You are on page 1of 148

B GIAO THNG VN TI

TRNG I HC HNG HI
B MN: KHOA HO C MA Y TI NH
KHOA: CNG NGH THNG TIN




Gio trnh

AN TON V BO MT THNG TIN




TN HC PHN : An ton v bo mt Thng tin
M HC PHN : 17212
TRNH O TO : I HC CHNH QUY
DNG CHO SV NGNH : CNG NGH THNG TIN















HI PHNG - 2008


Tn hc phn: An toa

n ba

o m t thng tin Loi hc phn: II


B mn ph trch ging dy: Khoa hc my tnh.
Khoa ph trch: Cng ngh thng tin
M hc phn: Tng s TC: 3

TS tit L thuyt Thc hnh/ Xemina T hc Bi tp ln n mn hc
75 45 30 0 0 0

iu kin tin quyt:
Sinh vin c n ho c xong ca

c ho c ph n:
- L p tri

nh h

ng i t ng
- C u tru

c d

li u
- Phn ti

ch, thi t k va

nh gia

thu t toa

n.
Mc ch ca hc phn:
Truyn t cho sinh vin nhng kin thc c bn v cc lnh vc ring trong an
ton bo mt my tnh:
- Cc gii thut m ha trong truyn tin.
- Cc thut ton to hm bm v ch k in t.
- Cc m hnh trao chuyn kha.
- Cc m hnh chng thc v cc giao thc mt m.
Ni dung ch yu:
G m 2 ph n:
- Ph n ly

thuy t: cung c p ca

c ly

thuy t v thu t toa

n ma

ho

a, cc giao thc.
- Ph n l p tri

nh: ci t cc h m, vi t ca

ng du ng s

du ng ca

c h ma

m t
Ni dung chi tit ca hc phn:


Tn chng mc
Phn phi s tit
TS LT Xemine BT KT
Chng I. Gii thiu nhim v ca an ton v bo
mt thng tin.
4 3 1 0 0
1.1. Cc khi nim m u.
1.1.1. Thnh phn ca mt h thng thng tin
1.1.2. Nhng mi e da v thit hi i vi h thng
thng tin.
1.1.3. Gii php iu khin kim sot an ton bo mt
1.2. Mc tiu v nguyn tc chung ca ATBM.
1.2.1. Ba mc tiu.
1.2.2. Hai nguyn tc
1.3. Gii thiu chung v cc m hnh mt m.
1.3.1. M hnh c bn trong truyn tin v lut Kirchoff.
1.3.2. Nhng giai on pht trin ca l thuyt m ha.
1







1

1










1



Chng II. Mt s phng php m ha c in. 13 5 5 2 1
2.1. Phng php m n gin.
2.1.1. M hon v trong bng Alphabet.
2.1.2. Mt m cng tnh.
2.2.3. Mt m nhn tnh.
2.1.4. Phn tch m theo phng php thng k.
2.2. Phng php m bng phng th tn xut.
2.2.1. M vi bng th ng m.
2.2.2. M a bng th: gii thut m Vigenre v One time
pad.
2.2.3. L thuyt v s b mt tuyt i.
2.2.4. nh gi mc bo mt ca mt phng php
m ha.
Ki m tra
2





3





2





3
1





1













1
Chng III. Mt m khi. 16 8 7 1 0
3.1. Khi nim.
3.1.1. iu kin an ton cho mt m khi
3.1.2. Nguyn tc thit k.
3.2. Chu n ma

ho

a d

li u DES
3.2.1. Lch s ca DES
3.2.2. Cu trc vng lp DES.
3.2.3. Thut ton sinh kha con
3.2.4. Cu trc hm lp.
3.2.5. Thut ton gii m DES.
3.2.6. nh gi mc an ton bo mt ca DES.
3.2.7. TripleDES
3.3. Chu n ma

ho

a cao c p AES
3.3.1. Gi

i thi u v AES
3.3.2. Thu t toa

n ma

ho

a
3.3.3. Thu t toa

n gia

i ma


3.3.4. Ci t AES
3.4 Mt s ch s dng m khi.
3.4.1. Ch bng tra m in t
3.4.2. Ch m mc xch
3.4.3. Ch m phn hi
1


3







3




1



3







3




1



0,5







0,5

Chng IV. H thng m vi kha cng khai. 16 6 7 2 1
4.1. Khi nim kha cng khai.
4.1.1. c trng v ng dng ca h m kha cng khai.
4.1.2. Nguyn tc cu to h kha cng khai
4.2. Gii thiu mt s gii thut PKC ph bin.
4.1.1. H m Trapdoor Knapsack.
4.1.2. H m RSA
1



1
2




1
3



2








4.1.3. H m ElGamal
Kim tra
2 3
1
Chng V. Ch k in t v hm bm. 12 7 5 0 0
5.1. Ch k in t.
5.1.1. nh ngha.
5.1.2. ng dng ca ch k in t
5.2. Gi

i thi u m t s h ch

ky

i n t


5.2.1. H ch

ky

i n t

RSA
5.2.2. H ch

ky

i n t

ElGamal
5.2.3. Chu n ch

ky

i n t

DSA
5.3. Hm bm.
5.3.1. nh ngha.
5.3.2. Sinh ch k in t vi hm bm
5.4. M t s ha

m bm thng du ng
5.4.1. Hm bm MD5
5.4.2. Hm bm SHA1
0,5


3



0,5


3





2






1,5
1,5

Chng VI. Qun l kha trong h thng mt m 8 5 3 0 0
6.1. Qun l kha i vi h SKC
6.1.1. Gii thiu phng php qun l kha.
6.2. Qun l kha trong cc h PKC
6.2.1. Giao thc trao chuyn kha Needham Schoeder
6.2.2. Giao th

c trao i kho

a Diffie-Hellman
6.2.3. Giao th

c Kerberos
1

1
1
1
1




1
2

Chng VII. Giao thc mt m 6 3 2 0 1
7.1. Khi nim giao thc mt m
7.1.1. nh ngha giao thc mt m
7.1.2. Mc ch giao thc mt m.
7.1.3. Cc bn tham gia vo giao thc mt m
7.2. Tm hiu thit k cc giao thc mt m in hnh
7.2.1. Mt s dng tn cng i vi giao thc mt m.
7.2.2. Gii thiu mt s giao thc mt m.
7.3. Kim tra.
1



2







2







1

Nhim v ca sinh vin: Ln lp y v chp hnh mi quy nh ca Nh trng.

Ti liu hc tp:
1. Phan nh Diu. L thuyt mt m v An ton thng tin. i hc Quc Gia H
Ni.
2. Douglas R. Stinson. Cryptography Theory and practice. CRC Press. 1995.
3. A. Menezes, P. VanOorschot, and S. Vanstone. Handbook of Applied
Cryptography. CRC Press. 1996.


4. William Stallings. Cryptography and Network Security Principles and Practices,
Fourth Edition. Prentice Hall. 2005.
5. MichaelWelschenbach. Cryptography in C and C++. Apress. 2005.

Hnh thc v tiu chun nh gi sinh vin:
- Sinh vin phi lm cc bi kim tra trong qu trnh hc v thc hnh. Thi vn p.
- Sinh vin phi bo m cc iu kin theo Quy ch ca Nh trng v ca B.

Thang im : Thang im 10.
im nh gi hc phn: Z = 0,3 X + 0,7 Y.



MUC LUC
L I NO I

U .................................................................................................................... 1
CHNG I: GI I THI U .................................................................................................. 2
1. An toa

n ba

o m t thng tin va

m t ma

ho c ................................................................. 2
2. Khai nim h thng va tai san cua h thng .............................................................. 2
3. Cac mi e doa i vi mt h thng va

ca

c bi n pha

p ngn ch n ........................... 2
4. Muc tiu va nguyn tc chung cua an toan bao mt thng tin ................................... 3
5. M t ma

ho c (cryptology) ............................................................................................ 4
6. Khai nim h ma mt (CryptoSystem) ....................................................................... 4
7. M hi

nh truy n tin c ba

n cu

a m t ma

ho c va

lu t Kirchoff ....................................... 5
8. S l c v li ch s

m t ma

ho c .................................................................................. 6
9. Phn loa i ca

c thu t toa

n m t ma

ho c ......................................................................... 8
10. M t s

ng du ng cu

a m t ma

ho c ........................................................................... 8
CHNG II: C S TOAN HOC ................................................................................... 10
1. Ly thuyt thng tin ................................................................................................... 10
1.1. Entropy ............................................................................................................. 10
1.2. T c cu

a ngn ng

. (Rate of Language) ....................................................... 11


1.3. Tinh an toan cua h thng ma hoa ................................................................... 11
1.4. Ky thut ln xn va rm ra (Confusion and Diffusion)..................................... 12
2. Ly thuyt phc tap .............................................................................................. 13
2.1. an toan tinh toan ......................................................................................... 14
2.2. an toan khng iu kin .............................................................................. 14
3.3. H mt tich ....................................................................................................... 16
3. Ly thuyt toan hoc ................................................................................................... 17
3.1. Modulo s ho c .................................................................................................. 17
3.2. S nguyn t .................................................................................................... 17
3.3. c s chung l

n nh t ..................................................................................... 17
3.4. Vanh Z
N
(vanh ng d module N) ................................................................... 18
3.5. Ph n t

nghi ch a

o .......................................................................................... 18
3.6. Ham phi le ..................................................................................................... 19
3.7. Th ng d b c hai.............................................................................................. 19
3.8. Thu t toa

n lu

y th

a nhanh ................................................................................ 20
3.9. Thu t toa

n clit m

r ng .................................................................................. 21
3.10. Phng tri

nh ng d b c nh t 1 n .............................................................. 22
3.11. i nh ly

ph n d Trung Hoa. ............................................................................ 22


4. Cac thut toan kim tra s nguyn t. ..................................................................... 23
4.1. M t s ky

hi u toa

n ho c .................................................................................... 23
4.2. Thu t toa

n Soloway-Strassen ........................................................................... 25
4.3. Thu t toa

n Rabin-Miller..................................................................................... 26
4.4. Thu t toa

n Lehmann. ........................................................................................ 26
5. Bai tp ..................................................................................................................... 26
CHNG III: CAC H MA KHOA BI MT ...................................................................... 28
1. Cac h ma c in ................................................................................................... 28
1.1. H ma

hoa

thay th (substitution cipher) ........................................................... 28


1.2. H ma

Caesar .................................................................................................. 28
1.3. H ma

Affine ..................................................................................................... 29
1.4. H ma

Vigenere ................................................................................................ 30
1.5. H ma

Hill ......................................................................................................... 30
1.6. H ma

i ch (transposition cipher)................................................................. 32
2. Cac h ma khi ....................................................................................................... 34
2.1. Mt ma khi ...................................................................................................... 34
2.2. Chun ma hoa d liu DES (Data Encryption Standard) .................................. 35
2.3. Cac yu im cua DES ..................................................................................... 51


2.4. Triple DES (3DES) ............................................................................................ 52
2.5. Chu n ma

ho

a cao c p AES ............................................................................. 54


2.6. Cac c ch, hnh thc s dung cua ma ha khi (Mode of Operation) ............. 68
3. Bai tp ..................................................................................................................... 72
CHNG IV: CAC H MA MT KHOA CNG KHAI...................................................... 77
1. Khai nim h ma mt kha cng khai ...................................................................... 77
2. Nguyn t c c u ta o cu

a ca

c h ma

m t kho

a cng khai .......................................... 78


3. M t s h ma

kho

a cng khai .................................................................................. 78


3.1. H ma

knapsack ............................................................................................... 78
3.2. H ma

RSA ....................................................................................................... 79
3.3. H ma

El Gamal ............................................................................................... 83
3.4. Cac h ma mt da trn cac ng cong Elliptic ............................................. 85
4. Bai tp ..................................................................................................................... 96
CHNG V: CH KY I N T VA HA M BM ............................................................ 101
1. Ch

ky

i n t

....................................................................................................... 101
1.1. Khai nim v ch ky in t ........................................................................... 101
1.2. H ch ky RSA ............................................................................................... 102
1.3. H ch ky ElGammal ...................................................................................... 103
1.4. Chun ch ky in t (Digital Signature Standard) ......................................... 106
1.5. M hi

nh

ng du ng cu

a ch

ky

i n t

................................................................ 108
2. Ham Bm (Hash Function) .................................................................................... 109
2.1. Khai nim ....................................................................................................... 109
2.2. c tinh cua ham Bm ................................................................................... 109
2.3. Birthday attack ................................................................................................ 110
2.4. Mt s ham Bm ni ting .............................................................................. 111
2.5. Mt s

ng du ng cu

a ham Bm ...................................................................... 118


3. Bai tp ................................................................................................................... 119
CHNG VI: QUAN LY KHOA ..................................................................................... 120
1. Quan ly

khoa trong cac mang truyn tin ................................................................ 120


2. Mt s h phn phi khoa ..................................................................................... 120
2.1. S phn phi khoa Blom ........................................................................... 120
2.2. H phn phi khoa Kerberos .......................................................................... 122
2.3. H phn phi kho

a Diffe-Hellman ................................................................... 123


3. Trao i khoa va thoa thun khoa ......................................................................... 124
3.1. Giao thc trao i khoa Diffie-Hellman ........................................................... 124
3.2. Giao thc trao i khoa Diffie-Hellman c chng ch xac nhn ....................... 125
3.3. Giao thc trao i khoa Matsumoto-Takashima-Imai ...................................... 126
3.4. Giao thc Girault trao i khoa khng chng ch ............................................ 127
4.Bai tp .................................................................................................................... 128
CHNG VII: GIAO TH C MT MA ........................................................................... 130
1. Giao thc .............................................................................................................. 130
2. Muc ich cua cac giao thc ................................................................................... 130
3. Cac bn tham gia vao giao thc (the players in protocol) ...................................... 131
4. Cac dang giao thc ............................................................................................... 132
4.1. Giao thc c trong tai ..................................................................................... 132
4.2. Giao thc c ngi phn x ........................................................................... 133
4.3. Giao thc t phn x

..................................................................................... 134
5. Cac dang tn cng i vi giao thc ..................................................................... 134
TAI LIU THAM KHAO.................................................................................................. 136
Danh mc hnh v

DANH MUC HI NH VE
Hnh 1.1: M hnh c ban cua truyn tin bao mt .............................................................. 5
Hnh 3.1: Chu n ma

ho

a d

li u DES ............................................................................. 36
Hnh 3.2: S ma hoa DES .......................................................................................... 38
Hnh 3.3: S mt vng DES ....................................................................................... 39
Hnh 3.4: S tao khoa con cu

a DES .......................................................................... 41
Hnh 3.5: S ham f ..................................................................................................... 43
Hnh 3.6: S ham m rng (E) ................................................................................... 44
Hnh 3.7: Triple DES ....................................................................................................... 53
Hnh 3.8: Cac trang thai cua AES .................................................................................... 56
Hnh 3.9: Thu t toan ma ha va giai ma cua AES ........................................................... 59
Hnh 3.10: Ham ShifftRows() ........................................................................................... 62
Hnh 3.11: Ham MixColumns cua AES ............................................................................ 63
Hnh 3.12: Ham AddRoundKey cua AES ......................................................................... 63
Hnh 3.13: Ham InvShiftRows() cua AES ......................................................................... 66
Hnh 3.14: C ch ECB ................................................................................................... 69
Hnh 3.15: Ch CBC ................................................................................................... 70
Hnh 3.16: Ch CFB ................................................................................................... 71
Hnh 4.1: M hi

nh s

du ng 1 cua cac h ma kha cng khai PKC .................................. 78


Hnh 4.2: M hi

nh s

du ng 2 cua cac h ma kha cng khai PKC .................................. 78


Hnh 4.3: M hi

nh

ng du ng lai ghe

p RSA v

i ca

c h ma

kh i ........................................ 83
Hnh 4.4: Cac ng cong Elliptic trn tr

ng s th c ................................................... 87
Hnh 4.5: Hnh biu din E
2
4
(g
4
, 1) .................................................................................. 92
Hnh 4.6: Phng pha

p trao i kho

a Diffie-Hellman d a trn ECC ................................ 94


Hnh 5.1: M hi

nh

ng du ng cu

a ch

ky

i n t

........................................................... 108
Hnh 5.2: S ch ky s dung ham Bm ................................................................... 109
Hnh 5.3: S vng lp chinh cua MD5 ...................................................................... 112
Hnh 5.4: S mt vng lp MD5 ............................................................................... 113
Hnh 5.5: S mt vng lp cua SHA ......................................................................... 117

Danh mc bng

DANH MUC BA NG
Bang 2.1: Bang bc cua cac phn t trn Z
*
21
................................................................. 19
Bang 2.2: Bang luy tha trn Z
13
..................................................................................... 20
Bang 3.1: Bang anh s cac ch cai ting Anh ............................................................... 29
Bang 3.2: Ma hoa thay i vi tri ct ................................................................................. 32
Bang 3.3: Ma ha theo mu hnh hoc .............................................................................. 33
Bang 3.4: Vi du ma ha theo mu hnh hoc .................................................................... 33
Bang 3.5: Ma ha hoan vi theo chu ky ............................................................................ 34
Bang 3.6: Bang hoan vi IP ............................................................................................... 39
Bang 3.7: Bang hoan vi ngc IP
-1
................................................................................. 39
Bang 3.8: Bang PC-1 ...................................................................................................... 41
Bang 3.9: Bang dich bit tai cac vng lp cua DES ........................................................... 42
Bang 3.10: Bang PC-2 .................................................................................................... 42
Bang 3.11: Bang m ta ham m rng E .......................................................................... 44
Bang 3.12: Hp S
1
........................................................................................................... 45
Bang 3.13: Hp S
2
........................................................................................................... 45
Bang 3.14: Hp S
3
........................................................................................................... 45
Bang 3.15: Hp S
4
........................................................................................................... 46
Bang 3.16: Hp S
5
........................................................................................................... 46
Bang 3.17: Hp S
6
........................................................................................................... 46
Bang 3.18: Hp S
7
........................................................................................................... 46
Bang 3.19: Hp S
8
........................................................................................................... 46
Bang 3.20: Bang hoan vi P .............................................................................................. 47
Bang 3.21: Vi du v cac bc thc hin cua DES .......................................................... 50
Bang 3.22: Cac kha yu cua DES ................................................................................. 51
Bang 3.23: Cac kha na yu cua DES .......................................................................... 51
Bang 3.24: Qui

c m t s t

vi t t t va

thu t ng cua AES .......................................... 54


Bang 3.25: Bang biu din cac xu 4 bit ......................................................................... 56
Bang 3.26: Bang dai kha cua AES ............................................................................ 57
Bang 3.27: Bang th S-Box cu

a AES .............................................................................. 61
Bang 3.28: Bang th cho ham InvSubBytes() .................................................................. 66
Bang 4.1: T c cu

a thu t toa

n Brent-Pollard ................................................................ 81
Bang 4.2: Bi u di n cu

a t p E23(1, 1) ............................................................................. 89
Bang 4.3: Bang so sanh cac h ma ECC vi h ma RSA ................................................ 95

L

i no

i u
1
L I NO I

U
T trc cng nguyn con ngi a phai quan tm ti vic lam th nao am
bao an toan bi mt cho cac tai liu, vn ban quan trong, c bit la trong lnh vc qun
s, ngoai giao. Ngay nay vi s xut hin cua may tinh, cac tai liu vn ban giy t va
cac thng tin quan trong u c s ha va x ly trn may tinh, c truyn i trong
mt mi trng ma mc inh la khng an ton. Do yu cu v vic c mt c ch, giai
phap bao v s an toan va bi mt cua cac thng tin nhay cam, quan tro ng ngy cng
tr nn cp thit. Mt ma hoc chinh la nganh khoa hoc am bao cho muc ich nay. Kh
c th thy mt ng dung Tin ho c c ch no lai khng s dung cac thut toan ma ha
thng tin. Tai liu nay da trn nhng kinh nghim va nghin cu ma tac gia a c rt,
thu thp trong qua trnh giang day mn hoc An toan va Bao mt Thng tin tai khoa Cng
ngh Thng tin, ai hoc Hang hai Vit nam. Vi bay chng c chia thanh cac chu
khac nhau t c s toan hoc cua mt ma hoc cho ti cac h ma, cac giao thc mt ma,
hy vong s cung cp cho cac em sinh vin, cac ban c gia mt tai liu b ich. Mc d a
rt c gng song vn khng tranh khi mt s thiu st, hy vong s c cac ban b
ng nghip, cc em sinh vin, cac ban c gia gp y chn thanh ti c th hoan thin
hn na cu n sa

ch ny.
Xin gi li cam n chn thanh ti cac ban b ng nghip , nh

ng ng

i thn a


lun ng vin, gp y cho ti trong qua trnh bin soan . Xin g

i l

i ca

m n t

i Tha c sy


Nguy n i

nh Dng, ng

i a

o c va

cho nh

ng nh n xe

t , gp y qui bau cho phn vit


v h ma

kho

a cng khai d a trn ca

ng cong Elliptic. Xin g

i l

i ca

m n su s c t

i
Thac sy Pham Tun at , ng

i a

hi u i

nh m t ca

ch ky

ca

ng va

cho r t nhi u nh n xe

t
c gia tri cho ban thao cua cun sach nay . Cu i cu

ng xin g

i l

i ca

m n t

i Ban chu
nhim khoa Cng ngh Thng tin, c bi t la

Ti n sy

L Qu c i nh chu nhim khoa, a


lun tao iu kin t t nh t, gip cu n sa

ch nay c th hoan thanh.



Hi phng, thng 12 nm 2007
Tc gi


Nguyn Hu Tun

Chng I: Gi

i thi u
2
CHNG I: GI I THI U
1. An toa

n ba

o m t thng tin va

m t ma

ho c
Trai qua nhiu th ky hang loat cac giao th

c (protocol) va cac c ch (mechanism)


a

c ta o ra a

ng nhu c u an toa

n ba

o m t thng tin khi ma

no

c truy n ta

i
trn ca

c phng ti n v t ly

(gi y, sach, bao ). Th

ng thi

ca

c mu c tiu cu

a an toa

n ba

o
m t thng tin khng th a t c n u chi

n thu n d a va

o ca

c thu t toa

n toa

n ho c va


cac giao thc, ma at c iu nay i hi cn c cac ky thut mang tinh thu tuc va
s tn tro ng ca

c i u lu t . Ch ng ha n s bi

m t cu

a ca

c b

c th tay la

do s phn pha

t
cac la th a c ng du bi mt dich vu th tin a c chp nhn . Tinh an toan v
m t v t ly

cu

a ca

c la

th la

ha n ch (n c th bi xem trm ) nn a

m ba

o s bi

m t
cua bc th phap lut a a ra qui inh : vi c xem th ma

khng c s ng y

cu

a
chu nhn hoc nhng ngi c thm quyn la pham phap va s bi trng phat . i khi
muc ich cua an toan bao mt th ng tin la i a t c nh

chinh phng ti n v t ly

mang
chng, ch ng ha n nh ti n gi y o

i ho

i pha

i c in b ng loa i m c va

gi y t t khng
bi lam gia.
V m t y

ng vi c lu gi

thng tin la

khng co

nhi u thay i a

ng k qua th

i
gian. Ngay xa thng tin thng c lu va vn chuyn trn giy t , trong khi gi

y
chng c lu di dang s ha va c vn chuyn bng cac h thng vin thng
ho c ca

c h th ng khng dy . Tuy nhin s thay i a

ng k n

y chi

nh la

kha


nng sao che

p va

thay i thng tin. Ng

i ta co

th ta o ra ha

ng nga

n m u tin gi ng nhau
va khng th phn bit c n vi ban gc . V

i ca

c ta

i li u lu tr

va

v n chuy n trn
gi y i u na

y kho

khn hn nhi u. Va iu cn thit i vi mt xa hi ma thng tin hu


h t c lu tr

va

v n chuy n trn ca

c phng ti n i n t

chi

nh la

ca

c phng ti n
a

m ba

o an toa

n ba

o m t thng tin c l p v

i ca

c phng ti n lu tr

va vn chuyn vt
ly cua n . Phng ti n o

chi

nh la

m t ma

ho c , m t nga

nh khoa ho c co

li ch s

lu

i
d a trn n n ta

ng ca

c thu t toa

n toa

n ho c, s ho c, xac sut va cac mn khoa hoc khac.


2. Khi nim h thng va tai sn cua h thng
Khai nim h thng : H th ng la

m t t p h p ca

c ma

y ti

nh g m ca

c tha

nh ph n
ph n c

ng, ph n m m va

li u la

m vi c c ti

ch luy

qua th

i gian.
Tai san cua h thng bao gm:
- Ph n c

ng
- Ph n m m
- D

li u
- Cac truyn thng gia cac may tinh cua h thng
- Mi tr

ng la

m vi c
- Con ng

i
3. Cc mi e doa i vi mt h thng va cc bin php ngn chn
Co 3 hinh thc chu yu e doa i vi h thng:
Chng I: Gi

i thi u
3
- Pha hoai: ke th pha hng thit bi phn cng hoc phn mm hoat ng trn h
th ng.
- S

a i: Tai san cua h thng bi sa i trai phep. i u na

y th

ng la

m cho h
th ng khng la

m u

ng ch

c nng cu

a no

. Ch ng ha n nh thay i m t kh u,
quy n ng

i du

ng trong h th ng la

m ho khng th truy c p va

o h th ng
lam vic.
- Can thi p : Tai san bi truy cp bi nhng ngi khng c thm quyn . Cac
truy n thng th c hi n trn h th ng bi ngn ch n, s

a i.
Cac e doa i vi mt h thng thng tin c th n t nhiu ngun va c thc
hi n b

i ca

c i t ng kha

c nhau . Chng ta c th chia thanh 3 loai i tng nh sau :


cac i tng t ngay bn trong h thng (insider), y la

nh

ng ng

i co

quy n truy c p
h p pha

p i v

i h th ng , nh

ng i t ng bn ngoa

i h th ng (hacker, cracker),
th

ng ca

c i t ng na

y t n cng qua nh

ng

ng k t n i v

i h th ng nh Internet
ch ng ha n, va th

ba la

ca

c ph n m m (ch ng ha n nh spyware, adware ) chay trn h


th ng.
Cc bin php ngn chn:
Th

ng co

3 bi n pha

p ngn ch n:
- i u khi n thng qua ph n m m : d a va

o ca

c c ch an toa

n ba

o m t cu

a h
th ng n n (h i u ha

nh), cac thut toan mt ma hoc


- i u khi n thng qua ph n c

ng : cac c ch bao mt , cac thut toan mt ma


hoc c cng ha s dung
- i u khi n thng qua ca

c chi

nh sa

ch cu

a t ch

c : ban ha

nh ca

c qui i nh cua t
ch

c nh m a

m ba

o ti

nh an toa

n ba

o m t cu

a h th ng.
Trong mn ho c na

y chu

ng ta t p trung xem xe

t ca

c thu t toa

n m t ma

ho c nh la


m t phng ti n c ba

n, chu yu am bao an toan cho h thng.


4. Mc tiu va nguyn t c chung cu

a an toa

n ba

o m t thng tin
Ba mu c tiu cu

a an toa

n ba

o m t thng tin:
Tinh bi mt: Tai san cua h thng ch c truy cp bi nhng ngi c thm
quy n. Cac loai truy cp gm c : o c (reading), xem (viewing), in n (printing), s

du ng
chng tri

nh, ho c hi u bi t v s t n ta i cu

a m t i t ng trong t ch

c .Tinh bi mt c
th c ba

o v nh

vi c ki m soa

t truy c p (theo nhi u ki u kha

c nhau ) ho c nh

ca

c
thu t toa

n ma ha d liu. Ki m soa

t truy c p chi

co

th c th c hi n v

i ca

c h th ng
ph n c

ng v t ly

. Cn i vi cac d liu cng cng th thng phng phap hiu qua la


cac phng phap cua mt ma hoc.
Tinh toan ven d li u: tai san cua h thng ch c thay i bi nhng ngi
c thm quyn.
Tinh sn dng: tai san lun sn sang c s dung bi nhng ngi c thm
quy n.
Hai nguyn t c cu

a an toa

n ba

o m t thng tin:
Chng I: Gi

i thi u
4
Vi c th m i nh v ba

o m t pha i la

kho

va

c n ti

nh t

i t t ca

ca

c ti

nh hu ng ,
kha nng tn cng c th c thc hin.
Tai san c bao v cho ti khi ht gia tri s dung hoc ht y ngha bi mt.
5. M t ma

ho c (cryptology)
M t ma hoc bao gm hai lnh vc : ma ha (cryptography) va tham ma
(cryptanalysis-codebreaking) trong o

:
Ma ha: nghin c

u ca

c thu t toa

n va

phng th

c a

m ba

o ti

nh bi

m t va


xac thc cua thng tin (th

ng la

i da ng ca

c vn ba

n lu tr

trn ma

y ti

nh ). Cac san
ph m cu

a li

nh v c na

y la

ca

c h ma

m t , cac ham bm, cac h ch ky in t , cac c


ch phn ph i, quan ly kha va cac giao thc mt ma.
Tham ma: Nghin c

u ca

c phng pha

p pha ma hoc tao ma gia . San phm


cua lnh vc nay la cac phng phap tham ma , cac phng phap gia mao ch ky , cac
phng pha

p t n cng ca

c ha

m bm va

ca

c giao th

c m t ma

.
Trong gi

i ha n cu

a mn ho c na

y chu

ng ta chu

y u t p trung va

o ti

m hi u ca

c v n
ma ha vi cac h ma mt, cac ham bm, cac h ch ky in t, cac giao thc mt ma.
Ma hoa (cryptography) l mt ngnh khoa hc ca cc phng php truyn tin bo
mt. Trong ting Hy Lp, Crypto (krypte) co ngha l che du hay o ln, cn Graphy
(grafik) co ngha l t. [3]
Ngi ta quan nim rng: nhng t, nhng ky t cua ban vn ba

n gc c th hiu
c s cu thanh nn ban r (P-Plaintext), th

ng thi

y la

ca

c oa n vn ba

n trong
m t ngn ng

na

o o

; cn nhng t, nhng ky t dang bi mt khng th hiu c th


c goi la ban ma (C-Ciphertext).
C 2 phng thc ma hoa c ban: thay th va hoan vi:
Phng thc ma hoa thay th la phng thc ma hoa ma tng ky t gc hay
mt nhm ky t gc cua ban r c thay th bi cac t, cac ky hiu khac hay kt hp
vi nhau cho ph hp vi mt phng thc nht inh va khoa.
Phng thc ma hoa hoan vi la phng thc ma hoa ma cac t ma cua ban
r c sp xp lai theo mt phng thc nht inh.
Cac h ma m t th

ng s

du ng k t h p ca

hai ky

thu t na

y.
6. Khi nim h ma mt (CryptoSystem)
Mt h ma mt l b 5 (P, C, K, E, D) tho man cc iu kin sau:
1) P l khng gian bn r: l tp hu hn cc bn r co th co.
2) C l khng gian bn ma: l tp hu hn cc bn ma co th co.
3) K l kkhng gian kho: l tp hu hn cc kho co th co.
4) i vi mi k e K, co mt quy tc ma ho e
k
e E v mt quy tc gii ma
tng ng d
k
e D. Vi mi e
k
: P C v d
k
: C P l nhng hm m d
k
(e
k
(x)) = x cho mi
bn r x e P. Hm gii ma d
k
chinh l nh x ngc ca hm ma hoa e
k
[5]
Chng I: Gi

i thi u
5
Th

ng thi

khng gian ca

c ba

n ro

va

khng gian ca

c ba

n ma

la

ca

c vn ba

n c
tao thanh t mt b ch cai A nao . o

co

th la

b ch

ca

i ti ng Anh, b ma

ASCII, b
ma Unicode hoc n gian nht la cac bit 0 va 1.
Tinh cht 4 la tinh cht quan trong nht cua ma hoa. Ni dung cua n ni rng nu
ma hoa bng e
k
va ban ma nhn c sau c giai ma bng ham

d
k
th kt qua nhn
c phai la ban r ban u x. R rang trong trng hp nay, ham e
k
(x) phai la mt n
anh, nu khng th ta s khng giai ma c. V nu tn tai x
1
v x
2
sao cho y = e
k
(x
1
) =
e
k
(x
2
) th khi nhn c ban ma y ta khng bit n c ma t x
1
hay x
2
.
Trong mt h mt bt ky ta lun c |C| |P| v mi quy tc ma hoa la mt n anh.
Khi |C| = |P| th mi ham ma hoa la mt hoan vi.
7. M hi

nh truy n tin c ba

n cu

a m t ma

ho c va lut Kirchoff
M hi

nh truy n tin thng th

ng : Trong m hi

nh truy n tin thng th

ng thng tin
c truy n (v n chuy n) t

ng

i g

i n ng

i nh n c th c hi n nh

m t knh v t
ly (ch ng ha n nh vi c g

i th) c coi la

an toa

n.
M hnh truy n tin c ban cu

a m t ma

ho c:


Hnh 1.1: M hnh c ban cua truyn tin bao mt
y la m hnh c ban cua truyn tin bao mt. Khac vi truyn tin thng thng, c
cac yu t mi c thm vao nh khai nim ke ich (E-Enemy), cc kho m ho v
giai ma K am bao ti

nh ba

o mt cua thng tin cn truyn i.


Trong m hi

nh na

y ngi g

i S (Sender) mun gi mt thng i p X (Message la


m t ba

n ro

) ti ngi nhn R (Receiver) qua mt knh truyn khng an toa

n (Insecured
Channel), ke ich E (Enemy) c th nghe trm, hay sa i thng tin X. V vy, S s dung
phep bin i, tc ma hoa (E-Encryption) ln thng tin X dang oc c (Plaintext)
tao ra mt oan vn ba

n c m ho Y (C-Ciphertext) khng th hi u c theo mt


quy lut thng th

ng s

du ng m t thng tin bi

m t c goi la khoa K
1
(Key), kho K
1

chinh la thng s iu khin cho phep bin i t ba

n ro

X sang ba

n m Y (ch cc bn
tham gia truyn tin S va R m

i c th bi t kho

a na

y). Giai ma (D-Decryption) l qu trnh


ngc lai cho phep ngi nhn thu c thng tin X ban u t oan ma hoa Y s

du ng
kha giai ma K
2
(ch y la kha giai ma va kha ma ha c th khac nhau ho c la

m t ty
thu c va

o h ma

du ng).
Cac phep bin i c s dung trong m hnh truyn tin trn thuc v mt h ma
m t (Cryptosytem) nao .

