0 1 0 0 0 1 1 1 1 x0 1
y 1 1 0 0 0 1 1 1 x1 1
1
y2 1 1 1 0 0 0 1 1 x 2 0
y3 = 1 1 1 1 0 0 0 1 x3 0
• + (4.1)
y4 1 1 1 1 1 0 0 0 x 4 0
y5 0 1 1 1 1 1 0 0 x5 1
y 0 0 1 1 1 1 1 0 x6 1
6
y7 0 0 0 1 1 1 1 1 x7 0
)LJXUD6XE%\WHVVHDSOLF SHQWUXILHFDUHRFWHWvQSDUWH
Nb C1 C2 C3
4 1 2 3
6 1 2 3
8 1 3 4
32
Tehnici de securitate a datelor
,QYHUVXO RSHUD LHL 0L[&ROXPQV HVWH VLPLODU FX 0L[&ROXPQV )LHFDUH FRORDQ HVWH
WUDQVIRUPDW vQPXO LQG-o cu un polinom specific d(x) dat de: (‘03’ x3 + ‘01’ x2 + ‘01’x +
‘02’) ⊕ d(x) = ’01’
Polinomul d(x) este dat de: d(x) = ‘0B’ x3 + ‘0D’ x2 + ‘09’ x + ‘0E’
33
ÌQGUXP WRUGHODERUDWRU
$GXQDUHDFKHLLGHUXQG
ÌQDFHDVW RSHUD LHRFKHLHGHUXQG HVWHDSOLFDW 6W ULLSULQWU-RRSHUD LH;256DX-exclusiv).
&KHLDGHUXQG HVWHGHULYDW GLQFKHLDFLIUXOXLSULQLQWHUPHGLXOVHW ULLFKHLL/XQJLPHDFKHLL
GHUXQG HVWHHJDO FXOXQJLPHDEORFXOXLNb.
&KHLOH GH UXQG VXQW OXDWH GLQ DFHDVWD FKHLH H[WLQV DVWIHO FKHLD SULPHL UXQGH FRQVW GLQ
primele Nb cuvinte, cheia rundei a dRXDFRQVW GLQXUP WRDUHOHNbFXYLQWHúLDúDPDLGHSDUWH
Extinderea cheii.
&KHLDH[WLQV HVWHXQWDEORXOLQLDUGHFXYLQWHGHRFWH LúLHVWHQRWDWFX:>1E
1U@
Primele Nk FXYLQWH FRQ LQ FKHLD FLIUXOXL 7RDWH FHOHODOWH FXYLQWH VXQW GHILQLWH UHFXrsiv în
IXQF LHGHFXYLQWHOHFXLQGLFHPDLPLF)XQF LDGHH[WLQGHUHDFKHLLGHSLQGHGHYDORDUHDNk:
H[LVW RYHUVLXQHSHQWUXNkPDLPLFVDXHJDOFXúLRDOW YHUVLXQHSHQWUXNk mai mare decât
6.
34
Tehnici de securitate a datelor
W[i]=W[i-Nk]^temp;
}
}
ÌQ DFHDVW GHVFULHUH SubByte(W) HVWH R IXQF LH FH UHWXUQHD] XQ FXYkQW GH RFWH L vQ FDUH
fiecare octet este rezultatuODSOLF ULLFXWLHL6RFWHWXOXLGLQSR]L LDFRUHVSXQ] WRDUHvQFXYkQWXO
GHLQWUDUH)XQF LDRotByte(W)UHWXUQHD] XQFXYkQWvQFDUHRFWH LLVXQWRSHUPXWDUHFLFOLF D
RFWH LORUGLQLQWUDUH'HH[HPSOXFXYkQWXOGHLQWUDUHDEFGSURGXFHFXYkQWXOGHLHúire (b,
c, d, a).