X Y Y X
Sender
Encrypt
Insecured
Channel
Decrypt
Receiver
K
1
K
2
Enemy
Chng I: Gi

i thi u
6
Qua trnh ma ha va giai ma yu cu cac qua trnh bin i d liu t dang nguyn
thuy thanh in put cho vi c ma

ho

a va

chuy n output cu

a qua

tri

nh gia

i ma

tha

nh ba

n ro

.
Cac qua trnh nay la cac qua trnh bin i khng kha va c goi la cac qua trnh
encode va

decode.
Theo lu t Kirchoff (1835 - 1903) (mt nguyn t c c ban trong m ho) th: ton b
c ch ma/gii ma tr kho l khng bi mt i vi k ch [5]. R rang khi i phng
khng bit c h ma

mt ang s dung thu t toa

n ma

ho

a gi

th vic tha

m ma s rt
kh khn. Nhng chng ta khng th tin vao an toan cua h ma

mt ch da vao mt
gia thit khng chc chn la i phng khng bit thu t toa

n ang s dung . V vy, khi


trnh bay mt h mt bt ky , chng ta u gia thit h mt c trnh bay di lu t
Kirchoff.
Y nghia cua lut Kirchoff : s an toan cua cac h ma mt khng phai da vao s
ph

c ta p cu

a thu t toa

n ma

ho

a s

du ng.
8. S lc v li ch s

m t ma

ho c
M t ma

ho c la

m t nga

nh khoa ho c co

m t li ch s

khoa

ng 4000 nm. Cac c vt


cua nganh khao c ho c thu c a

cho th y i u na

y . Nh

ng ng

i Ai c p c a i a


dung cac ch tng hnh nh la mt dang ma ha n gian nht trn cac bia m cua ho .
Cac tai liu vit tay khac cung cho thy cac phng phap ma ha n gian u tin ma
loai ngi a s dung la cua ngi Ba T c va ngi Do Thai c.
Tuy v y co

th chia li ch s

m t ma

ho c tha

nh hai th

i ky

nh sau:
Th

i ky

ti n khoa ho c : T

tr

c cng nguyn cho t

i nm 1949. Trong giai oa n


nay mt ma hoc c coi la mt ngh thut nhiu hn la mt mn khoa hoc mc d a
c

ng du ng trong th c t .
Lich s cua mt ma hoc c anh du vao nm 1949 khi Claude Shannon a ra
ly thuyt thng tin . Sau th

i ky

na

y m t loa t ca

c nghin c

u quan tro ng cu

a ngha

nh m t
ma hoc a c thc hin chng han nh cac nghin cu v ma khi , s ra

i cu

a ca

c
h ma

m t kho

a cng khai va

ch

ky

i n t

.
Qua nhi u th ky

pha

t tri n cu

a m t ma

ho c chu

y u c phu c vu cho ca

c mu c
i

ch qun s (gian ip, ngoai giao, chi n tranh ). M t vi

du i n hi

nh la

2000 nm
tr

c y hoa

ng La ma

Julius Caesar a

ng s

du ng m t thu t toa

n thay th n
gian ma ngay nay c mang tn ng trong cuc chin tranh Gallic.
Tac phm A manuscript on Deciphering Cryptography Messages cua Abu al -Kindi
c vit vao th ky th 9 c ti

m th y ta i Istabul va

o nm 1987 a

cho th y nh

ng nha


khoa ho c A r p la

nh

ng ng

i u tin a

pha

t tri n ca

c phng pha

p tha

m ma

d a va

o
phn ti

ch t n s xu t hi n cu

a ca

c ky

t i v

i ca

c h ma

thay th n m (m t phng
phap c s dung rng rai trong th

i ky

Trung c do n gia

n va

kha

hi u qua

).
chu u thi ky Trung c la mt khoang thi gian u am va tm ti cua lich s nn
khng co

nhi u pha

t tri n ma nh v vn ho

a no

i chung va

m t ma

ho c no

i ring . Mt vai
s kin c ghi lai bi cac vi linh muc nhng ch c Roger Bacon la ngi thc s a
vit v mt ma hoc trong tac phm Secret Work of Art and the Nullity of Magic vao gia
nhng nm 1200. Vao thi Trung c mt trong nhng cai tn ni ting nht la Chaucer,
ng

i a a ra cac cng trnh nghin cu nghim tc u tin v mt ma hoc trong cac


Chng I: Gi

i thi u
7
tac phm cua mnh chng han nh Treatise on the Astrolabe. Trong th

i ky

Trung c


phng Ty cun sach cua Blaise De Vegenere (ng

i pha

t minh ra thu t t oan ma ha


thay th a m ti t ) c xem nh la

m t tng kt cac kin thc v mt ma hoc cho ti


thi im by gi, bao gm ca thut toan thay th a m tit va mt vai s kha t
ng.
Blaise De Vegenere cu

ng la

ta

c gia

cu

a h ma

mang t n ng, h ma

na

y a

ng
c xem la

an toa

n tuy t i va

c s

du ng trong m t th

i gian da

i, tuy nhin Charles


Babbages a thc hin tham ma thanh cng vao nm 1854 nhng iu nay c gi bi
mt. M t thut toan tham ma c phat hin c lp bi mt nha khoa hoc ngi Ph
(thu c n

c nga

y nay ) c tn l Friedrich Kasiski . Tuy v y do vic thiu cac thit bi


cai tin nn cac bin th cua thut toan ma ha nay vn cn c s dung trong nhng
nm u cua th ky 20 ma tiu biu nht la vic tham ma thanh cng may in tin
Zimmermann cu

a qun

c (m t trong ca

c s ki n tiu bi u cu

a m t ma

ho c ) trong th
chin th nht va kt qua la s tham gia cua My vao cuc chin.
V

i s xu t hi n cu

a ca

c h th ng ma

y ti

nh ca nhn va mang may tinh cac thng tin


vn ba

n nga

y ca

ng c lu tr

va

ly

nhi u hn trn ca

c ma

y ti

nh do o

na

y sinh yu
c u v an toa

n ba

o m t i v

i ca

c thng tin c lu tr

, x

ly

va

truy n gi

a ca

c ma

y
tinh.
Vao u nhng nm 1970 la s phat trin cua cac thut toan ma ha khi u tin :
Lucipher v DES . DES sau o

co

m t s pha

t tri n

ng du ng r c r

cho t

i u
nh

ng nm 90.
Vao cui nhng nm 1970 chng kin s phat trin cua cac thut ton m ha
kha cng khai sau khi Whitfield Diffie va

Martin Hellman cng b ba

i ba

o New Directions
in Cryptography lam nn tang cho s ra i cua cac h ma kha cng khai va cac h
ch

ky

i n t

.
Do nh c i m cu

a ca

c h ma

m t kho

a cng khai la

ch m nn ca

c h ma

kh i v n
ti p tu c c pha

t tri n v

i ca

c h ma

kh i m

i ra

i thay th cho DES va

o cu i th
ky 20 nh IDEA, AES ho c 3DES (m t ca

i ti n cua DES).
G n y nh t la cac s kin lin quan ti cac ham bm MD5 (m t ha

m bm thu c
ho MD do Ron Rivest phat trin ) va SHA1. M t nho

m ca

c nha khoa hoc ngi Trung


Qu c (Xiaoyun Wang, Yiqun Lisa Yin, Hongbo Yu) a

pha

t tri n cac phng phap cho


phep phat hin ra cac ung cua cac ham bm c s dung rng rai nht trong s cac
ham bm nay. y la

m t s ki n l

n i v

i nga

nh m t ma

ho c do s

ng du ng r ng ra

i
va c th xem la cn quan trong hn ban thn cac h ma

m t cu

a ca

c ha

m bm . Do s
ki n na

y ca

c ha

ng vi t ph n m m l

n (nh Microsoft) va cac nha mt ma hoc a khuyn


cao cac lp trnh vin s dung cac ham bm manh hn (nh SHA-256, SHA-512) trong
cac ng dung.
Bruce Schneier (m t trong nh

ng nha

m t ma

ho c ha

ng u , tac gia cua h ma


Blowfish) a

ng no

i r ng ca

c hi

nh th

c t n cng i v

i ca

c h ma

m t no

i ring va

t n
cng i v

i ca

c h th ng ma

y ti

nh no

i chung se

nga

y ca

ng t r

nn hoa

n thi n hn
Attacks always get better ; they never get worse . va

li ch s

pha

t tri n cu

a m t ma

ho c
chinh la lich s phat trin cua cac hnh thc tn cng i vi cac h ma mt ang c
s

du ng.
Chng I: Gi

i thi u
8
9. Phn loa i ca

c thu t toa

n m t ma

ho c
C nhiu cach khac nhau chng ta c th phn loai cac thut toan mt ma hoc
s c hoc trong chng trnh. y chng ta s phn loai cac thut toan mt ma hoc
d a va

o hai loa i tiu chi

.
Tiu chi

th

nh t la

d a va

o ca

c di ch vu an toa

n ba

o m t ma

ca

c thu t toa

n cung
c p, d a va

o s l ng kho

a s

du ng (0, 1, 2) chng ta c cac thut toan ma ha sau:


1. Cac thut toan ma ha kha bi mt tng ng vi cac h ma mt kha bi mt
hay kho

a i x

ng SKC (Symmetric Key Cryptosytems), do vai tro

cu

a ng

i nh n va


ng

i g

i la

nh nhau , ca hai u c th ma ha va giai ma thng ip , nh Caesar ,


DES, AES Kho

a s

du ng cho ca

c thu t toa

n na

y la

1 kha cho ca vic ma ha va giai


ma.
2. Cac thut toan ma ha kha cng khai tng ng vi cac h ma kha cng
khai PKC (Public Key Cryptosystems). i khi ca

c h ma

nay cn c goi la cac h ma


kha bt i xng (Asymmetric Key Cryptosytems). Kha s dung cho cac thut toan nay
la 2 kha, m t cho vi c ma

ho

a va

m t cho vi c gia

i ma

, kha ma ha c cng khai


ha.
3. Cac thut toa n ta o ch

ky

i n t

(Digital Signature Algorithms). Cac thut


toan tao ch ky in t tao thanh cac h ch ky in t . Thng th

ng m i h ch

ky


i n t

co

cu

ng c s

ly

thuy t v

i m t h ma

m t kho

a cng khai nhng v

i ca

ch a

p
dung khac nhau. Trong chng tri

nh ho c chu

ng ta se

ho c m t s h ch

ky

i n t

ph
bi n la

RSA, ElGammma
4. Cac ham bm (Hash functions). Cac ham bm la cac thut toan ma ha khng
kha hoc c kha va thng c s

du ng trong ca

c h ch

ky

i n t

ho c ca

c h ma


kha cng khai.
Tiu chi

th

hai phn loa i ca

c thu t toa

n ma

ho

a d a trn ca

ch th

c x

ly

input cu

a
thu t toa

n (t

c la

ba

n ro

), d a trn tiu chi

na

y chu

ng ta co

hai loa i thu t toa

n ma

ho

a
sau:
1. Cac thut toan ma ha khi (ch ng ha n nh DES, AES ) x

ly

ba

n ro

i
cac n vi c ban la cac khi c kich thc ging nhau.
2. Cac thut toan ma ha dng (RC4 ) coi ba

n ro

la

m t lu ng bit, byte lin tu c.


10. M t s

ng du ng cu

a m t ma

ho c
Ngay nay kh c th tm thy cac ng dung trn may tinh lai khng s

du ng t

i ca

c
thu t toa

n va

ca

c giao th

c m t ma

ho c . T

ca

ng du ng cho ca

c ma

y ti

nh ca nhn
(Desktop Applications ) cho t

i ca

c chng tri

nh h th ng nh ca

c h i u ha

nh
(Operating Systems) ho c ca

ng du ng ma ng nh Yahoo Messenger ho c ca

c h c s

li u u co

du ng ca

c thu t toa

n ma

ho

a m t kh u ng i dng bng mt h ma
ho c m t ha

m bm na

o o

. c bit vi s phat trin manh m cua thng mai in t


cac m hnh ch ky in t ngay cang ng vai tr tich cc cho mt mi trng an toan
cho ng

i du

ng. Tuy v y chng ta vn c th chia cac lnh vc ng dung cua mt ma hoc


thanh cac lnh vc nh nh sau:
Chng I: Gi

i thi u
9
Bao mt (Confidentiality): che d u n i dung cu

a ca

c thng i p c trao i
trong m t phin truy n thng ho c giao di ch ho c ca

c thng i p trn m t h th ng ma

y
tinh (cac file, cac d liu trong mt c s d liu ).
Xac thc ha (Authentication): a

m ba

o ngu n g c cu

a m t thng i p , ng

i
dng.
Toan ven (Integrity): a

m ba

o chi

co

ca

c t ch

c a

c xa

c th c ho

a m

i co


th thay i ca

c ta

i sa

n cu

a h th ng cu

ng nh ca

c thng tin trn

ng truy n.
Dich vu khng th chi t (Non-Repudiation): Cac bn a c xac thc
khng th phu nhn vic tham gia vao mt giao dich hp l.
Ngoai ra cn cac dich vu quan trong khac chng han nh ch ky in t , dich
vu chng thc danh tinh (Identification) cho phe

p thay th hi

nh th

c xa

c th c ho

a ng

i
dng d a trn ca

c m t kh u b ng ca

c ky

thu t ma nh hn ho c di ch vu thng ma i i n
t

cho phe

p ti n ha

nh ca

c giao di ch an toa

n trn ca

c knh truy n thng khng an toa

n
nh Internet.

Chng II: C s

ton hoc
10
CHNG II: C S TOAN HOC
hi u c nh

ng thu t toa

n s

du ng trong ca

c h ma

m t , trong ca

c h ch

ky


i n t

cu

ng nh ca

c giao th

c m t ma

, chng ta phai c nhng kin thc n n ta

ng c
ban v toan hoc, ly thuyt thng tin c s

du ng trong m t ma

ho c. Chng na

y tri

nh
bay nh

ng kha

i ni m c ba

n v ly

thuy t thng tin nh Entropy , t c cu

a ngn ng


(Rate of Language), ph

c ta p cu

a thu t toa

n , an toa

n cu

a thu t toa

n , va mt s
ki n th

c toan hoc: ng d s ho c (modulo), s nguyn t , i nh ly

ph n d trung hoa ,
i nh ly

Fermat . . . va cac thut toan ki m tra s nguyn t . Nh

ng v n chi

nh se

c
trnh bay trong chng nay gm :
- Ly thuyt thng tin
- Ly thuyt phc tap
- Ly thuyt s hoc.
1. Ly thuyt thng tin
Nh

ng kha

i ni m m

u cu

a ly thuyt thng tin c a ra l n u tin va

o nm
1948 b

i Claude Elmwood Shannon (m t nha

khoa ho c c coi la

cha cu

a ly

thuy t
thng tin). Trong ph n na

y chu

ng ta chi

c p t

i m t s chu

quan tro ng cu

a ly

thuy t
thng tin.
1.1. Entropy
Ly thuyt thng tin inh ngha kh i l ng thng tin trong m t thng ba

o la s bit nh
nh t c n thi t ma

hoa

t t ca

nh

ng nghi

a co

th cu

a thng ba

o o

.
Vi du, tr

ng ngay_thang trong m t c s

li u ch

a khng qua

3 bit thng tin,


b

i vi

thng tin nga

y c th ma hoa vi 3 bit d liu:


000 = Sunday
001 = Monday
010 = Tuesday
011 = Wednesday
100 = Thursday
101 = Friday
110 = Saturday
111 is unused
N u thng tin na

y c bi u di n b

i chu i ky

t ASCII tng

ng , n s chim
nhi u khng gian nh

hn , nhng cu

ng khng ch

a nhi u thng tin hn . Tng t nh


tr

ng gioi_tinh cu

a m t c s

li u ch cha 1 bit thng tin, n c th lu tr nh mt


trong hai xu ky

t ASCII : Nam, N

.
Kh i l ng thng tin trong m t thng ba

o M o b

i Entropy cu

a thng ba

o o

, ky
hi u la

H(M). Entropy cu

a thng ba

o gioi _tinh la

1 bit, ky hiu H(gioi_tinh) = 1, Entropy


cua thng bao s ngay trong tun la nh hn 3 bits.
Chng II: C s

ton hoc
11
Trong tr

ng h p t ng quat, Entropy cua mt thng bao la log


2
n, v

i n la

s kha


nng co

th (y ngha) cua thng bao.


1.2. T c cu

a ngn ng

. (Rate of Language)
i vi mt ngn ng, t c th c t (actual rate) cua ngn ng la:
r = H(M)/N
trong tr

ng h p na

y N la

da

i cu

a thng ba

o va M la mt thng ip c dai N.
T c cu

a ti ng Anh bi

nh th

ng la 0.28 do o

m i ch

ca

i ti ng Anh co

1.3 bit ngha.


T c tuy t i (absolute rate) cua m t ngn ng

la

s bits l

n nh t c n thi t
ma ha cac ky t cua ngn ng . N u co

L ky

t t rong m t ngn ng

, th tc tuyt
i la

:
R = log
2
L
y la

s Entropy l

n nh t cu

a m i ky

t n le

. i vi ting Anh gm 26 ch

ca

i,
t c tuy t i la

log
2
26 = 4.7bits/ch

ca

i. S khng c iu g la ngac nhin i v

i t t
ca moi ngi rng thc t tc cua ting Anh nh hn nhi u so v

i t c tuy t i , va
chng ta vn thy rng i vi mt thng bao bng ting Anh c th loai b mt s ch


cai nhng ngi oc vn c th hi u c. Hi n t ng na

y c go i la

d th

a cu

a
ngn ng

(Redundancy) t nhin.
Khng chi

i v

i ti ng Anh ma

i h u h t ca

c ngn ng

t nhin , do c u tru

c cu

a
ngn ng

, do vi c s

du ng ngn ng

d n t

i co

m t s ch cai c s dung vi tn
su t khng ng u ho c chi

co

th xu t hi n v

i m t c u tru

c na

o o

la

m cho chu

ng ta
v n co

th oa

n c nghi

a cu

a ca

c thng ba

o n u loa i bo

ca

c ch

ca

i na

y.
d tha (Redundancy) cua mt ngn ng ky hiu la D va D = R r. i vi
ti ng Anh:
D = 1 - .28 = .72 letters/letter
D = 4.7 1.3 = 3.4 bits/letter
Nh v y m i ch

ca

i co

1.3 bit nghi

a va 3.4 bit d th

a (x p xi

72%).
1.3. Tinh an toa

n cu

a h th ng ma

hoa


Shannon i nh nghi

a r t ro

ra

ng , t m cac m hnh toan hoc anh gia an toa

n
cua cac h ma mt s dung . Muc ich cua ngi tham ma la phat hin ra khoa s

du ng
cua h ma (K-Key), ban r (P-PlainText), ho c ca

hai . Hn n

a ho co

th ha

i lo

ng v

i
m t va

i thng tin co

kha

nng v ba

n ro

P ch ng ha n nh o

la

m thanh dang s , ho c
la mt vn ba

n ti ng

c, ho c la m t bang tinh d liu, v. v . . .


Trong h u h t ca

c l n tham ma, ng

i tham ma th

ng c g ng thu th p m t s
thng tin co

kha

nng v ban r P tr

c khi b t u. Ho c th bit ngn ng a c s


dung ma hoa. Ngn ng

na

y ch c ch n co

s d th

a k t h p v

i chi

nh ngn ng

.
N u no

la

m t thng ba

o g

i t

i Bob, n c th bt u vi "Dear Bob". oa n vn ba

n
H(M) = log
2
n
Chng II: C s

ton hoc
12
"Dear Bob" s la mt kha nng c th hn la m t chu i khng mang y

nghi

a gi

ch ng ha n
"tm*h&rf". Muc i

ch cu

a vi c tha

m ma

la

a nh

ng t p h p kha

nng co

th co

cu

a ba

n
ma (C-CipherText) v

i m i kha

nng co

th cu

a ba

n ro

.
Shannon pha

t tri n ly

thuy t cho r ng , h th ng ma

hoa

chi

an toa

n tuy t i n u
n u s khoa c th s

du ng it nht phai b ng s thng ba

o co

th . Hi u theo m t nghi

a
khac, khoa ti thiu cua h ma phai dai bng thng bao cua h ma

.
Ngoai tr cac h ma an toa

n tuy t i , cac ban ma th

ng ch

a m t s thng tin
u

ng v

i ba

n ro

, i u na

y la

khng th tra

nh c . M t thu t toa

n m t ma

t t gi

cho
thng tin bi tit l mc nh nht va m t ng

i tha

m ma

gio

i se

khai tha

c t t nh

ng
thng tin na

y pha

t hi n ra ba

n r.
Ng

i tham ma s dung s d tha t nhin cua ngn ng lam giam s kha


nng co

th c cua ban r. Nhi u thng tin d th

a cu

a ngn ng

, s d dang hn cho
qua trnh tham ma. Chinh v ly do nay ma nhiu m hi

nh ma

ho

a s

du ng thu t toa

n nen
ban r giam kich thc vn ban trc khi ma hoa chng. V qua trnh nen lam giam s
d th

a cu

a thng ba

o . Entropy cua m t h ma mt la kich thc cua khng gian khoa


(Keyspace).
H(K) = log
2
(number of keys )
Shannon cu

ng a ra m t kha

i ni m go i la

Unicity Distance (ky hiu la U) anh


gia an toan cua mt h ma mt. i vi mt h ma mt U cua n la:
U = H(K)/D
y la

s nho

nh t ca

c ba

n ma

c n thi t co

th ti n ha

nh tha

m ma

theo ca

ch th


t t ca

ca

c kho

a co

th (brute-force attack) thanh cng. Ch ng ha n i v

i h ma

thay th
n m (nh Caesar) trn ba

ng ch

ca

i ti ng Anh ta se

co

:
H(K)= log
2
26! = 87. D = 3.4 suy ra U = 25.5.
i u na

y co

nghi

a la

n u chu

ng ta co

khoa

ng 25 ch

ca

i ba

n ma

chu

ng ta chi

co

th
th

kh

p v

i m t ba

n ro

.
Khai nim Unicity Distance la mt khai nim mang tinh xac sut n cho chng ta
bi t s l ng it nht cac ban ma cn c c th xac inh duy nht 1 ban ma ch khng
phai la s ban ma u tin hanh tham ma (ch c ch n tha

nh cng). N u chu

ng ta co

s
ban ma it hn s U th khng th ni la d oan (phep th

) cua chng ta la ng . D a
vao cng thc nay chng ta thy nu nh d tha cua ngn ng cang gn 0 th cang
kh tham ma mc d c th la mt h ma rt n gian . Cung da vao cng thc nay
suy ra tng ti

nh an toa

n cu

a h ma

co

th tng khng gian kho

a cu

a no

.
1.4. Ky thut l n x n va

m ra

(Confusion and Diffusion)


Theo Shannon, c hai ky thut c ban che du s d tha thng tin trong thng
bao gc, o

la

: s l n x n va s rm ra.
Ky thut ln xn (Confusion): che d u m i quan h gi

a ba

n ro

va

ba

n g c . Ky
thu t na

y la

m th t ba i cac c g ng nghin c

u ba

n ma

tm kim thng tin d tha va


th ng k m u. Phng pha

p d nh t t h c hi n i u na

y la

thng qua ky thut thay


th . M t h ma

hoa

thay th n gia

n , ch ng ha n h ma

di ch vo

ng Caesar , d a trn n n
Chng II: C s

ton hoc
13
tang cua s thay th cc ch

ca

i cua ban r, ngha la ch cai nay c thay th bng


ch

cai khac
Ky thut rm ra (Diffusion): lam mt i s d tha cua ban r bng cach tng
s phu ban ma vao ban r (va kha). Cng vi c ti

m ki m s d th

a cu

a ng

i tha

m ma


s rt mt thi gian va phc tap. Cach n gian nht tao ra s rm ra la thng qua vic
i ch (hay co

n go i la

ky thut hon vi).


Thng th

ng ca

c h ma

hi n a i th

ng k t h p ca

hai ky

thu t thay th va

hoa

n
vi tao ra cac thut toan ma ha c an toan cao hn.
2. Ly thuyt phc tap
Ly thuyt phc tap cung cp mt phng phap phn tich phc tap tinh
toan cua thut toan va cac ky thut ma hoa khac nhau . N so sanh cac thut toan ma
hoa, ky thut va phat hin ra an toan cua cac thut toan . Ly thuyt thng tin a cho
chung ta bit rng mt thut ton ma ho co th b bi l . Cn ly thuyt ph

c ta p cho
bit kha

nng bi tha

m ma

cu

a m t h ma

m t.
phc tap thi gian cua thut toan la m t ham cua kich thc d liu input cua
thu t toa

n o

. Thu t toa

n co

ph

c ta p th

i gian f (n) i v

i mo i n va

kich thc input


n, ngha la s bc th c hi n cu

a thu t toa

n l

n hn f(n) b

c.
phc tap thi gian thut toan phu thuc vao m hnh cua cac thut toan , s ca

c
b

c nho

hn n u ca

c hoa t ng c t p trung trong m t b

c (ch ng ha n nh ca

c
vng lp, cac li goi ham ).
Cac lp cua thut toan, v

i ph

c ta p th

i gian la mt ham mu i v

i ki

ch th

c
input c coi la

"khng co

kha

nng th c hi n ". Cac thut toan c phc tap ging


nhau c phn loa i va

o trong ca

c l

p tng ng . Vi du tt ca cac thut toan c


ph

c ta p la

n
3
c phn va

o trong l

p n
3
va ky hiu bi O(n
3
). C hai lp tng quat s
c la

p P (Polynomial) va lp NP (NonPolynomial).
Cac thut toan thuc lp P c phc tap la ham a thc cua kich thc input .
N u m i b

c ti p theo cu

a thu t toa

n la

duy nh t thi

thu t toa

n go i la

n i nh . T t ca


thu t toa

n thu c l

p P n i nh co

th

i gian gi

i ha n la

P _time, i u na

y cho bi t chu

ng
s thc hin trong thi gian a thc , tng ng v

i ph

c ta p a th

c cua kich
th

c input.
Thu t t oan ma bc tip theo vic tinh toan phai la chon giai phap t nhng
gi

i ha n gia

tri cu

a hoa t ng go i la

khng n i nh . Ly thuyt phc tap s du ng ca

c
may c bit m ta c im bng cach a ra kt lun bi cac chun . My Turing la
m t ma

y c bi t , may hoat ng trong thi gian ri rac , tai mt thi im n nm trong


khoang trang thai y u s cua tt ca cac trang thai c th la hu han . Chng ta c th
i nh nghi

a ha

m ph

c ta p th

i gian k t h p v

i ma

y Turing A.
f
A
(n) = max{m/A k t thu

c sau m b

c v

i u va

o w = n
3
}
y chng ta gia s rng A la trang thai kt thc i vi tt ca cac u vao , v n
s tr nn kh khn hn nu cac trang thai khng n m trong P . May Turing k hng
n i nh hoa t ng v

i thu t toa

n NP. May Turing khng n inh c th c mt vai trang


Chng II: C s

ton hoc
14
thai chinh xac. S(w) la trang thai o s thanh cng ngn nht cua thut toan, (Ngha la s
tinh toan dn n trang thai cui cng)
Ham s phc tap thi gian cua may Turing khng n inh A c inh ngha :
f
A
(n)=max{1,m/s(w) co m bc i vi w/w=n}
mi bc may Turing khng n inh b tri nhiu ban sao cua chinh n nh c
m t va

i gia

i pha

p va

ti

nh toa

n c l p v

i mo i l

i gia

i.
Cac thut toan thuc lp NP la khng n inh va c th tinh toan trn may Turing
khng n i nh trong th

i gian P.
Tuy nhin khng pha

i thu t toa

n ma ha cang c phc tap ln th h ma mt s


dung thut toan s cang an toa

n theo nh pha

t bi u cu

a lu t Kierchoff.
V y co

th a

nh gia

an toa

n cu

a m t h ma

m t nh th na

o ? V n nay a
c Claude Shannon tra

i v

i ca

c kha

i ni m v an toa

n cu

a ca

c h ma

m t trong
m t bai bao c tiu Ly thuyt thng tin cua cac h thng bao mt (1949).
2.1. an toan tinh ton
inh nghia:
Mt h mt c gi l an ton v mt tinh ton nu co mt thut ton tt nht
ph no th cn it nht N php ton, vi N l mt s rt ln no o. [10]
Tuy nhin trong thc t, khng c mt h mt nao chng t la an toan theo inh
ngha trn. V vy, trn thc t, ngi ta goi h mt la an toan tinh toan nu c mt
thut toan pha n nhng i hi thi gian ln n mc khng chp nhn c (thu t
toan c phc tap ham mu hoc thuc lp cac bai toan c phc tap NP).
Mt cach tip cn khac v an toan tinh toan la quy n v mt bai toan a c
nghin cu ky va c coi la kh. Vi du nh bai toan phn tich ra tha s nguyn t cua
mt s n cho trc c coi la bai toan kh vi n ln, v vy ta c th coi mt h mt
da trn bai toan phn tich ra tha s nguyn t la an toan (tt nhin y ch la an
toan da vao chng minh mt bai toan khac ch khng phai chng minh hoan chnh v
an toan cua h mt).
2.2. an toan khng iu kin
inh nghia 1:
Mt h mt c coi l an ton khng iu kin khi no khng th b ph ngay c vi
kh nng tinh ton khng hn ch. [10]
R rang la an toan khng iu kin khng th nghin cu theo quan im
phc tap tinh toan v thi gian tinh toan la khng han ch. V vy, y ly thuyt xac sut
s c cp nghin cu v an toan khng iu kin.
inh nghia 2:
Gia s bin X va Y la cac bin ngu nhin. Ky hiu xac sut X nhn gia tri x la
p(x) va Y nhn gia tri y la p(y). Xac sut ng thi p(x, y) la xac sut ng thi X
nhn gia tri x va Y nhn gia tri y. Xac sut c iu kin p(x/y) la xac sut X nhn gia tri
Chng II: C s

ton hoc
15
x vi iu kin Y nhn gia tri y. Cac bin X va Y c goi la c lp nu p(x, y) = p(x)p(y)
vi moi gia tri c th c cua X va Y.
inh ly Bayes:
Nu p(y) 0 th ta co:
( ) ( / )
( / )
( )
p x p y x
p x y
p y
=

H qu:
X, Y l bin c lp khi v ch khi p(x/y) = p(x) vi mi x, y. [5]
y, ta gia thit rng mt khoa cu th ch c dng cho mt ban ma. Ky hiu
xac sut tin nghim ban r xut hin la p
p
(x). Cung gia thit rng khoa K c chon
theo mt phn b xac sut nao (thng thng khoa K c chon ngu nhin nn cac
khoa s ng kha nng). Ky hiu xac sut khoa K c chon la p
k
(K).
Gia thit rng khoa K va ban r x la cac bin c lp. Hai phn b xac sut trn P
v K s tao ra mt phn b xac sut trn C . Ky hiu C(K) la tp cac ban ma c th nu
K l kho.
C (K) = { e
K
(x): x
e
P }
Khi vi mi y
e
C, ta c:
C
, ( )
( ) ( ). ( ( ))
K p K
K y C K
p y p K p d y
e
=


Va xac sut c iu kin p
C
(y/x) la xac sut y la ban ma vi iu kin ban r la x
c tinh theo cng thc sau:

=
=
) ( ,
) ( ) / (
y d x K
K C
K
K p x y p

By gi ta c th tinh xac sut c iu kin p
P
(x/y) la xac sut x la ban r khi ban
ma la y theo inh ly Bayes:
, ( )
C
, ( )
( ) ( )
( ) ( / )
( / )
( ) ( ) ( ( ))
K
P K
K x d y
P
P
C K P K
K y C K
p x p K
p x p y x
p x y
p y p K p d y
=
e
= =


Lc nay, ta c th inh ngha khai nim v mt hoan thin. Ni mt cach khng
hnh thc, mt hoan thin ngha la i phng vi ban ma trong tay cung khng th
thu nhn c thng tin g v ban r. Tuy nhin ta s nu inh ngha chinh xac v mt
hon thin nh sau:
inh nghia:
Mt h mt hon thin nu p
P
(x/y) = p
P
(x) vi mi x
e
P v mi y
e
C. Tc l xc sut
hu nghim thu c bn r l x vi iu kin a thu c bn ma l y ng nht vi
xc sut tin nghim bn r l x. [5]
Chng II: C s

ton hoc
16
Hay ni cach khac, mt hoan thin cung tng ng vi p
C
(y/x)= p
C
(y)).
inh ly Shannon:
Gi s (P, C, K, E, D) l mt h mt, khi o h mt t c mt hon thin khi
v ch khi |K| |C|. Trong trng hp |K| = |C| = |P|, h mt t mt hon thin khi v
ch khi mi kho K c dng vi xc sut bng nhau, bng 1/|K| v vi mi x
e
P, mi y
e
C co mt kho K duy nht sao cho eK(x) = y. [5]
Nh vy ta thy at hoan thin i hi khoa phai rt dai, do vy rt kh khn
trong vic chuyn giao khoa gia hai bn truyn tin. V vy trong thc t, chng ta khng
th c an toan khng iu kin ma chng ta ch cn an toan thc t, tc la phu thuc vao
thng tin va thi gian cn bao mt bng cach s dung cac h mt khac nhau vi bao
mt khac nhau.
3.3. H mt tich
Mt y tng khac c Shannon a ra la y tng tao ra cac h mt mi da trn
cac h mt cu bng cach tao tich cua chng. y la mt y tng quan trong trong vic
thit k cac h mt hin ai ngay nay.
n gian, y chng ta ch xet cac h mt trong C = P, cac h mt loai nay
goi la t ng cu. Gia s S1 = (P, C, K1, E1, D1) va S2 = (P, C, K2, E2, D2) la cac h
mt t ng cu c cng khng gian ban r va ban ma. Khi h mt tich c inh
ngha la h mt S = (P, C, K1

K2 ,E ,D). Khoa cua h mt tich K = (K1, K2) trong K1


e
K1, K2
e
K2. Cac ham ma hoa va giai ma c xac inh nh sau:
)) ( ( ) (
1 2 2 1
) , (
x e e x e
K K K K
=
)) ( ( ) (
2 1 2 1
) , (
x e d x d
K K K K
=
Nu chng ta ly tich cua S vi chinh n, ta c h mt (SS) (ky hiu S2). Nu ly
tich n ln th kt qua la Sn. Ta goi Sn la mt h mt lp. Nu S2 = S th ta goi h mt la
luy ng. Nu S la luy ng th khng nn ly tich lp v bao mt khng tng ln ma
khng gian khoa lai ln hn. ng nhin nu S khng luy ng th ta c th lp lai S
nhiu ln tng bao mt. y nay sinh mt vn la lam th nao c mt h
mt khng luy ng?
Ta bit rng nu S1 va S2 la luy ng va giao hoan th S1S2 cung luy ng, n
gian v:
(S
1
S
2
)(S
1
S
2
) = S
1
(S
2
S
1
)S
2

= S
1
(S
1
S
2
)S
2

= (S
1
S
1
)(S
2
S
2
)
= (S
1
S
2
)
Vy nu mun (S1S2) khng luy ng th cn phai c S1 va S2 khng giao hoan.
iu nay c th d dang thc hin bng cach ly tich cua mt h mt theo kiu thay th
va mt h mt theo kiu hoan vi. y la ky thut c dng thit k cac h ma hin
ai nh ma DES.
Chng II: C s

ton hoc
17
3. Ly thuyt ton hoc
3.1. Modulo s ho c
V c ba

n a b(mod n) n u a = b+kn trong o

k la

m t s nguyn . N u a va

b
dng va

a nho

hn n, chng ta c th goi a la

ph n d cu

a b khi chia cho n. Ni chung a


va b u la ph n d khi chia cho n . Ng

i ta co

n go b la

th ng d cu

a a theo modulo n,
va a la ng d cua b theo modulo n.
Modulo s ho c cu

ng gi ng nh s ho c bi

nh th

ng , bao g m ca

c phe

p giao hoa

n ,
k t h p va

phn ph i. M t kha

c gia

m m i gia

tri trung gian trong su t qua trnh tinh toan.


(a+b) mod n = ((a mod n) + (b mod n)) mod n
(a- b) mod n = ((a mod n) - (b mod n)) mod n
(ab) mod n = ((a mod n) (b mod n)) mod n
(a(b + c)) mod n = (((a b) mod n) + ((a c) mod n)) mod n
Cac phep tinh trong cac h ma m t h u h t u th c hi n i v

i m t modulo N na

o
o

.
3.2. S nguyn t
S nguyn t la

m t s l

n hn 1, nhng chi

chia h t cho 1 va chinh n , ngoai ra


khng co

n s na

o no

co

th chia h t n

a . S 2 la mt s ng uyn t u tin va

la

s
nguyn t ch n duy nh t . Do v y 7, 17, 53, 73, 2521, 2365347734339 cung la s nguyn
t . S l ng s nguyn t la

v t n. H m t ma

th

ng s

du ng s nguyn t l

n c

512
bits va

th m chi

n hn nh v y.
3.3. c s chung ln nht
Hai s a va

n c go i la

hai s nguyn t cng nhau nu chng khng c tha s


chung na

o kha

c 1, hay no

i m t ca

ch kha

c, n u

c s chung l

n nh t cu

a a va

n la

b ng
1. Chng ta c th vi t nh sau :
GCD(a,n)=1, (GCD-Greatest Common Divisor)
S 15 va 28 la hai s nguyn t cu

ng nhau, nhng 15 va 27 th khng phai la hai s


nguyn t cng nhau do co

c s chung la

1 va 3, d da

ng th y 13 va 500 cung la mt
c p s nguyn t cng nhau. M t s nguyn t se

la

nguyn t cu

ng nhau v

i t t ca

ca

c
s nguyn kha

c tr

ca

c b i s cu

a no

.
M t ca

ch d nh t ti

nh toa

n ra

c s chung l

n nh t cu

a hai s la

nh

va

o thu t
toan Euclid. Knuth m ta

thu t toa

n va

m t va

i m hi

nh cu

a thu t toa

n a

c s

a i.
D

i y la

oa n ma

ngu n trong ngn ng

C:
/* Thu t toa

n ti

c s chung l

n nh t cu

a x va

y, gia s x,y>0 */
int gcd(int x, int y)
{
int g;
if(x<0)
Chng II: C s

ton hoc
18
x=-x;
if(y<0)
y= -y;
g=y;
while(x>0){
g=x;
x=y%x;
y=g;
}
return g;
}
3.4. Vanh Z
N
(vanh ng d module N)
T p ca

c s nguyn Z
N
= {0, 1, , N-1} trong o

N la

m t s t nhin dng v

i
hai phe

p toa

n c ng (+) va nhn (.) c i nh nghi

a nh sau ta o tha

nh m t vanh ng d
modulo N (hay co

n go i la

t p th ng d y u

theo modulo N):


Phep cng:
a, b eZ
N
: a+b = (a+b) mod N.
Phep nhn:
a, b eZ
N
: a . b = (a * b) mod N.
Theo ti

nh ch t cu

a modulo s ho c chu

ng ta d da

ng nh n th y Z
N
la mt vanh giao
hoan va kt hp. H u h t ca

c ti

nh toa

n trong ca

c h ma

m t u c th c hi n trn m t
vanh Z
N
nao .
Trn va

nh Z
N
s 0 la phn t trung ha v a + 0 = 0 + a = a, a eZ
N
, s 1 c go i
la phn t n vi v a . 1 = 1 . a = a a eZ
N
.
3.5. Ph n t

nghi ch a

o
Trn tr

ng s th c R, s nghi ch a

o cu

a 5 la 1/5, b

i vi

5 1/5=1. Cn trn mt
vanh s nguyn Z
N
ng

i ta a ra kha

i ni m v s nghi ch a

o cu

a m t s nh sau:
Gia s a eZ
N
va tn tai b eZ
N
sao cho a.b = (a*b) mod N = 1. Khi o

b c go i la


ph n t

nghi ch a

o cu

a a trn Z
N
va ky hiu la a
-1
= b.
Vi c ti

m ph n t

nghi ch a

o cu

a m t s a eZ
N
cho tr

c th c ch t tng ng
v

i vi c ti

m hai s b va

k sao cho: a.b = k.N + 1 trong o

b, k eZ
N
. Hay vi t go n la i la

:
a
-1
b (mod N )
i nh ly

v s t n ta i cu

a ph n t

nghi ch a

o : N u GCD(a, N) = 1 th tn tai duy


nh t 1 s b eZ
N
la phn t nghich ao cua a, ngha la tha man a.b = (a*b) mod N = 1.
Chng II: C s

ton hoc
19
3.6. Ham phi le
V

i m i s nguyn N , gia tri cua ham phi le cua N la tng s tt ca cac s


nguyn eZ
N
va nguyn t cng nhau vi N . Ch ng ha n n u P la

m t s nguyn thi

gia

tri
ham phi le cua P: C(P) = P 1 ho c n u N = p*q trong o

p va

q la

hai s nguyn t thi


C(N) = (p-1)*(q-1).
Trong tr

ng h p t ng qua

t n u da ng phn tich ra tha s nguyn t cua N la:


1 2
1 2
...
k
k
N p p p
o o o
=

trong o

p
i
la cac s nguyn t cn o
i
la cac s nguyn dng th gia tri cua ham
phi le c ti

nh nh sau:
1 2
1 1 1
1 1 2 2
( ) ( 1) ( 1) ...( 1)
k
k k
N p p p p p p
o o o
|

=

Lin quan t

i kha

i ni m v ham phi le chng ta c inh ly le phat biu nh sau:


a e Z
*
N
= Z
N
{0} va GCD(a, N) = 1 ta co


( )
1(mod )
N
a N
|
. C ngha la
( ) N
a
|
chinh la gia tri nghich ao cua a trn Z
N
.
M t tr

ng h p ring cua inh ly le chinh la inh ly Fermat nh: N u P la

m t s
nguyn t thi

a e Z
*
P
ta co


1
1(mod )
P
a P

. y la

m t trong nh

ng i nh ly

e p nh t
cua s hoc.
V

i m i s nguyn N va

nh Z
*
N
g m ca

c ph n t

thu c Z
N
va nguyn t cng nhau
v

i N, hay no

i ca

ch kha

c: Z
*
N
= {x: xeZ
N
, (x, N) = 1} = {x: xeZ
N
,
( )
1
N
x
|
= }.
V

i m i ph n t

a e Z
N
, b c t cu

a a (ky hiu la ord(a)) la s nh nht sao cho : a


t
=
1. Theo i nh ly

le ta suy ra |(N) chia h t cho t.


Cu th vi N = 21 ta co

ba

ng sau:
aeZ
*
21
1 2 4 5 8 10 11 13 16 17 19 20
Ord(a) 1 6 3 6 2 6 6 2 3 6 6 2
Bang 2.1: Bang bc cua cac phn t trn Z
*
21
N u b c cu

a a e Z
*
N
b ng |(N) th a c goi la phn t sinh hay phn t nguyn thuy
cua tp Z
*
N
. Va nu tp Z
*
N
ch c mt phn t sinh th n c goi la mt cyclic.
3.7. Th ng d b c hai
Gia s a e Z*
N
, khi o

a c goi la thng d b c 2 theo modulo N n u t n ta i x e


Z*
N
sao cho x
2
= a (mod N). T p ca

c ph n t

th ng d theo modulo N c ky

hi u la

Q
N
,
t p ca

c ph n t

khng th ng d theo modulo N c goi la bt thng d theo modulo N


va ky hiu la
N
Q .
Chng II: C s

ton hoc
20
i nh ly

: n u p la

m t s nguyn t le

va

o la mt phn t sinh cua Z*


N
, khi o

a la


m t th ng d b c 2 theo modulo N khi va

chi

khi a = o
i
mod p, trong o

i la

s nguyn le

.
T

i nh ly

na

y suy ra ( 1) / 2
N N
Q p Q = = .
Vi du vi p = 13, o = 6 e Z
13
ta co

ba

ng sau:
i 0 1 2 3 4 5 6 7 8 9 10 11
o
i
mod 13 1 6 10 8 9 2 12 7 3 5 4 11
Bang 2.2: Bang luy tha trn Z
13
Do o

Q
13
= {1, 3, 4, 9, 10, 12} va
13
Q = {2, 5, 6, 7, 8, 11}.
V

i a e Q
N
. N u x e Z*
N
tha man x
2
= a (mod N) th a c goi la cn bc hai cua
x theo modulo N.
3.8. Thu t toa

n lu

y th

a nhanh
c th tm phn t nghich ao cua mt s nguyn a trn mt vanh Z
N
cho tr

c
chng ta c th s dung inh ly le tinh gia tri luy tha cua a vi s mu la gia tri ham
phi le cu

a N. Tuy nhin co

th nhanh cho

ng t inh c gia tri luy tha nay chng ta


c n co

m t thu t toa

n hi u qua

va

m t trong ca

c thu t toa

n o

(cn nhiu thut toan khac


ph

c ta p hn) la thut toan luy tha nhanh . Thu t toa

n na

y do Chivers a ra va

o nm
1984. Cac bc cua thut toan nh sau:
Input: a, m, N.
Output: a
m
mod N.
Begin
Phn ti

ch m tha

nh da ng nhi phn m = b
k
b
k-1
b
0
.
j = 0, kq = a;
while (k>=j)
{
if (b
j
==1)
kq = (kq * a) mod N;
a = (a * a) mod N;
j = j + 1;
}
return kq;
end
M t ca

i t kha

c b ng ngn ng

C nh sau:
long modexp(long a, long x, long n)
{
Chng II: C s

ton hoc
21
long r = 1;
while (x > 0){
if (x % 2 == 1) /* is x odd? */
r = (r * a) % n;
a = (a*a) % n;
x /= 2;
}
return r;
}
Thu t toa

n na

y cha y khng qua

log
2
(m+1) b

c.
3.9. Thu t toa

n clit m

r ng
Trong ph n 3.3 chng ta a bit thut toan clit c dng tm c s chung
l

n nh t cu

a ha i s nguyn va

trong ph n 3.7 chng ta a bit cach tm mt phn t


nghich ao cua m t s b ng ca

ch s

du ng thu t toa

n lu

y th

a nhanh tuy nhin v n co


m t thu t toa

n hi u qu a khac tm phn t nghich ao goi la thut tan clit m rng


(do d a trn thu t toa

n clit). Cac bc cua thut toan nh sau:


input: a, N v

i GCD(a, N) = 1
output: a
-1

begin
g
0
=n, g
1
= a, u
0
= 1, u
1
= 0, v
0
= 0, v
1
= 1, i = 1;
while (g
i
<>0 )
{
y = g
i-1
div g
i
;
g
i+1
= g
i-1
y*g
i
;
u
i+1
= u
i-1
y*u
i
;
v
i+1
= v
i-1
v*u
i
;
i = i + 1;
}
x = v
i-1
;
if(x>0) then
return x;
else
return (N+x);
end;
Chng II: C s

ton hoc
22
3.10. Phng tri

nh ng d b c nh t 1 n
Phng tri

nh ng d b c nh t 1 n la phng trnh c dang:


ax b (mod N) trong o

a, b e Z
N
la cac h s cn x la n s.
N u nh GCD(a, N) = 1 chng ta c th tm a
-1
sau o

nhn va

o 2 v cu

a phng
trnh va tm ra nghim mt cach d dang tuy nhin nu g = GCD(a, N) la mt gia tri khac 1
th sao? Khi o

ba

i toa

n co

th v nghi m ho c co

nhi u nghi m . Chng ta xet i nh ly


sau:
Gia s g = GCD(a, N) va nu b chia ht cho g th phng trnh ng d bc nht 1
n:
ax b (mod N)
s c g nghim c dang
x ((b/g)x
0
+ t(n/g)) (mod N) trong o

t = 0, , g-1,
va x
0
la nghim cua phng trnh (a/g)x 1 (mod N/g).
3.11. i nh ly

ph n d Trung Hoa.
i nh ly

ph n d Trung Hoa la

m t inh ly quan trong cua s hoc c cac nha


toan hoc Trung Quc kham pha ra vao th ky th nht. i nh ly

pha

t bi u nh sau:
N u d
1
, d
2
, , d
k
la cac s nguy n i m t nguyn t cu

ng nhau va

N = d
1
d
2
d
k

th h phng trnh ng d:
x x
i
(mod d
i
), i=1, 2, , k
s c mt nghim thuc vao Z
N
. Nghi m cu

a h co

ti

nh theo cng th

c sau:
1
( / ) (mod )
k
i i i
i
x N d y x N
=
=

trong o

y
i
la cac nghim cua cac phng trnh ng d (N/d
i
) y
i
1(mod d
i
).
D

i y la

oa n ma

i nh ly

ph n d trung hoa trong ngn ng

C :
int chinese_remainder(int r, int *m, int *u)
{
int i;
int modulus;
int n;
modulus = 1;
for ( i=0; i<r:++i )
modulus *=m[i];
n=0;
for ( i=0; i<r:++i )
Chng II: C s

ton hoc
23
{
n+=u[i]*modexp(modulus/m[i],totient(m[i]),m[i]);
n%=modulus;
}
return n;
}
4. Cc thu t toa

n ki m tra s nguyn t .
Ham m t phi

a (one-way functions) la mt khai nim c ban cua ma hoa cng


khai. Vi c nhn hai s nguyn t la

m t vi

du v ham mt phia , nhn ca

c s nguyn t
l

n ta o tha

nh m t h p s la

d , nhng cng vi c ng c la i phn ti

ch m t s nguyn
l

n tha

nh da ng th

a s nguyn t lai la mt bai toan kh (cha co

m t thu t toa

n t t).
Cac thu t toa

n ma

hoa

kha cng khai u c n phai s dung cac s nguyn t . C


m t s phng pha

p sinh ra s nguyn t va hu ht chng u da trn cac thut


toan kim tra tinh nguyn t cua mt s nguyn . Tuy nhin co

m t s v n c t ra
i v

i s nguyn t nh sau
- Trong m t h th ng co

th a

m ba

o hai ng

i du

ng se

c s

du ng hai s
nguyn t kha

c nhau hay khng ? Cu tra

i la

co

th vi

co

i 10
150
s nguyn t co


dai 512 bits ho c nho

hn.
- Kha nng hai ngi dng s la chon cng mt s nguyn t la bao nhiu. V

i s
l a cho n t

10
150
s nguyn t , i u ky

xay ra vi xac xu t nho

hn so v

i s t b c cha

y
cua may tinh.
Cac loai thut toan kim tra s nguyn t c chia lam hai loai : thu t toa

n t t i nh
va thut toan xac sut. Cac thut toan tt inh cho chng ta bit chinh xac cu tr a li mt
s nguyn co

pha

i la

m t s nguyn t hay khng co

n m t thu t toa

n xac sut cho bi t


xac sut cua mt s nguyn la mt s nguyn t la bao nhiu . Trong ph n na

y se

tri

nh
bay mt s thut toan kim tra s nguyn t ph bi n.
4.1. M t s ky

hi u toa

n ho c
4.1.1. Ky hiu Lagrng (Legendre Symbol)
Ky hiu L(a,p) c i nh nghi

a v

i a la

m t s nguyn va

p la

m t s nguyn t l

n
hn 2. N nhn ba gia tri 0, 1, -1 :
L(a,p) = 0 n u a chia h t cho p.
L(a,p) = 1 n u a e Q
N
(a la

th ng d b c 2 modulo p).
L(a,p) = -1 n u a e
N
Q (a khng la th ng d b c 2 modulo p).
M t phng pha

p d da

ng ti

nh toa

n ra L(a,p) la :
L(a,p) = a
(p-1)/2
mod p
Chng II: C s

ton hoc
24
4.1.2. Ky hiu Jacobi (Jacobi Symbol)
Ky hiu Jacobi c vit la J (a,n), n la s khai quat hoa cua ky hiu Lagrng , n
i nh nghi

a cho b t ky

c p s nguyn a va

n nao. Ky hiu Jacobi la mt chc nng trn


t p h p s th ng d th p cu

c s n va

co

th ti

nh toa

n theo cng th

c sau:
- N u n la

s nguyn t , th J(a,n) = 1 n u a la

th ng d b c hai modulo n .
- N u n la

s nguyn t , th J(a,n) = -1 n u a khng la

th ng d b c hai modulo
n .
- N u n khn g pha

i la

s nguyn t thi

Jacobi (a,n) s c tinh theo cng thc


sau:
- J(a,n)=J(h,p
1
) J(h,p
2
) . . . J(h,p
m
)
v

i p
1
,p
2
. . .,p
m
la cac tha s ln nht cua n.
Thu t toa

n na

y ti

nh ra s Jacobi tu n hoa

n theo cng th

c sau :
1. J(1,k) = 1
2. J(ab,k) = J(a,k) J(b,k)
3. J(2,k) =1 N u (k
2
-1)/8 la chia ht va J(2,k) = -1 trong ca

c tr

ng h p kha

c.
4. J(b,a) = J((b mod a),a)
5. N u GCD(a,b)=1 :
a. J(a,b) J(b,a) = 1 n u (a-1)(b-1)/4 la chia ht.
b. J(a,b) J(b,a) = -1 n u (a-1)(b-1)/4 la cn d.
Sau y la

thu t toa

n trong ngn ng

C :
int jacobi(int a,int b)
{
int a1,a2;
if(a>=b)
a%=b;
if(a==0)
return 0;
if(a==1)
return 1;
if(a==2)
if(((b*b-1)/8)%2==0)
return 1;
else
return -1;
Chng II: C s

ton hoc
25
if(a&b&1) (ca a va b u la s d)
if(((a-1)*(b-1)/4)%2==0)
return +jacobi(b,a);
else
return -jacobi(b,a);
if(gcd(a,b)==1)
if(((a-1)*(b-1)/4)%2==0)
return +jacobi(b,a);
else
return -jacobi(b,a);
return jacobi(a1,b) * jacobi(a2,b);
}
Trn th c t co

th ti

nh c ky

hi u Jacobi m t ca

ch thu n l i hn n u d a va

o 1
trong ca

c ti

nh ch t sau, gia s m, n la

ca

c s nguyn le

, a, b e Z:
(i) J(a*b, n) = J(a, n) * J(b, n) do o

J(a
2
, n) = 1.
(ii) J(a, m*n) = J(a, m) * J(a, n).
(iii) n u a b (mod n) th J(a, n) = J(b, n).
(iv) J(1, n) = 1.
(v) J(-1, n) = (-1)
(n-1)/2

(vi) J(m, n) = J(n, m) * (-1)
(m-1)*(n-1)/4
4.2. Thu t toa

n Soloway-Strassen
Soloway va

Strassen a

pha

t tri n thu t toa

n co

th ki m tra s nguyn t . Thu t


toan nay s dung ham Jacobi.
Thu t toa

n ki m tra s p la

s nguyn t :
1. Chon ngu nhin mt s a nh hn p.
2. N u

c s chung l

n nh t gcd(a,p) = 1 th p la hp s.
3. Tinh j = a
(p-1)/2
mod p.
4. Tinh s Jacobi J(a,p).
5. N u j = J(a,p), th p khng phai la s nguyn t.
6. N u j = J(a,p) th ni p c th la s nguyn t vi chc chn 50%.
L p la i ca

c b

c na

y n l n , m i l n v

i m t gia tri ngu nhin khac nhau cua a .


Ph n d cu

a h p s v

i n phe

p th

la

khng qua

2
n
.
Th c t khi th c hi n chng tri

nh, thu t toa

n cha y v

i t c kha nhanh.
Chng II: C s

ton hoc
26
4.3. Thu t toa

n Rabin-Miller
Thu t toa

n na

y c pha

t tri n b

i Rabin , d a trn m t ph n y

ng cu

a Miller .
Th c t nh

ng phin ba

n cu

a thu t toa

n a

c gi

i thi u ta i NIST . (National Institute of


Standards and Technology).
u tin la chon ngu nhin mt s p kim tra. Vi t p d

i da ng p = 1+2
b
m trong
o

m la

m t s le

.
Sau y la

thu t toa

n :
1. Chon mt s ng u nhin a, va gia s a nh hn p.
2. t j=0 va z=a
m
mod p.
3. N u z=1, ho c z=p-1 th p a qua bc kim tra va c th la

s nguyn t .
4. N u j > 0 va z=1 th p khng phai la s nguyn t.
5. t j = j+1. N u j < b va

z = p-1 th t z=z
2
mod p va

tr

la i b

c 4.
6. N u j = b va

z = p-1, th p khng phai la s nguyn t.


4.4. Thu t toa

n Lehmann.
M t phng pha

p n gia

n hn ki m tra s nguyn t c pha

t tri n c l p b

i
Lehmann. Sau y la

thu t toa

n v

i s b

c l p la

100.
1. Chon ngu nhin mt s n kim tra.
2. Ch c ch n r ng n khng chia h t cho ca

c s nguyn t nho

nh 2,3,5,7 va 11.
3. Chon ngu nhin 100 s a
1
, a
2
, . . . , a
100
gi

a 1 va n-1.
4. Tinh a
i
(n-1)/2
(mod n) cho t t ca

a
i
= a
1
. . . a
100
. D

ng la i n u ba n ti

m th y a
i
sao
cho phe

p ki m tra la

sai.
5. N u a
i
(n-1)/2
= 1 (mod n) v

i mo i i, th n c th la hp s.
N u a
i
(n-1)/2
= 1 ho c -1 (mod n) v

i i b t ky

, th n la hp s.
N u a
i
(n-1)/2
= 1 ho c -1 (mod n) v

i mo i i = 1, th n la s nguyn t.
5. Bai tp
Bai tp 2.1: hy tnh 17
53
mod 29, hi cn dng it nht la bao nhiu phep nhn
tm ra kt qua.
Bai tp 2.2: Tnh 876
611
mod 899.
S

du ng m t trong ca

c ngn ng

l p tri

nh C, C++, Java ho c C# lam cac bai tp sau:


Bai tp 2.3: Vi t chng tri

nh ca

i t thu t toa

n ti

m ph n t

nghi ch a

o.
Bai tp 2.4: Vi t chng tri

nh ca

i t thu t toa

n lu

y th

a nhanh.
Bai tp 2.5: Vi t chng tri

nh gia

i h phng tri

nh ng d b c nh t hai n.
Bai tp 2.6: Vi t chng tri

nh ca

i t thu t toa

n ki m tra s nguyn t v

i input la


m t s nguyn nh hn 2000000000.
Chng II: C s

ton hoc
27
Bai tp 2.7: Vi t chng tri

nh ca

i t th vi n s nguyn l

n v

i ca

c thao ta

c ti

nh
toan c ban: nhn, chia, c ng tr

, l y modulo.
Bai tp 2.8: S

du ng th vi n s l

n ( bai tp 2.5 ho c m t th vi n ma

ngu n
m

) cai t cac thut toan kim tra s nguyn t c trnh bay trong phn 4 cua chng
2.

Chng III: Cc h ma khoa bi mt
28
CHNG III: CAC H MA KHOA BI MT
1. Cc h ma c in
1.1. H ma

hoa

thay th (substitution cipher)


H ma

hoa

thay th la

h ma

hoa

trong o

m i ky

t cu

a ba

n ro

c thay th b ng
ky t khac trong ban ma (c th la mt ch cai, m t s ho c m t ky

hi u).
C 4 ky thut thay th sau y:
1. Thay th n (A simple substitution cipher): la h trong mt ky t cua ban r
c thay b ng m t ky

t tng

ng trong ba

n ma

. M t a

nh xa 1-1 t

ba

n ro

i
ban ma c s dung ma hoa toan b thng ip.
2. Thay th ng m (A homophonic substitution cipher ): gi ng nh h th ng ma


hoa thay th n , ngoai tr mt ky t cua ban r c th c anh xa ti mt
trong s m t va

i ky

t cua ban ma : s a

nh xa 1-n (one-to-many). Vi du, A


c th tng ng vi 5, 13, 25, ho c 56, B co

th tng

ng v

i 7, 19, 31,
ho c 42, v.v.
3. Thay th a m u t (A polyalphbetic substitution cipher): c ta o nn t

nhi u
thu t toa

n ma

hoa

thay th n. Anh xa 1-1 nh trong tr

ng h p thay th n,
nhng co

th thay i trong pha m vi m t thng i p . Vi du, c th c nm thut


toan ma hoa n khac nhau c s dung ; c bi t thu t toa

n ma

hoa

n
c s

du ng thay i theo vi tri

cu

a m i ky

t trong ba

n ro

.
4. Thay th a s (A polygram substitution cipher ): la thut toan trong cac
kh i ky

t c ma

hoa

theo nho

m . y la

thu t toa

n t ng qua

t nh t , cho phe

p
thay th ca

c nho

m ky

t cu

a vn ba

n g c . Vi du, ABA co

th tng

ng v

i
RTQ, ABB co

th tng

ng v

i SLL, v.v.
1.2. H ma

Caesar
H ma

Caesar la mt h ma hoa thay th n m lam vic trn bang ch cai ting


Anh 26 ky t (A, B, ... , Z). y la

h ma

c i n va

n gia

n nh t a

ng c du

ng
trong th c t b

i hoa

ng La ma

Caesar nn c t theo tn cu

a vi hoa

ng na

y.
Khng gian ca

c ba

n ro

P la cac thng ip c tao t

ba

ng ch

ca

i A ( tin trnh
bay chng ta xem y la mt bang ch cai tng quat). Tng t khng gian ca

c ba

n ma

C
P. Gia s s phn t cua bang ch cai |A| = N.
ma

ho

a ng

i ta a

nh s ca

c ch

ca

i t

0 t

i N-1. Khng gian kho

a K = Z
N
. V

i
m i kho

a K e K ham ma ha va giai ma mt ky t c s th t la i s c thc hin nh


sau:
Ma ha: E
K
(i) = (i + k) mod N.
Giai ma: D
K
(i) = (i k) mod N.
H ma

Caesar v

i ba

ng ch

ca

i ti ng Anh se

co

N = 26 ch

ca

i, bang ch cai c
a

nh s nh sau:

Chng III: Cc h ma khoa bi mt
29
A B C D ... L M N ... W X Y Z
0 1 2 3 ... 11 12 13 ... 22 23 23 25
Bang 3.1: Bang anh s cac ch cai ting Anh
Cac phep tinh toan s hoc c th c hi n trn va

nh Z
26
, s kho

a co

th s

du ng
la 26 nhng trn th c t chi

co

25 kha c ich.
Vi du: v

i k=3 (tr

ng h p a

c hoa

ng Caesar s

du ng), ky t A c thay
b ng D, B c thay b ng E, ... , W c thay b ng Z, ... , X c thay b ng A, Y c
thay b ng B, va Z c thay bng C.
Bang ch cai gc:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Bang ch cai dng ma hoa:
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

Do o

ch ng ha n xu ANGLES se

c ma

ho

a tha

nh DQJOHV.
H ma

Caesar s

du ng phng pha

p thay th n m nn co

hi n t ng go i la


phu thuc tn sut xut hin cua ngn ng t nhin. Trong ngn ng

t nhin m t s ch


cai xut hin nhiu hn so vi cac ch cai khac (ch ng ha n trong ti ng Anh ca

c ch

ca

i
xu t hi n nhi u la

e, t, i, h ) nn ca

c ch

ca

i du

ng thay th cho chu

ng cu

ng xu t hi n
nhi u. i u na

y co

th d n ti h qua la ngi tham ma c th s dung phng phap th


thay th ca

c ky

t xu t hi n nhi u trong ba

n ma

b ng ca

c ky

t xu t hi n nhi u trn ca

c
vn ba

n th c t .
Trn th c t h ma

Caesar co

s kho

a i

t nn hoa

n toan c th tham ma bng cach


th

t t ca

ca

c kho

a co

th (ki u t n cng Brute force).


1.3. H ma

Affine
Khng gian ca

c ba

n ro

va

ba

n ma

cu

a h ma

la

ca

c xu c hi

nh tha

nh t

m t
bang ch cai A, gia s |A| = N. Khi o

khng gian kho

a cu

a h ma

c xa

c i nh nh sau:
K = { (a, b): a, b e Z
N
, (a, N) = 1}
ma

ho

a ng

i ta a

nh s ca

c ch

ca

i cu

a ba

ng ch

ca

i t

0 t

i N 1 va tin
hanh ma ha, giai ma tng ky t (thay th ) theo ca

c cng th

c sau:
Ma ha:
E
K
(x) = (a*x + b) mod N. Ky t ban r c s th t la x s c chuyn thanh ky t
c s th t la (a*x+b) mod N trong ba

ng ch

ca

i.
gia

i ma

ta c n ti

m a
-1
(do (a, N) = 1 nn lun ti

m c) va tin hanh cng thc


giai ma sau:
Chng III: Cc h ma khoa bi mt
30
D
K
(y) = a*(y - b) mod N. Ky t ban ma c s th t la y s c thay th bng ky t
c s th t la a*(y - b) mod N trong ba

ng ch

ca

i.
C th thy rng i vi mt h ma Affine th s kha c th s dung s la:
|K| = C(N) * N. Vi du vi N = 26 tng

ng v

i ba

ng ch

ca

i ti ng Anh chu

ng ta se


c C(26) * 26 = 12 * 26 = 312 kha. Con s na

y la

tng i nho

.
1.4. H ma

Vigenere
H ma

nay c t theo tn cua mt nha mt ma hoc ng

i Pha

p Blaise de
Vigenre (1523-1596).
i vi h ma nay khng gian cac ban ma va ban r cung la cac thng ip c
tao thanh t mt bang ch cai A nh trong h ma

Caesar, cac ch cai c anh s t 0


t

i N-1 trong o

N la

s ph n t

cu

a ba

ng ch

ca

i.
Khng gian kho

a K c xa

c i nh nh sau:
V

i m i s nguyn dng M , kha c dai M la mt xu ky t c dai M , K =


k
1
k
2
k
M
.
ma

ho

a m t ba

n ro

P ng

i ta chia P tha

nh ca

c oa n da

i M va chuyn thanh
s th

t tng

ng cu

a chu

ng trong ba

ng ch

ca

i , ch ng ha n X = x
1
x
2
x
M
. Khi o

vi c
ma ha va giai ma c thc hin nh sau:
E
K
(X) = (x
1
+ k
1,
x
2
+ k
2
, , x
M
+ k
M
) mod N
D
K
(Y) = (y
1
- k
1,
y
2
- k
2
, , y
M
- k
M
) mod N v

i N la

s ph n t

cu

a ba

ng ch

ca

i va Y
= y
1
y
2
y
M
la ban ma.
Vi du: xet A la bang ch cai ting Anh , ta co

N = 26 gia s kha c dai 6 va K =


CIPHER, ban r P = THIS CRYPTOSYSTEM IS NOT SECURE . Ta co

K = 2 8 15 7 4
17, P = 19 7 8 18 2 17 | 24 15 19 14 18 23 | 18 19 4 12 8 18 | 13 14 19 18 4 2 | 20 17 4.
Qua trnh ma ha thc hin nh sau:
P = 19 7 8 18 2 17 | 24 15 19 14 18 23 | 18 19 4 12 8 18 | 13 14 19 18 4 2 | 20 17 4
K = 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15
C = 21 15 23 25 6 8 | 0 23 8 21 22 14 | 20 1 19 19 12 9 | 15 22 8 25 8 19 | 22 25 19
V y ba

n ma

la

C = VPXZGI AXIVWO UBTTMJ PWIZIT WZT.


V th c ch t h ma

na

y la

k t h p cu

a nhi u ma

Caesar , trong h ma

Caesar
chng ta thay th tng ky t n le th trong h ma Vigenere na

y thay th t

ng b M ky


t lin ti p. V

i m i M chu

ng ta co

s kho

a co

th s

du ng la

N
M
, cu th la vi bang ch
cai ting Anh s c 26
M
kha c th s dung.
1.5. H ma

Hill
H ma

hoa

na

y d a trn ly

thuy t v a i s tuy n ti

nh do Lester S .Hill a ra nm
1929.
Ca khng gian ban r va ban ma u la cac xu c thanh lp t mt bang ch
cai A nh trong h ma

Vigenere.
Chng III: Cc h ma khoa bi mt
31
V

i m i s nguyn M kho

a cu

a h ma

la

m t ma tr n K vung ki

ch th

c MxM g m
cac phn t la c ac s nguyn thuc Z
N
trong o

N la

s ph n t

cu

a ba

ng ch

ca

i . i u
ki n ma tr n K co

th s

du ng la

m kho

a cu

a h ma

la

K pha

i la

m t ma tr n khng suy
bi n trn Z
N
hay no

i ca

ch kha

c la

t n ta i ma tr n nghi ch a

o cu

a ma tr n K trn Z
N
.
Cac ky t cua bang ch cai cung c anh s t 0 t

i N-1.
ma

ho

a m t ba

n ro

ng

i ta cu

ng chia ba

n ro

tha

nh ca

c xu co

da

i M ,
chuy n cac xu nay thanh s th t cua cac ch cai trong bang ch cai di dang mt
vect ha

ng M chi u va

ti n ha

nh ma

ho

a, giai ma theo cng thc sau:


Ma ha:
C = P * K.
Giai ma:
P = C * K
-1
.
Vi du: cho h ma

Hill co

M = 2 (kha la cac ma trn vung cp 2) va bang ch cai la


bang ch cai ting Anh, t

c la

N = 26. Cho kho

a
K =
|
|
.
|

\
|
5 2
3 3

Hay ma ha xu P = HELP va

gia

i ma

ng c la i ba

n ma

thu c.
ma

ho

a chu

ng ta chia xu ban r thanh hai vecto hang 2 chi u HE (7 4) va LP


(11 15) va tin hanh ma ha ln lt.
V

i P
1
= (7 4) ta co

C
1
= P
1
* K =( ) 7 4
|
|
.
|

\
|
5 2
3 3
= ( ) 3 15 = ( ) D P
V

i P
2
= (11 15) ta co

C
2
= P
2
* K =( ) 11 15
|
|
.
|

\
|
5 2
3 3
= ( ) 11 4 = ( ) L E
V y ba

n ma

thu c la

C = DPLE.
gia

i ma

ta ti

nh kho

a gia

i ma

la

ma tr n nghi ch a

o cua ma trn kha trn Z


26

theo cng th

c sau:
V

i K =
11 12
21 22
k k
k k
| |
|
\ .
va det(K) = (k
11
*k
22
k
21
*k
12
) mod N la

m t ph n t

co

ph n t


nghich ao trn Z
N
(ky hiu la det(K)
-1
) th kha giai ma s la
K
-1
= det(K)
-1
*
22 12
21 11
k -k
-k k
| |
|
\ .

Chng III: Cc h ma khoa bi mt
32
Ap dung vao trng hp trn ta c det(K) = (15 - 6) mod 26 = 9. GCD(9, 26) =1 nn
ap dung thut toan clit m rng tm c det (K)
-1
= 3. V y K
-1
= 3 *
5 23
24 3
| |
|
\ .
=
|
|
.
|

\
|
9 20
17 15
.
Qua trnh giai ma tin hanh ging nh qua trnh ma ha vi kha ma ha thay bng
kha giai ma.
Giai ma C = DP = ( 3 15 ), P = C * K
-1
= (3 15) *
|
|
.
|

\
|
9 20
17 15
= ( ) 3 15 = HE.
Tng t giai ma xu C = LE kt qua s c ban r P = LP.
Ch y la trong vi du trn chng ta s dung kha K c kich thc nh nn d dang
tm c kha giai ma cn trong trng hp tng quat iu nay la khng d dang.
1.6. H ma

i ch (transposition cipher)
M t h ma

hoa

i ch la

h ma

hoa

trong o

ca

c ky

t cu

a ba

n ro

v n c gi


nguyn, nhng th

t cu

a chu

ng c i ch cho nhau.
Vi du mt h ma hoa i ch ct n gian , ban r c vit theo hang ngang trn
trang gi y v

i da

i c i nh, va ban ma c oc theo hang doc.


Ban r: COMPUTER GRAPHICS MAY BE SLOW BUT AT LEAST ITS EXPENSIVE
COMPUTERGR
APHICSMAYB
ESLOWBUTAT
LEASTITSEX
PENSIVE
Ban ma: CAELPOPSEEMHLANPIOSSUCWTITSBIUEMUTERATSGYAERBTX
Bang 3.2: Ma hoa thay i vi tri ct
Phng pha

p na

y co

ca

c ky

thu t sau:
1. a

o ngc toa

n b ba

n ro

: ngha la ban r c vit theo th t ngc lai


tao ra ban ma . y la

phng pha

p ma

hoa

n gia

n nh t vi

v y khng a

m
bao an toan.
Vi du : ban r TRANSPOSITION CIPHER c ma hoa thanh
REHPICNOITISOPSNART.
2. Ma ho theo mu hinh hoc : ban r c sp xp lai theo mt m u hi

nh ho c
nao , th

ng la

m t ma

ng ho c m t ma tr n hai chi u.
Vi du: ban r LIECHTENSTEINER c vit thanh ma trn 35 theo ha

ng nh
sau:
C t 1 2 3 4 5
Ban r L I E C H
Chng III: Cc h ma khoa bi mt
33
T E N S T
E I N E R
Bang 3.3: Ma ha theo mu hnh hoc
N u l y ca

c ky

t ra theo s th

t c t 2, 4, 1, 3, 5 th s c ban ma
IEICSELTEENNHTR.
i ch ct: u tin i ch cac ky t trong ban r thanh dang hnh ch nh t theo
c t, sau o

ca

c c t c s p x p la i va

ca

c ch

ca

i c l y ra theo ha

ng ngang
Vi du: ban r gc la NGAY MAI BAT DAU CHIEN DICH XYZ c vit di dang
ma tr n 55 theo c t nh sau:
C t 1 2 3 4 5
Ban r N A D I C
G I A E H
A B U N X
Y A C D Y
M T H I Z
Bang 3.4: Vi du ma ha theo mu hnh hoc
V c 5 c t nn chu

ng co

th c s p la i theo 5!=120 cach khac nhau. tng


an toa

n co

th cho n m t trong cac cach sp xp lai .


N u ta chuy n vi ca

c c t theo th

t 3, 5, 2, 4, 1 r i l y ca

c ky

t ra theo ha

ng
ngang ta se

c ba

n ma

la

DCAINAHIEGUXBNACYADY HZTIM . Lu y

r ng ca

c ky

t
cach c b i.
Han ch cua phng phap nay la toan b cac ma trn ky t phai c sinh ma
hoa va giai ma.
3. Hon vi cc ky t cua bn ro theo chu ky c inh d : N u ha

m f la

m t hoa

n
vi cua mt khi gm d ky t th khoa ma hoa c biu din bi K(d,f).
Do v y, ban r:
M = m
1
m
2
...m
d
m
d+1
...m
2d

V

i m
i
la cac ky t , va ban ro

se

c ma

hoa

tha

nh
Ek(M) = m
f(1)
m
f(2)
...m
f(d)
m
f(d)+1
...m
d+f(d)