6H SRDWHREVHUYD F SULPHOH Nk FXYLQWH VXQWRFXSDWHGH FKHLD FLIUXOXL 8UP WRDUHOH FXYLQWH
W[i]VXQWHJDOHFXUH]XOWDWXORE LQXWSULQWU-un XOR între cuvântul anterior W[i-1]úLFXYkQWXO
cu NkSR]L LLPDLvQDSRLW[i-Nk]. În cazul cuvinteloUGLQSR]L LLOHFDUHVXQWPXOWLSOXGHNk, se
DSOLF R WUDQVIRUPDUH DVXSUD FXYkQWXOXL DQWHULRU W[i-1] vQDLQWH GH RSHUD LD ;25 $FHDVW
WUDQVIRUPDUH FRQVW GLQWU-R GHSODVDUH FLFOLF D RFWH LORU GLQ FXYkQW 5RW%\WH XUPDW GH
DSOLFDUHDXQHLWDEHOHGHF XWDUHDFHORURFWH LDLFXYkQWXOXL6XE%\WH
6HOHF LDFKHLLGHUXQG
&KHLDGHUXQG LHVWHGDW GHFXYLQWHOHGHOD:>Nb * i] pâna la W[Nb * (i+1)]:
W0 W1 W2 W3 W4 W5 W6 W7 W8 W9 W10 W1 …
1
4.3.3. Cifrul
&LIUXO5LMQGDHOFRQVW GLQ
Rijndael(Stare, Cheia_de_cifru)
{
35
ÌQGUXP WRUGHODERUDWRU
KeyExpansion(Cheia_de_cifru, KeyExpansion);
AddRoundKey(Stare, KeyExpansion);
for(i=1; i<Nr; i++) Runda(Stare, KeyExpansion + Nb * i);
5XQGD)LQDO 6WDUH.H\([SDQVLRQ1E
1U
}
([WLQGHUHD FKHLL SRDWH IL I FXW vQ DYDQV LDU 5LMQGDHO SRDWH IL VSHFLILFDW vQ WHUPHQLL FKHLL
extinse:
Rijndael(Stare, Cheia_de_cifru)
{
AddRoundKey(Stare, KeyExpansion);
for(i=1; i<Nr; i++) Runda(Stare, KeyExpansion + Nb * i);
5XQGD)LQDO 6WDUH.H\([SDQVLRQ1E
1U
}
1XH[LVW UHVWULF LLvQVHOHFWDUHDFKHLLFLIUXOXL&KHLDH[WLQV WUHEXLHvQWRWGHDXQDGHULYDW GLQ
cheia cifrulXLúLQXYDILVSHFLILFDW QLFLRGDW GLUHFW
6WUXFWXUD FLIUXOXL 5LMQGDHO HVWH vQ DúD IHO I FXWD FD VHFYHQ D WUDQVIRUP ULORU FLIU ULL LQYHUVH
HVWH LGHQWLF FX D FLIUXO vQV úL FX WUDQVIRUP ULOH FLIUXOXL vQORFXLWH FX LQYHUVHOH ORU úL R
schimbare în programarea cheii.
7UDQVIRUPDUHDLQYHUV SHQWUXYDULDQWD5LMQGDHOFXGRXDUXQGH
Inversul unei runde este dat de:
,QY5XQGD6WDUH&KHLDBGHBUXQG
{
$GG5RXQG.H\6WDUH&KHLDBGHBUXQG
InvShiftRow(Stare);
36
Tehnici de securitate a datelor
InvByteSub(Stare);
}
,QYHUVXOYDULDQWHLFXGRX UXQGHFRQVW vQLQYHUVXOUXQGHLILQDOHXUPDWde inversul unei runde,
urmat de runda de adunare a cheii. Vom avea:
3URSULHW LDOJHEULFH
ÌQ GH]YROWDUHD VWUXFWXULL HFKLYDOHQWH D FLIUXOXL LQYHUV DX IRVW IRORVLWH GRX SURSULHW L DOH
WUDQVIRUP ULORU FRPSRQHQWH 3ULPD RUGLQHD vQ FDUH VXQW UHDOL]DWH RSHUD LLORU 6KLIW5RZ úL
ByteSub nu eVWHUHOHYDQW 6KLIW5RZWUDQVSXQHRFWH LLúLQXDUHHIHFWDVXSUDYDORULLRFWH LORU
%\WH6XE OXFUHD] SH RFWH L LQGLYLGXDOL LQGHSHQGHQW GH SR]L LD ORU $ GRXD SURSULHWDWH HVWH
GDW GHSRVLELOLWDWHDGHDvQORFXLVHFYHQ D
$GG5RXQG.H\6WDUH&KHLDBGHBUXQG ;
InvMixColumn(Stare);
FXVHFYHQ D
InvMixColumn(Stare);
$GG5RXQG.H\6WDUH,QYHUVDBFKHLLBGHBUXQG
$FHVWDVHED]HD] SHIDSWXOF SHQWUXRWUDQVIRUPDUHOLQLDU A, avem A(x+k) = A(x) + A(k).
InvByteSub(Stare);
InvShiftRow(Stare);
InvMixColumn(Stare);
$GG5RXQG.H\6WDUH,B&KHLDB([SDQGDW 1E
InvByteSub(Stare);
InvShiftRow(Stare);
$GG5RXQG.H\6WDUH&KHLDB([SDQGDW
6HSRDWHREVHUYDF DYHPGLQQRXRDGXQDUHLQL LDO DFKHLLRUXQG QRUPDO úLRUXQG ILQDO
37
ÌQGUXP WRUGHODERUDWRU
,B5XQGD6WDUH,B&KHLDBGHBUXQG
{
InvByteSub(Stare);
InvShiftRow(Stare);
InvMixColumn(Stare);
AddRoundKey(Stare, I_&KHLDBGHBUXQG
}
,B5XQGDB)LQDO 6WDUH,B&KHLDBGHBUXQG
{
InvByteSub(Stare);
InvShiftRow(Stare);
$GG5RXQG.H\6WDUH&KHLDBGHBUXQG B
}
&LIUDUHDLQYHUV SHQWUX5LMQGDHOSRDWHILH[SULPDW DVWIHO
I_Rijndael(Stare, Cheia_de_cifru)
{
,B.H\([SDQVLRQ&KHLDBGHBFLIUX,B&KHLDB([SDQGDW
$GG5RXQG.H\6WDUH,B&KHLDB([SDQGDW
IRUL L1UL5XQGD6WDUH,B&KHLDB([SDQGDW 1EL
5XQGD)LQDO 6WDUH,B&KHLDB([SDQGDW 1E1U
}
Extinderea FKHLLSHQWUXFLIUDUHDLQYHUV HVWHGHILQLW DVWIHO
• 6HDSOLF H[WLQGHUHDFKHLL
• 6HDSOLF ,QY0L[&ROXPQWXWXURUFKHLORUGHUXQG vQDIDU GHSULPDúLGHXOWLPD
Folosind pseudocod avem:
,B.H\([SDQVLRQ&KHLDBGHBFLIUX,B&KHLDB([SDQGDW
{
KeyExpansiRQ&KHLDBGHBFLIUX,B&KHLDB([SDQGDW
for(i=1; i<Nr; i++)
,QY0L[&ROXPQ,B&KHLDB([SDQGDW 1EL
}
,PSOHPHQWDUHDFLIU ULLLQYHUVH
$OHJHUHD SROLQRPXOXL SHQWUX 0L[&ROXPQ úL H[WHQVLD FKHLL VH ED]HD] SH DUJXPHQWHOH GH
SHUIRUPDQ DOHFLIUXOXL'HRDUHFHFLIUDUHDLQYHUV HVWHVLPLODU GDUIRORVHúWHRWUDQVIRUPDUH
38
Tehnici de securitate a datelor
0L[&ROXPQFXXQDOWSROLQRPúLvQXQHOHFD]XULRSURJUDPDUHPRGLILFDW DFKHLLGHJUDGDUHD
SHUIRUPDQ HORUHVWHREVHUYDW SHSURFHVRDUHOHGHEL L
$FHDVW DVLPHWULH HVWH GDWRUDW IDSWXOXL F SHUIRUPDQ D FLIU ULL LQYHUVH HVWH FRQVLGHUDW D IL
PDLSX LQ LPSRUWDQW GHFkWSHUIRUPDQ D FLIUXOXL ÌQ PXOWH DSOLFD LLDOH FLIUXOXL EORF FLIUDUHD
LQYHUV QXHVWHIRORVLW $FHVWDHVWHFD]XOFDOFXO ULL0$&-XULORUGDUúLFkQGFLIUXOHVWHvQPRG
CFB sau OFB.