Trong o

m
f(1)
m
f(2)
...m
f(d)
la mt hoan vi cua m
1
m
2
...m
d
.
Vi du: gia s d=5 va f hoa

n vi da

y i=12345 thanh f(i)=35142


Vi tri u Vi tri hoan vi T

Ma hoa
1 3 G O
2 5 R P
Chng III: Cc h ma khoa bi mt
34
3 1 O G
4 4 U U
5 2 P R
Bang 3.5: Ma ha hoan vi theo chu ky
Theo ba

ng trn, ky t u trong khi 5 ky t c chuy n t

i vi tri

th

3, ky t th
hai c chuy n t

i vi tri

th

5, ... Ch ng ha n t

g c GROUP c ma

hoa

tha

nh
OPGUR. B ng ca

ch o

, ban r I LOVE BEETHOVENS MUSIC s c chuyn thanh


OEIVLEHBTEESONVSCMIU.
H ma

ADFGV cu

c , c s

du ng trong su t chi n tranh th gi

i l n th

I , la
m t h ma

hoa

i ch (c s dung phng pha

p thay th n gia

n). N c coi la mt
thu t toa

n ma

hoa

ph

c ta p va

o th

i y nhng no

bi pha bi Georges Painvin , m t


nha tham ma ngi Phap . Trn th c t c rt nhiu h thng ma hoa s dung phng
phap i ch , nhng chng r t r c r i v thng i hi khng gian nh

n.
2. Cc h ma khi
Trong ph n na

y chu

ng ta se

ho c v ca

c h ma

kh i i n hi

nh la

chu n ma

ho

a d


li u DES (Data Encryption Standard), m t trong s ca

c h ma

kh i c s

du ng r ng ra

i
nh t va

la

n n ta

ng cho r t nhi u ca

c h ma

kh i kha

c.
Chu n ma

ho

a d

li u DES la

m t chu n ma hoa c cng b bi Uy ban Tiu


chun quc gia Hoa Ky vao 15/02/1977. H ma

na

y c xy dng da trn mt h ma
kh i ph bin c tn la LUCIFER va c phat trin bi IBM.
DES co

nhi u u i m (nhanh, thu t toa

n cng khai , d ca

i t ) va a tng c
s

du ng trn th c t trong m t th

i gian r t da

i (cho n tr

c u nh

ng nm 90) tuy
nhin theo th

i gian nng l c cu

a ca

c ma

y ti

nh pha

t tri n cu

ng v

i ca

c ky

thu t tha

m ma
m

i c a ra a

cho th y nhu c u v m t h ma

kh i ma nh hn va chun ma ha
cao cp AES a

ra

i . Chu n na

y ra

i d a trn m t cu c thi v thi t k m t h ma


kh i an toa

n hn (vao nm 1997) thay th cho DES cu

a U y ban Tiu chu n qu c gia cu

a
Hoa Ky (NIST). C rt nhiu h ma a c gi n lam ng c vin cho AES nhng
cu i cu

ng h ma

Rijndael cu

a hai ta

c gia

ng

i Bi

la

ti n si

Joan Daemen va

ti n si


Vincent Rijmen (vao nm 2001).
2.1. Mt ma khi
Cac h ma c in ma chng ta xem xet phn u chng nay u c c im
chung la tng ky t cua ban r c ma hoa tach bit. iu nay lam cho vic pha ma tr
nn d dang hn. Chinh v vy, trn thc t ngi ta hay dng mt kiu mt ma khac,
trong tng khi ky t cua ban r c ma hoa cng mt lc nh la mt n vi ma hoa
ng nht. Trong kiu ma hoa nay, cac tham s quan trong la kich thc ( dai) cua mi
khi va kich thc khoa.
iu kin ma hoa khi an toan:
- Kch thc khi phai u ln chng lai phng an tn cng bng phng
phap thng k. Tuy nhin iu nay s dn n thi gian ma hoa s tng ln.
Chng III: Cc h ma khoa bi mt
35
- Khng gian khoa, tc chiu dai khoa phai u ln chng lai phng an tn
cng bng vet can. Tuy nhin khoa phai u ngn vic tao khoa, phn phi va
lu tr khoa c d dang.
Khi thit k mt h ma khi, phai am bao hai yu cu sau:
- S hn loan (confusion): s phu thuc gia ban r va ban ma phai thc s
phc tap gy kh khn i vi vic tm quy lut tham ma. Mi quan h nay
tt nht la phi tuyn.
- S khuch tan (diffusion): Mi bit cua ban r va kha phai anh hng ln cang
nhiu bit cua ban ma cang tt.
Trong khi s hn loan (confusion) c tao ra bng ky

thu t thay th th s khuch


tn (diffusion) c tao ra bng cac ky

thu t hoan vi. Cac h ma khi ma chng ta xem


xet trong phn nay u tha man cac yu cu .
Ngoai cac h ma khi c trnh bay trong phn nay cn rt nhiu cac h ma khi
khac a phat trin q ua th

i gian (tai cac quc gia khac nhau va ng dung trong cac lnh
v c kha

c nhau), c th k ra y mt s h ma ni ting nh: Lucifer (1969), DES (1977),


Madryga (1984), NewDES (1985), FEAL, REDOC, LOKI (1990), Khufu and Khafre (1990),
RC2, RC4, IDEA (1990), MMB, CA-1.1, Shipjack, GOST, CAST, Blowfish, SAFER, 3-
Way, Crab, SXAL8/MBAL, SAFER, RC5, RC6 ...
c im chung cua cac h ma khi la qua trnh ma ha lam vic vi cac khi d
liu (thng dang xu bit) c kich thc khac nhau (ti thiu la 64 bit), kha cua h ma
cung la mt xu bit c dai c inh (56 bit vi DES, cac h ma khac la 128, 256, hoc
thm chi 512 bit). Tt ca cac h ma nay u da trn ly thuyt cua Shannon a ra nm
1949 va nu mang ma ha hai ban r ging nhau s thu c cng mt ban ma. Hoat
ng cua cac h ma khi thng c thc hin qua mt s ln lp, mi ln s s dung
mt kha con c sinh ra t kha chinh.
2.2. Chun ma ho d liu DES (Data Encryption Standard)
Vao cui thp nin 60, h ma Lucifer a c a ra bi Horst Feistel. H ma

na

y
g n li n v

i ha

ng IBM n i ti ng. Sau o

Uy ban Tiu chun Hoa Ky a

da

n x p v

i IBM
thut toan ma ha nay thanh min phi va phat trin n thanh chun ma ha d liu va
cng b va

o nga

y 15/02/1977.
2.2.1. M t s ma ho DES
M ta

t ng quan:
DES la

thu t toa

n ma

ho

a v

i input la

kh i 64 bit, output cu

ng la

kh i 64 bit. Kha
ma ha c dai 56 bit, th c ra chi

nh xa

c hn pha

i la

64 bit v

i ca

c bit

vi tri

chia h t
cho 8 c th s dung la cac bit kim tra tinh chn le . S kha cua khng gian kha K la
2
56
.
Chng III: Cc h ma khoa bi mt
36
Hnh 3.1: Chu n ma

ho

a d

li u DES
Thu t toa

n th c hi n 16 vng. T

kho

a input K, 16 kha con 48 bit K


i
s c sinh
ra, m i kho

a cho m t vo

ng th c hi n trong qua

tri

nh ma

ho

a . Trong m i vo

ng, 8 anh xa
thay th 6 bit tha

nh 4 bit S
i
(cn goi la hp S
i
) c cho n l a ky

ca

ng va

c i nh , ky hiu
chung la

S se

c s

du ng. Ban r 64 bit se

c s

du ng chia tha

nh hai n

a L
0
va R
0
.
Cac vng c chc nng ging nhau , nh n input la

L
i-1
va R
i-1
t

vo

ng tr

c va

sinh ra
output la

ca

c xu 32 bit L
i
va R
i
nh sau:
L
i
= R
i-1
; (1)
R
i
= L
i-1
f(R
i-1
, K
i
) trong o

f(R
i-1
, K
i
) = P( S( E(R
i-1
) K
i
) ); (2)
Trong :
la ky hiu cua phep tuyn loai tr (XOR) cua hai xu bit theo modulo 2.
Ham f la mt ham phi tuyn.
E la

hoa

n vi m

r ng a

nh xa R
i-1
t

32 bit tha

nh 48 bit (i khi t t ca

ca

c bit se


c s

du ng ho c m t bit se

c s

du ng hai l n).
P la

hoa

n vi c i nh kha

c cu

a 32 bit.
M t hoa

n vi bit kh

i u (IP) c s

du ng cho vo

ng u tin ; sau vo

ng cu i cu

ng
n

a tra

i va

pha

i se

c i cho nhau va

cu i cu

ng xu k t qua

se

c hoa

n vi bit l n
cu i b

i hoa

n vi ng c cu

a IP (IP
-1
).
Qua trnh giai ma din ra tng t nhng vi cac khoa con ng dung vao cac vng
trong theo th

t ng c la i.
C th hnh dung n gian la phn bn phai trong mi vng (sau khi m

r ng input
32 bit tha

nh 8 ky t 6 bit xu 48 bit) s thc hin mt tinh toan thay th phu thu c kho

a
trn m i m t ky

t trong xu 48 bit, va sau s dung mt phep chuyn bit c inh


phn b la i ca

c bit cu

a ca

c ky

t k t qua

hi

nh tha

nh nn output 32 bit.
Cac khoa con K
i
(ch

a 48 bit cu

a K) c ti

nh b ng ca

ch s

du ng ca

c ba

ng PC1 va
PC2 (Permutation Choice 1 va 2). Tr

c tin 8 bit (k
8
, k
16
,,k
64
) cua K bi b i (ap dung
PC1). 56 bit co

n la i c hoa

n vi va

ga

n cho hai bi n 28 bit C va

D, va sau trong 16
vng lp ca C va D s c quay 1 ho c 2 bit, va cac kha con 48 bit K
i
c cho n t

k t
qua cua vic ghep hai xu vi nhau.
Nh vy, ta c th m ta toan b thut toan sinh ma DES di dang cng thc nh
sau:
Y = IP
-1
- f
16
- T- f
15
- T- ... - f
2
- T- f
1
- IP(x)
Trong :
T m ta phep hoan vi cua cac khi L
i
R
i
(1 i 15).
f
i
m ta vic dng ham f vi khoa K
i
(1 i 16).
Thu t toa

n chi ti t:
Input: ban r M = m
1
m
2
m
64
, kha 64 bit K = k
1
k
2
k
64
(bao g m ca

8 bit ch n le

,
vi c thm bit ch n le

sao cho ca

c oa n kho

a 8 bit co

s bit 1 la le)
Chng III: Cc h ma khoa bi mt
37
Output: ban ma 64 bit C = c
1
c
2
c
64

1. Sinh kho

a con. Tinh cac kha con theo thut toan sinh kha con bn di
2. (L
0
,R
0
) IP(m
1
m
2
m
64
) (S

du ng ba

ng hoa

n vi IP hoa

n vi ca

c bit , k t qua


nh n c chia tha

nh hai n

a la

L
0
= m
58
m
50
m
8
, R
0
= m
57
m
49
m
7
.)
3. (16 vng) for i = 1 to 16
Tinh cac L
i
va R
i
theo ca

c cng th

c (1) va (2), vi c ti

nh
f(R
i-1
, K
i
) = P( S( E(R
i-1
) K
i
) ) c th c hi n nh sau:
a) M

r ng R
i-1
= r
1
r
2
r
32
t

32 bit tha

nh 48 bit b ng ca

ch s

du ng hoa

n vi m


r ng E.
T E(R
i-1
). (V th T = r
32
r
1
r
2
r
32
r
1
)
b) T T K
i
. Bi u di n T nh la

ca

c xu g m 8 ky t 6 bit T = (B
1
,,B
8
)
c) T (S
1
(B
1
), S
2
(B
2
),,S
8
(B
8
)). Trong o

S
i
(Bi) anh xa b
1
b
2
b
6
thanh cac xu 4
bit cu

a ph n t

thu c ha

ng r va

c t c cu

a ca

c ba

ng S
i
(S box) trong o

r = 2 * b
1

+ b
6
va c = b
2
b
3
b
4
b
5
la mt s nhi phn t 0 t

i 15. Ch ng ha n S
1
(011011) s
cho r = 1 va c = 13 va kt qua la 5 bi u di n d

i da ng nhi phn la

0101.
d) T P(T) trong o

P la

hoa

n vi c i nh hoa

n vi 32 bit cu

a T = t
1
t
2
t
32

sinh ra t
16
t
7
t
25
.
4. b
1
b
2
b
64
(R
16
, L
16
) ( i vi tri

ca

c kh i cu i cu

ng L
16
, R
16

5. C IP
-1
(b
1
b
2
b
64
) (Bi n i s

du ng IP
-1
, C = b
40
b
8
b
25
)
S 16 vng lp cua DES:
Chng III: Cc h ma khoa bi mt
38

Hnh 3.2: S ma hoa DES
K
16
(48 bit)
K
15
(48 bit)
Bn r (64 bit)
Bn m (64 bit)
IP
IP
-1
L
0
(32 bit)
L
1
= R
0
R
0
(32 bit)
R
1
= L
0
f(R
0
, K
1
)
f
K
1
(48 bit)
L
i
= R
i-1
L
15
= R
14
R
i
= L
i-1
f(R
i-1
, K
i
)
R
15
= L
14
f(R
14
, K
15
)
f
f
K
i
(48 bit)
L
16
= L
15
f(R
15
, K
16
) R
16
= L
15

f
Chng III: Cc h ma khoa bi mt
39
2.2.2. Hon vi IP va hon vi ngc IP
-1

Bang hoan vi IP c a ra trong bang di y:
58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7
Bang 3.6: Bang hoan vi IP
Bang hoan vi ngc IP
-1
:
40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
Bang 3.7: Bang hoan vi ng c IP
-1
Hai hoan vi IP v IP
-1
khng c y ngha g v mt mt ma ma hoan toan nhm tao
iu kin cho vic chip hoa thut toan DES.
S cu trc mt vng DES:

Hnh 3.3: S mt vng DES

L
i-1
R
i-1
Hm m
rng (E)
S-Box
P-Box
R
i
L
i
Trt t nn
(PC-2)
Kho
Kho
Vng dch Vng dch
Hm f
Kho K
Chng III: Cc h ma khoa bi mt
40
2.2.3. Thu t toa

n sinh kho

a con
M

i sa

u vng lp cua DES chay cng thut toan nh nhau nhng vi 16 kho con
khc nhau. Cac kho con u c sinh ra t khoa chinh cua DES bng mt thut toan
sinh khoa con. Khoa chinh K (64 bit) i qua 16 bc bin i, tai mi bc bin i nay
mt khoa con c sinh ra vi dai 48 bit.
C th m ta thut toan sinh cac kha con chi tit nh sau:
Input: kha 64 bit K = k1k2...k64 (bao g m ca

8 bit ki m tra ti

nh ch n le

)
Output: 16 kha con 48 bit K
i
, 1 s i s 16.
1) i nh nghi

a v
i
, 1 s i s 16 nh sau: v
i
= 1 i v

i i e {1,2,9,16}; v
i
= 2 cho ca

c
tr

ng h p kha

c (y la

ca

c gia

tri di ch trai cho cac quay vng 28 bit bn d

i).
2) T PC1(K); bi u di n T tha

nh ca

c n

a 28 bit (C
0
, D
0
) (S

du ng ba

ng PC1
chon cac bit t K: C
0
= k
57
k
49
...k
36
, D
0
= k
63
k
55
...k
4
.)
3) For i from 1 to 16, tinh cac K
i
nh sau: C
i
(C
i-1
v
i
), D
i
(D
i-1
v
i
), K
i

PC2(C
i
, D
i
). (S

du ng ba

ng PC2 chon 48 bit t

xu ghe

p b
1
b
2
...b
56
cua C
i
va D
i
: K
i
=
b
14
b
17
...b
32
. la

ky

hi u di ch vo

ng tra

i.)
S sinh ca

c kho

a con cua DES:


Chng III: Cc h ma khoa bi mt
41

Hnh 3.4: S tao khoa con cu

a DES
64 bit u vao s giam xung cn 56 bit bng cach b i 8 bit ( cac vi tri chia ht
cho 8), cac bit nay dng kim tra bit chn le. Sau 56 bit nay lai c trich ly 48 bit
sinh ra cho 16 vng khoa cua DES.
Bang trt t khoa (PC-1):
57 49 41 33 25 17 9 1 58 50 42 34 26 18
10 2 59 51 43 35 27 19 11 3 60 52 44 36
63 55 47 39 31 23 15 7 62 54 46 38 30 22
14 6 61 53 45 37 29 21 13 5 28 20 12 4
Bang 3.8: Bang PC-1
u tin 56 bit kho

a c chia ra thanh hai n

a 28 bit. Sau , hai n

a 28 bit ny
c dich vng trai hoc 1 hoc 2 bit phu thuc vao s bit di ch tng

ng v

i vng .
S bit dich cua cac vng (LS):
Vng l p 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Kho chnh (64 bit)
C
0
(28 bit) D
0
(28 bit)

PC-1
C
1
(28 bit) D
1
(28 bit)

LS
1
LS
1
C
i
(28 bit) D
i
(28 bit)

LS
2
LS
2
C
16
(28 bit) D
16
(28 bit)
LS
1
LS
1
PC-2
K
1
(48 bit)
PC-2
K
i
(48 bit)
PC-2
K
16
(48 bit)
Chng III: Cc h ma khoa bi mt
42
S bit dich 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
Bang 3.9: Bang dich bit tai cac vng lp cua DES
Sau khi dich vng, m t ba

ng cho n 48 bit c s

du ng. V ca

ch hoan vi nay cua


cac bit c chon nh mt t hp con cua cac bit nn c goi la hoan vi nen hay trt
t nen.
Bang trt t nen(PC-2):
14 17 11 24 1 5 3 28 15 6 21 10
23 19 12 4 26 8 16 7 27 20 13 2
41 52 31 37 47 55 30 40 51 45 33 48
44 49 39 56 34 53 46 42 50 36 29 32
Bang 3.10: Bang PC-2
Vi du nh chng ta c th nhn thy bit vi tri 33 cua khoa s dich sang vi tri 35 ra
ngoai, cn bit vi tri 18 cua khoa s bi b qua. Chinh vic dich vng nay, tao nn mt tp
hp con cua khoa c s dung trong mi t hp khoa. Mi bit c s dung khoang 14
ln trong tng s 16 t hp khoa, d khng phai tt ca cac bit c s dung mt cach
chinh xac cng mt lc trong mi ln s dung.
2.2.4. M t ham f
Hm f(R
i-1
,K
i
) la mt ham c hai bi n vao: bin th nht R
i-1
la mt xu bit c dai
32 bit, bin th hai khoa K
i
la mt xu bit c dai 48 bit. u ra cua f la mt xu bit c
dai 32 bit. Ham f c th la ham bt ky tuy nhin v ngun gc sc manh cua DES
nm trong ham f nn vic chon ham f phai cn thn tranh bi pha ma mt cach d dang.
Thng thng ham f c chon thng la ham c tinh cht f = f
-1
, tc f(f(x)) = x.
Trong s m ta ma hoa cua DES c cng b bi Uy ban Tiu chun Quc gia
Hoa Ky (The Untied States Nation Bureau of Standard), ham f thc hin cac vic sau:
Bin th nht R
i-1
c m rng thanh mt xu bit c dai 48 bit theo mt
ham m rng c inh E. Thc cht ham m rng E(R
i-1
) la mt hoan vi c lp trong lp
lai 16 bit cua R
i-1
.
Tnh E(R
i-1
) K
i
va vit kt qua thanh 8 xu 6 bit B
1
B
2
B
3
B
4
B
5
B
6
B
7
B
8
.
a 8 khi B
i
vao 8 bang S
1
, S
2
, ..., S
8
(c goi la cac hp S-Box). Mi hp
S-Box la mt bang 4*16 c inh c cac ct t 0 n 15 va cac hang t 0 n 3. Vi mi
xu 6 bit B
i
= b
1
b
2
b
3
b
4
b
5
b
6
, ta tinh c S
i
(B
i
) nh sau: hai bit b
1
b
6
xac inh hang r trong
hp S
i
, bn bit b
2
b
3
b
4
b
5
xac inh ct c trong hp S
i
. Khi , S
i
(B
i
) s xac inh phn t C
i
=
S
i
(r,c), phn t nay vit di dang nhi phn 4 bit. Nh vy, 8 khi 6 bit B
i
(1 i 8) s
cho ra 8 khi 4 bit C
i
vi (1 i 8).
Xu bit C = C
1
C
2
C
3
C
4
C
5
C
6
C
7
C
8
c dai 32 bit c hoan vi theo phep hoan
vi P (hp P-Box). Kt qua P(C) s la kt qua cua ham f(R
i-1
, K
i
), va cung chinh la R
i
cho
vng sau.
Ham f cung c th m ta bng hnh v sau:
Chng III: Cc h ma khoa bi mt
43

Hnh 3.5: S ham f
2.2.5. Hm (nh xa) m rng (E)
Ham m rng (E) s tng dai cua Ri t 32 bit ln 48 bit bng cach thay i cac
th t cua cac bit cung nh lp lai cac bit. Vic thc hin nay nhm hai muc ich:
Lam dai cua R
i
cng c vi khoa K thc hin vic cng modulo XOR.
Cho kt qua dai hn c th c nen trong sut qua trnh thay th.
Tuy nhin, ca hai muc ich nay u nhm mt muc tiu chinh la bao mt d liu.
Bng cach cho phep 1 bit c th chn vao hai vi tri thay th, s phu thuc cua cac bit u
ra vi cac bit u vao s trai rng ra. DES c thit k vi iu kin la mi bit cua ban
ma phu thuc vao mi bit cua ban r va khoa.
S ham m rng:
32 bit
32 bit
86 bit
R
i-1
(32 bit)
Hm m rng (E) Kho K
i
(48 bit)
S
1
S
2
S
3

S
4

S
5

S
6

S
7

S
8

P
R
i
(32 bit)
48 bit
84 bit
48 bit
Chng III: Cc h ma khoa bi mt
44

Hnh 3.6: S ham m rng (E)
i khi n c goi la ham E-Box, mi 4 bit cua khi vao, bit th nht va bit th t
tng ng vi 2 bit cua u ra, trong khi bit th 2 va 3 tng ng vi 1 bit u ra. Bang
sau y miu ta vi tri cua bit ra so vi bit vao.
Bang m ta ham m rng (E):
32 1 2 3 4 5 4 5 6 7 8 9
8 9 10 11 12 13 12 13 14 15 16 17
16 17 18 19 20 21 20 21 22 23 24 25
24 25 26 27 28 29 28 29 30 31 32 1
Bang 3.11: Bang m ta

ha

m m

r ng E
Vi du nh bit vi tri s 3 cua khi vao s di chuyn n vi tri s 4 cua khi ra va bit
vi tri 21 u vao s di chuyn n vi tri 30 va 32 u ra.
2.2.6. M t hp S - Box
i vi s ma hoa DES, moi tinh toan u la tuyn tinh, tc la vic tinh phep
tuyn loai tr XOR cua hai u ra cung ging vi phep tuyn loai tr XOR cua hai u
vao ri tinh toan u ra. Ch duy nht c cac tinh toan vi hp S la phi tuyn. Chinh v vy
cc hp S-Box (cha ng cac thanh phn phi tuyn cua h mt) la quan trong nht i
vi mt cua h ma, chinh cac hp S tao nn s hn loan (confusion) va s khuch tan
(diffusion) cua DES. Nm 1976, NSA a a ra tiu chun thit k hp S nh sau:
Mi hang trong mi hp S la mt hoan vi cua cac s nguyn t 0 n 15.
Khng c hp S nao la ham Affine hay tuyn tinh i vi cac u vao cua n.
S thay i cua mt bit u vao s dn n s thay i it nht hai bit u ra.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 1312 1314 15 16 1716
32
32
Chng III: Cc h ma khoa bi mt
45
i vi hp S bt ky va vi u vao x (mt xu bit c dai bng 6) bt ky, th
S(x) v S(x001100) phai khac nhau it nht la 2 bit.
NSA cung tit l 3 thuc tinh cua hp S, nhng thuc tinh nay am bao tinh
confusion va diffusion cua thut toan:
Cac bit vao lun phu thuc khng tuyn tinh vi cac bit ra.
Sa i mt bit vao lam thay i it nht la hai bit ra.
Khi mt bit vao c gi c inh va 5 bit cn lai cho thay i th hp S th hin
mt tinh cht c goi la phn b ng nht: so sanh s lng bit s 0 va 1 cac u
ra lun mc cn bng. Tinh cht nay khin cho vic phn tich theo ly thuyt thng k
tm cach pha hp S la v ich.
Sau khi cng modulo vi khoa K, kt qua thu c chui 48 bit chia lam 8 khi a
vao 8 hp S-Box. Mi hp S-Box c 6 bit u vao va 4 bit u ra (tng b nh yu cu
cho 8 hp S-Box chun DES la 256 bytes). Kt qua thu c la mt chui 32 bit tip tuc
vao hp P-Box.
Ta c th xy dng cac hp S cua ring mnh, tuy nhin cung c th dng cac hp
S chun a c cng b:
14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
Bang 3.12: Hp S
1

15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10
3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5
0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15
13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9
Bang 3.13: Hp S
2

10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8
13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1
13 6 4 9 8 15 3 0 11 1 2 12 15 10 14 7
1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12
Bang 3.14: Hp S
3

7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15
13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9
Chng III: Cc h ma khoa bi mt
46
10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4
3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14
Bang 3.15: Hp S
4

2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9
14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14
11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3
Bang 3.16: Hp S
5

12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11
10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8
9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6
4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13
Bang 3.17: Hp S
6

4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1
13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6
1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2
6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12
Bang 3.18: Hp S
7

13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7
1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2
7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8
2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11
Bang 3.19: Hp S
8

Vi d:
Gia s u vao cua hp S
6
la chui bit 110011 t 31 n 36 . Bit u tin va bit cui
cng kt hp lai thanh 11 tng ng vi hang 3 cua hp S
6
. Bn bit gia c gia tri 1001,
tng ng vi ct 9. Nh vy, gia tri nhn c la 14 (s m cua ct, hang bt u t
0) va gia tri 1110 c thay th cho gia tri 110110 u ra.
2.2.7. Hp P-Box
Vic hoan vi nay mang tinh n anh, ngha la mt bit u vao s cho mt bit u
ra, khng bit nao c s dung hai ln hay bi b qua. Hp P-Box thc cht ch lam chc
nng sp xp n thun theo bang sau:
Chng III: Cc h ma khoa bi mt
47
Bang m ta hp P-Box (P):
16 7 20 21 29 12 28 17
1 15 23 26 5 18 31 10
2 8 24 14 32 27 3 9
19 13 30 6 22 11 4 25
Bang 3.20: Bang hoan vi P
Vi du nh bit 21 s dich chuyn n bit th 4, trong khi bit th 4 lai dich chuyn n
bit 31. Kt qua cui cng cua hp P-Box lai c XOR vi n

a trai cua khi 64 bit cua


chinh n (tc Li-1 tao ra Ri ) va sau n

a trai va n

a phai ao cho nhau va bt u


mt vng khac.
2.2.8. Vi d v ma ho DES
c th hiu r hn v phng phap ma hoa DES, chng ta hay xet vi du sau:
Mt ban r mang ni dung: 0123456789ABCDEF.
S dung khoa ( dang thp phn): 133457799BBCDFFI. Khoa nay dang
nhi phn la mt chui bit nh sau (khng c bit kim tra):
00010010011010010101101111001001101101111011011111111000
Chuyn i IP, chng ta ly ra L
0
v R
0
:
L
0
= 11001100000000001100110011111111
L
0
= R
0
= 11110000101010101111000010101010
16 vng ma hoa c thc hin nh sau:
E(R
0
) = 011110100001010101010101011110100001010101010101
K
1
= 000110110000001011101111111111000111000001110010
E(R
0
) K
1
= 011000010001011110111010100001100110010100100111
u ra S-Box = 01011100100000101011010110010111
f(R
0
,K
1
) = 00100011010010101010100110111011
L
2
=R
1
= 11101111010010100110010101000100

E(R
1
) = 011101011110101001010100001100001010101000001001
K
2
= 011110011010111011011001110110111100100111100101
E(R
1
) K
2
= 000011000100010010001101111010110110001111101100
u ra S-Box = 11111000110100000011101010101110
f(R
1
,K
2
) = 00111100101010111000011110100011
L
3
=R
2
= 11001100000000010111011100001001

Chng III: Cc h ma khoa bi mt
48
E(R
2
) = 111001011000000000000010101110101110100001010011
K
3
= 010101011111110010001010010000101100111110011001
E(R
2
) K
3
= 101100000111110010001000111110000010011111001010
u ra S-Box = 00100111000100001110000101101111
f(R
2
,K
3
) = 01001101000101100110111010110000
L
4
=R
3
= 10100010010111000000101111110100

E(R
3
) = 010100000100001011111000000001010111111110101001
K
4
= 011100101010110111010110110110110011010100011101
E(R
3
) K
4
= 001000101110111100101110110111100100101010110100
u ra S-Box = 00100001111011011001111100111010
f(R
3
,K
4
) = 10111011001000110111011101001100
L
5
=R
4
= 01110111001000100000000001000101

E(R
4
) = 101110101110100100000100000000000000001000001010
K
5
= 011111001110110000000111111010110101001110101000
E(R
4
) K
5
= 110001100000010100000011111010110101000110100010
u ra S-Box = 01010000110010000011000111101011
f(R
4
,K
5
) = 00101000000100111010110111000011
L
6
=R
5
= 10001010010011111010011000110111

E(R
5
) = 110001010100001001011111110100001100000110101111
K
6
= 011000111010010100111110010100000111101100101111
E(R
5
) K
6
= 101001101110011101100001100000001011101010000000
u ra S-Box = 01000001111100110100110000111101
F(R
5
,K
6
) = 10011110010001011100110100101100
L
7
=R
6
= 11101001011001111100110101101001

E(R
6
) = 111101010010101100001111111001011010101101010011
K
7
= 111011001000010010110111111101100001100010111100
E(R
6
) K
7
= 000110011010111110111000000100111011001111101111
u ra S-Box = 00010000011101010100000010101101
F(R
6
,K
7
) = 10001100000001010001110000100111
Chng III: Cc h ma khoa bi mt
49
L
8
=R
7
= 00000110010010101011101000010000

E(R
7
) = 000000001100001001010101010111110100000010100000
K
8
= 111101111000101000111010110000010011101111111011
E(R
7
) K
8
= 111101110100100001101111100111100111101101011011
u ra S-Box = 01101100000110000111110010101110
F(R
7
,K
8
) = 00111100000011101000011011111001
L
9
=R
8
= 11010101011010010100101110010000

E(R
8
) = 011010101010101101010010101001010111110010100001
K
9
= 111000001101101111101011111011011110011110000001
E(R
8
) K
9
= 100010100111000010111001010010001001101100100000
u ra S-Box = 00010001000011000101011101110111
F(R
8
,K
9
) = 00100010001101100111110001101010
L
10
=R
9
= 00100100011111001100011001111010

E(R
9
) = 000100001000001111111001011000001100001111110100
K
10
= 101100011111001101000111101110100100011001001111
E(R
9
) K
10
= 101000010111000010111110110110101000010110111011
u ra S-Box = 11011010000001000101001001110101
F(R
9
,K
10
) = 01100010101111001001110000100010
L
11
=R
10
= 10110111110101011101011110110010

E(R
10
) = 010110101111111010101011111010101111110110100101
K
11
= 001000010101111111010011110111101101001110000110
E(R
10
) K
11
= 011110111010000101111000001101000010111000100011
u ra S-Box = 01110011000001011101000100000001
f(R
10
,K
11
) = 11100001000001001111101000000010
L
12
=R
11
= 11000101011110000011110001111000

E(R
11
) = 011000001010101111110000000111111000001111110001
K
12
= 011101010111000111110101100101000110011111101001
E(R
11
) K
12
= 000101011101101000000101100010111110010000011000
Chng III: Cc h ma khoa bi mt
50
u ra S-Box = 01111011100010110010011000110101
f(R
11
,K
12
) = 11000010011010001100111111101010
L
13
=R
12
= 01110101101111010001100001011000

E(R
12
) = 001110101011110111111010100011110000001011110000
K
13
= 100101111100010111010001111110101011101001000001
E(R
12
) K
13
= 101011010111100000101011011101011011100010110001
u ra S-Box = 10011010110100011000101101001111
f(R
12
,K
13
) = 11011101101110110010100100100010
L
14
=R
13
= 00011000110000110001010101011010
E(R
13
) = 000011110001011000000110100010101010101011110100
K
14
= 010111110100001110110111111100101110011100111010
E(R
13
) K
14
= 010100000101010110110001011110000100110111001110
u ra S-Box = 01100100011110011001101011110001
f(R
13
,K
14
) = 10110111001100011000111001010101
L
15
=R
14
= 11000010100011001001011000001101

E(R
14
) = 111000000101010001011001010010101100000001011011
K
15
= 101111111001000110001101001111010011111100001010
E(R
14
) K
15
= 010111111100010111010100011101111111111101010001
u ra S-Box = 10110010111010001000110100111100
f(R
14
,K
15
) = 01011011100000010010011101101110
L
16
=R
15
= 01000011010000100011001000110100

E(R
15
) = 001000000110101000000100000110100100000110101000
K
16
= 110010110011110110001011000011100001011111110101
E(R
15
) K
16
= 111010110101011110001111000101000101011001011101
u ra S-Box = 10100111100000110010010000101001
f(R
15
,K
16
) = 11001000110000000100111110011000
R
16
= 00001010010011001101100110010101
Bang 3.21: Vi du v cac bc thc hi n cu

a DES
Cui cng, chuyn i IP
-1
, ta thu c ban ma ( dang Hecxa):
85E813540F0AB405.
Chng III: Cc h ma khoa bi mt
51
2.3. Cc yu im cua DES
2.3.1. Tnh b
Nu ta ky hiu u la phn b cua u (vi du nh: 0100101 la phn b cua 1011010) th
DES c tinh cht sau:
y = DES(x,k) y = DES( x , k )
Cho nn nu ta bit ma y c ma hoa t thng tin x vi khoa K th ta suy ra c
ban ma y c ma hoa t ban r x vi khoa k . Tinh cht nay chinh la mt yu im
cua DES bi v qua i phng c th loai b i mt s khoa phai th khi tin hanh
th giai ma theo kiu vet can.
2.3.2. Kho yu
Khoa yu la cac khoa ma theo thut toan sinh khoa con th tt ca 16 khoa con u
nh nhau:
K
1
= K
2
= ... = K
15
= K
16

iu khin cho vi c m ha va giai ma i vi khoa yu la ging ht nhau.
C tt ca 4 khoa yu sau:
Kho yu (Hex) C
0
D
0
0101 0101 0101 0101 {0}
28
{0}
28

FEFE FEFE FEFE FEFE {1}
28
{1}
28

1F1F 1F1F 0E0E 0E0E {0}
28
{1}
28

E0E0 E0E0 F1F1 F1F1 {1}
28
{0}
28

Bang 3.22: Cac kha yu cua DES
ng thi cn c 6 cp khoa n

a yu (semi-weak key) khac vi thuc tinh nh sau:


y = DES(x,k
1
) v y = DES(x,k
2
)
ngha la vi 2 khoa khac nhau nhng ma hoa ra cng mt ban ma t cng mt ban
r:

C
0
D
0
Semi-weak key (Hex) C
0
D
0
{01}
14
{01}
14
01FE 01FE 01FE 01FE FE01 FE01 FE01 FE01 {10}
14
{10}
14

{01}
14
{10}
14
1FE0 1FE0 0EF1 0EF1 E01F E01F F10E F10E {10}
14
{01}
14

{01}
14
{0}
28
01E0 01E0 01F1 01F1 E001 E001 F101 F101 {10}
14
{0}
28

{01}
14
{1}
28
1FFE 1FFE 0EFE 0EFE FE1F FE1F FE0E FE0E {10}
14
{1}
28

{0}
28
{01}
14
011F 011F 010E 010E 1F01 1F01 0E01 0E01 {0}
28
{10}
14

{1}
28
{01}
14
E0FE E0FE F1FE F1FE FEE0 FEE0 FEF1 FEF1 {1}
28
{10}
14

Bang 3.23: Cac kha na yu cua DES
Chng III: Cc h ma khoa bi mt
52
2.3.3. DES co cu trc ai s
Vi 64 bit khi ban r c th c anh xa ln tt ca vi tri cua 64 bit khi ban ma
trong 2
64
cach. Trong thut toan DES, vi 56 bit khoa, c th cho chng ta 2
56
(khoang
10
17
) vi tri anh xa. Vi vic a ma hoa th khng gian anh xa cn ln hn. Tuy nhin iu
nay ch ng nu vic ma hoa DES la khng c cu trc.
Vi DES c cu trc ai s th vic a ma hoa s c xem ngang bng vi vic
n ma hoa. Vi du nh c hai khoa bt ky K
1
v K
2
th s lun c khoa th K
3
nh sau:
E
K2
(E
K1
(x)) = E
K3
(x)
Ni mt cach khac, vic ma hoa DES mang tich cht nhm, u tin ma hoa ban
r bng khoa K
1
sau la khoa K
2
s ging vi vic ma hoa khoa K
3
. iu nay thc s
quan trong nu s dung DES trong a ma hoa. Nu mt nhm c phat vi cu trc
ham qua nh th tinh an toan s giam.
2.3.4. Khng gian kho

a K
DES c 2
56
= 10
17
khoa. Nu chng ta bit c mt cp tin/ma th chng ta c
th th tt ca 10
17
kha nng nay tm ra khoa cho kt qua khp nht. Gia s nh mt
phep th mt 10
-6
s, th chng s mt 10
11
s, tc 7300 nm. Nhng vi cac may tinh c
ch tao theo x ly song song. Chng han vi 10
7
con chipset ma DES chay song song th
by gi mi mt con chipset ch phai chiu trach nhim tinh toan vi 10
10
phep th.
Chipset m DES ngy nay c th x ly tc 4.510
7
bit/s tc c th lam c hn 10
5

phep ma DES trong mt giy.
Vao nm 1976 va 1977, Diffie va Hellman a c lng rng c th ch tao c
mt may tinh chuyn dung vet can khng gian khoa DES trong ngay vi cai gia 20
triu la. Nm 1984, chipset ma hoa DES vi tc ma hoa 256000 ln/giy. Nm
1987, a tng ln 512000 ln/giy. Vao nm 1993, Michael Wiener a thit k mt may
tinh chuyn dung vi gia 1 triu la s dung phng phap vet can giai ma DES
trung bnh trong vng 3,5 gi (va chm nht la 7 gi).
n nm 1990, hai nha toan hoc ngi Do Thai - Biham v Shamir - a phat minh
ra phng phap pha ma vi sai (diferential cryptanalyis), y la mt ky thut s dung
nhng phng oan khac nhau trong ban r a ra nhng thng tin trong ban ma. Vi
phng phap nay, Biham va Shamir a chng minh rng n hiu qua hn ca phng
phap vet can.
Pha ma vi sai la thut toan xem xet nhng cp ma hoa khac nhau, y la nhng
cp ma hoa ma ban r cua chng la khac bit. Ngi ta s phn tich tin trnh bin i
cua nhng cp ma nay thng qua cac vng cua DES khi chng c ma hoa vi cng
mt khoa K. Sau s chon hai ban r khac nhau mt cach ngu nhin hp ly nht. S
dung s khac nhau cua kt qua ma hoa va gan cho nhng kho khc nhau mt cach ph
hp nht. Khi phn tch nhiu hn nhng cp ban ma, chng ta s tm ra mt khoa c
xem la ng nht.