$YDQWDMHúLOLPLW UL
Avantaje
Aspecte de implementare:
• 5LMQGDHO SRDWH IL LPSOHPHQWDW V UXOH]H OD YLWH]H PDUL SHQWUX XQ FLIUX EORF SH XQ
3HQWLXP3UR([LVW XQFRPSURPLVvQWUHP ULPHDWDEHOXOXLúLSHUIRUPDQ
• Rijndael poate fi implemenWDW SH 6PDUW &DUG FX FRG UHGXV IRORVLQG SX LQ 5$0 úL
IRORVLQGXQQXP UPLFGHFLFOXUL([LVW XQFRPSURPLVvQWUH520úLSHUIRUPDQ
• 7UDQVIRUPDUHDGHUXQG SRDWHILH[HFXWDW vQSDUDOHOXQDYDQWDMSHQWUXLPSOHPHQWDUH
SHSURFHVRDUHOHYLLWRDUHúLSHKDUGZDre specializat.
• &XP FLIUXO QX IRORVHúWH RSHUD LL DULWPHWLFH QX HVWH LQIOXHQ DW GH XWLOL]DUH D
arhitecturilor “ Big Endian” sau “ Little Endian” .
6LPSOLWDWHDSURLHFW ULL
• &LIUXO HVWH vQ vQWUHJLPH LQGHSHQGHQW 1X IRORVHúWH DOWH FRPSRQHQWH FULSWRJUDILFH
cutiiOH6VXQWLQVSLUDWHGHODFLIUXULELQHFXQRVFXWHúDPG
• Cifrul nu-úLED]HD] VHFXULWDWHDVDXS U LOHDFHVWXLDSHLQWHUDF LXQLREVFXUHúLJUHXGH
vQ HOHVvQWUHRSHUD LLOHDULWPHWLFH
• 0RGHOXOFLIUXOXLIL[QXODV ORFGHVWXOSHQWUXDDVFXQGHWUDSGRRU
LungiPHDYDULDELO DEORFXOXL
• 0RGHOXO SHUPLWH VSHFLILFDUHD YDULDQWHORU FX OXQJLPHD EORFXOXL úL D FKHLL DPEHOH
FUHVFkQGGHODODEL LFXXQSDVGHEL L
• &X WRDWH F QXP UXO GH UXQGH SHQWUX 5LMQGDHO HVWH IL[DW vQ VSHFLILFD LL VH SRDWH
modifica ca parametru în cazul unor probleme de securitate.
/LPLW UL
/LPLW ULOHFLIUXOXLDXGH-a face cu inversarea acestuia:
39
ÌQGUXP WRUGHODERUDWRU
&DUHVXQWGLIHUHQ HOHvQWUH5LMQGDHOúL$(6"
$QDOL]D L VWUXFWXUD FLIUXOXL 5LMQGDHO 8WLOL]kQG VXUVHOH ELEOLRJUDILFH DQDOL]D L DVSHFWHOH
PDWHPDWLFHFkPSXULILQLWH*)úLSROLQRDPHOHXWLOL]DWHSHQWUX5LMQGDHO
6 VH VFULH XQ SURJUDP vQ XQXO GLQ OLPEDMHOH GH SURJUDPDUH FXQRVFXWH FDUH UHDOL]HD]
FULSWDUHD úL GHFULSWDUHD XQXL ILúLHU WH[W XWLOL]kQG FLIUXO 5LMQGDHO LQH L FRQW GH PRGXULOH GH
operare.
40
/XFUDUHD$OJRULWPLFXFKHLSXEOLFH3URLHFWXOGHVHOHF LH
NESSIE.
6FRSXOOXFU Uii
ÌQDFHDVW OXFUDUHQHYRPUHIHULODDOJRULWPLLFXFKHLSXEOLFHDOJRULWPLXWLOL]DELOLDWkWSHQWUX
DVLJXUDUHD FRQILGHQ LDOLW LL FkW úL SHQWUX DVLJXUDUHD DXWHQWLILF ULL HWF 3HUPLW FRPXQLFDUHD
vQWUHGRX S U LFDUHQXGH LQXQVHFUHWRFKHLHVHFUHW LQL LDO
6FXUW SUH]HQWDUHDDOJRULWPLORUFXFKHLSXEOLFH
)LJXUD&ULSWDUHDúLGHFULSWDUHDXWLOL]kQGDOJRULWPLFXFKHLSXEOLFH
3HQWUXJHQHUDUHDFKHLORUVHSDUFXUJXUP WRULLSDúL
42
Tehnici de securitate a datelor
&ULSWDUHDúLGHFULSWDUHDFX56$
Pentru criptare, A – cel care trimite mesajul –SDUFXUJHXUP WRDUHOHHWDSH
Obiectivul principal al proiectului NESSIE (New European Schemes for Signature, Integrity,
and EncryptionILQDQ DWGH8QLXQHD(XURSHDQ DIRVWV VHOHFWH]HXQSRUWRIROLXGHSULPLWLYH
criptografice de diferite tipuri. Proiectul a început printr-R FHUHUH GH RIHUW SXEOLF SHQWUX
SULPLWLYH FULSWRJUDILFH úL SHQWUX PHWRGRORJLL GH HYDOXDUHD D SULPLWLYHORU $FHDVW FHUHUH GH
RIHUW LQFOXGH R VROLFLWDUH QX QXPDLSHQWUX FLIUXUL EORFFD úLvQFD]XOVHOHF LHL $(6GDU úL
SHQWUX DOWH SULPLWLYH FULSWRJUDILFH LQFOXVLY DOJRULWPL FX FKHL SXEOLFH úL GH DVHPHQHD IXQF LL
43
ÌQGUXP WRUGHODERUDWRU
Au fost primite 40 de primitive criptografice. Aceste primitive propuse au fost evaluate (cu
DMXWRUXO úL D DOWRU FRQWULEXLWRUL H[WHUQL DWkW GLQ SXQFW GH YHGHUH D VHFXULW LL FkW úL D
SHUIRUPDQ HL
&ULWHULLOHGHHYDOXDUHúLVHOHF LH2
Criteriile de evaluare publicate în apelul NESSIE au fost:
• $WDFXO DU WUHEXL V ILH FHO SX LQ OD IHO GH GLILFLO FD úL DWDFXULOH JHQHULFH vPSRWULYD
tipurilor dHSULPLWLYHF XWDUHH[KDXVWLY HWF
• Primitivele vor fi evaluate vis-a-YLVGHFHHDFHSUHWLQGDXWRULORU'DF H[LVW XQDWDF
FDUHQHFHVLW XQHIRUWGHFDOFXOPDLPLFGHFkWFHHDFHSUHWLQGDXWRULLSULPLWLYDYDIL
GHVFDOLILFDW
• Primitivele vor fi evaluate în mediul declarat (propus). Astfel, vor fi apreciate
analizele de vulnerabilitate în cazul atacurilor side-channel (ex. timing attacks, power
analysis).
&ULWHULLOHGHVHOHF LHSULQFLSDOHDXIRVW
1
NESSIE, Call for Cryptographic Primitives, Version 2.2, 8th March 2000, available at:
https://www.cosic.esat.kuleuven.ac.be/ nessie/call/, last visited November 2006.
2
NESSIE consortium, NESSIE project announces final selection of crypto algorithms, February 27, 2003,
available at: https://www.cosic.esat.kuleuven.ac.be/nessie/deliverables/ press_release_feb27.pdf, last visited
November 2006.