2.4. Triple DES (3DES)
Nh a

tri

nh ba

ca

c ph n trn , h ma

DES (hay chu n ma

ho

a d

li u ) v

i
khng gian kha ven ven c 2
54
kha nn th c t hi n nay c th bi tham ma trong
Chng III: Cc h ma khoa bi mt
53
khoang thi gian vai gi ng h. V vy vic tm kim cac h ma khac thay th cho DES
la mt iu cn thit . M t trong nh

ng ca

ch th

c c xem xe

t u tin la

t n du ng DES
nhng s

du ng ma

ho

a nhi u l n . Cach th nht la s dung hai kha ma ha hai ln


nh sau:
C = E
K2
(E
K1
(P))
Cach nay goi la double DES hay 2DES, kha cua h ma theo m hnh nay la 112
bit, c ve an toa

n hn so v

i DES , it nht la trn nguyn tc . Tuy nhin ca

c ch

ng minh
v m t ly

thuy t (khng n m trong pha m vi cu

a ta

i li u na

y ) a

cho th y r ng h ma

na

y
khng h an toa

n hn DES (thu t toa

n tha

m ma

theo ki u ve

t can brute-force yu c u s
phep tinh gp i tham ma 2DES so v

i DES).
Cach thc th hai va hin nay ang c s dung rng rai la ma ha DES ba ln ,
cach nay goi la Triple DES (TDES) hay 3DES, ho c m t ca

ch chu n m c h n la

TDEA
(Triple Data Encryption Algorithm). M hi

nh s

du ng n gia

n nh t cu

a Triple DES la

ma


ha 3 l n s

du ng 3 kha K1, K2, K3 nh hi

nh minh ho a sau:

Hnh 3.7: Triple DES
Ban ma C = DES
K3
(DES
K2
(DES
K1
(M)), m hi

nh na

y go i la

EEE vi

ca

ba b

c s


dung ba kha y u s dung thut toan ma ha chun cua DES , m t bi n th kha

c
cua m hnh nay goi la EDE vi bc gia s dung thut toan giai ma cua DES:
C = DES
K3
(
1
2 K
DES

(DES
K1
(M)).
Vi c l a cho n ma

ho

a hay gia

i ma

c th

hai khng la

m thay i ti

nh an toa

n
cua Triple DES. Kha cua Triple DES la 168 bit, m t s bi n th cu

a Triple DES s

du ng
kha c dai 112 bit (K1=K3) nhng kha

c v

i double DES, khi o

phng pha

p na

y co


tn go i la

Two key Triple DES . Cac chng minh v mt ly thuyt va cac tn cng i vi
Triple DES cho th y h ma

na

y v n se

co

n c s

du ng trong m t tng lai d ai na


m c du

trn trn th c t no

ch m hn so v

i AES 6 l n.
Chng III: Cc h ma khoa bi mt
54
2.5. Chu n ma

ho

a cao c p AES
2.5.1. Gi

i thi u
Chu n ma

ho

a d

li u cao c p AES la

m t h ma

kho

a bi

m t co

tn la

Rijndael (Do
hai nha

m t ma

ho c ng

i Bi

la Joan Daemen va

Vincent Rijmen a ra va

tr

tha

nh
chu n t

nm 2002) cho phe

p x

ly

ca

c kh i d

li u input co

ki

ch th

c 128 bit s

du ng
cac kha c dai 128, 192 ho c 256 bit. H ma

Rijndael c thi t k co

th l am
vi c v

i ca

c kho

a va

ca

c kh i d

li u co

da

i l

n hn tuy nhin khi c cho n la

m t
chu n do U y ban tiu chu n cu

a Hoa Ky

a ra va

o nm 2001, n c qui inh ch lam


vi c v

i ca

c kh i d

li u 128 bit va

ca

c kho

a co

da

i 128, 192 ho c 256 bit (do o

co

n
t cho no

ca

c tn AES-128, AES-192, AES-256 tng

ng v

i da

i kho

a s

du ng).
2.5.2. Cc khi nim va inh nghia (Definitions)
2.5.2.1. Cc khi nim va ky hiu
Cac khai nim va i nh nghi

a c s

du ng tri

nh ba

y v chu n ma

ho

a cao c p:

AES Chu n ma

ho

a cao c p
Bi n i Affine
Phep bin i bao gm mt phep nhn vi mt ma trn
sau o

la

m t phe

p c ng cu

a m t vect
Bit M t s nhi phn nh n gia

tri 0 ho c 1
Block
M t da

y ca

c bit nhi phn ta o tha

nh input , output, trang


thai (state) va cac kha s dung tai cac vng lp (Round
Key) cua h ma . dai cua day (kh i) la s lng cac
bit ma

no

ch

a . Cac kh i cu

ng co

th c xem la

m t
day cac byte
Byte M t nho

m 8 bit
Cipher Thu t toa

n ma

ho

a
Cipher Key
Kha cua h ma , c th c biu din di dang mt
mang 2 chi u g m 4 hang va Nk ct
Ciphertext Ban ma
Inverse Cipher Thu t toa

n gia

i ma


Thu tuc sinh kha (Key
Expansion)
Thu tuc c s dung sinh ra cac kha s dung tai
cac vng lp cua thut toan ma ha , giai ma t kha
chinh ban u
Round Key
La cac gia tri sinh ra t kh a chinh bng cach s dung
thu tuc sinh kha . Cac kha nay c s dung tai cac
vng lp cua thut toan
Trang thai (State)
Cac gia tri ma ha trung gian c th biu din di dang
m t ma

ng 2 chi u g m 4 hang va Nb c t
S-box
M t ba

ng th phi tuy n c s

du ng trong thu

tu c sinh
kha va trong cac bin i thay th cac byte thc
hi n ca

c thay th 1-1 i v

i m t gia

tri 1 byte
Word
M t nho

m 32 bit co

th c xem nh 1 n vi tinh toan


c l p hoc la

m t ma

ng 4 byte
Bang 3.24: Qui

c m t s t

vi t t t va

thu t ng

cu

a AES
2.5.2.2. Cc ham, ky hiu va cc tham s cua thut ton
Cac tham s thut toan , cac ky hiu va cac ham c s dung trong m ta

thu t
toan:
AddRoundKey()
Ham bin i c s dung trong thut toan ma ha va giai
ma trong thc hin phep toan XOR bit gia mt trang
Chng III: Cc h ma khoa bi mt
55
thai tr ung gian (State) va mt kha cua vng lp (Round
Key). Kich thc cua mt Round Key bng kich thc cua
trang thai (ch ng ha n v

i Nb = 4 da

i cu

a m t Round Key
s la 128 bit hay 16 byte)
InvMixColumns()
Ham bin i c s dung trong thut toan giai ma, la ham
ng c cu

a ha

m MixColumns()
InvShiftRows()
Ham bin i trong thut toan giai ma , la ham ngc cua
ham ShiftRows()
InvSubBytes()
Ham bin i trong thut toan giai ma , la ham ngc cu a
ham SubBytes()
K Kha ma ha
MixColumns()
Ham bin i trong thut toan ma ha nhn tt ca cac ct
cua mt trang thai (State) va trn vi d liu cua n (khng
phu thuc ln nhau) nhn c mt ct mi
Nb
S l ng ca

c c t (la cac word 32 bit) tao thanh mt trang


thai, Nb = 4)
Nk
S l ng ca

c word 32 bit ta o tha

nh kho

a ma

ho

a K (Nk = 4,
6, ho c 8)
Nr
S l ng ca

c vo

ng l p cu

a thu t toa

n , la mt ham cua Nk
va Nb (la cac gia tri c i nh) ( Nr = 10, 12 ho c 14 tng
ng vi cac gia tri khac nhau cua Nk)
Rcon[] Mang word hng s s dung trong cac vng lp
RotWord()
Ham s dung trong thu tuc sinh kha nhn mt word 4-byte
va thc hin mt hoan vi vng
ShiftRows()
Ham s dung trong qua trnh ma ha , x

ly

ca

c tra ng tha

i
b ng ca

ch di ch vo

ng ba ha

ng cu i cu

a tra ng tha

i v

i s l n
dich khac nhau
SubBytes()
Ham bin i s dung trong qua trnh ma ha , x

ly

m t
trang tha

i b ng ca

ch s

du ng m t ba

ng th phi tuy n ca

c
byte (S-box) thao ta

c trn m i byte m t ca

ch c l p
SubWord()
Ham s dung trong thu tuc sinh kha nhn mt word input
4-byte va

du ng m t S -box trn m i gia

tri 4-byte nay


thu c 1 word output
XOR Phep or bit tuyt i
Phep or bit tuyt i
Phep nhn 2 a th

c (b c nho

hn 4) theo modulo (x
4
+ 1)
- Phep nhn trn trng hu han

2.5.3. Cc ky hiu va qui c
2.5.3.1. Input va

Output
Input va

Output cu

a chu n ma

ho

a cao c p u la

ca

c da

y 128 bit, cn goi la cac


kh i (block), da

i cu

a m i kh i na

y la

s bit d

li u ma n cha. Kha cua chun ma


ha cao cp la mt day c dai 128, 192 ho c 256 bit. Chu n ma

ho

a d

li u cao c p
khng la

m vi c v

i ca

c gia

tri input , output va

kho

a co

ca

c da

i kha

c (m c du

thu t toa

n
c s

cu

a no

cho phe

p i u na

y).
Cac bit cua input, output va

kho

a cu

a h ma

c a

nh s t

0.
2.5.3.2. n vi Byte
n vi c ba

n x

ly

trong AES la

m t byte t

c la

m t da

y 8 bit c xem nh la


m t i t ng n. Cac gia tri input, output va

kho

a cu

a h ma

( c qui i nh trong ph n
3.1) c xem la

m t mang cac byte. Cac gia tri input, output va

kho

a cu

a h ma

c ky


Chng III: Cc h ma khoa bi mt
56
hi u b

i tn ma

ng a va

bi u di n d

i da ng a
n
ho c a[n] trong o

n nh n ca

c gia

tri trong
cac khoang sau:
N u da

i kho

a b ng 128 bit: 0 n < 16;


N u da

i kho

a b ng 192 bit: 0 n < 24;


N u da

i kho

a b ng 256 bit: 0 n < 32;


T t ca

ca

c gia

tri Byte s

du ng trong thu t toa

n cu

a AES u c bi u di n d

i
dang mt day cac bit 0 ho c 1 theo i nh da ng {b
7
, b
6
, b
5
, b
4
, b
3
, b
2
, b
1
, b
0
}. Cac Byte nay
sau c hi u la

ca

c ph n t

trn tr

ng h

u ha n b ng ca

ch s

du ng bi u di n tha

nh
dang a thc:
b
7
x
7
+ b
6
x
6
+ b
5
x
5
+ b
4
x
4
+ b
3
x
3
+ b
2
x
2
+ b
1
x
1
+ b
0
x
0
=
7
0
i
i
i
b x
=

.
Ch ng ha n gia

tri {01100011} tng ng v

i ph n t

trn tr

ng h

u ha n x
6
+
x
5
+ x + 1.
thu n ti n, cac gia tri Byte c biu din s dung cac ky hiu cua h Hexa ,
s

du ng 4 bit cho m t ky

t va

hai ky

t cho m t Byte nh ba

ng sau:
Bit Ky t Bit Ky t Bit Ky t Bit Ky t
0000 0 0100 4 1000 8 1100 c
0001 1 0101 5 1001 9 1101 d
0010 2 0110 6 1010 a 1110 e
0011 3 0111 7 1011 b 1111 f
Bang 3.25: Bang biu din cac xu 4 bit
Khi o

ca

c Byte (8 bit) s c biu din bng hai ky t , ch ng ha n {01100011}


s c biu din thanh {63}.
2.5.3.4. Trang thi (State)
Cac thao tac bn trong cua AES c thc hin trn mt mang 2 chi u ca

c byte
c go i la

tra ng tha

i . M t tra ng tha

i g m b n ha

ng ca

c byte , m i ha

ng co

Nb byte trong
o

Nb la

ki

ch th

c cu

a kh i chia cho 32. Mang trang thai ky hiu la s trong mi byte


cua mang c 2 ch s hang r va ct c (0 s r, c < 4).
Tai thi im bt u input cua thut toan mang cac byte in
0
, in
1
, , in
15
c
copy va

o ma

ng tra ng tha

i theo qui t c c minh ho a b ng hnh v:





Hnh 3.8: Cac trang thai cua AES
trong o

ca

c gia

tri cu

a ma

ng s va

ma

ng output c ti

nh nh sau:
s[r, c] = in[r + 4c] 0 s r, c < 4
input bytes
in
0
in
4
in
8
in
12

in
1
in
5
in
9
in
13

in
2
in
6
in
10
in
14

in
3
in
7
in
11
in
15

State array
S
0,0
S
0,1
S
0,2
S
0,3

S
1,0
S
1,1
S
1,2
S
1,3

S
2,0
S
2,1
S
2,2
S
2,3

S
3,0
S
3,1
S
3,2
S
3,3
output bytes
out
0
out
4
out
8
out
12

out
1
out
5
out
9
out
13

out
2
out
6
out
10
out
14

out
3
out
7
out
11
out
15

Chng III: Cc h ma khoa bi mt
57
out[r + 4c] = s[r, c] 0 s r, c < 4
2.5.3.5. Bi u di n cu

a tra ng tha

i
B n c t cu

a ma

ng tra ng tha

i cu

a thu t toa

n ta o tha

nh 4 word 32-bit w
0
, w
1
, , w
3

c bi u di n nh sau:
w
0
= s
0,0
s
1,0
s
2,0
s
3,0
w
1
= s
0,1
s
1,1
s
2,1
s
3,1

w
2
= s
0,2
s
1,2
s
2,2
s
3,2
w
3
= s
0,3
s
1,3
s
2,3
s
3,3

2.5.4. Thu t toa

n
dai cua input , output va

ca

c tra ng tha

i (state) cua chun ma ha cao cp AES la


128 bit tng

ng v

i gia

tri cu

a Nb = 4 (la s lng cac word 32-bit va

cu

ng la

s c t
cua mi trang thai ). Kha cua AES c dai la 128, 192 ho c 256 bit tng

ng v

i ca

c
gia tri cua Nk la 4, 6, ho c 8 va cung la s ct cua kha ma ha.
Tng

ng v

i da

i cu

a kho

a s

du ng s vo

ng l p cu

a thu t toan Nr nhn cac gia


tri 10 (Nk = 4), 12 (Nk = 6) ho c 14 (Nk = 8). Chng ta c th minh hoa qua bang sau:
dai kha (Nk) Kich thc khi (Nb) S l n l p (Nr)
AES-128 4 4 10
AES-192 6 4 12
AES-256 8 4 14

Bang 3.26: Bang dai kha cua AES
Ca qua trnh ma

ho

a va

gia

i ma

AES s

du ng m t ha

m l p la

k t h p cu

a b n ha

m
bi n i (n vi x

ly

la

byte) sau: 1) bi n i thay th byte s

du ng m t ba

ng th (S-box),
2) dich cac hang cua mang trang thai vi s ln dich c ua mi hang la khac nhau, 3) k t
h p d

li u cu

a m i c t trong ma

ng tra ng tha

i va

4) c ng m t kho

a Round Key va

o tra ng
thai. Cac bin i nay (va cac ham ngc cua chng ) c m ta

trong ca

c ph n 4.1.1-
4.1.4 va 4.3.1-4.3.4.
2.5.4.1. Thu t toa

n ma

ho

a
B t u thu t toa

n ba

n ro

(input) c copy va

o ma

ng tra ng tha

i s

du ng ca

c qui
c c m ta trong phn 3.4. Sau khi c ng v

i kho

a Round Key kh

i ta o ma

ng tra ng
thai c bin i bng cac thc hin mt ham vng (round function) Nr l n (10, 12, ho c
14 phu thuc vao dai kha ) trong o

l n cu i cu

ng th c hi n kha

c ca

c l n tr

c o

.
Trang thai sau ln lp cui cng s c chuyn thanh output cua thu t toa

n theo qui t c
c m ta

trong ph n 3.4.
Ham vng c tham s ha s dung mt (key schedule) day cac kha c biu
di n nh la

m t ma

ng 1 chi u cu

a ca

c word 4-byte c sinh ra t

thu

tu c sinh kho

a (Key
Expansion) c m ta

trong ph n 5.2.
Chng ta c th thy tt ca cac vng u thc hin cac cng vic ging nhau da
trn 4 ham (theo th

t ) SubBytes(), ShiftRows(), MixColumns() va AddRoundKey() tr


vng cui cng b qua vic thc hin ham MixColumns().
Thu t toa

n c m ta

chi ti t qua oa n gia

ma

l nh sau:
Cipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
Chng III: Cc h ma khoa bi mt
58
begin
byte state[4,Nb]
state = in
AddRoundKey(state, w[0, Nb-1]) // See Sec. 5.1.4
for round = 1 step 1 to Nr1
SubBytes(state) // See Sec. 5.1.1
ShiftRows(state) // See Sec. 5.1.2
MixColumns(state) // See Sec. 5.1.3
AddRoundKey(state, w[round*Nb, (round+1)*Nb-1])
end for
SubBytes(state)
ShiftRows(state)
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1])
out = state
end
S thu t toa

n:
Chng III: Cc h ma khoa bi mt
59
Plaintext
Substitute bytes
Add round key
Shift rows
Mix Columns
Add round key
R
o
u
n
d

1

Substitute bytes
Shift rows
Mix Columns
Add round key
R
o
u
n
d

9
Substitute bytes
Shift rows
Add round key
R
o
u
n
d

1
0
Plaintext
(a) M ha
Plaintext
Add round key
Inverse sub bytes
Inverse shift row
Ciphertext
(b) Giai ma
Key
w[0, 3]
Expand key
w[4, 7]
Inverse mix cols
Add round key
Inverse sub bytes
Inverse shift row
R
o
u
n
d

9
R
o
u
n
d

1
0
Inverse mix cols
Add round key
Inverse sub bytes
Inverse shift row
R
o
u
n
d

1
w[40, 43]
Add round key

w[36,39]

Hnh 3.9: Thu t toa

n ma

ho

a va

gia

i ma

cu

a AES
2.5.4.1.1 Ham SubBytes()
Ham SubBytes() th c hi n phe

p thay th ca

c byte cu

a ma

ng trang thai bng cach


s

du ng m t ba

ng th S -box, bang th nay la kha nghich va c xy dng bng cach


k t h p hai bi n i sau:
1. Nhn nghi ch a

o trn tr

ng h

n ha n GF (2
8
) (m ta

trong ph n 4.2), ph n t


{00} c a

nh xa thanh chinh n
2. Ap dung bin i Affine sau (trn GF(2)):
Chng III: Cc h ma khoa bi mt
60
'
( 4)mod8 ( 5)mod8 ( 6)mod8 ( 7)mod8 i i i i i i i
b b b b b b c
+ + + +
= trong o

0 s i <8 la bit th i
cua byte b tng ng va c
i
la bit th i cua byte c vi gia tri {63} hay {01100011}.
Cac phn t bin i affine cua S-box co

th c bi u di n d

i da ng ma tr n
nh sau:
'
0 0
'
1 1
'
2 2
'
3 3
'
4 4
'
5 5
'
6 6
'
7 7
1 0 0 0 1 1 1 1 1
1 1 0 0 0 1 1 1 1
1 1 1 0 0 0 1 1 0
1 1 1 1 0 0 0 1 0
1 1 1 1 1 0 0 0 0
0 1 1 1 1 1 0 0 1
0 0 1 1 1 1 1 0 1
0 0 0 1 1 1 1 1 0
b b
b b
b b
b b
b b
b b
b b
b b
( (
(
( (
(
( (
(
( (
(
( (
(
( (
(
= +
( (
(
( (
(
( (
(
( (
(
( (
(
( ( (


(
(
(
(
(
(
(
(
(
(
(
(


Hnh sau minh hoa kt qua cua vic ap dung ham bin i SubBytes () i v

i ma

ng
trang thai:
0,0
S

0,1
S

0,2
S

0,3
S

1,0
S

1,2
S
1,3
S
2,0
S
2,1
S
2,2
S
2,3
S
3,0
S
3,1
S
3,2
S
3,3
S

Bang th S -box c s

du ng trong ha

m SubBytes () c th c biu din di


dang hexa nh sau:
'
0,0
S

'
0,1
S

'
0,2
S

'
0,3
S

'
1,0
S

'
1,2
S
'
1,3
S
'
2,0
S
'
2,1
S
'
2,2
S
'
2,3
S
'
3,0
S
'
3,1
S
'
3,2
S
'
3,3
S
, r c
S

'
, r c
S

S-Box
Chng III: Cc h ma khoa bi mt
61

Bang 3.27: Bang th S-Box cu

a AES
trong o

ch ng ha n n u s
1,1
= {53} c ngha la gia tri thay th s c xac inh
b ng giao cu

a ha

ng co

chi

s 5 v

i c t co

chi

s 3 trong ba

ng trn i u na

y tng

ng
v

i vi c s
1,1
= {ed}.
2.5.4.1.2. Ham ShiftRows()
Trong ham nay cac byte trong 3 hang cui cua mang trang thai s c dich vng
v

i s l n di ch (hay s byte bi di ch) khac nhau. Hang u tin r = 0 khng bi di ch.


Cu th ham nay s tin hanh bin i sau:

'
, ,( ( , ))mod
( 4)
r c r c shift r Nb Nb
s s Nb
+
= =
trong o

gia

tri di ch shift (r, Nb) phu


thu c va

o s ha

ng r nh sau:
shift(1, 4) = 1, shift(2, 4) = 2, shift(3, 4) = 3.
Thao ta

c na

y se

chuy n ca

c byte t

i ca

c vi tri

th p hn trong ca

c ha

ng , trong khi
cac byte thp nh t se

c chuy n ln u cu

a ha

ng . T t ca

c ca

c m ta

trn co

th minh
hoa qua hnh v sau:









S


1,1
S



S


0,0
S

0,1
S

0,2
S

0,3
S

1,1
S
1,2
S
1,3
S
1,0
S
2,2
S
2,3
S
2,0
S
2,31
S
3,3
S
3,0
S
3,1
S
3,2
S



0,0
S
0,1
S
0,2
S
0,3
S
1,0
S
1,2
S
1,3
S
2,0
S
2,1
S
2,2
S
2,3
S
3,0
S
3,1
S
3,2
S
3,3
S
0,0
S
0,1
S
0,2
S
0,3
S
0,0
S
0,1
S
0,2
S
0,3
S
ShiftRows()
Chng III: Cc h ma khoa bi mt
62
Hnh 3.10: Ham ShifftRows()
2.5.4.1.3. Ham MixColumns()
Ham nay lam vic trn cac ct cua bang trang thai , n coi mi ct cua mang trang
thai nh la mt a thc gm 4 hang t nh c m ta trong phn 4.3. Cac ct s c
xem nh la

ca

c a th

c trn GF(2
8
) va c nhn theo modulo x
4
+ 1 v

i m t a th

c c
i nh a(x):
a(x) = {03}x
3
+ {01}x
2
+ {01}x + {02}
Nh a

m ta

trong ph n 4.3 i u na

y co

th bi u di n b ng m t phe

p nhn ma
tr n:
s(x) = a(x)s(x):
'
0, 0,
'
1, 1,
'
2, 2,
'
3, 3,
02 03 01 01
01 02 03 01
01 01 02 03
03 01 01 02
c c
c c
c c
c c
S S
S S
S S
S S
( (
(
( (
(
( (
(
=
( (
(
( (
(
( (


v

i mo i 0 s c < Nb = 4.
K t qua la bn byte trong mi ct s c thay th theo cng thc sau:
'
0, 0, 1, 2, 3,
({02} ) ({03} )
c c c c c
s s s s s = - -

'
1, 0, 1, 2, 3,
({02} ) ({03} )
c c c c c
s s s s s = - -

'
2, 0, 1, 2, 3,
({02} ) ({03} )
c c c c c
s s s s s = - -

'
3, 0, 1, 2, 3,
({03} ) ({02} )
c c c c c
s s s s s = - -

C th minh hoa vic thc hin cua ham nay bng hnh v sau:

Chng III: Cc h ma khoa bi mt
63
Hnh 3.11: Ham MixColumns cua AES
2.5.4.1.4. Ham AddRoundKey()
Trong ha

m na

y m t kho

a vo

ng (Round Key ) s c cng vao mang trang thai


b ng m t thao ta

c XOR bit . M i kho

a vo

ng g m Nb word c sinh ra b

i thu

tu c sinh
kha (ph n 5.2). Cac word nay s c cng vao mi ct cua mang trang thai nh sau:
| |
' ' ' '
0, 1, 2, 3, 0, 1, 2, 3, *
, , , , , , 0 4
c c c c c c c c round Nb c
s s s s s s s s w c Nb
+
( ( = s s =


trong o

[w
i
] la cac word cua kha c m ta trong phn 5.2 va round la ln lp
tng

ng v

i qui

c 0 s round s Nr. Trong thu t toa

n ma

ho

a phe

p c ng kho

a vo

ng
kh

i ta o xa

y ra v

i round = 0 tr

c khi ca

c vo

ng l p cu

a thu t toa

n c th c hi n. Ham
AddRoundKey() c th c hi n trong thu t toa

n ma

ho

a khi 1 s round s Nr.


Vi c th c hi n cu

a ha

m na

y co

th minh ho a qua hi

nh ve

tring o

l = round * Nb.
i a chi

byte trong ca

c word cu

a da

y kho

a c m ta

trong ph n 3.1.

Hnh 3.12: Ham AddRoundKey cua AES
2.5.4.2. Thu t toa

n sinh kho

a (Key Expansion)
Thu t toa

n sinh kho

a cu

a AES nh n m t kho

a ma

ho

a K sau o

th c hi n m t thu


tuc sinh kha sinh mt day cac kha cho vic ma ha . Thu tuc nay s sinh tng s
Nb*(Nr+1) word, thu tuc s dung mt tp khi tao Nb word va mi mt ln lp trong s Nr
l n se

c n t

i Nb word cu

a d

li u kho

a . Day kha kt qua la mt mang tuy n ti

nh ca

c
word 4-byte c ky

hi u la

[w
i
] trong o

0 s i < Nb(Nr+1).
S m

r ng kho

a tha

nh da

y kho

a c m ta

qua oa n gia

ma

sau:
KeyExpansion(byte key[4*Nk], word w[Nb*(Nr+1)], Nk)
begin
word temp
i = 0
while (i < Nk)
Chng III: Cc h ma khoa bi mt
64
w[i] = word(key[4*i], key[4*i+1], key[4*i+2], key[4*i+3])
i = i+1
end while
i = Nk
while (i < Nb * (Nr+1)]
temp = w[i-1]
if (i mod Nk = 0)
temp = SubWord(RotWord(temp)) xor Rcon[i/Nk]
else if (Nk > 6 and i mod Nk = 4)
temp = SubWord(temp)
end if
w[i] = w[i-Nk] xor temp
i = i + 1
end while
end
SubWord() la mt ham nhn mt input 4-byte va

p du ng ba

ng th S -box ln input
nhn c mt word output . Ham RotWord() nh n m t word input [a
0
, a
1
, a
2
, a
3
] th c
hi n m t hoan vi vng va tra v [a
1
, a
2
, a
3
, a
0
]. Cac phn t cua mang hng s Rcon [i]
ch

a ca

c gia

tri nh n c b

i [x
i-1
, {00}, {00}, {00}] trong o

x
i-1
la mu ha cua x (x c
bi u di n d

i da ng {02} trn GF(2


8
) va i bt u t 1).
Theo oa n gia

ma

trn chu

ng ta co

th nh n th y r ng Nk word cu

a kho

a k t qua

se


c i n b

i kho

a ma

ho

a . Cac word sau w[i] s bng XOR vi word ng trc n


w[i-1] v

i w[i-Nk]. V

i ca

c word

vi tri

chia h t cho Nk m t bi n i se

c th c hi n v

i
w[i-1] tr

c khi th c hi n phe

p XOR bit , sau o

la

phe

p XOR v

i m t h ng s Rcon [i].
Bi n i na

y g m m t phe

p di ch vo

ng ca

c byte cu

a m t word (RotWord()), sau o

la

p
dung mt bang tra ln tt ca 4 byte cu

a word (SubWord()).
Ch y la thu tuc m rng kha i vi cac kha c dai 256 hi khac so vi thu
tuc cho cac kha c dai 128 ho c 192. N u Nk = 8 va i 4 la mt bi s cua Nk th
SubWord() s c ap dung cho w[i-1] tr

c khi th c hi n phe

p XOR bit.
2.5.4.3. Thu t toa

n gia

i ma


Thu t toa

n gia

i ma

kha

gi ng v

i thu t toa

n ma

ho

a v m t c u tru

c nhng 4 ham
c ba

n s

du ng la

ca

c ha

m ng c cu

a ca

c ha

m trong thu t toa

n gia

i ma

. oa n gia

ma


cho thu t toa

n gia

i ma

nh sau:
InvCipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
begin
byte state[4,Nb]
state = in
Chng III: Cc h ma khoa bi mt
65
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1]) // See Sec. 5.1.4
for round = Nr-1 step -1 downto 1
InvShiftRows(state) // See Sec. 5.3.1
InvSubBytes(state) // See Sec. 5.3.2
AddRoundKey(state, w[round*Nb, (round+1)*Nb-1])
InvMixColumns(state) // See Sec. 5.3.3
end for
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[0, Nb-1])
out = state
end
2.5.4.3.1. Ham InvShiftRows()
Ham nay la ham ngc cua ham ShiftRows () . Cac byte cua ba hang cui cua
mang trang thai s c dich vng vi cac vi tri dich khac nhau . Hang u tin khng bi
dich, ba ha

ng cu i bi di ch i Nb shift(r, Nb) byte trong o

ca

c gia

tri shift (r, Nb) phu


thu c va

o s ha

ng nh trong ph n 5.1.2.
Cu th ham nay tin hanh x ly sau:

'
,( ( , ))mod ,
0 4, 0 ( 4)
r c shift r Nb Nb r c
s s r c Nb Nb
+
= < < s < =

Hnh minh hoa:

Chng III: Cc h ma khoa bi mt
66
Hnh 3.13: Ham InvShiftRows() cua AES
2.5.4.3.2. Ham InvSubBytes()
Ham nay la ham ngc cua ham SubBytes(), ham s dung nghich ao cua bin i
Affine b ng ca

ch th c hi n nhn nghi ch a

o trn GF(2
8
).
Bang th c s

du ng trong ha

m la

:

Bang 3.28: Bang th cho ham InvSubBytes()
2.5.4.3.3. Ham InvMixColumns()
Ham nay la ham ngc cua ham MixColumns (). Ham lam vic trn cac ct cua
mang trang thai , coi m i c t nh la

mt a th

c 4 hang t c m ta trong phn 4.3.


Cac ct c xem la cac a thc trn GF(2
8
) va c nhn theo modulo x
4
+1 v

i m t a
th

c c i nh la

a
-1
(x):
a
-1
(x) = {0b}x
3
+ {0d}x
2
+ {09}x + {0e}
Va c th m ta bng phe

p nhn ma tr n nh sau:
s(x) = a
-1
(x)s(x):
'
0, 0,
'
1, 1,
'
2, 2,
'
3, 3,
0 0 0 09
09 0 0 0
0 09 0 0
0 0 09 0
c c
c c
c c
c c
e b d S S
e b d S S
d e b S S
b d e S S
( (
(
( (
(
( (
(
=
( (
(
( (
(
( (


trong o

0 s c < Nb.
K t qua

la

b n byte trong m i c t se

c thay th theo cng th

c sau:
'
0, 0, 1, 2, 3,
({0 } ) ({0 } ) ({0 } ) ({09} )
c c c c c
s e s b s d s s = - - - -

'
1, 0, 1, 2, 3,
({09} ) ({0 } ) ({0 } ) ({0 } )
c c c c c
s s e s b s d s = - - - -

Chng III: Cc h ma khoa bi mt
67
'
2, 0, 1, 2, 3,
({0 } ) ({09} ) ({0 } ) ({0 } )
c c c c c
s d s s e s b s = - - - -

'
3, 0, 1, 2, 3,
({0 } ) ({0 } ) ({09} ) ({0 } )
c c c c c
s b s d s s e s = - - - -


2.5.4.3.4. Ham nghich o cua ham AddRoundKey()
Th t thu

vi la

ha

m na

y t ba

n thn no

la

nghi ch a

o cu

a chi

nh no

la

do ha

m chi

co


phep toan XOR bit.
2.5.4.3.5. Thu t toa

n gii ma tng ng
Trong thu t toa

n gia

i ma

c tri

nh ba

trn chu

ng ta th y th

t cu

a ca

c ha

m
bi n i c a

p du ng kha

c so v

i thu t toa

n ma

ho

a trong khi da ng cu

a danh sa

ch kho

a
cho ca

2 thu t toa

n v n gi

nguyn. Tuy v y m t s c i m cu

a AES cho phe

p chu

ng ta
c mt thut toan giai ma tng ng c th t ap dung cac ham bin i ging vi
thu t toa

n ma

ho

a (t t nhin la

thay ca

c bi n i b ng ca

c ha

m ng c cu

a chu

ng ). i u
nay at c bng cach thay i danh sach kha.
Hai thu c ti

nh sau cho phe

p chu

ng ta co

m t thu t toa

n gia

i ma

tng ng:
1. Cac ham SubBytes () va ShiftRows() hoan i cho nhau ; c ngha la mt bin
i SubBytes () theo sau b

i m t bi n i ShiftRows () tng ng v

i m t bi n i
ShiftRows() theo sau b

i m t bi n i SubBytes (). i u na

y cu

ng u

ng v

i ca

c ha

m
ng c cu

a chu

ng
2. Cac ham trn ct MixColumns() va InvMixColumns() la cac ham tuyn tinh
i v

i ca

c c t input, c ngha la:


InvMixColumns(state XOR Round Key) = InvMixColumns(state) XOR
InvMixColumns(Round Key).
Cac c im nay cho phep th t cua cac ham InvSubBytes() va InvShiftRows() c
th i ch . Th

t cu

a ca

c ha

m AddRoundKey() va InvMixColumns() cung c th i ch


mi n la

ca

c c t cu

a danh sa

ch kho

a gia

i ma

pha

i c thay i b ng ca

ch s

du ng ha

m
InvMixColumns().
Thu t toa

n gia

i ma

tng ng c th c hi n b ng ca

ch ao ngc th t cua
ham InvSubBytes () va InvShiftRows (), va thay i th t cua AddRoundKey () va
InvMixColumns() trong ca

c l n l p sau khi thay i kho

a cho gia

tri round = 1 to Nr-1 b ng


cach s dung bin i InvMixColumns (). Cac word u tin va

cu i cu

ng cu

a danh sa

ch
kha khng bi thay i khi ta ap dung phng phap nay.
Thu t toa

n gia

i ma

tng ng cho m t c u tru

c hi u qua

hn so v

i thu t toa

n
giai ma trc .
oa n gia

ma

cho thu t toa

n giai ma tng ng:


EqInvCipher(byte in[4*Nb], byte out[4*Nb], word dw[Nb*(Nr+1)])
begin
byte state[4,Nb]
Chng III: Cc h ma khoa bi mt
68
state = in
AddRoundKey(state, dw[Nr*Nb, (Nr+1)*Nb-1])
for round = Nr-1 step -1 downto 1
InvSubBytes(state)
InvShiftRows(state)
InvMixColumns(state)
AddRoundKey(state, dw[round*Nb, (round+1)*Nb-1])
end for
InvSubBytes(state)
InvShiftRows(state)
AddRoundKey(state, dw[0, Nb-1])
out = state
end
Cac thay i sau cn thc hin trong thut toan sinh kha thut toan trn c th
hoat ng c:
for i = 0 step 1 to (Nr+1)*Nb-1
dw[i] = w[i]
end for
for round = 1 step 1 to Nr-1
InvMixColumns(dw[round*Nb, (round+1)*Nb-1]) // note change of type
end for
2.6. Cc c ch, hinh thc s dng cua ma hoa khi (Mode of Operation)
2.6.1. Cc hinh thc s dng
Nh chu

ng ta a

bi t c ac ma ha khi ma ha cac khi thng tin c dai c inh,


chng han DES vi cac khi bit 64, s dung kha la xu bit c dai bng 56. Tuy nhin
s dung cac h ma nay trn thc t vn cn c mt qui i nh v qui ca

ch s

du ng
chng ma ha cac d liu cn ma ha. Cach thc s dung mt thut toan ma ha khi
trong thc t c goi la Mode of Use hay Mode Of Operation. C 4 hnh thc s dung
cac h ma khi c inh ngha trong cac chun ANSI (vi du ANSI X3.106-1983 danh
cho DES). D a va

o vi c x

ly

li u input cu

a h ma

ng

i ta chia tha

nh hai loa i c ch
s dung cac h ma khi sau:
1. Cc ch khi (Block Mode): x ly cac thng ip theo cac khi (ECB, CBC)
2. Cc ch lung, dng (Stream Modes): x ly cac thng ip nh la mt
lung bit/byte (CFB, OFB).
Cac ch khi thng c s dung ma ha cac d liu ma ch ng ta bit
tr

c v vi tri

, l

n tr

c khi ma

ho

a (ch ng ha n nh ca

c file , cac email trc khi cn


Chng III: Cc h ma khoa bi mt
69
g

i i ) trong khi ca

c ch lu ng th

ng c s

du ng cho vi c ma

ho

a ca

c d

li u
khng c bi t tr

c v l

n c ung nh vi tri chng han nh cac tin hiu gi v t v


tinh ho c ca

c ti

n hi u do m t b ca

m bi n o c t

bn ngoa

i va

o.
Ch : DES, 3DES, AES (hay bt k mt thut ton ma hoa khi no khc) to
thnh mt khi xy dng c bn. Tuy nhin s dng chung trong thc t, chung ta
thng cn lm vic vi cc khi lng d liu khng th bit trc c, co th chung l
mt khi d liu sn sng ngay cho vic ma hoa(khi o vic s dng ma hoa theo c ch
khi l ph hp), hoc co th ch c mt vi bit, byte ti mt thi im (khi o s dng
ch dng l ph hp). V th cc c ch s dng ma khi c trnh by trong phn
ny l ring cho DES nhng cu

ng c a

p du ng tng t cho ca

c h ma

kh i kha

c.
2.6.2. C ch ba

ng tra ma

i n t

ECB (Electronic CodeBook Book)


Thng ip c n ma

ho

a c chia thanh cac khi c lp m ha, m i kh i ba

n
ma la kt qua cua vic ma ha ring bit khi ban r tng ng vi n va c lp vi khi
khac. Cach lam vic nay ging nh chng ta thay th cac khi ban ma bng cac khi ban
r tng ng nn c tn goi la bang tra ma in t.
P = P
1
P
2
P
N
Ma ha: C
i
= DES
K
(P
i
), k t qua

ba

n ma

la

C = C
1
C
2
..C
N
. Qua trnh giai ma tin hanh
ng c la i: P
i
= DES
-1
K
(C
i
).
Ma ha
P
P1 P2 Pn
C1 C2 Cn
E E E
C
K Giai ma
C
C1 C2 Cn
P1 P2 Pn
D D D
P
K

Hnh 3.14: C ch ECB
ECB la ch s dung n gian va d cai t nht, c s dung khi ch mt khi
n thng tin cn c gi i (chng han nh mt kha session c ma ha bng cach
dng mt kha chinh).
Do trong ECB cac khi ban r c ma ha c lp nn lam nay sinh mt s nhc
i m sau: cac lp lai cua thng ip c th c th hin trn ban ma, ngha la nu c
cac ban r ging nhau th tng ng cac ban ma ging nhau , i u na

y c bi t th hi n
r vi cac d liu lp lai nhiu chng han nh cac d liu hnh anh. Vi c l ti

nh l p la i
cua ban r c th dn ti cac tn cng theo phng phap phn tich thng k . Hn n

a
cac ban ma c th bi gia mao bng cach thm mt s khi ban ma gia vao kt qua ma
ha, bn nh n se

khng pha

t hi n ra s gia

ma o na

y . Bn ca nh o

vic ma ha cac khi


thng ip la c lp lam suy yu DES. Trn th c t ECB ch thc s c ich khi gi mt
khi d liu nh.
Chng III: Cc h ma khoa bi mt
70
2.6.3. C ch ma

mo

c xi

ch CBC - Cipher Block Chaining


vt qua cac vn v s lp lai va yu cu c lp trong ECB , chng ta cn
mt vai cach lam cho ban ma phu thuc vao tt ca cac khi trc n . o

nay chinh la
iu ma CBC cung cp cho chng ta bng cach kt hp khi ban r trc vi khi thng
ip hin tai trc khi ma ha.
Cung ging nh c ch EBC trong c ch CBC ba

n ro

se

c chia thanh cac khi


nhng s c lin kt vi nhau trong qua

tri

nh m ha tao thanh ban r . Chinh v


cac khi ban ma c mc xich vi ban r va v th ch nay c tn la CBC
CBC s dung mt vector khi tao IV (Initial Vector) bt u:
C
0
= IV, P = P
1
P
2
..P
N
Ma ha: C
i
= DES
K
(P
i
C
i-1
), C = C
1
C
2
..C
N

Giai ma: P
i
= DES
-1
K
(C
i
) C
i-1
, P = P
1
P
2
..P
N
.

Hnh 3.15: Ch CBC
Ch CBC ph hp vi cac yu cu cn gi cac lng ln d liu mt cach an
toan (chng han nh FTP, EMAIL, WEB)
Trong CBC mi khi ban ma la phu thuc vao tt ca cac khi thng ip ng trc
nn vi c sai l ch m t kh i ba

n ro

ho c ba

n ma

na

o o

cu

ng la

m sai l ch k t qua

ma


ha va giai ma tng ng . Kh khn nht trong vic s dung CBC chinh la quan ly cac
gia tri IV s dung , th

ng thi

ca hai bn nhn va gi u bit (ch ng ha n nh b ng 0)


ho c se

c kh

i ta o b ng ca

c gia

tri m

i va

i cho bn nh n tr

c khi ma

ho

a . Tuy
nhin nu IV bi tit l ke tn cng c th lam thay i cac bit khi u tin, v th c th
IV la mt gia tri c inh hoc c gi i sau khi a

ma ha bng ECB.
2.6.4. Ch ma phn hi CFB (Cipher Feedback) va ch ma phn hi u ra
OFB (Output Feedback)
Cac ch lung CFB va OFB c s dung ma ha cac d

li u c cung
c p r

i ra c, th

ng la

ca

c ti

n hi u nh n c t

v tinh ho c do m t b ca

m bi n na

o o


truy n v . Chinh v d liu c cung cp ri rac nn tai mt thi im chng ta khng
th bi t tr

c l

n va vi tri d liu s c ma ha . Do o

i v

i ca

c ch lu ng
x
1
e
k
y
1
IV=y
0
x
2
e
k
y
2
y
1
x
1
IV=y
0
d
k
y
2
x
2
d
k
M ho Gii m
Chng III: Cc h ma khoa bi mt
71
input cho thu t toa

n ma

ho

a c xem la

m t lu ng ca

c bit cu

a ba

n ro

c l n l t theo
th

i gian.
Trong ch OFB va CFB dng khoa c tao ra s c cng modulo 2 vi ban
r. OFB thc s la mt h ma ng b: dng khoa c thanh lp bi vic tao lp cac
vector khi tao 64 bit (vector IV). Ta xac inh z
0
= IV v tnh dng kho z
1
z
2
... z
n
theo quy
tc z
i
= e
k
(z
i-1
) vi i 1. Sau day ban r x
1
x
2
... x
n
s c ma hoa bng cach tinh y
i
=
x
i
z
i
vi i 1.
Trong ch CFB, ta bt u vi y
0
= IV (vector khi tao 64 bit) va tao phn t z
i

cua dng khoa bng cach ma hoa khi ban ma trc . Tc la z
i
= e
k
(y
i-1
) vi i1 va y
i
=
x
i
z
i
vi i1. Vic s dung CFB c m ta bng s sau (e
k
trong trng hp nay
c s dung cho ca ma hoa va giai ma):

Hnh 3.16: Ch CFB
Cung c mt vai dang khac cua OFB va CFB c goi la ch phan hi k-bit (1<
k < 64). y ta a m ta ch phan hi 64 bit. Cac ch phan hi 1-bit v 8-bit
thng c s dung cho phep ma hoa ng thi 1 bit (hay byte) d liu. Ky thut c
ban c s dung y la mt thanh ghi dich 64 bit va mi bc dich c k-bit lm
u vao cho ma hoa. K-bit bn trai cua u vao ham ma hoa c XOR vi n vi u
cua block ban r tip theo a ra mt n vi ban ma truyn i va n vi nay c
a lai vao k-bit bn phai cua thanh ghi dich. Qua trnh x ly tip tuc cho ti khi tt ca
n vi ban r u c ma hoa. im khac nhau gia CFB va OFB la k-bit hi tip cho
b ghi dich c ly t trc hay sau b XOR (nu ly sau b XOR th d liu a ma hoa
ng vi CFB, cn ly phia trc th la OFB).
Nhn chung , bn ch cua DES u c nhng u nhc im ring. ch
ECB va OFB, s thay i cua mt khi ban r x
i
64 bit s lam thay i khi ban ma y
i

tng ng, nhng cac khi ban khac th khng bi anh hng. Trong mt s tnh hung,
x
1
y
1
e
k e
k
IV=y
0
x
2
y
2
y
1
x
1
e
k e
k
IV=y
0
y
2
x
2
Gii m
M ho
Chng III: Cc h ma khoa bi mt
72
y la mt tinh cht ang mong mun. Vi du nh ch OFB thng c dng ma
hoa trong vic truyn tin hiu qua v tinh.
Mt khac, ch CBC va CFB, nu mt khi ban r x
i
bi thay i th y
i
va cac khi
tip theo s bi anh hng. Nh vy ch CBC va CFB c th c s dung rt hiu
qua trong muc ich xac thc. Cung v ly do nn CFB th

ng c du

ng ma

ho

a
trong ca

c tr

ng h p ma

ng truy n t t, tin hiu it nhiu. c bit hn, cac ch nay


dng tao ma xac thc ban tin (MAC Message Authentication Code). MAC c gn
thm vao cac khi ban r thuyt phuc R (receiver) rng y chinh la day ban r c
gi t S (sender) ma khng phai mt ai khac gia mao. Nh vy MAC am bao tinh xac
thc cua ban tin.
Ta s m ta cach s dung ch CBC tao MAC. Ta bt u bng vector khi
tao IV cha toan s 0. Sau dng ch CBC tao cac khi ban ma y
1
y
2
...y
n
vi khoa
K. Cui cng ta xac inh MAC la y
n
. Ngi gi S (sender) s phat i khi ban r x
1
x
2
... x
n

cng vi MAC. Khi ngi nhn R (receiver) thu c x
1
x
2
... x
n
, anh ta s khi phuc lai y
1
,
y
2
, y
n
bng khoa bi mt K va xac minh liu y
n
c ging MAC cua mnh thu c hay
khng. Nu mt ngi th ba E (enemy) thu chn c ban r x
1
x
2
... x
n
r rng E khng
th tao ra MAC hp l nu khng bit khoa bi mt K ma S va R ang dng. Hn na, nu
E thay i it nhiu ni dung th chc chn E khng th thay i c MAC c R
chp nhn.
Thng thng ta mun kt hp ca tinh xac thc ln bao mt. iu c thc
hin nh sau: trc tin S dng khoa K
1
tao MAC cho day ban r x
1
x
2
... x
n
, sau S
xac inh x
n+1
la MAC, ri ma hoa day x
1
x
2
... x
n
x
n+1
bng kho K
2
tao day ban ma y
1
y
2
...
y
n
y
n+1
. Khi R nhn c y
1
y
2
...y
n
y
n+1
, R s giai ma bng khoa K
2
va sau kim tra xem
x
n+1
c phai la MAC (bng khoa K
1
) cua day ban r x
1
x
2
... x
n
hay khng.
3. Bai tp
Bai tp 3.1: Hay giai ma ban ma c ma ha bng h ma Caesar sau (s

du ng ba

ng
ch

ca

i ti ng Anh): WKXPEVXS.
Bai tp 3.2 (kho): Thng i p bi

m t n sau oa n vn ba

n ti ng Anh sau la

gi

:
The supply of game for London is going steadily
up. Head keeper Hudson, we believe, has been
now told to receive all orders for fly paper and for
preservations of your hen-pheasant's life.
Trich trong tac phm The Gloria Scott.
Bai tp 3.3: S

du ng ba

ng sau (h ma

Freemason) giai ma thng ip:







Bang ma cac ky t:
A B C
D E F
G H I
Chng III: Cc h ma khoa bi mt
73


J
K
L
M

N O P
Q R S
T U V


W
X
Y
Z

G i y

: y la

m t h ma

thay th t ng hi

nh.
Bai tp 3.4: Hay tm thng i p bi

m t n gi u trong oa n vn ba

n sau:
Dear George, 3rd March
Greetings to all at Oxford. Many thanks for your
letter and for the Summer examination package.
All Entry Forms and Fees Forms should be ready
for final dispatch to the Syndicate by Friday
20th or at the very least, Im told, by the 21st.
Admin has improved here, though theres room
for improvement still; just give us all two or three
more years and well really show you! Please
dont let these wretched 16+ proposals destroy
your basic O and A pattern. Certainly this
sort of change, if implemented immediately,
would bring chaos.
Bai tp 3.5: Cho h ma Affine c cai t trn Z
99
. Khi kha la cac cp (a, b) trong
a, b e Z
99
vi (a, 99) = 1. Ham ma ha E
K
(x) = (a * x + b) mod 99 va ham giai ma D
K

(x) = a
-1
* (x b) mod 99.
a) Hay xac inh s kha c th c s dung cho h ma nay.
b) Nu nh kha giai ma la K
-1
= (16, 7), hay thc hin ma ha xu m =
DANGER.
Bai tp 3.6: Cho h ma Affine c cai t trn Z
39
. Khi kha la cac cp (a, b) trong
a, b e Z
39
vi (a, 39) = 1. Ham ma ha E
K
(x) = (a * x + b) mod 39 va ham giai ma D
K

(x) = a
-1
* (x b) mod 39.
a) Hay xac inh s kha c th c s dung cho h ma nay.
b) Nu nh kha giai ma la K
-1
= (23, 7), hay thc hin ma ha xu m = ATTACK.
Bai tp 3.7: Cho h ma Affine c cai t trn Z
55
. Khi kha la cac cp (a, b) trong
a, b e Z
55
vi (a, 55) = 1. Ham ma ha E
K
(x) = (a * x + b) mod 55 va ham giai ma D
K

(x) = a
-1
* (x b) mod 55.
a) Hay xac inh s kha c th c s dung cho h ma nay.
Chng III: Cc h ma khoa bi mt
74
b) Kha giai ma la K
-1
= (13, 17), hay xac inh kha ma ha.
Bai t p 3.8: Gia s h ma Affine c cai t trn Z
99
.
a) Hay xac inh s kha c th c cua h ma.
b) Gia s kha ma ha la (16, 7), hay xac inh kha giai ma.
Bai t p 3.9: Gia s h ma Affine c cai t trn Z
126
.
a) Hay xac inh s kha c th c cua h ma.
b) Gia s kha ma ha la (23, 7), hay xac inh kha giai ma.
Bai tp 3.10: Cho h ma Hill c M = 2.
a) Ma trn A =
(

17 13
3 5
c th c s dung lam kha cho h ma trn khng giai
thch.
b) Cho A =
(

7 3
5 12
hay thc hin ma ha va giai ma vi xu S = HARD.
Bai tp 3.11: Cho h ma Hill c M = 2.
a) Ma trn A =
(

a 11
3 5
c s dung lam kha cho h ma trn. Hay tm tt ca cac
kha c th s dung cua h ma trn.
b) Gia s ngi ta s dung h ma trn ma ha ban r P = EASY va thu c
ban ma la UMQA. Hay thc hin giai ma vi ban ma la C = MCDZUZ va a
ra ban r.
Bai tp 3.12: Cho h ma Hill c M = 2.
a) Ma trn A =
(

a 7
13 15
c s dung lam kha cho h ma trn. Hay tm tt ca
cac kha c th s dung cua h ma trn.
b) Gia s ngi ta s dung h ma trn ma ha ban r P = MARS va thu c
ban ma la YARH. Hay thc hin giai ma vi ban ma la C = MANNTF va a
ra ban r.
Bai tp 3.13: Cho h ma Vigenere c M = 6, K = CIPHER.
a) Hay thc hin ma ha xu P = THIS IS MY TEST.
b) Hay thc hin giai ma xu M = EICJIC RTPUEI GBGLEK CBDUGV.
Bai tp 3.14: Cho h ma Vigenere c M = 6. Ma ha xu P = THIS IS MY TEST ngi
ta thu c ban ma la LLKJML ECVVWM.
a) Hay tm kha ma ha a dng cua h ma trn.
b) Dng kha tm c phn trn hay giai ma ban ma C = KLGZWT
OMBRVW.
Chng III: Cc h ma khoa bi mt
75
Bai tp 3.15: Cho h ma Vigenere c M = 6. Ma ha xu P = SPIRIT ngi ta thu c
ban ma la OXHRZW.
a) Hay tm kha ma ha a dng cua h ma trn.
b) Dng kha tm c phn trn hay giai ma ban ma C = BQETYH HMBEEW.
Bai tp 3.16: Cho h ma Vigenere c M = 6. Giai ma xu C = RANJLV ngi ta thu
c ban r la CIPHER.
a) Tm kha a s dung cua h ma trn.
b) Dng kha tm c phn trn hay hay giai ma xu M = PLDKCI DUJQJO.
Bai tp 3.17: Phng pha

p ma

ho

a thay th n gia

n
oa n vn ba

n sau c ma

ho

a b ng ca

ch s

du ng m t phng pha

p ma

ho

a thay
th n gia

n. Ban r la mt phn cua mt vn ban ting Anh vit hoa, b qua cac du
cu. Hay s dung bang thng k tn sut xut hin cua cac ch cai trong ting Anh
giai ma ban ma a cho.
ODQSOCL OW GIU BOEE QRROHOCS QV GIUR KIA QF Q DQCQSLR WIR
ICL IW CQFQF EIYQE YIDJUVLR FGFVLDF GIU SLV OCVI GIUR
IWWOYL IC VXQV DICPQG DIRCOCS VI WOCP VXL JXICLF ROCSOCS
LHLRG YQEELR OF Q POFVRQUSXV YICWUFLP CQFQ BIRMLR QCP
LHLRG YQEELR QFFURLF GIU VXQV XOF IR XLR WOEL IR
QYYIUCVOCS RLYIRP IR RLFLQRYX JRIKLYV LHLRG ICL IW BXOYX
OF DOFFOCS WRID VXL YIDJUVLR FGFVLD OF QAFIEUVLEG HOVQE
Bang thng k tn sut xut hi n cu

a ca

c ch

ca

i trong ti ng Anh:
Ch

ca

i T n su t Ch

ca

i T n su t Ch

ca

i T n su t
A 8.2 % J 0.2 % S 6.3 %
B 1.5 % K 08 % T 9.1 %
C 2.8 % L 4.0 % U 2.8 %
D 4.3 % M 2.4 % V 1.0 %
E 12.7 % N 6.7 % W 2.3 %
F 2.2 % O 7.5 % X 0.1 %
G 2.0 % P 1.9 % Y 2.0 %
H 6.1 % Q 0.1 % Z 0.1 %
I 7.0 % R 6.0 %
Bai t p 3.18: Cho ba

n ma

sau:
EYMHP GZYHH PTIAP QIHPH YIRMQ EYPXQ FIQHI AHYIW ISITK MHXQZ PNMQQ
XFIKJ MKXIJ RIKIU XSSXQ ZEPGS ATIHP PSXZY H
Chng III: Cc h ma khoa bi mt
76
Bi t r ng ba

ng ch

ca

i s

du ng la

ti ng Anh, hay thc hin cac yu cu sau:


a) Hay a ra bang phn phi tn sut cua cac ch cai trong ban ma trn.
b) Gia s ban ma trn nhn c bng cach s dung phng phap ma ha i ch
ho c thay th n m, hay da vao ba

ng phn ph i t n su t

ph n a xa

c i nh
xem kha

nng na

o la

cao hn (h ma

i ch hay thay th n m)?


c) Hay xac inh ban r nu nh phn bt u cua ban r la What ought .
d) Giai thich cach thanh lp kha cua h ma.
Bai tp 3.19 (kho):
Hay giai ma ban ma c ma ha bng h ma Vigenere sau, xac inh kha s
dung bit rng ban r gm cac ch cai trong bang ma ting Anh.
IGDLK MJSGC FMGEP PLYRC IGDLA TYBMR KDYVY XJGMR TDSVK ZCCWG ZRRIP
UERXY EEYHE UTOWS ERYWC QRRIP UERXJ QREWQ FPSZC ALDSD ULSWF FFOAM
DIGIY DCSRR AZSRB GNDLC ZYDMM ZQGSS ZBCXM OYBID APRMK IFYWF MJVLY
HCLSP ZCDLC NYDXJ QYXHD APRMQ IGNSU MLNLG EMBTF MLDSB AYVPU TGMLK
MWKGF UCFIY ZBMLC DGCLY VSCXY ZBVEQ FGXKN QYMIY YMXKM GPCIJ HCCEL
PUSXF MJVRY FGYRQ

S

du ng m t trong ca

c ngn ng

l p tri

nh C, C++, Java ho c C# lam cac bai tp sau:


Bai tp 3.20: Vi t chng tri

nh m tn s xut hin cua cac ch cai ting Anh trong mt


vn ba

n ti ng Anh

da ng file text.
Bai tp 3.21: Vi t chng tri

nh m tn s xut hin cua cac ch cai ting Vit trong mt


vn ba

n ti ng Vi t

da ng file RTF.
Bai tp 3.22: Vi t chng tri

nh ca

i t thu t toa

n ma ha va giai ma cua h ma Ceasar.


Bai tp 3.23: Vi t chng tri

nh ca

i t thu t toa

n ma

ho

a va

gia

i ma

cu

a h ma

Affine.
Bai tp 3.24: Vi t chng tri

nh ti

nh i nh th

c cu

a ma tr n vung c p N (N < 20).


Bai tp 3.25: Vi t chng tri

nh ca

i t thu t toa

n ma

ho

a va

gia

i ma

cu

a h ma

Hill.
Bai tp 3.26: Vi t chng tri

nh ca

i t thu t toa

n ma

ho

a va

gia

i ma

cu

a h ma

Vigenere.
Bai tp 3.27: Vi t chng tri

nh ma

ho

a va

gia

i ma

file theo h ma DES v

i ca

c c ch
ma ha ECB, CBC.
Bai tp 3.28: Vi t chng tri

nh ma

ho

a va

gia

i ma

file theo h ma

AES v

i ca

c c ch ma


ha ECB, CBC.
Chng IV: Cc h ma mt khoa cng khai
77
CHNG IV: CAC H MA MT KHOA CNG KHAI
Trong ca

c h ma

m t kho

a bi

m t n u chu

ng ta bi t kho

a va

ha

m ma

ho

a chu

ng ta
c th tm c kha va ham giai ma mt cach nhanh chng (th

i gian a th

c).
M t h ma

m t kho

a bi

m t la

m t h ma

m t ma tt ca moi ngi u bit ham ma


ha va kha ma ha nhng khng tn tai mt thut toan thi gian a thc c th tinh
c kho

a gia

i ma

ca

c thng tin o

.
1. Khi nim h ma mt khoa cng khai
Cac h ma c trnh bay trong ca

c chng tr

c c go i la

ca

c h ma

kho

a bi


m t, kha i xng, hay ca

c h ma

truy n th ng (conventional).
Cac h ma nay c cac im yu sau y:
- N u s l ng ng

i s

dung ln th s kha s tng r t nhanh, ch ng ha n v

i n
ng

i s

du ng thi

s kho

a se

la

n *(n-1)/2 do o

r t kho

qua

n ly

, ph

c ta p va


khng an toa

n.
- D a trn ca

c h ma

na

y khng th xy d ng ca

c kha

i ni m va

di ch vu nh ch


ky in t, dich vu xac thc ha ngi dng cho cac ng dung thng mai in
t

.
Vao nm 1975 Diffie va

Hellman trong m t cng tri

nh cu

a mi

nh (m t ba

i ba

o) a


xu t ra ca

c y

ng cho phe

p xy d ng ln ca

c h ma

hoa t ng theo ca

c nguyn t c
m

i g n li n v

i ca

c bn truy n tin ch

khng g n v

i ca

c c p truy n tin.
Nguyn t c hoa t ng cu

a ca

c h ma

la

m i bn tham gia truy n tin se

co

2 kha,
m t kho

a go i la

kho

a bi

m t va

m t kho

a c go i la

kho

a cng khai. Kha bi mt la kha


dng giai ma va c gi bi mt (K
S
), kha cng khai la kha dng sinh ma c
cng khai ho

a b t c

ai cu

ng co

th s

du ng kho

a na

y g

i tin cho ng

i chu

cu

a h
ma (K
P
). Ngay nay chng ta c th thy rt r nguyn tc nay trong vic gi email , moi
ng

i u co

th g

i email t

i m t i a chi

email na

o o

, nhng chi

co

ng

i chu

u
cua ia ch email mi c th oc c ni dung c ua bc th, cn nhng ngi khac
th khng. V

i ca

c h ma

kho

a cng khai vi c phn ph i kho

a se

tr

nn d da

ng hn
qua ca

c knh cung c p kho

a cng c ng , s l ng kho

a h th ng qua

n ly

cu

ng se

t hn
(la n kha cho n ngi du

ng). Cac dich vu mi nh ch ky in t, tha thun kha cung


c xy d ng d a trn ca

c h ma

na

y.
Cac yu cu cua loai h ma nay:
- Vi c sinh K
P
, K
S
phai d dang
- Vi c ti

nh E(K
P
, M) la d dang
- N u co

C = E(K
P
, M) va K
S
th vic tm ban r cung la d
- N u bi t K
P
th vic d tm K
S
la kh
- Vi c khi phu c ba

n ro

ba

n ma

la

r t kho


Khi A mu n truy n tin cho B , A se

du ng kho

a K
P
cua B ma ha tin tc va
truy n ba

n ma

i cho B, B se

du ng kho

a bi

m t cu

a mi

nh gia

i ma

va

o c tin:
Chng IV: Cc h ma mt khoa cng khai
78




Hnh 4.1: M hi

nh s

du ng 1 cua cac h ma kha cng khai PKC


Ciphertext = E(K
P
,Plaintext) ,Plantext = D(K
S
, E(K
P
,Plaintext)) (1)




Hnh 4.2: M hi

nh s

du ng 2 cua cac h ma kha cng khai PKC


Ciphertext = D(K
S
, Plaintext), Plaintext = E(K
P
, D(K
S
, Plaintext)) (2)
M hi

nh (2) c s

du ng c ho ca

c h ch

ky

i n t

co

n m hi

nh (1) c s


dung cho cac h ma mt . Cac h ma nay c goi la cac h ma kha cng khai PKC
(Public Key Cryptosystems) hay ca

c h ma

b t i x

ng (Asymmetric Encryption
Scheme).
2. Nguyn t c c u ta o cu

a ca

c h ma

m t kho

a cng khai
Cac h ma kha cng khai c xy dng da trn cac ham c goi la cac ham 1
phia hay ham 1 chi u (oneway functions).
Ham mt chiu f : X Y la

m m t ha

m ma

n u bi t x e X ta co

th d da

ng ti

nh
c y = f(x). Nhng v

i y b t ky

e Y vi c ti

m x e X sao cho y = f(x) la kh. C ngha la


vi c ti

m ha

m ng c f
-1
la rt kh.
Vi du nu chng ta c cac s nguyn t P
1
, P
2
, ..., P
n
th vic tinh N = P
1
* P
2
* ... *
P
n
la d nhng nu c N th vic phn tich ngc lai la mt bai toan kh vi N ln.
thu n ti n ca

c ha

m m t phi

a c s

du ng trong ca

c h ma

PKC th

ng c
trang bi ca

c c

a b y (trapdoor) gip cho vi c ti

m x tho

a ma

y = f(x) la d dang nu chng


ta bi t c c

a b y na

y.
Ham cua by (trapdoor function): la mt ham mt chiu trong vic tinh f
-1
la rt
nhanh khi chu

ng ta bi t c c

a b y cu

a ha

m. Vi du vic tm nghi m cu

a ba

i toa

n x p
bal 0/1 trong h ma

x p bal Knapsack ma

chu

ng ta se

ho c trong ph n ti p theo la

m t
ham mt phia (vi c ma

ho

a r t nhanh va

d da

ng nhng ti

m vect nghi m tng

ng la


kh) nhng n u ta bi t c

a b y (Vect x p bal siu tng A ) th vic giai bai toan lai rt


d da

ng.
3. M t s h ma

kho

a cng khai
3.1. H ma

knapsack
Bai toan xp ba l tng quat:
Kha cng
khai (K
P
)
Kha b mt
(K
S
)
M ha Gii m
Plaintext Plaintext
Ciphertext
A B
M ha Gii m
Plaintext
Kha b mt
(K
S
)
Kha cng
khai (K
P
)
Plaintext
Signed Message
A B
Chng IV: Cc h ma mt khoa cng khai
79
Cho M, N va

A
1
, A
2
, ...., A
N
la cac s nguyn dng tm cac s x
i
khng m sao cho:
M =
1
*
N
i i
i
x A
=

Vecto A = (A
1
, A
2
, ..., A
N
) c go i la

vecto x p bal co

n vect X = (x
1
, x
2
, , x
N
) la
vect nghi m.
M t tr

ng h p ring a

ng quan tm cu

a ba

i toa

n x p ba l t ng qua

t la

tr

ng
h p ma x
i
e {0, 1}. Khi o

ta co

ba

i toa

n x p ba l 0, 1.
Vecto x p ba l siu tng : Trong tr

ng h p vecto (A
1
, A
2
, ..., A
N
) c s p la i
thanh (A
1
, A
2
, ..., A
N
) sao cho:
i ta co

:
'
j
j i
A
<

< A
i
th vecto (A
1
, A
2
, ..., A
N
) c go i la

vecto x p balo siu tng.


Khi (A
1
, A
2
, ..., A
N
) la mt vecto xp balo siu tng ta co

ngay ti

nh ch t : M >= A
i
i.
Do o

vi c gia

i ba

i toa

n x p ba l 0/1 tr

nn d da

ng hn r t nhi u.
H ma

knapsack do Merkle va

Hellman a ra va

o nm 1978.
Cch xy dng:
1. Chon 1 vecto siu tng A

= (a

1
, a

2
, ..., a

N
), chon 1 s M > 2 * a

N
, chon ngu
nhin 1 s u < M va

(u, M) = 1
2. Xy d ng Vecto A = (a
1
, a
2
, ..., a
N
) trong o

a
i
= (a

i
* u) mod M
3. Kha: K
P
= (A, M), K
S
= (u, u
-1
)
4. Khng gian ca

c ba

n ro

la

khng gian mo i da

y N bit
P = (x
1
, x
2
, ..., x
n
).
Ma ha: C = (
1
*
N
i i
i
a x
=

)mod M
Giai ma: tinh C

= C * u
-1
mod M sau o

gia

i ba

i toa

n x p ba l 0/1 v

i A

, C


tm c P = (x
1
, x
2
, ..., x
n
).
Vi du 1: Cho h ma

Knapsack co

= (2, 3, 6, 12, 25), N = 5, M = 53, u = 46, u


-1
=
15.
a) Hay tm cac kha cua h ma trn
b) Ma ha va giai ma ban ma tng ng cua ban r M = 01001.
3.2. H ma RSA
H ma

RSA c t tn d a theo ca

c ch

ca

i u cu

a 3 tac gia cua h ma la


Rivest, Shamir va

Adleman. y la thut toan ma ha ni ting nht va cung la thut toan


c ng dung thc t nht.
cai t RSA ban u mi ngi dng sinh kha cng khai v kha bi mt cua
mnh bng cach:
Chng IV: Cc h ma mt khoa cng khai
80
- chon hai s nguyn t ln ngu nhin (c gn 100 ch s) khac nhau p v q
- tnh N = p*q
- chon mt s e nh hn N va (e, C(N)) = 1, e c go i la

s mu

l p ma


- tm phn t ngc cua e trn vanh module C(N), d la

s mu

gia

i ma


- kha cng khai l K
P
= (e, N)
- kha bi mt la K
S
= K
-1
P
= (d, p, q)
Vic thit lp kha nay c thc hin 1 ln khi mt ngi dng thit lp (thay th)
kha cng khai cua ho. Mu e thng la kha nh ( ma ha nhanh), va phai la nguyn t
cng nhau vi C(N). Cac gia tri thng c chon cho e la 3 ho c 2
16
1 = 65535. Tuy
nhin khi e nho

thi

d se

tng i l

n . Khoa bi mt la (d, p, q). Cac s p va q thng c


gia tri xp x nhau nhng khng c bng nhau . Ch y la vic l mt trong cac thanh
phn trn s lam cho h ma ha tr thanh khng an toa

n.
S dung RSA
- ma ha mt thng ip M: C = M
e
(mod N) (0<= M < N)
- giai ma: M = C
d
(mod N)
Thut toan ma ha RSA lam vic c bi v n da trn c s toan hoc la s tng
quat inh ly Ferma nh cua clit: X
C(N)
= 1 (mod N). Trong thut toan RSA chng ta chon
e v d l nghich ao cua nhau trn vanh Z
C(N
) vi e c chon trc.
Do chng ta s c e.d 1 mod C(N), suy ra:
M = C
d
= M
e.d
= M
1+q.C(N)
= M . (M
C(N)
)
q
= M mod N
Cng thc nay am bao vic giai ma s cho kt qua ng la ban r ban u (ch y
la iu nay ch ng khi p khac q).
Vi du 1: Cho h ma RSA c N = p*q = 11 * 47 = 517, e = 3.
- Hy tm cc kha cng khai va bi mt cua h ma trn
- Ma ha ban r M = 26.
u tin ta tinh c C(N) = 460 = 10 * 46, do (3,460) = 1 nn ap dung thut toa

n
clit m rng ta tm c d = 307.
Vy kha cng khai cua h ma K
P
= (e, N) = (3, 517), kha bi mt la K
S
= (d, p, q) =
(307, 11, 47).
M ha M = 26 ta c C = M
e
mod N = 26
3
mod 517 = 515.
an toan cua RSA
an toan cua RSA phu thuc vao kh cua vic tinh C(N) va iu nay i hi
chng ta cn phn tich N ra tha s nguyn t. Thut toan phn tich s nguyn t hiu
qua nht hin nay la Brent-Pollard, chng ta hay xem xet bang thng k sau thy c
tc hoat ng cua n:
S ch s trong h thp phn cua N S cc thao tc Bit phn tich N
Chng IV: Cc h ma mt khoa cng khai
81
20 7.20e+03
40 3.11e+06
60 4.63e+08
80 3.72e+10
100 1.97e+12
120 7.69e+13
140 2.35e+15
160 5.92e+16
180 1.26e+18
200 2.36e+19
Bang 4.1: T c cu

a thu t toa

n Brent-Pollard
Cac nghin cu v vn phn tich cac s nguyn ln hin nay tin trin rt chm,
cac tin b ln nht cung ch la cac cai tin v thut toan va c th ni rng tr khi c cac
t pha trong vic phn tich cac s 1024 bit, RSA la an toan trong thi im hin nay.
Cac nha mt ma hoc phat minh ra h ma RSA a a ra mt giai thng tri gia 100
$ vao nm 1977. la mt h ma vi s N c 129 ch s, thach thc nay a c pha.
Trn thc t cai t RSA cn phai thc hin cac thao tac modulo vi cac s 300
ch s (hay 1024 bit) ma hin nay cac may tinh mi ch thao tac vi cac s nguyn 64 bit,
iu nay dn n nhu cu cn cac th vin s hoc nhn chinh xac lam vic vi cac s
nguyn ln nay. Ngoai ra vic s dung RSA cn ti cac s nguyn t ln nn chng ta
cung phai c mt c s d liu cac s nguyn t.
tng tc cho RSA chng ta c th s dung mt s phng phap khac chng han
nh cai tin cac phep tinh toan nhn hai s ln hoc tng tc vic tm ban ma, ban r.
i vi phep nhn 2 s n bit thng thng chng ta cn thc hin O(n
2
) php tnh
bit. Thut toan nhn cac s nguyn Schonhage Strassen cho phep chng ta thc hin
phep nhn 2 s vi phc tap la O(n log n) vi cac bc nh sau:
- Chia mi s nguyn thanh cac khi, s dung cac khi nay nh cac h s cua
mt a thc.
- Tinh cac a thc nay tai mt s cac im thich hp, va nhn cac kt qua thu
c.
- Ni suy cac kt qua nay hnh thanh cac h s cua a thc tich
- Kt hp cac h s hnh thanh nn tich cua hai s ban u
- Bin i Fourier ri rac, va ly thuyt chp c th c s dung tng tc
cua qua trnh ni suy.
Chng IV: Cc h ma mt khoa cng khai
82
Mt cach khac na tng tc vic nhn cac s ln trong h ma RSA la s dung
cac phn cng chuyn dung vi cac thut toan song song.
Nh a trnh bay phn trc khi m ha chng ta thng chon e nh y
nhanh qua trnh ma ha nhng iu nay cung ng ngha la vic giai ma s chm do s
mu ln. Mt cai tin ang k trong tc giai ma RSA c th nhn c bng cach s
dung inh ly phn d Trung Hoa lam vic vi modulo p va q tng ng thay v N. V p v
q ch bng mt na cua N nn tinh toan s nhanh hn nhiu.
inh ly phn d Trung Hoa c s dung trong RSA bng cach tao ra hai phng
trnh t vic giai ma M = C
d
(mod N) nh sau:
M
1
= M mod p = (C mod p)
d mod (p-1)

M
2
= M mod q = (C mod q)
d mod (q-1)

Sau ta giai h:
M = M
1
mod p
M = M
2
mod q
H nay c nghim duy nht theo inh ly phn d Trung Hoa
M = [(M
2
+ q M
1
)u mod q] p + M
1

Trong p.u mod q = 1
Vic s dung inh ly phn d Trung Hoa la mt phng phap c s dung rng
rai va ph bin tng tc giai ma cua RSA.
Hi n tng l ba

n ro


M t hi n t ng c n lu y

khi s

du ng ca

c h ma

RSA la

hi n t ng l ba

n ro

. Ta
hay xet h ma RSA c N = p*q = 5*7, e = 17, khi o

i M = 6 ta co

C = 6
17
mod N = 6.
Tng t v

i h ma

RSA co

N = p*q = 109*97, e = 865, v

i mo i M ta u co

M
e

mod N = M.
Theo ti

nh toa

n thi

i m t h ma

RSA co

N = p*q va

e b t ky

, s l ng ba

n ro

se

bi
l khi ma

ho

a se

la

(1 + (e-1, p-1))*(1 + (e-1, q-1)).