44
Tehnici de securitate a datelor
• ,GHLOH úL WUDQVSDUHQ D GHVLJQXOXL (VWH PDL XúRU V DYHP vQFUHGHUH vQ HYDOXDUHD
VHFXULW LL XQHL SULPLWLYH GDF PRGHOXO HVWH FODU úL VLPSOX úL HVWH ED]DW SH R EXQ
vQ HOHJHUH D SULQFLSLLORU PDWHPDWLFH úL FULSWRJUDILFH $FHVWHD VXQW vQ PRG FODU
LPSRUWDQWHFkQGVHFRPSDU SULPLWLYHOHvQWUHHOH
• 5H]LVWHQ D SULPLWLYHORU PRGLILFDWH 2 WHKQLF XWLOL]DW vQ PRG IUHFYHQW OD HYDOXDUHD
puterii unei primitive este în a evaOXD R SULPLWLY PRGLILFDW GH H[HPSOX SULQ
VFKLPEDUHD VDX HOLPLQDUHD XQHL FRPSRQHQWH VDX SULQ UHGXFHUHD QXP UXOXL GH UXQGH
&RQFOX]LLOH ED]DWH SH HYDOXDUHD SULPLWLYHORU PRGLILFDWH VXQW FX JULM WUDQVIHUDWH
SHQWUXSULPLWLYDHYDOXDW GDWRULW SRVLELOLW Li de a nu fi valabile.
• 6HFXULWDWHDUHODWLY &kQG HYDOX PSULPLWLYH GHVWLQDWHV RSHUH]HOD DFHODúL QLYHO GH
VHFXULWDWHvQPHGLLVLPLODUHHQDWXUDOV QHGRULPV OHFRPSDU PVHFXULWDWHD2ULFXP
DVWIHO GH FRPSDUD LL WUHEXLH UHDOL]DWH FX PXOW JULM 2 P VXU FDUH D IRVW VXJHUDW
SHQWUXSULPLWLYHOHFDUHVHED]HD] SHXQDOJRULWPLWHUDWLYFDUHDUHOLPLWHGHVHFXULWDWH
HVWH V VH P VRDUH GLIHUHQ D GLQWUH QXP UXO PD[LP GH FLFOXUL FDUH SRW IL XúRU
FRPSURPLVH úL QXP UXO WRWDO GH FLFOXUL GDU QX H[LVW XQ FRQVens general acceptat
pentru comparare.
• Mediul criptografic ÌQ DQXPLWH PHGLL GH LPSOHPHQWDUH R SULPLWLY FULSWRJUDILF DU
SXWHD V DLE VDX QX DYDQWDMH SURSULL 8Q H[HPSOX DU SXWHD IL R SULPLWLY FDUH H
UH]LVWHQW OD DWDFXUL GH SXWHUH úL WLPS FkQG VH LPSOHPHQWHD] SH XQ FDUG LQWHOLJHQW
$FHVWHSURSULHW LYRUILFRQVLGHUDWHFkQGHYDOX PVHFXULWDWHDXQHLSULPLWLYH
• 7HVWDUHDVWDWLVWLF 7HVWDUHDVWDWLVWLF DSULPLWLYHORUSURSXVHSHQWUXSURLHFWXO1(66,(
DIRVWHIHFWXDW 6FRSXODFHVWHLWHVW ULVWDWLVWLFHHVWHV VFRDW vQHYLGHQ DQRPDOLLOHvQ
RSHUDUH D SULPLWLYHORU FDUH SRW LQGLFD XQHOH VO ELFLXQL DOH SULPLWLYHL úL QHFHVLW R
LQYHVWLJD LHXOWHULRDU
$OJRULWPLGHVHOHF LH1(66,(
ÌQIHEUXDULHFRQVRU LXOSURLHFWXOXL1(66,(DDQXQ DWDOJRULWPLLFULSWRJUDILFLILQDOLúWLL
DLVHOHF LHL3URFHVXOGHHYDOXDUHDIRVWGHVFKLVED]kQGX-VHSHFULWHULXOHYDOX ULLSXEOLFDWH$
IRVW SULPLW IHHGEDFN GH OD FRPXQLWDWHD FULSWRJUDILF PRQGLDO FRPHQWDULLOH DX IRVW I FXWH
publice.
7DEHOXO SUH]LQW DOJRULWPLL 1(66,( VHOHFWD L DOJRULWPL GLQ FHL SURSXúL DO L
DOJRULWPLVWDQGDUGL]D LDXIRVWDG XJD LODSRUWRIROLXO1(66,(LQGLFD LFX
LQWDEHOXO
Nu s-D LGHQWLILFDW YXOQHUDELOLW L SHQWUX DFHúWL DOJRULWPL SkQ OD VIkUúLWXO SURFHVXOXL GH
selectare, dar au existat suspiciuni confirmate mai târziu, legate de SFLASH care a fost mai
WkU]LXFRPSURPLVODIHOFDúLSHQWUX6)$/6+YFDUHQXHFRQVLGHUDWGHVWXOGHVLJXU1LFLXQXO
GLQWUHFHLFLIUXULVWUHDPSURSXVHQXDvQGHSOLQLWFHULQ HOHGHVHFXULWDWe NESSIE.
45
ÌQGUXP WRUGHODERUDWRU
6 VH VFULH XQ SURJUDP vQ XQXO GLQ OLPEDMHOH GH SURJUDPDUH FXQRVFXWH FDUH UHDOL]HD]
FRGLILFDUHDXQXLILúLHUWH[WXWLOL]kQGFLIUXO56$6HYD LQHGHFRQWGHIDSWXOF DFHVWDOJRULWP
ODIHOFDúL'(6úL$(6RSHUHD] vQELQDU
,GHQWLILFD L XQ DOJRULWP GLIHULW GH FHL GLVFXWD L SkQ DFXP GLQ OLVWD FHORU VHOHFWD L vQ
SURLHFWXO 1(66,( úL VWXGLD L IXQF LRQDUHD DFHVWXLD 5HDOL]D L R LPSOHPHQWDUH SHQWUX DFHVW
DOJRULWP,QWHJUD LDFHDVW LPSOHPHQWDUHFXFHOHODOWHLPSOHPHQW ULDQWHULRDUH
46
Tehnici de securitate a datelor
$JHQ La Information-technology Promotion Agency (IPA) GLQ -DSRQLD D LQL LDW SURLHFWXO
CRYPTREC (CRYPTography Research and Evaluation Committees) cu scopul de a identifica
DOJRULWPLL FULSWRJUDILFL VWDQGDUG UHFRPDQGD L SHQWUX D IL XWLOL]D L GH LQIUDVWUXFWXUD
guverQDPHQWDO MDSRQH] 1.
3URLHFWXO&5<375(&DIRVWLQL LDWvQ'LIHULWHWLSXULGHSULPLWLYHFULSWRJUDILFHDXIRVW
WULPLVH FD U VSXQV D DSHOXOXL SHQWUX LQVWUXPHQWH FULSWRJUDILFH &D úL vQ FD]XO LQL LDWLYHL
1(66,(DSHOXO&5<375(&DIRVWLQL LDWSHQWUXPDL multe tipuri de primitive. De asemenea,
VFRSXODIRVWV VHOHFWH]HXQVHWGHWHKQLFLQXQXPDLXQXOFDúLODVHOHF LD$(6
1
CRYPTEC site, Evaluation of Cryptographic Techniques, available at: http://www.ipa.go.jp/
security/enc/CRYPTREC/index-e.html
47
ÌQGUXP WRUGHODERUDWRU
7DEHOXO FRQ LQH SULPLWLYHOH VHOHFWDWH GH &5<375(& LQFOX]kQG QRWHOH úL UHFRPDQG ULOH
VSHFLDOHFDUHDXIRVWúLHOHSXEOLFDWH6HSRDWHREVHUYDGLQWDEHOF XQLLGLQWUHDOJRULWPLVXQW
iQWURGXúL SHQWUX PRPHQW GDWRULW XWLOL] ULL ORU vQ PHFDQLVPH GH VHFXULWDWH IRORVLWH GHMD
RULFXPVHUHFRPDQG WUHFHUHDGDF HSRVLELOODDOJRULWPLPDLSXWHUQLFL
'HVSUHVHOHF LLOHGLQ86$(XURSD-DSRQLD
ÌQ OXFU ULOH -6 s-DX DQDOL]DW XOWLPHOH SURFHVH GH HYDOXDUH FDUH DX DGUHVDW VHOHF LD XQRU
DOJRULWPLLFULSWRJUDILFLFRPSHWLWLYL&RPSHWL LD1,67FRPSDUDW FX1(66,(úL&5<37REC,
DGUHVHD] QXPDLEORFXULFLIUDWHGHGHEL LúLDGUHVHD] GRDUXQVLQJXUDOJRULWPvQWLPSFH
FHOHODOWHGRX DFRSHU PDLPXO LDOJRULWPLGHWLSXULOHGLIHULWH3HQWUXDSXWHDFRPSDUDSHQWUX