Trong s ca

c h ma

kho

a cng khai thi

co

le

h ma

RSA (cho t

i th

i i m hi n ta i )
la h ma c s dung rng rai nht.Tuy nhin do khi la

m vi c v

i d

li u u va

o (thng
i p ma

ho

a , ban r) l

n thi

kh i l ng ti

nh toa

n r t l

n nn trn th c t ng

i ta hay
dng h ma nay ma ha cac d liu c kich thc nh , ho c co

yu c u ba

o m t cao,
ch ng ha n nh ca

c kho

a phin (session key) trong ca

c phin truy n tin. Khi o

h ma


RSA se

c s

du ng k t h p v

i m t h ma

kh i kha

c , ch ng ha n nh AES , theo m
hnh lai ghep nh sau:
Chng IV: Cc h ma mt khoa cng khai
83
B - ngi nhn
RSA
Kha cng
khai cua B
Kha
phin K
C1
RSA
Kha bi mt
cua B
C1
Kha
phin K
AES P
C2
AES
C2
P
A - ngi gi

Hnh 4.3: M hi

nh

ng du ng lai ghe

p RSA v

i ca

c h ma

kh i
3.3. H ma

El Gamal
H ma El Gamal la mt bin th cua s phn phi khoa Diffie Hellman. H ma
ny c El Gamal a ra vao nm 1985. Ging nh s phn phi kha Diffie
Hellman tinh an toan cua n da trn tinh kh giai cua bai toan logarit ri rac. Nhc
im chinh cua n la kich thc thng tin sau khi ma ha gi i s tng gp i so vi
thng tin gc.
Tuy nhin so vi RSA, El Gamal khng c nhiu rc ri v vn ban quyn s
dung.
Ban u ngi ta s chon mt s nguyn t ln p va hai s nguyn tuy y nh hn p
l a (a la

m t ph n t

nguyn thu

y cu

a Z
*
P
) va x (x la cua ngi nhn, bi mt) sau tinh:
y = a
x
mod p
ma ha mt thng ip M (la mt s nguyn trn Z
P
) thanh ban ma C ngi gi
chon mt s ngu nhin k nh hn p va tinh kha ma ha K:
K = y
k
mod p
Sau tinh cp ban ma:
- C
1
= a
k
mod p
- C
2
= K.M mod p
Va gi ban ma C = (C
1
, C
2
) i (ch y la sau k s bi huy).
giai ma thng ip u tin ta cn tinh lai kha ma ha thng ip K:
K = C
1
x
mod p = a
k.x
mod p
Sau tinh M bng cach giai phng trnh sau y:
M = C
2
. K
-1
mod p
Vic giai ma bao gm vic tinh lai kha tam thi K (rt ging vi m hnh cua Diffie
Hellman a ra). Kha cng khai cua h ma la (p, a, y), kha bi mt la x.
Vi du: Cho h ma El Gamal c P = 97, a = 5, x = 58.
Chng IV: Cc h ma mt khoa cng khai
84
- Tm kha cua h ma trn.
- Ma ha ban r M = 3 vi k c chon bng 36.
Trc ht ta tinh y = 5
58
mod 97 = 44, t suy ra K
P
= (P, a, y) = (97, 5, 44) v K
S

= (58).
ma ha thng ip M = 3 ta tnh kha K = 44
36
mod 97 = 75 sau tinh:
- C
1
= 5
36
= 50 mod 97
- C
2
= 75.3 mod 97 = 31 mod 97
Vy ban ma thu c la C = (50, 31).
Vn i vi cac h ma kha cng khai ni chung va El Gamal ni ring la tc
(do phai lam vic vi cac s nguyn ln), bn canh dung lng b nh danh cho vic
lu tr cac kha cung ln. Vi h ma El Gamal chng ta cn gp i b nh cha ban
ma so vi cac h ma khac. Ngoai ra do vic s dung cac s nguyn t nn vic sinh kha
va quan ly kha cung kh khn hn vi cac h ma khi. Trn thc t cac h ma kha
cng khai thng c s dung kt hp vi cac h ma khi (ma ha kha cua h ma)
hoc ma ha cac thng tin c dung lng nh va la mt phn quan trong cua mt
phin truyn tin nao .
Thm ma i vi h ma El Gamal
th c hi n tha

m ma

h ma

El Gamal chu

ng ta c n gia

i ba

i toa

n Logaritm r

i ra c .
y chng ta s xem xet hai thut toan c th ap dung giai bai toa n na

y, v

i
ph

c ta p va

kha

nng a

p du ng kha

c nhau.
Thu t toa

n Shank
Thu t toa

n na

y co

n co

tn kha

c la

thu t toa

n cn b ng th

i gian b nh

(Time-
Memory Trade Off), c ngha la nu chng ta c u b nh th c th s dung b nh
lam giam thi gian thc hin cua thut toan xung.
Input: s nguyn t p, ph n t

nguyn thu

y a cu

a
*
p
Z , s nguyn y.
Output: c n ti

m x sao cho a
x
mod p = y.
Thu t toa

n:
Goi m = [(p-1)
1/2
] (l y ph n nguyn).
B

c 1: Tinh a
mj
mod p v

i 0 j m-1.
B

c 2: S p x p ca

c c p (j, a
mj
mod p) theo a
mj
mod p va

lu va

o danh sa

ch L
1
.
B

c 3: Tinh ya
-i
mod p v

i 0 i m-1.
B

c 4: S p x p ca

c c p (i, ya
-i
mod p) theo a
mj
mod p va

lu va

o danh sa

ch L
2
.
B

c 5: Tm trong hai danh sach L


1
va L
2
xem co

t n ta i c p (j, a
mj
mod p) va (i, ya
-i

mod p) nao ma a
mj
mod p = ya
-i
mod p (toa th hai cua hai cp bng nhau).
B

c 6: x = (mj + i) mod (p-1). K t qua nay c th kim chng t cng thc a


mj
mod
p = ya
-i
mod p => a
mj + i
mod p = y mod p => x = (mj + i) mod (p-1).
Chng IV: Cc h ma mt khoa cng khai
85
phc tap cua thut toan phu thuc vao m = [(p-1)
1/2
], v

i gia

tri cu

a m, chng ta
c n ti

nh ca

c ph n t

thu c hai danh sa

ch L
1
va L
2
, u la cac phep toan luy tha phu
thu c va

o j va

i , i va

j la i phu thu c va

o m nn co

th nh n th y la

thu t toa

n na

y chi

co


th a

p du ng trong nh

ng tr

ng h p ma

p nho

.
Thu t toa

n Pohlig-Hellman
C nhng trng hp c bit ma bai toan Logarithm ri rac c th giai quyt vi
ph

c ta p nho

hn O(p
1/2
), ch ng ha n nh khi p 1 ch c cac c nguyn t nh. M t
thu t toa

n la

m vi c v

i ca

c tr

ng h p nh v y a

c Pohlig va

Hellman a ra va

o
nm 1978.
Gia s p 1 = 2
n
.
Goi a la phn t nguyn thuy cua
*
p
Z , p la

m t s le

va

a
(p-1)/2
mod p = -1. Goi m la
s nguyn thu c khoa

ng [0, p-2] ma chng ta cn tm y = a


m
mod p. Gia s m c
bi u di n tha

nh da ng nhi phn m = m
0
+ 2m
1
+ 4m
2
+ + 2
n-1
m
n-1
. Khi o

:
2 1
0
0 1 2 1
1 1 1 1
0 2 2 ... 2
2 2 2 2
0
1 0
( ) ( )
1 1
nu m
nu m
n
n
p p p p
m
m m m m m
y a a a


+ + + +
=

= = = =

=


Vi c ti

nh y
(p-1)/2
m t nhi u nh t 2[log
2
p] b

c va

se

cho ta m
0
. Khi xa

c i nh c y
1

= ya
-m
0
, ta l p la i thao ta

c tng t ti

nh m
1
:
2
1
1 2 1
1 1 1
1 2 ... 2
4 2 2
1
1
1 0
( )
1 1
nu m
nu m
n
n
p p p
m
m m m
c a a


+ + +
=

= = =


Qua trnh tinh toan c th tip din cho ti khi chng ta tm c m
i
. phc tap
cua thut toan la: n(2[log
2
p] + 2) ~ O((log
2
p)
2
).
3.4. Cc h ma mt da trn cc ng cong Elliptic
H u h t ca

c sa

n ph m va

ca

c chu n s

du ng ca

c h ma

kho

a cng khai ma

ho

a
va ch ky in t hin nay u s dung h ma

RSA . Tuy nhin v

i s pha

t tri n cu

a
nganh tham ma va nng lc ngay cang tng nhanh chng cua cac h thng may tinh ,
dai kha am bao an toan cho h ma RSA cung ngay cang tng nhanh chng , i u
nay lam giam a

ng k hi u nng cu

a ca

c h th ng s

du ng h ma

RSA , c bi t la

i
cac ng dung thng mai in t trc tuyn hay cac h thng realtime i hi thi gian
x

ly

nhanh cho

ng . G n y m t h ma

i a

xu t hi n va

c kha nng thay th cho


RSA, o

la

ca

c h ma

kho

a cng khai d a trn ca

ng cong Elliptic ECC (Elliptic


Curve Cryptography).
i m h p d n nh t cu

a ca

c h ma

d a trn ca

ng cong Elliptic la

no

cho
phep at c tinh an toa

n tng ng v

i RSA trong khi ki

ch th

c kho

a s

du ng la i
nh hn rt nhiu, lam giam s phep tinh s dung khi ma ha, giai ma va do at c
hi u nng va

t c c n thi t . Trn ly

thuy t ti

nh an toa

n cu

a ECC khng cao b ng so v

i
RSA va

cu

ng kho

gia

i thi

ch m t ca

ch d hi u hn so v

i RSA hay Diffie -Hellman. C s


toan hoc y u cua cac h ma da trn ng cong Elliptic vt ra ngoai pham vi cua
tai liu nay , trong ph n na

y ch ng ta s ch xem xet cac vn c ban cua cac ng


cong Elliptic va

ca

c h ma

ECC.
Chng IV: Cc h ma mt khoa cng khai
86
3.4.1. Nhom Abel
Nhm Abel G, th

ng c ky

hi u la

{G, } la mt tp hp vi mt phep toan hai


ngi ky

hi u la

, k t qu

a th c hi n cua phep toan vi hai phn t a, b e G, ky hiu la (a


b) cung la mt phn t thuc G, tinh cht nay goi la ng i vi tp G. i vi phep toan
ca

c m nh sau u tho

a ma

n:
(A1): a, b e G thi

(a b) eG, tinh ng (Closure)


(A2): a, b, c e G thi

a (b c) = (a b) c, tinh kt hp (Associate)
(A3): T n ta i e e G: e a = a e = a a e G, e c go i la

ph n t

n vi cu

a t p
G.
(A4): a e G, lun - a e G: a a = a a = e, a la phn t nghich ao cua a.
(A5): a, b e G: a b = b a, tinh giao hoan (Commutative).
R t nhi u ca

c h ma

kho

a cng khai d a trn ca

c nho

m Abel . Ch ng ha n, giao th

c
trao i kho

a Diffie -Hellman lin quan t

i vi c nhn ca

c c p s nguyn khac khng theo


modulo q (nguyn t ). Cac kha c sinh ra bi phep tinh luy tha trn nhm.
i vi cac h ma ECC, phep toan cng trn cac ng cong Elliptic c s dung
la phep toan c ban. Phep nhn c inh ngha la s lp lai cua nhiu phep cng : a x k
= (a + a + + a). Vi c tha

m ma

lin quan t

i vi c xa

c i nh gia

tri cu

a k v

i ca

c thng tin
cng khai la

a va

(a x k).
M t

ng cong Elliptic la

m t phng tri

nh v

i hai bi n va

ca

c h s . Cac ng
cong s

du ng cho ca

c h ma

m t co

ca

c bi n va

ca

c h th ng la

ca

c ph n t

thu c v
m t tr

ng h

u ha n, i u na

y ta o tha

nh m t nho

m Abel . Tr

c h t chu

ng ta se

xem xe

t
cac ng cong Elliptic trn tr

ng s th c.
3.4.2. Cc ng cong Elliptic trn tr

ng s th c
Cac ng cong Elliptic khng phai la cac ng Ellipse . Tn go i

ng cong
Elliptic c t vi

loa i

ng cong na

y c m ta

i ca

c phng tri

nh b c ba, tng
t nh ca

c phng tri

nh c du

ng ti

nh chu vi cu

a m t Ellipse . dang chung nht


phng tri

nh b c 3 bi u di n m t

ng cong Elliptic co

da ng:
y
2
+ axy + by = x
3
+ cx
2
+ dx + e.
Trong o

a, b, c, d, e la

ca

c s th c , x va y la cac bin thuc trng s thc . V

i
muc ich hiu v cac h ma ECC chng ta ch xet cac dang ng cong Elliptic c
dang:
y
2
= x
3
+ ax + y (phng tri

nh 1)
Cac phng trnh nay c goi la cac phng trnh bc ba, trn ca

ng cong
Elliptic chu

ng ta i nh nghi

a m t i m c bi t go i la

i m O hay i m ta i v cu

ng (point at
infinity). ve

ng cong Elliptic chu

ng ta c n ti

nh ca

c gia

tri theo phng tri

nh:
3
y x ax b = + +
V

i m i gia

tri cu th cu

a a va

b , s cho chng ta hai gia tri cua y (m t m va

m t
dng) tng

ng v

i m t gia

tri cu

a x , cac ng cong dang nay lun i xng qua

ng th ng y = 0. Vi du v hnh anh cua mt ng cong Elliptic:


Chng IV: Cc h ma mt khoa cng khai
87

Hnh 4.4: Cac ng cong Elliptic trn trng s thc
Chng ta xem xet tp im E (a, b) ch

a t t ca

cac im (x, y) tha man phng


trnh 1, cng vi im O. S

du ng ca

c c p (a, b) khac nhau chu

ng ta co

ca

c t p E (a, b)
khac nhau. S

du ng ky

hi u na

y ta co

hi

nh ve

minh ho a trn la

bi u di n cu

a hai t p h p
E(1, 0) va E(1, 1) tng

ng.
3.4.3. M ta

hi

nh ho c cu

a phe

p c ng trn ca

ng cong Elliptic
V

i m i c p (a, b) cu th chng ta c th thanh lp mt nhm trn tp E (a, b) v

i
cac iu kin sau:
3 2
4 27 0 a b + = (i u ki n 1).
Chng IV: Cc h ma mt khoa cng khai
88
V

i i u ki n b sung na

y ta i nh nghi

a phe

p c ng trn

ng cong Elliptic , m ta


v m t hi

nh ho c nh sau: n u ba i m trn m t

ng cong Elliptic ta o tha

nh m t

ng
th ng thi

t ng cu

a chu

ng b ng O. V

i i nh nghi

a na

y ca

c lu t cu

a phe

p c ng trn

ng
cong Elliptic nh sau:
1. O la phn t trung ha cua phep cng. P e E(a, b): P + O= P. Trong ca

c
m nh sau chu

ng ta gia

P, Q O.
2. P = (x, y) th phn t i cua P, ky hiu la P, s la (x, -y) va P + (P) = P P =
O. P va

P n m trn m t

ng th ng

ng
3. c ng hai i m P va

Q khng co

cng hoang x, v mt ng thng


n i chu

ng va

ti

m giao i m R. D da

ng nh n th y chi

co

m t i m R nh v y , t ng cu

a P
va Q la im i xng vi R qua ng thng y = 0.
4. Giao i m cu

ng th ng n i P v

i i cu

a P, t

c P, c xem nh c t

ng cong ta i i m v c c va

chi

nh la

O.
5. nhn i m t i m Q, ta ve

m t ti p tuy n ta i Q v

ng cong va

ti

m
giao i m S: Q + Q = 2Q = S.
V

i 5 i u ki n na

y E(a, b) la mt nhm Abel.


3.4.4. M ta

a i s v phep cng
Trong ph n na

y chu

ng ta se

tri

nh ba

y m t s k t qua

cho phe

p ti

nh toa

n trn ca

ng cong Elliptic. V

i hai i m phn bi t P = (x
P
, y
P
) va Q = (x
Q
, y
Q
) khng pha

i la

i
cua nhau, d c cu

ng n i l gi

a chu

ng la

= (y
Q
, y
P
). C chinh xac mt im
khac ma l giao vi ng cong , va chinh la i cua tng gia P va Q . Sau m t s
phep toan ai s chng ta c th tinh ra R = P + Q nh sau:
2
R P Q
x y x = A
( )
R P P R
y y x y = +A
Phep toan nhn i i vi P c tinh nh sau:
2
2
3
( ) 2
2
P
R P
P
x a
x x
y
+
=
2
3
( )( )
2
P
R P R P
P
x a
y x x y
y
+
=
3.4.5. Cc ng cong Elliptic trn Z
P
Cac h ma ECC s dung cac ng cong Elliptic vi cac bin va cac h s gii han
thu c v m t tr

ng h

u ha n . C hai ho cac ng cong Elliptic c th s dung vi cac


h ma

ECC: cac ng cong nguyn t trn Z


P
va cac ng cong nhi phn trn GF(2
m
).
M t

ng cong nguyn t trn Z


P
, chng ta s dung phng trnh bc ba ma cac bin
va cac h s cua n u la cac gia tri nguyn nm t 0 t

i p-1 va cac phep tinh c


th c hi n theo modulo P. Trn

ng cong nhi phn, cac bin va cac h s la cac gia tri


trn GF(2
n
). va cac tinh toan c thc hin trn GF (2
n
). Cac nghin cu v ly thuyt a
cho th y ca

ng cong nguyn t la

phu

h p nh t cho ca

ng du ng ph n m m vi


nh

ng ph

c ta p trong ti

nh toa

n i v

i ca

ng cong nhi phn, nhng i v

i ca

ng
dung phn cng th vic s dung cac ng cong nhi phn lai tt hn v c ch lam vic
cua cac mach, cac con chip rt ph hp vi cac tinh toan trn trng nhi phn.
Chng IV: Cc h ma mt khoa cng khai
89
V

i ca

ng cong Elliptic trn Z


P
chng ta inh ngha lai phng trnh biu din
nh sau:
y
2
mod p = (x
3
+ ax + y) mod p. (phng tri

nh 2)
Ch ng ha n ca

c gia

tri a = 1, b = 1, x = 9, y = 9, y = 7, p = 23 tha man phng trnh


trn.
Cac gia tri h s a, b va

ca

c bi n s x , y u thu c Z
P
. T p E
P
(a, b) g m t t ca

ca

c
c p (x, y) tha man phng trnh phng trnh 2.
Vi du vi p = 23, a = b = 1, ta co

t p E
23
(1, 1):
(0, 1) (6, 4) (12, 19)
(0, 22) (6, 19) (13, 7)
(1, 7) (7, 11) (13, 16)
(1, 16) (7, 12) (17, 3)
(3, 10) (9, 7) (17, 20)
(3, 13) (9, 16) (18, 3)
(4, 0) (11, 3) (18, 20)
(5, 4) (11, 20) (19, 5)
(5, 19) (12, 4) (19, 18)

Bang 4.2: Bi u di n cu

a t p E23(1, 1)
Chng IV: Cc h ma mt khoa cng khai
90
Cac qui tc v phep cng cung c inh ngha tng t i vi cac ng cong
Elliptic nguyn t :
i u ki n: (4a
3
+ 27b
2
) mod p 0.
1. P + O = P
2. N u P = (x
P
, y
P
) th P +(x
P
, y
P
) = O, i m (x
P
, y
P
) c go i la

i cu

a P, ky
hi u la

P. Ch ng ha n trn E
23
(1, 1), P = (13, 7) ta co

P = (13, 7) nhng 7 mod 23 = 16 nn


P = (13, 16), cung thuc E
23
(1, 1).
3. V

i hai i m phn bi t P = (x
P
, y
P
) va Q = (x
Q
, y
Q
), R = P + Q = (x
R
, y
R
)
c i nh nghi

a nh sau:
2
( ) mod
( ( ) ) mod
R P Q
R P R P
x x x p
y x x y p

=
=

Trong o

:
2
( ) mod , ( )
3
( ) mod , () )
2
Q P
Q P
P
P
y y
p P Q
x x
x a
p p Q
y

=

+


4. Phep nhn c inh ngha la tng cua cac phep cng , ch ng ha n 4P = P
+ P + P + P. Vi du vi P = (3, 10) va Q = (9, 7) trn E
23
(1, 1) ta co

:
7 10 3 1
( ) mod23 ( ) mod23 ( ) mod23 11
9 3 6 2


= = = =

nn
x
R
= (11
2
- 3 - 9 ) mod 23 = 17
y
R
= (11(3 - 17) - 10) mod 23 = 20. Nn P + Q = (17, 20).
ti

m 2P ta ti

nh:
2
3(3 ) 1 5 1
( ) mod23 ( ) mod23 ( ) mod23 6
2 10 20 4

+
= = = =


Ch y la thc hin phep tinh cui cng ta ly phn t nghich ao cua 4 trn Z
23

sau o

nhn v

i t

s la

1.
x
R
=(6
2
(3 - 7) - 10) mod 23 = 30 mod 23 = 7
y
R
= (6(3 - 7) - 10) mod 23 = 34 mod 23 = 12
K t lu n: 2P = (7, 12).
xa

c i nh an toa

n cu

a ca

c h ma

m t d a trn ca

ng cong Elliptic , ng

i
ta th

ng d a trn m t con s la

s ph n i m trn m t nho

m Abel h

u ha n , goi la N,
c i nh nghi

a trn m t

ng cong Elliptic . Trong tr

ng h p nho

m h

u ha n E
P
(a, b),
ta co

ca

c c n cu

a N la

:
1 2 1 2 p p N p p + s s + + , con s na

y x p xi

b ng s ph n t

cu

a Z
P
(b ng p).
3.4.6. Cc ng cong Elliptic da trn cc trng hu han GF(2
m
)
S ph n t

cu

a tr

ng h

u ha n GF (2
m
) la 2
m
, cac phep toan c trang bi trn
GF(2
m
) la phep toan cng va phep toan nhn c thc hin vi cac a thc . i vi cac

ng cong Elliptic d a trn GF(2


m
), chng ta s dung mt phng trnh bc ba vi cac
bi n va

ca

c tham s co

gia

tri thu c GF (2
m
), cac phep tinh c thc hin tun theo cac
phep toan trn GF(2
m
).
1. Phng tri

nh bi u di n
Chng IV: Cc h ma mt khoa cng khai
91
So v

i ca

c h ma

m t d a trn ca

ng cong trn Z
P
, dang biu din cua cac h
ma da trn GF(2
m
) tng i kha

c:
y
2
+ xy = x
3
+ ax
2
+ b (phng tri

nh 3)
Trong o

ca

c bi n x, y va

ca

c h s a, b la

ca

c ph n t

cu

a GF(2
m
) va cac phep tinh
toan c thc hin tun theo cac qui tc trn GF(2
m
).
Chng ta ky hiu E
2
m
(a, b) la tt ca cac cp s nguyn (x, y) tha man phng trnh
phng tri

nh 3 va im v cng O.
Vi du: chng ta c th s dung GF(2
4
) v

i a th

c b t kha

qui f(x) = x
4
+ x + 1. Ph n
t

sinh cu

a GF(2
4
) la g tha man f(g) = 0, g
4
= g + 1, hay

da ng nhi phn la

0010. Chng
ta co

ba

ng lu

y th

a cu

a g nh sau:
g0 = 0001 g4 = 0011 g8 = 0101 g12 = 1111
g1 = 0010 g5 = 0110 g9 = 1010 g13 = 1101
g2 = 0100 g6 = 1100 g10 = 0111 g14 = 1001
g3 = 1000 g7 = 1011 g11 = 1110 g15 = 0001
Ch ng ha n g
5
= g
4
g = (g+1)g = g
2
+ g = 0110.
Xet ng cong Elliptic y
2
+ xy = x
3
+ g
4
x
2
+ 1, trong tr

ng h p na

y a = g
4
va b =
g
0
= 1. M t i m n m trn

ng cong la

(g
5
, g
3
):
(g
3
)
2
+ (g
5
)(g
3
) = (g
5
)
3
+ (g
4
)(g
5
)
2
+ 1
g
6
+ g
8
= g
15
+ g
14
+ 1
1100 + 0101 = 0001 + 1001 + 0001
1001 = 1001
Bang sau la cac im trn E
2
4
(g
4
, 1):
(0, 1) (g
5
, g
3
) (g
9
, g
13
)
(1, g
6
) (g
5
, g
11
) (g
10
, g)
(1, g
13
) g
6
, g
8
) (g
10
, g
8
)
(g
3
, g
8
) (g
6
, g
14
) (g
12
,0)
(g
3
, g
13
) (g
9
, g
10
) (g
12
, g
12
)
Hnh biu din tng ng:
Chng IV: Cc h ma mt khoa cng khai
92

Hnh 4.5: Hnh biu din E
2
4
(g
4
, 1)
M t nho

m Abel co

th i nh nghi

a d a trn E
2
m
(a, b) v

i i u ki n b0. Cac lut thc


hi n v

i phe

p c ng, a, b eE
2
m
(a, b):
1. P + O = P
2. N u P = (x
P
, y
P
) th P + (x
P
, x
P
+ y
P
) = O. i m (x
P
, x
P
+ y
P
) la im i cua
P, ky hiu la P.
3. N u P = (x
P
, y
P
) va Q = (x
Q
, y
Q
) va PQ, PQ th R = P + Q = (x
R
, y
R
) c
xac inh bng cac cng thc sau:
2
( )
R
R


P Q
P R R P
x x x a
y x x x y a

= + + + +
= + + + +

Trong o

:
Q P
Q P
y y
x x

+
=
+

4. N u P = (x
P
, y
P
) th R = 2P = (x
R
, y
R
) c xa

c i nh b ng ca

c cng th

c
sau:
2
2
( 1)
R
R


P R
x a
y x x

= + +
= + +

Trong o

:
P
P
P
y
x
x
= +
Chng IV: Cc h ma mt khoa cng khai
93
3.4.7. H ma

m t d a trn ca

ng cong Elliptic
Phep toan cng trn ng cong Elliptic tng ng vi phep nhn theo modulo
trong h ma

RSA , cn phep toan nhn (c ng nhi u l n ) trn

ng cong Ellipti c tng


ng vi phep luy tha theo modulo trong h ma RSA . Tng t nh ba

i toa

n c s

cu

a
h ma

RSA la

ba

i toa

n phn ti

ch ra da ng th

a s nguyn t cu

a m t s nguyn l

n , cac
h ma

d a trn ca

ng cong Elliptic cu

ng co

cac bai toan c s la mt bai toan kh


giai, goi la bai toan Logarithm trn ng cong Elliptic:
Xet phng trnh Q = kP trong o

P, Q e E
P
(a, b) va k < p. Vi c ti

nh Q n u bi t P va


k la

m t ba

i toa

n d (th c hi n theo ca

c cng th

c). Nhng vi c xa

c i nh k v

i gia

tri P, Q
cho tr

c la i la

ba

i toa

n kho

.
Chng ta xem xet vi du (Certicom Website www.certicom.com): E
23
(9, 17) c xa

c
i nh b

i phng tri

nh y
2
mod 23 = (x
3
+ 9x + 17) mod 23.
V

i Q = (4, 5) va P = (16, 5) th k tha man Q = kP se

b ng bao nhiu ? Phng


phap n gian nht la nhn P ln nhiu ln cho ti khi bng Q:
P = (16, 5), 2P = (20, 20), 3P = P = (16, 5); 2P = (20, 20); 3P = (14, 14); 4P = (19,
20); 5P = (13, 10); 6P = (7, 3); 7P = (8, 7); 8P (12, 17); 9P = (4, 5).
Nh v y k = 9. Trn th c t ca

c h ma

se

m ba

o gia

tri k la

n phng
phap vet can nh trn la khng th thc hin c.
3.4.8. Phng pha

p trao i kho

a Diffie-Hellman d a trn ca

ng cong Elliptic
Ban u ng

i ta cho n m t s nguyn l

n q , c th la mt s nguyn t p hay c
dang 2
m
tng

ng v

i ca

c phng tri

nh bi u di n va

ca

c tham s a , b. Vi c l a cho n
nay cho chng ta tp hp E
q
(a, b). Ti p theo cho n m t i m G = (x
1
, y
1
) e E
P
(a, b) c bc
n r t l

n, b c n cu

a i m G la

s nguyn nho

nh t tho

a ma

n nG = O. E
q
(a, b) va G la cac
tham s cng khai cho h ma

m t d a trn

ng cong Elliptic tng

ng v

i ca

c tham
s p, a, b.
Phng pha

p trao i kho

a gi

a hai ng

i du

ng A va

B co

th th c hi n nh sau:
1. A cho n m t s nguyn n
A
nh hn n. o

chi

nh la

kho

a ring cu

a A. Sau o


sinh kho

a cng khai P
A
= n
A
x G, kha nay la mt im trn E
q
(a, b).
2. Tng t B cu

ng cho n m t kho

a ring n
B
va tinh kha cng khai P
B
.
3. A sinh m t kho

a bi

m t K = n
A
x P
B
. B sinh kho

a bi

m t K = n
B
x P
A
.
D da

ng ki m ch

ng ca

c kho

a bi

m t cu

a A va

B tinh c u bng nhau: n


A
x P
B

= n
A
x (n
B
x G) = n
B
x (n
A
x G) = n
B
x P
A
.
Hnh minh hoa cac bc:
Chng IV: Cc h ma mt khoa cng khai
94

Hnh 4.6: Phng pha

p trao i kho

a Diffie-Hellman d a trn ECC


t n cng phng pha

p trao i kho

a trn , ke tn cng cn phai tinh c gia tri


k v

i ca

c gia

tri cng khai la

G va

kG, va y chinh la bai toan Logarithm trn ng cong


Elliptic, m t ba

i toa

n kho

.
Vi du: p = 211, E
211
(0, 4) tng

ng v

i phng tri

nh bi u di n y
2
= x
3
+ 4, ta cho n
G = (2, 2). Do 240G = O nn n = 240. A cho n kho

a ring la

n
A
= 121, kha cng khai
tng

ng cu

a A se

la

P
A
= 121(2, 2) = (115, 48). Kha ring cua B la n
B
= 203 nn kho

a
cng khai cu

a B la

P
B
= 203(2, 2) = ( 130, 203). Kha bi

m t (chia se

) gi

a A va

B la


121(130, 203) = 203(115, 48) = (161, 69).
3.4.9. Thu t toa

n ma

ho

a va

gia

i ma


C nhiu cach ma ha /giai ma a c nghin cu vi cac h ma trn cac ng
cong Elliptic, y chng ta s xem xe

t ca

ch n gia

n nh t . Thu t toa

n ma

ho

a ban u
s thc hin phep bin i tin x ly t input la mt ban r m thanh dang mt im P
m
.
i m P
m
s c ma ha thanh ban ma va sau giai ma . Th c ch t vi c ti n x

ly

na

y
khng n gia

n vi

khng pha

i t t ca

ca

c to a co

da ng (x, y) u thuc E
P
(a, b). C
Chng IV: Cc h ma mt khoa cng khai
95
nhi u ca

ch kha

c nhau cho vi c ti n x

ly

na

y , chng ta khng ban ky ti chng y


nhng th c t la

co

m t va

i ca

ch d hi u th c hi n vi c o

.
Gi ng nh i v

i h trao i kho

a , chng ta cn mt im G va mt nhm Elliptic


E
q
(a, b) lam tham s . M i ng

i du

ng A l a cho n m t kho

a ring n
A
va sinh mt kha
cng khai P
A
= n
A
x G.
ma

ho

a m t thng i p P
m
gi ti cho B , A se

cho n m t s nguyn dng


ng u nhin k va

sinh ba

n ma

C
m
g m m t c p i m:
C
m
= {kG, P
m
+ kP
B
}.
Ch y la y A s dung kha cng khai cua B . gia

i ma

ba

n ma

, B se

nhn
i m th

nh t v

i kho

a bi

m t cu

a B va

l y k t qua

nh n c tr

i i m th

hai:
P
m
+ kP
B
n
B
(kG) = P
m
+ k(n
B
G) n
B
(kG) = P
m
.
A a

che i gia

tri cu

a P
m
b ng ca

ch c ng kP
B
vao P
m
. Ch c duy nht A bit gia tri
k, nn th m chi

bi t kh a cng khai P
B
, khng ai co

th loa i bo

m t na kP
B
tm ra P
m
.
Tuy nhin gia

tri cu

a C
m
cung gm mt u mi B (ng

i duy nh t gi

kho

a ring n
B
)
c th da vao u mi ma tm ra P
m
.
Vi du: p = 751, E
P
(1, 188) tng

ng v

i phng tri

nh y
2
= x
3
+ x + 188, G = (0,
376). Gia s A mun gi mt thng ip tng ng vi P
m
= (562, 201) va A la chon k =
386, kha cng khai cua B la P
B
= (201, 5). Chng ta c 386(0, 376) = (676, 558) va (562,
201) + 386(201, 5) = (385, 328). Ban ma s la C
m
= {(676, 558), (385, 328)}.
3.4.10. an toan cua cc h ma mt da trn cc ng cong Elliptic
an toan cua cac h ma ECC phu thuc vao vic xac inh c gia tri cua k da
trn cac gia tri kP va P. Bai toan nay c goi la bai toan Logarithm trn cac ng cong
Elliptic. Thu t toa

n nhanh nh t gia

i ba

i toa

n na

y la

thu t toa

n cu

a Pollard . Bang sau


cho chu

ng ta s so sa

nh tng quan gi

a ca

c h ma

:
Symmetric Scheme
(key size in bits)
ECC-Based Scheme
(size of n in bits)
RSA/DSA (modulus
size in bits)
56 112 512
80 160 1024
112 224 2048
128 256 3072
92 384 7680
256 512 15360
Ngu n: Certicom
Bang 4.3: Bang so sanh cac h ma ECC vi h ma RSA
Chng IV: Cc h ma mt khoa cng khai
96
C th thy la so vi RSA , cac h ma ECC c u th hn v dai kha s dung ,
c bi t la

khi chu

ng ta s

du ng ca

c kho

a co

da

i nho

thi

ECC co

n co

u th v t c
(s phe

p ti

nh) x

ly

trong ma

ho

a va

gia

i ma

.
4. Bai tp
Bai tp 4.1: Cho N = 1517. Hy tnh 13
1435
mod N.
Bai tp 4.2: Trong h ma RSA c N = p * q = 103 * (2
19
1) th c th s dung ti a la
bao nhiu gia tri cua e lam kha ma ha, giai thich.
Bai tp 4.3: Trong h ma RSA c N = p*q = 103 * 113 s c bao nhiu trng hp l ban
r.
Bai tp 4.4: Trong h ch ky in t ElGamma c p = 2
31
1 khi ky ln mt vn ban c
th s dung ti a bao nhiu gia tri k, giai thich.
Bai tp 4.5: Cho h ma ElGamma c p = 31, a = 11 va x = 6. ma ha M = 18 ngi ta
chon k = 7. Hay thc hin tinh toan va a ra ban ma kt qua.
Bai tp 4.6: Cho h RSA c n = 1363, bit phi(n) = 1288 hay ma ha ban r M = 2007.
Bai tp 4.7: Tng t Cu 1 vi n = 215629 v phi(n) = 214684 hay giai ma ban ma M =
2007.
Bai t p 4.8: Gia s c 4 t chc s dung 4 h ma RSA truyn thng vi nhau. Goi N
1
,
N
2
, N
3
, N
4
ln lt la cac tham s tng ng ma ho s dung va (N
i
, N
j
) = 1 i = j v i, j e
Z
5
/{0}. Ca bn h RSA nay u c s mu lp ma la e = 3. Mt thng ip m sau khi ma
ha bng 4 h ma trn nhn c 4 ban ma tng ng la C
1
, C
2
, C
3
, C
4
. Hy tm m.
Bai tp 4.9: Cho h ma Knapsack c A = {11, 15, 30, 60}, M = 150 va u = 77.
a) Hy tm kha cng khai K
P
, v kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip vit bng ting Anh ngi ta dng mt ham chuyn
i t cac ky t thanh cac xu nhi phn nh sau:
Ky t Xu bt Ky t Xu bt Ky t Xu bt Ky t Xu bt
A 00000 H 00111 O 01110 V 10101
B 00001 I 01000 P 01111 W 10110
C 00010 J 01001 Q 10000 X 10111
D 00011 K 01010 R 10001 Y 11000
E 00100 L 01011 S 10010 Z 11001
F 00101 M 01100 T 10011
G 00110 N 01101 U 10100
Khi vi du xu ABCD s c chuyn thanh 00000 00001 00010 00011 va ct
thanh cac xu c dai 4 thc hin ma ha. Kt qua thu c ban ma la mt day cac
s e Z
M
. Hay thc hin ma ha xu P = ANTI.
c) Gia s ban ma thu c la C = <120, 105, 105, 0, 60, 75, 30, 22, 22, 30>. Hy
thc hin giai ma ban ma trn thu c thng ip ban u.
Bai tp 4.10: Cho h ma Knapsack c A = {7, 13, 31, 53}, M = 173 va u = 97.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
Chng IV: Cc h ma mt khoa cng khai
97
b) ma ha cac thng ip vit bng ting Anh ngi ta dng mt ham chuyn
i t cac ky t thanh cac xu nhi phn nh sau:
Ky t Xu bt Ky t Xu bt Ky t Xu bt Ky t Xu bt
A 00000 H 00111 O 01110 V 10101
B 00001 I 01000 P 01111 W 10110
C 00010 J 01001 Q 10000 X 10111
D 00011 K 01010 R 10001 Y 11000
E 00100 L 01011 S 10010 Z 11001
F 00101 M 01100 T 10011
G 00110 N 01101 U 10100

Khi vi du xu ABCD s c chuyn thanh 00000 00001 00010 00011 va ct
thanh cac xu c dai 4 thc hin ma ha. Kt qua thu c ban ma la mt day cac
s e Z
M
. Hay thc hin ma ha xu P = AUNT.
c) Gia s ban ma thu c la C = < 67,160, 66, 66, 0, 116, 4, 111, 0, 17>. Hy
thc hin giai ma ban ma trn thu c thng ip ban u.
Bai tp 4.11: Cho h ma Knapsack c A = {2, 3, 7, 13, 29, 57}, M = 151 va u = 71.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip vit bng ting Anh ngi ta dng mt ham chuyn
i t cac ky t thanh cac xu nhi phn nh sau:
Ky t Xu bt Ky t Xu bt Ky t Xu bt Ky t Xu bt
A 00000 H 00111 O 01110 V 10101
B 00001 I 01000 P 01111 W 10110
C 00010 J 01001 Q 10000 X 10111
D 00011 K 01010 R 10001 Y 11000
E 00100 L 01011 S 10010 Z 11001
F 00101 M 01100 T 10011
G 00110 N 01101 U 10100

Khi vi du xu ABCDEF s c chuyn thanh 00000 00001 00010 00011
00100 00101 va ct thanh cac xu c dai 6 thc hin ma ha. Kt qua thu c
ban ma la mt day cac s e Z
M
. Hay thc hin ma ha xu P = ANSWER.
c) Gia s ban ma thu c la C = <44, 40, 121, 104, 0>. Hay thc hin giai ma
ban ma trn thu c thng ip ban u.
Bai tp 4.12: Cho h ma RSA c p = 31, q = 41, e = 271.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip c vit bng ting Anh ngi ta dng mt ham
chuyn i cac ky t thanh cac s thp phn c hai ch s nh sau:
Ky t A B C D E F G H I J K L M
M ha 00 01 02 03 04 05 06 07 08 09 10 11 12
Ky t N O P Q R S T U V W X Y Z
M ha 13 14 15 16 17 18 19 20 21 22 23 24 25

Chng IV: Cc h ma mt khoa cng khai
98
Khi vi du xu ABC s c chuyn thanh 00 01 02 va sau ct thanh cac s
c 3 ch s 000 (bng 0) va 102 ma ha. Ban ma thu c la mt tp cac s e Z
N
.
Hay thc hin ma ha xu P = SERIUS.
c) Gia s ban ma thu c la C = <201, 793, 442, 18> hay thc hin giai ma
tm ra thng ip ban r ban u.
Bai tp 4.13: Cho h ma RSA c p = 29, q = 43, e = 11.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip c vit bng ting Anh ngi ta dng mt ham
chuyn i cac ky t thanh cac s thp phn c hai ch s nh sau:
Ky t A B C D E F G H I J K L M
M ha 00 01 02 03 04 05 06 07 08 09 10 11 12
Ky t N O P Q R S T U V W X Y Z
M ha 13 14 15 16 17 18 19 20 21 22 23 24 25

Khi vi du xu ABC s c chuyn thanh 00 01 02 va sau ct thanh cac s
c 3 ch s 000 (bng 0) va 102 ma ha. Ban ma thu c la mt tp cac s e Z
N
.
Hay thc hin ma ha xu P = TAURUS.
c) Gia s ban ma thu c la C = <1, 169, 1206, 433> hay thc hin giai ma
tm ra thng ip ban r ban u.
Bai tp 4.14: Cho h ma RSA c n = 1363, e = 57.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) Gia s ban r P = 102 hay ma ha va a ra ban ma C.
c) Gia s h ma trn c dng lam h ch ky in t, hay tinh ch ky vi thng
ip M = 201.
Bai tp 4.15: Cho h ma ElGamma c p = 83, a = 5 la mt phn t nguyn thuy cua Z
P
*
,
x = 37.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha ban r P = 72 ngi ta chon k = 23, hay ma ha va a ra ban ma.
c) Hay tm tt ca cac phn t nguyn thuy cua Z
P
*
.
Bai tp 4.16: Cho h ma mt ElGamma c p = 1187, a = 79 la mt phn t nguyn thuy
cua Z
P
*
, x = 113.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) ma ha cac thng ip c vit bng ting Anh ngi ta dng mt ham
chuyn i cac ky t thanh cac s thp phn c hai ch s nh sau:
Ky t A B C D E F G H I J K L M
M ha 00 01 02 03 04 05 06 07 08 09 10 11 12
Ky t N O P Q R S T U V W X Y Z
M ha 13 14 15 16 17 18 19 20 21 22 23 24 25