1(66,(úL&5<375(&DXIRVWDG XJD LDWkWDOJRULWPLVWDQGDUGFkWúL$(6&k LYDDOJRULWPL
DXIRVWSUH]HQWD LúLHYDOXD LSHQWUXWRDWHFRPSHWL LLOHúLGLQWUHDFHúWLDOJRULWPLGRDU5LMQGDHOD
IRVW VHOHFWDW 5& QX D IRVW VHOHFWDW UHVSLQJHUHD D IRVW OHJDW GH OLFHQ &k LYD DOJRULWPL
HYDOXD LQXPDLGH1(66,(úL&5<375(&DXIRVWVHOHFWD LvQDPEHOHFRPSHWL LL– acesta este
FD]XO DOJRULWPLORU MDSRQH]L 0,67< úL &DPHOOLD SHQWUX FLIUXUL EORF (&'6$ úL 56$-PSS
SHQWUXVHPQ WXUDGLJLWDO HWF$OJRULWPLFDúL7ULSOH-'(6FXWUHLFKHLDXIRVWLQFOXúLvQOLVWDGH
UHFRPDQG UL D OXL &5<375(& SHQWUX D IL IRORVL L vQ VWDQGDUGHOH GH VHFXULWDWH D UH HOHL
SSL3.0/TLS1.0.
48
Tehnici de securitate a datelor
6 VH DQDOL]H]H REVHUYD LLOH GLQ WDEHOXO &RPSDUD L VHOHF LLOH SUH]HQWDWH vQ XOWLPHOH
OXFU Ui.
,GHQWLILFD LSHQWUXILHFDUHWLSGHDOJRULWPXQH[HPSOXGHDOJRULWPUHFRPDQGDW
,GHQWLILFD L XQ DOJRULWP GLIHULW GH FHL GLVFXWD L SkQ DFXP GLQ OLVWD FHORU VHOHFWD L vQ
SURLHFWXO&5<375(&úLVWXGLD LIXQF LRQDUHDDFHVWXLD5HDOL]D LRLPSOHPHQWare pentru acest
DOJRULWP,QWHJUD LDFHDVW LPSOHPHQWDUHFXFHOHODOWHLPSOHPHQW ULDQWHULRDUH
49
Bibliografie
“ DES Modes of Operation” , Federal Information Processing Standard (FIPS), Publication 81,
National Bureau of Standards, US Department of Commerce, Washington D.C., December
1980.
Federal Information Processing Standards Publication 46-2, Data Encryption Standard (DES),
http://www.itl.nist.gov/fipspubs/fip46-2.htm
B. Schneier, Applied Cryptography, John Wiley & Sons, New York, 1996.
National Institute of Standards and Technology, NIST Report, September 12, 1997 (Volume
62, Number 177). Docket No. 970725180-7180-01.Pages 48051-48058.
NIST Report on the Development of the Advanced Encryption Standard (AES), James
Nechvatal, Elaine Barker, Lawrence Bassham, William Burr, and co., October 2, 2000.
NESSIE, Call for Cryptographic Primitives, Version 2.2, 8th March 2000, available at:
https://www.cosic.esat.kuleuven.ac.be/ nessie/call/.
National Institute of Standards and Technology (NIST), “ Recommendation for Block Cipher
Modes of Operation, Methods and Techniques” , available at: http://csrc.nist.gov/publications/
nistpubs/800-38a/sp800-38a.pdf; NIST Special Publication 800-38A 2001 Edition.1
A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr, “ Basic Concepts and Taxonomy of
dependable and secure computing,” IEEE Trans. On Dependable and Secure Computing, Vol.
1, No.1, January-March, 2004, pp. 11-33.
52