Chng IV: Cc h ma mt khoa cng khai
99
Khi vi du xu ABC s c chuyn thanh 00 01 02 va sau ct thanh cac s
c 3 ch s 000 (bng 0) va 102 ma ha. Ban ma thu c la mt tp cac cp s (C1,
C2) e Z
P
. Hay thc hin ma ha xu m = TAURUS vi cac gia tri 13 < k < 19.
c) Gia s thu c ban ma la mt tp cac cp (C1, C2) la <(358, 305), (1079,
283), (608, 925),(786, 391)>. Hay giai ma va a ra thng ip ban u.
Bai tp 4.17: Cho ba

n ma

nh n c b ng ca

ch s

du ng m t h ma

RSA nh sau:
11437 6198 16611 2405 18636 2679 12205 24142 6375 2134
16611 2405 9529 7260 7834 15094 4667 24027 762 5878
5206 16683 5359 10888 4168 3536 23229 20351 15580 6704
7977 374 6525 4287 14402 527 12887 21628 11884 9402
15470 1339 10420 18051 23125 7747 135 22007 20049 9984
13199 15176 1379 8313 19574 7989 22869 406 10057 21758
3918 23991 14237 7989 3947 19529 15728 5601 3527 7200
7601 13282 21160 6291 15994 7785 8982 3045 6596 16796
4663 2405 20302 11929 17125 14533 21001 8351 11571 22082
11040 8687 6704 3330 5630 19650 13024
Kha cng khai c n = 24637 va e = 3.
a) Hay xac inh p, q va

d.
b) Giai ma ban ma nhn c ban r (la cac s trn Z24637).
c) Chuy n ba

n ro

nh n c tha

nh da ng vn ba

n ti ng Anh , bi t r ng m i s
nguyn trn Z24637 bi u di n m t b 3 ch

ca

i theo qui t c sau:


DOG 3 26
2
+ 14 26 + 6 = 2398
CAT 2 26
2
+ 0 26 + 19 = 1371
ZZZ 25 26
2
+ 25 26 + 25 = 17575
Bai tp 3.18: Cho h ma

ElGamal co

p = 71 va a = 7.
a) Gia s kha cng khai cua B la Y
B
= 3 va A chon s ngu nhin k = 2, hay xac
i nh ba

n ma

tng

ng v

i ba

n ma

M = 30.
b) Gia s A chon mt gia tri ngu nhin k khac va ban ma tng ng vi M = 30
by gi

la

C = (59, C
2
). Hay xac inh C
2
?
Bai tp 3.19: Cho h ma

d a trn

ng cong Elliptic co

ca

c tham s la

E
11
(1, 6) va G =
(2, 7). Kha bi mt cua B la n
B
= 7.
a) Hay xac inh kha cng khai cua B?
b) Gia s cn ma ha ban r P
m
= (10, 9) va s ngu nhin k = 3. Hay xac inh
ban ma C
m
.
c) Minh ho a qua

tri

nh gia

i ma

i C
m
nh n c

ph n b.
S

du ng m t trong ca

c ngn ng

l p tri

nh C, C++, Java ho c C# lam cac bai tp sau:


Chng IV: Cc h ma mt khoa cng khai
100
Bai tp 3.20: Vi t ch ng tri

nh ca

i t thu t toa

n ma

ho

a va

gia

i ma

cu

a h ma


Knapsack.
Bai tp 3.21: Vi t chng tri

nh ca

i t thu t toa

n ma

ho

a va

gia

i ma

cu

a h ma

RSA.
Bai tp 3.22: Vi t chng tri

nh ca

i t thu t toa

n ma

ho

a va

gia

i ma cua h ma El
Gammal.
Bai tp 3.23: Vi t chng tri

nh ma

ho

a va

gia

i ma

File v

i thu t toa

n ma

ho

a va

gia

i ma


RSA.
Bai tp 3.24: Vi t chng tri

nh truy n file qua h th ng ma ng s

du ng thu t toa

n ma

ho

a
RSA.
Bai tp 3.25: Vi t chng tri

nh chia se

file trn ma ng cu c b s

du ng h ma

RSA.
Bai tp 3.26: Vi t chng tri

nh phn ph i kho

a d a trn h ma

RSA.
Chng V: Ch

ky

i n t

va

ha

m bm
101
CHNG V: CH KY I N T VA HAM BM
1. Ch

ky

i n t


1.1. Khi nim v ch ky in t
K t khi con ngi phat minh ra ch vit, cac ch ky thng lun c s dung
hang ngay, chng han nh ky mt bin nhn trn mt bc th nhn tin t ngn hang, ky
hp ng hay mt vn ban bt ky nao . Ch ky vit tay thng thng trn tai liu
thng c dng xac inh ngi ky n.
S ch ky in t la mt phng phap ky mt vn ban hay lu bc in di
dang in t. Chng han mt bc in c ch ky c lu hanh trn mang may tinh.
Ch ky in t t khi ra i a c nhiu ng dung rng rai trong cac giao dich thng
mai, t vic xac minh ch ky cho n cac the tin dung, cac s inh danh va cac s
chia se

bi mt ... Sau y, chng ta s tm hiu mt s s ch ky quan trong. Song


trc ht, chng ta s thao lun mt vai im khac bit c ban gia ch ky thng thng
va ch ky in t.
u tin la vn ky mt tai liu. Vi ch ky thng thng n la mt phn vt ly
cua tai liu. Tuy nhin, mt ch ky in t khng gn theo kiu vt ly vao bc in nn
thut toan c dng phai la khng nhn thy theo cach nao trn bc in.
Th hai la vn kim tra. Ch ky thng thng c kim tra bng cach so sanh
n vi cac ch ky xac thc khac. Vi du, ai ky mt tm sec mua hang, ngi ban s
so sanh ch ky trn manh giy vi ch ky nm mt sau the tin dung kim tra.
Mt khac, ch ky s c th kim tra bng mt thut toan kim tra mt cach cng khai.
Nh vy, bt ky ai cung c th kim tra c ch ky in t. Vic s dung mt s ky
an toan c th ngn chn c kha nng gia mao.
S khac bit c ban gia ch ky in t va ch ky thng thng la ch: mt ban
copy tai liu c ch ky c ng nht vi ban gc. Ni cach khac, tai liu c ch ky trn
giy thng c th khac bit vi ban gc iu nay ngn chn mt bc in c ky
khi bi dng lai. Vi du, nu B ky mt bc in xac minh cho A rt 100$ t tai khoan cua
mnh, anh ta ch mun A c kha nng lam iu mt ln. V th, ban thn bc in phai
cha thng tin khi bi dng lai, chng han nh dng dich vu gan nhan thi gian (Time
Stamping Service).
Mt s ch ky in t thng cha hai thanh phn: thut toan ky sig() va thut
toan xac minh ver(). B c th ky mt bc in x dng thut toan ky an toan (bi mt). Kt
qua ch ky y = sig(x) nhn c c th c kim tra bng thut toan xac minh cng
khai ver(y). Khi cho trc cp (x, y), thut toan xac minh cho gia tri TRUE hay FALSE tuy
thuc vao vic ch ky c xac thc nh th nao.
Vy th nao la ch ky in t? Chng ta c mt s inh ngha nh sau:
- La mt inh danh in t c tao ra bi may tinh c cac t chc s dung
nhm at c tinh hiu qua va c hiu lc nh la cac ch ky tay.
- La mt c ch xac thc ha cho phep ngi tao ra thng ip inh km mt ma
s vao thng ip ging nh la vic ky mt ch ky ln mt vn ban bnh
thng.
Chng V: Ch

ky

i n t

va

ha

m bm
102
Cac ch ky in t c sinh va s dung bi cac h ch ky (s ) in t, di
y la inh ngha mt h ch ky in t.
inh nghia:
Mt s ch ky i n t

l b 5 (P, A, K, S, V) tho man cc iu kin di


y:
1) P l tp hu hn cc bc in (thng i p, bn r) co th.
2) A l tp hu hn cc ch ky co th.
3) K l tp khng gian kho (tp hu hn cc kho co th).
4) Vi mi kho K e K tn ti mt thut ton ky sig
K
e S v mt thut ton xc
minh ver
K
e V. Mi sig
k
: P A v ver
K
: P x A {TRUE, FALSE} l nhng hm sao cho
mi bc in x e P v mi ch ky y e A tho man phng trnh di y:
Ver (x, y) =


TRUE nu y = sig(x)
FALSE nu y sig(x). [5]
Vi mi K e K, hm sig
K
v ver
K
la cac ham a thc thi gian. Ham ver
K
s la ham
cng khai cn hm sig
K
la bi mt. Khng th d dang tinh toan gia mao ch ky cua B
trn bc in x, ngha la vi x cho trc ch c B mi c th tinh c y ver(x, y) =
TRUE. Mt s ch ky khng th an toan v iu kin v mt ngi C nao c th
kim tra tt ca ch s y trn bc in x nh dng thut toan ver() cng khai cho ti khi
anh ta tm thy ch ky ng. V th, nu c u thi gian, C lun c th gia mao ch ky
cua B. Nh vy muc ich cua chng ta la tm cac s ch ky in t an toan v mt
tnh ton.
Ch rng ai c th gia mao ch ky cua B trn mt bc in ngu
nhin x bng cach tinh x = e
K
(y) vi y nao ; khi y = sig
K
(x). Mt bin phap
xung quanh vn kh khn nay la yu cu cac bc in cha u phn d
ch ky gia mao kiu nay khng ph hp vi toan b ni dung cua bc in x tr
mt xac sut rt nh. C th dng cac ham Bm (hash function) nh MD4, MD5
trong vic tinh kt ni cac s ch ky in t s loai tr phng phap gia mao
ny (s trnh bay trong cac phn sau cua tai liu).
1.2. H ch ky RSA
Da vao u im cua h ma RSA, nu thit lp c s ch ky da trn bai
toan phn tich ra tha s nguyn t th an toan cua ch ky s rt cao. Vic thit lp s
xac thc ch ky RSA rt n gian, ta ch cn ao ngc ham ma hoa va giai ma. Sau
y la s ch ky RSA.
Cho n = p*q, trong o p, q l cc s nguyn t. t P = A = Z
n
v nh ngha:
K = {(n, p, q, a, b): n=p*q, p v q l cc s nguyn t, ab 1 (mod | (n))}.
Cc gi tr n v b l cng khai; cn p, q, a l bi mt.
Vi K = (n, p, q, a, b), ta xc nh:
Chng V: Ch

ky

i n t

va

ha

m bm
103
sig
K
(x) = x
a
mod n
v
ver
K
(x,y) = TRUE x y
b
(mod n) vi x, y e Z
n
. [5]
Thng thng, ch ky c kt hp vi ham ma hoa cng khai. Gia s A mun gi
mt bc in a c ma hoa va a c ky n cho B. Vi ban r x cho trc, A s
tinh toan ch ky cua mnh y = sig
A
(x) va sau ma hoa ca x va y s dung khoa cng khai
e
B
cua B, kt qua nhn c la z = e
B
(x, y). Ban ma z s c gi ti B, khi B nhn c
z, u tin anh ta giai ma vi ham giai ma d
B
cua mnh nhn c (x, y). Sau anh
ta dng ham xac minh cng khai cua A kim tra xem ver
A
(x,y) = TRUE hay khng.
Song nu u tin A ma hoa x , ri sau mi ky ln ban ma nhn c th sao?
Khi , A s tinh:
y = sig
A
(e
B
(x))
A s truyn cp (z, y) ti B, B s giai ma z va nhn c x, sau xac minh ch ky
y trn x nh dng ver
A
. Mt vn nay sinh nu A truyn (x, y) kiu nay th mt ngi th
ba C c th thay ch ky y cua A bng ch ky cua chinh mnh:
y = sig
C
(e
B
(x))
Ch y rng, C c th ky ln ban ma e
B
(x) ngay ca khi anh ta khng bit ban r x. Khi
nu C truyn (z, y) n B, ch ky cua C c B xac minh bng ver
C
va do , B cho
rng ban r x xut phat t C. Do kh khn nay, hu ht ngi s dung c khuyn nghi
ky trc khi ma.
1.3. H ch ky ElGammal
H ch ky ElGammal c a ra vao 1985. Mt phin ban sa i h nay c
Hoc vin Quc gia tiu chun va ky thut (NIST) a ra nh mt chun cua ch ky in
t. H ch ky ElGammal c thit k ring bit cho muc ich ch ky, trai ngc vi
RSA thng c s dung cho ca muc ich ma hoa cng khai va ch ky. H ch ky
ElGammal la khng xac inh, ngha la c rt nhiu gia tri ch ky cho cng mt bc in
cho trc. Thut toan xac minh phai c kha nng nhn bt ky gia tri ch ky nao nh la
vic xac thc. S ch ky ElGammal c miu ta nh sau:
Cho p l mt s nguyn t nh l bi ton logarit ri rc trong Z
p
, e Z
p
*
l mt
phn t nguyn t v P = Z
p
*
, A = (Z
p
*
)*Z
p-1
, v nh ngha:
K = {(p, , a, ) :
a
(mod p)}
trong o gi tr p, v l cng khai, cn a l bi mt.
Vi K = (p, , a, ) v chn mt s ngu nhin k e Z
p-1
*
, nh ngha:
sig
K
(x, k) = (, o)
trong o: =
k
mod p
o = (x - a*)k
-1
mod (p 1).
Vi x, e Z
p
*
v o e Z
p-1
, nh ngha:
ver(x, , o) = TRUE

o

x
(mod p). [5]
Chng V: Ch

ky

i n t

va

ha

m bm
104
Nu ch ky la ng th vic xac nhn thanh cng khi:

o

a

ko
(mod p)

x
(mod p).
trong : a + ko x (mod p -1).
B s tinh toan ch ky bng vic s dung ca gia tri bi mt a (mt phn cua khoa) va
s bi mt ngu nhin k (gia tri ky bc in). Vic xac minh c th thc hin c ch
vi cac thng tin c cng khai:
Vi d:
Chng ta chon p = 467, = 2, a = 127. Ta tnh: =
a
mod p = 2
127
mod 467 = 132.
By gi B mun ky ln bc in x = 100 va anh ta chon mt gia tri ngu nhin k =
213 (ch l UCLN(213, 466) = 1 v 213
-1
mod 466 = 431). Sau tinh:
= 2
213
mod 467 = 29
o = (100 127*29)431 mod 466 = 51.
Bt c ai cung c th kim tra ch ky nay bng cach tinh:
132
29
29
51
189 (mod 467)
2
100
189 (mod 467).
Gia s ke th ba C mun gia mao ch ky cua B trn bc in x ma khng bit s bi
mt a. Nu C chon mt gia tri va c gng tm o, anh ta phai tinh mt ham logarit ri rac
log

x
|
-
. Mt khac, nu u tin anh ta chon o c gng tm th anh ta phai tinh |

o
=

x
(mod p). Ca hai vic nay u khng th thc hin c.
Tuy nhin c mt ly thuyt ma C c th ky ln mt bc in ngu nhin bng cach
chon ng thi , o va x. Cho i, j la s nguyn vi 0 i, j p - 2, v UCLN(j, p - 1) = 1. Sau
tinh:
=
i

j
mod p
o = - j
-1
(mod p-1)
x = - ij
-1
(mod p-1).
Nh vy, ta xem (, o) la gia tri ch ky cho bc in x. Vic xac minh s thc hin
nh sau:

o
) (mod ) (
1
p
j j i
j i j i
| o | o
| o |
) (mod
1
p
j i j i j i
ij | o | o | o
| o |



) (mod
1
p
j i
ij | o
o


) (mod
1
p
ij

o

x
(mod p).
V d:
Nh vi du trn, ta chon p = 467, = 2, = 132. K th ba C s chon i = 99 va j =
179. Anh ta s tinh:
Chng V: Ch

ky

i n t

va

ha

m bm
105
= 2
99
132
179
mod 467 = 117
o = -117*151 mod 466 = 41
x = 99*44 mod 466 = 331
Cp gia tri (117, 41) la gia tri ch ky cho bc in 331. Vic xac minh c thc
hin nh sau:
132
117
117
41
303 (mod 467)
2
331
303 (mod 467).
Mt phng phap th hai c th gia mao ch ky la s dung lai ch ky cua bc in
trc , ngha la vi cp (, o) la gia tri ch ky cua bc in x, n s c C ky cho
nhiu bc in khac. Cho h, i va j la cac s nguyn, trong 0 i, j, h p-2 v UCLN(h -
jo, p-1) = 1.
=
h

j
mod p
= o(h - jo)
-1
mod (p-1)
x = (hx + io)(h - jo)
-1
mod (p-1).
Ta c th kim tra:

=
x
mod p. Va do , (, ) la cp gia tri ch ky cua bc
in x.
iu th ba la vn sai lm cua ngi ky khi s dung cng mt gia tri k trong vic
k hai bc in khac nhau. Cho (, o
1
) la ch ky trn bc in x
1
v (, o
2
) la ch ky trn
bc in x
2
. Vic kim tra s thc hin:

1
o

1
x
(mod p)

2 o

2 x
(mod p).
Do : ) (mod
2 1 2 1
p
x x o o
o

.
t =
k
, khi : x
1
- x
2
= k(o
1
- o
2
) (mod p-1).
By gi t d = UCLN(o
1
- o
2
, p - 1). V d | (o
1
- o
2
) v d | (p - 1) nn n cung chia ht
cho (x
1
- x
2
). Ta t tip:
x =
d
x
2 1
x

o =
d
2 1
o o

p =
d
p 1

Cui cng, ta c: x ko (mod p). V UCLN(o, p) = 1 nn ta c:
c = (o)
-1
mod p
Nh vy, gia tri k s c xac inh nh sau:
Chng V: Ch

ky

i n t

va

ha

m bm
106
k = xc (mod p) = xc + ip (mod p)
Vi 0 i d-1, ta c th tm c gia tri k duy nht bng ham kim tra:

k
mod p.
1.4. Chun ch ky in t (Digital Signature Standard)
1.4.1. Thut ton ch ky in t (Digital Signature Algorithm)
Thang 8/1991, NIST a a ra thut toan ch ky in t (DSA) la c s cho chun
ch ky in t. y la mt bin th cua thut toan ElGammal.
1) Chn mt s nguyn t q vi 2
159
< q < 2
160
.
2) Chn t sao cho 0 t 8 v chn mt s nguyn t p, trong o 2
511+64t
< p <
2
512+64t
v q phi chia ht (p-1) (hay q la

m t

c nguyn t ca p-1).
3) By gi, to ra mt s duy nht cho q trong trng Z
p
*
.
- Chn mt gi tr g e Z
p
*
v tinh = g
(p-1)/q
mod p.
- Nu = 1 th quay li bc trn. (chn li gi tr g cho ph hp)
4) Chn mt s nguyn ngu nhin a 1 a q-1.
5) Tinh y =
a
mod p.
6) Nh vy , kho ky l (p, q, , y) c cng khai v a l kho bi mt.
1.4.2. Chun ch ky in t
Chun ch ky in t (DSS) c sa i t h ch ky ElGammal. N c cng
b tai hi nghi Tiu chun x ly thng tin Lin Bang (FIPS) vao 19/05/1994 va tr thanh
chun vao 01/12/1994. DSS s dung mt khoa cng khai kim tra tinh toan ven cua
d liu nhn c va ng nht vi d liu cua ngi gi. DSS cung c th s dung bi
ngi th ba xac inh tinh xac thc cua ch ky va d liu trong n. u tin chng ta
hay tm hiu ng c cua s thay i nay, sau s tm hiu thut toan cua DSS.
Trong rt nhiu trng hp, mt bc in c th c ma hoa va giai ma mt ln,
v vy n ap ng cho vic s dung cua bt ky h thng bao mt nao c bit la an
toan lc bc in c ma hoa. Ni cach khac, mt bc in c ky am nhim chc
nng nh mt vn ban hp phap, chng han nh cac ban hp ng, v vy n cung
ging nh vic cn thit xac minh ch ky sau rt nhiu nm bc in c ky. iu
nay rt quan trong cho vic phng nga v an toan cua ch ky c a ra bi mt
h thng bao mt. V h ch ky ElGammal khng am nhn c iu nay, vic thc
hin nay cn mt gia tri ln modulo p. Tt nhin p nn c it nht 512-bit, va nhiu ngi
cho rng dai cua p nn la 1024-bit nhm chng lai vic gia mao trong tng lai.
Tuy nhin, ngay ca mt thut toan modulo 512-bit dng ky cung phai thc hin
vic tinh toan n 1024-bit. Cho ng dung tim nng nay, c rt nhiu card thng minh
c a ra, nhm thc hin mt ch ky ngn hn nh mong mun. DSS a sa i h
ch ky ElGammal cho ph hp theo cach nay mt cach kheo leo, mi 160-bit bc in
c ky s dung mt ch ky 320-bit, nhng vic tinh toan c thc hin vi 512-bit
modulo p. Cach nay c thc hin nh vic chia nh Z
p
*
thanh cac trng c kich
thc 2
160
. Vic thay i nay s lam thay i gia tri o:
Chng V: Ch

ky

i n t

va

ha

m bm
107
o = (x + )k
-1
mod(p - 1).
iu nay cung lam cho gia tri kim tra cung thay i:


o
(mod p). (1.4.2.1)
Nu UCLN(x + , p - 1) = 1 th s tn tai o
-1
mod (p - 1), do (6.1) s bin i
thnh:
1 1
o o
| o
x
(mod p). (1.4.2.2)
y chinh la s i mi cua DSS. Chng ta cho q la mt s nguyn t 160-bit sao
cho q | (p-1), va la mt s th q cua 1 mod p, th va cung la s th q cua 1 mod p.
Do , va c th c ti gian trong modulo p ma khng anh hng g n vic xac
minh ch ky. S thut toan nh sau:
Cho p l mt s nguyn t 512-bit trong trng logarit ri rc Z
p
; q l mt s nguyn
t 160-bit v q chia ht (p-1). Cho e Z
p
*
; P = Z
p
*
, A = Z
q
*Z
q
, v nh ngha:
K = {(p, q, , a, ) :
a
(mod p)}
trong o gi tr p, q, v l cng khai, cn a l bi mt.
Vi K = (p, , a, ) v chn mt s ngu nhin k (1 k q-1), nh ngha:
sig
K
(x, k) = (, o)
trong o: = (
k
mod p) mod q
o = (x + a*)k
-1
mod q.
Vi x e Z
p
*
v , o e Z
q
, vic xc minh c thc hin bng cch tinh:
e
1
= xo
-1
mod q
e
2
= o
-1
mod q
ver(x, , o) = TRUE (
2 1
e e
| o mod p) mod q = . [5]
Ch y rng, vi DSS th o = 0 (mod q) v gia tri: o
-1
mod q cn cho vic xac minh ch
ky (iu nay cung tng t nh vic yu cu UCLN(o, p-1) = 1 (1.4.2.1) (1.4.2.2)).
Khi B tinh mt gia tri o 0 (mod q) trong thut toan ky, anh ta nn b n i va chon mt s
ngu nhin k mi.
Vi d:
Chng ta chon q = 101 v p = 78*q + 1 = 7879 v g = 3 la mt nguyn t trong
Z
7879
. V vy , ta c th tinh:
= 3
78
mod 7879 = 170.
Chon a = 75, do : =
a
mod 7879 = 4567.
By gi, B mun ky mt bc in x = 1234, anh ta chon mt s ngu nhin k = 50.
V vy :
k
-1
mod 101 = 99.
Chng V: Ch

ky

i n t

va

ha

m bm
108
Tip : = (170
50
mod 7879) mod 101 = 2518 mod 101 = 94
o = (1234 + 75*94)99 mod 101 = 97.
Cp ch ky (94, 97) cho bc in 1234 c xac thc nh sau:
o
-1
= 97
-1
mod 101 = 25
e
1
= 1234*25 mod 101 = 45
e
2
= 94*25 mod 101 = 27
(170
45
4567
27
mod 7879) mod 101 = 2518 mod 101 = 94.
K t khi DSS c xut vao nm 1991, a c nhiu ph bnh a ra. Chng
han nh kich c cua moduloe p bi c inh 512-bit, iu ma nhiu ngi khng mun. V
vy, NIST a thay i chun nay c th thay i kich thc moduloe (chia bi 64)
thanh mt day t 512 n 1024-bit.
Ngoai ra, mt s ph bnh khac v DSS la ch ky c tao ra nhanh hn so vi
vic xac minh n. Trai ngc vi h ch ky RSA th vic xac minh cng khai la rt nhanh
chng (ma ta bit trong thng mai in t vic xac minh la rt quan trong va i hi thi
gian thc hin phai nhanh chng).
1.5. M hi

nh

ng du ng cu

a ch

ky

i n t


Khac vi ch ky thng th

ng trn th c t , cac ch ky in t la mt thng tin


dang s h a c ta o ra t

vn ba

n s

du ng h ch

ky

i n t

va

khng pha

i la

m t
ph n cu

a vn ba

n . Do o

sau khi c ta o ra , ch

ky

i n t

se

c g

i i cu

ng v

i
thng i p, ng

i nh n nh n c thng i p va

ch

ky

tng ng s thc hin thut


toan kim tra xem ch ky c ng la ch ky cua ngi gi ln vn ban nhn c hay
khng. M hi

nh

ng du ng na

y co

th c minh ho a qua hi

nh ve

sau:
B - ngi nhn
RSA
Kha cng
khai cua B
Kha
phin K
C1
RSA
Kha bi mt
cua B
C1
Kha
phin K
AES P, S
C2
AES
C2
P, S
A - ngi gi
Ky
P
S
Kha bi mt
cua A
Kim tra
ch ky
P
Kha cng
khai cua B

Hnh 5.1: M hi

nh

ng du ng cu

a ch

ky

i n t


Chng V: Ch

ky

i n t

va

ha

m bm
109
2. Ham Bm (Hash Function)
2.1. Khi nim
Ta thy rng cac h ch ky c miu ta trn ch cho phep ky cac bc in ngn.
Vi du nh trong DSS, 160-bit bc in c ky vi 320-bit. Nh vy vi nhng bc in
hang Megabyte th chng ta phai lam th nao!
Mt cach n gian giai quyt vn nay la chia bc in ln thanh nhng oan
nh 160-bit, va sau ky ln mi oan nh , iu nay cung tng t nh ma hoa mt
chui dai ban r bng vic ma hoa tng ky t ban r s dung cng mt khoa.
Nhng c mt vai vn trong vic tao ch ky in t. u tin la vi mt bc in
dai, chng ta s kt thc vi mt lng ch ky khng l. Ngoai ra, iu bt tin la hu ht
cac h ch ky u rt chm. Nghim trong hn la vi rt nhiu oan c ky nh vy s
dn n khi sp xp lai va c th mt vai oan bi b i (mt i tinh toan ven).
giai quyt tt ca cac rc ri nay, ngi ta s dung ham Bm (hash function).
inh nghia:
Mt ham Bm H s ly u vao mt thng tin X c kich thc bin thin va sinh
kt qua la mt chui c dai c inh, c goi la ct cua bc in (message digest).
Vi du nh khi B mun ky mt bc in x ( dai bt ky), u tin anh ta tinh ct cua
bc in z = h(x) ( dai c inh) va sau ky y = sig
K
(z). Anh ta phat cp (x,y) ln knh
truyn, by gi vic kim tra c th thc hin bng vic tinh lai ct cua bc in z = h(x),
sau kim tra ver
K
(z,y) c bng TRUE hay khng.


Hnh 5.2: S ch ky s dung ham Bm
2.2. c tinh cua ham Bm
Mt vn cn ban y la tinh ung cua ham Bm. Theo nguyn ly Diricle:
nu co n+1 con th c b vo n ci chung th phi tn ti it nht mt ci chung m
trong o co it nht l hai con th chung [9]. R rang vi khng gian gia tri Bm nh hn
rt nhiu so vi khng gian tin v mt kich thc th chc chn s tn tai ung , ngha
l c hai tin x = x ma gia tri Bm cua chng la ging nhau, tc h(x) = h(x).
Sau y chng ta s xet cac dang tn cng c th c, t rt ra cac tinh cht cua
ham Bm:
z = h(x) y = sig
K
(z) x
x.y
ver
K
(y)
z = h(x)
0: true
1: false
x.y
Chng V: Ch

ky

i n t

va

ha

m bm
110
Dang tn cng th nht la ngi C bt u vi mt bc in c ky c gia tri (x,
y), trong y = sig
K
(h(x)) (cp (x, y) c th la bt ky bc in trc ma B a ky). Sau
, C tinh z = h(x) va c gng tm x = x h(x) = h(x). Nu C lam c iu nay th cp
(x, y) s la mt bc in c ky c gia tri (mt bc in gia mao c gia tri). ngn can
vic nay, ham Bm h phai thoa man tinh cht sau:
Tinh cht 1:
Mt hm Bm h co tinh phi ng cao khi vi mt bc in x cho trc , khng
tm ra mt bc in x = x sao cho h(x) = h(x). [5]
Mt dang tn cng khac ma ngi C c th lam la: u tin anh ta tm 2 bc in x
= x sao cho h(x) = h(x). Sau C a bc in x cho B va thuyt phuc B ky vao ct bc
in h(x); va v vy, anh ta tm c y. Nh vy, cp (x, y) la mt cp ch ky gia c gi
tri. iu nay la nguyn nhn ma vic thit k ham Bm phai thoa man tinh cht 2 nh
sau:
Tinh cht 2:
Mt hm Bm h co tinh ng cao khi khng th tm ra nhng bc in x v x
sao cho x = x v h(x) = h(x). [5]
Dang tn cng th 3 la chon mt gia tri ct z ngu nhin. Ngi C s tinh mt ch
ky vi mt gia tri ngu nhin z, sau anh ta tm mt bc in x sao cho z = h(x). Nu
anh ta lam c iu nay th cp (x, y) la cp ch ky gia c gia tri. Nh vy mt tinh cht
na ma h cn thoa man la tinh mt chiu:
Tinh cht 3:
Mt hm Bm h co tinh mt chiu khi vi ct ca mt bc in z cho trc khng
th tm c mt bc in x sao cho h(x) = z. [5]
2.3. Birthday attack
Nh a bit, mt dang tn cng c kha nng i vi cac h ch ky in t c dng
ham Bm la tm cach tao ra nhng vn ban x va x c ni dung khac nhau (mt c li va
mt la bt li cho bn ky) ma gia tri Bm ging nhau. Ke ich c th tm cach tao ra mt
s lng rt ln cac vn ban c ni dung khng thay i nhng khac nhau v biu din
nhi phn (n gian la vic thm bt khoang trng hay dng nhiu t ng ngha thay
th ...), sau s dung mt chng trnh may tinh tinh gia tri Bm cua cac vn ban
va em so sanh vi nhau hi vong tm ra mt cp vn ban ung (s dung phng
phap thng k).
Nhng vic nay i hi s vn ban cn c tinh gia tri Bm phai ln hn kich
thc khng gian Bm rt nhiu. Chng han nh nu ham Bm c khng gian Bm 64-
bit th s lng vn ban cn c em ra nap vao chng trnh phai it nht 2
64
(vi mt
may tinh c th thc hin vic Bm 1 triu bc in trong 1 giy, th phai mt 6000.000
nm tinh toan [6])
Tuy nhin nu ke ich th vi lng vn ban it hn nhiu, trong pham vi c th tinh
c th xac sut tm c ung s nh th nao? Cu tra li la c th thc hin
c. Ban cht cua hin tng nay c minh hoa r thng qua phat biu sau, thng
c goi la nghich ly ngay sinh (birthday paradox):
Chng V: Ch

ky

i n t

va

ha

m bm
111
Trong mt nhom co 23 ngi bt k , xc sut co hai ngi co cng ngy sinh
nht it nht l . [5]
Mt cach tng quat, gia s mt ham Bm c n gia tri Bm khac nhau, nu chng ta
c k gia tri Bm t k thng tin khac nhau c chon ngu nhin, th xac sut khng
xay ra ung la:
(1-
n
1
)(1-
n
2
) ... (1-
n
k 1
) =
[

=

1
1
) 1 (
k
i
n
i
.
Vi 1 <<
n
i
, th
[

=

1
1
) 1 (
k
i
n
i
n
k k
k
i
n
i
e e
2
) 1 (
1
1

= ~
[
. Do , xac sut xay ra ung it
nht la
n
k k
e
2
) 1 (
1

. Gia s goi xac sut trn la c ta co

:
( 1)
2
1
k k
n
e c

~
(*)
Suy ra :
2
1
2 log
1
k k n
c
~

, suy ra:
1
2 log
1
k n
c
~

(**)
Theo cng th

c (**) nay khi gia tri e rt gn vi 1 th


1
log
1 c
v n kha

nho

nn k la


t l vi
n
. V

i = 0.5 ta co

k1.1774
n
(***).

Vi d:
V

i k = 23 la s ngi , n = 365 la s ngay trong nm th xac xut tn tai hai ngi


c cng sinh nht s la c = 1 2,7
-0,7
~0,5075. Va y chinh la nghich ly ngay sinh a
phat biu trn. Ho c chu

ng ta co

th thay n = 365 vao cng thc (***) s nhn c k =


22.49 23.
Nghich ly ngay sinh hay cng th

c (*) cho phe

p chu

ng ta d oa

n c ch n d

i
cua s lng phep th cn thc hin tm ra ung cua mt ham bm . M t ha

m bm
40-bit se

la

khng an toa

n vi

chi

c n th

2
20
(khoang 1 t) phep th chng ta a c xac
su t u ng la

50%.
Tng t , vi mt ham Bm c khng gian Bm 64-bit nu trn th s phe

p th


c xac sut ung la 50% s la 2
32
, iu nay la c kha nng thc hin c. Vi du vi
loai may tinh nu trn ch mt khoang 1 gi tinh toan.
Ham bm c coi la an toan la cac ham bm 128 bit (nh MD5 ..) v khi s
l ng phe

p th

se

la

2
64
. Tuy nhin hi n nay v

i s pha

t tri n cu

a ca

c thu t toa

n tha

m
ma ham bm mi c phat hin cac ham bm 128 cung c khuyn nghi la khng nn
s

du ng trong ca

c h th ng ba

o m t m

i . Cac ham bm c khuyn nghi thay th cho


MD5 la cac ham bm 164 bit nh DSS, SHA2.
2.4. Mt s ham Bm ni ting
2.4.1. MD5 (Message Digest)
Ronald Rivest la ngi a phat minh ra cac ham Bm MD2, MD4 (1990) va MD5
(1991). Do tinh cht tng t cua cac ham Bm nay, sau y chu

ng ta se

xem xe

t hm
Chng V: Ch

ky

i n t

va

ha

m bm
112
Bm MD5, y la mt cai tin cua MD4 va la ham Bm c s dung rng rai nht,
nguyn t c thi t k cu

a ha

m bm na

y cu

ng la

nguyn t c chung cho r t nhi u ca

c ha

m
bm kha

c.
a. Miu t MD5:
u vao la nhng khi 512-bit, c chia cho 16 khi con 32-bit. u ra cua thut
toan la mt thit lp cua 4 khi 32-bit tao thanh mt ham Bm 128-bit duy nht.
u tin, ta chia bc in thanh cac khi 512-bit, vi khi cui cng (t la x va x <
512-bit) cua bc in, chng ta cng thm mt bit 1 vao cui cua x, theo sau la cac bit
0 c dai cn thit (512 bit). Kt qua la bc in vao la mt chui M c dai
chia ht cho 512; v vy ta c th chia M ra thanh cac N word 32-bit (N word nay s chia
ht cho 16).
By gi, ta bt u tm ct cua bc in vi 4 khi 32-bit A, B, C va D (c xem
nh thanh ghi) :
A = 0x01234567
B = 0x89abcdef
C = 0xfedcba98
D = 0x76543210.
ngi ta thng goi A, B, C, D la cac chui bin s (chaining variables).
Bc in c chia ra thanh nhiu khi 512-bit, mi khi 512-bit lai c chia ra 16
khi 32-bit i vao bn vng lp cua MD5. Gia s ta t a, b, c va d thay cho A, B, C va D
i vi khi 512-bit u tin cua bc in. Bn vng lp trong MD5 u c cu trc ging
nhau. Mi vng thc hin 16 ln bin i: thc hin vi mt ham phi tuyn cua 3 trong 4
gia tri a, b, c va d; sau n cng kt qua n gia tri th 4, tip cng vi mt khi con
32-bit va mt hng s. Sau , n dich trai mt lng bit thay i va cng kt qua vao
mt trong 4 gia tri a, b, c hay d. Kt qua cui cng la mt gia tri mi c thay th mt
trong 4 gia tri a, b, c hay d.


Hnh 5.3: S vng lp chinh cua MD5
A
B
C
D
Vng
1
Vng
2
Vng
3
Vng
4
A
B
C
D
Khi ca bc
in
Chng V: Ch

ky

i n t

va

ha

m bm
113

Hnh 5.4: S mt vng lp MD5
C bn ham phi tuyn, mi ham nay c s dung cho mi vng:
F(X,Y,Z ) = (X Y) ((X) Z)
G(X,Y,Z ) = ((X Z) (Y (Z)))
H(X,Y,Z ) = X Y Z
I(X,Y,Z ) = Y (X (Z)).
trong : l XOR, l AND, l OR, v l NOT.
Nhng ham nay c thit k sao cho cac bit tng ng cua X, Y va Z la c lp
va khng u tin, va mi bit cua kt qua cung c lp va ngang bng nhau.
Nu M
j
la mt biu din cua khi con th j (j = 16) va <<<s la phep dich trai cua s
bit, th cac vng lp c th biu din nh sau:
FF(a,b,c,d,M
j
,s,t
i
) c biu din a = b + ((a + F(b,c,d) + M
j
+ t
i
) <<< s)
GG(a,b,c,d,M
j
,s,t
i
) c biu din a = b + ((a + G(b,c,d) + M
j
+ t
i
) <<< s)
HH(a,b,c,d,M
j
,s,t
i
) c biu din a = b + ((a + H(b,c,d) + M
j
+ t
i
) <<< s)
II(a,b,c,d,M
j
,s,t
i
) c biu din a = b + ((a + I(b,c,d) + M
j
+ t
i
) <<< s).
Bn vng (64 bc) s thc hin nh sau:
Vng 1:
FF (a, b, c, d, M
0
, 7, 0x76aa478)
FF (d, a, b, c, M
1
, 12, 0xe8c7b756)
FF (c, d, a, b, M
2
, 17, 0x242070db)
FF (b, c, d, a, M
3
, 22, 0xc1bdceee)
FF (a, b, c, d, M
4
, 7, 0xf57c0faf)
FF (d, a, b, c, M
5
, 12, 0x4787c62a)
FF (c, d, a, b, M
6
, 17, 0xa8304613)
FF (b, c, d, a, M
7
, 22, 0xfd469501)
FF (a, b, c, d, M
8
, 7, 0x698098d8)
FF (d, a, b, c, M
9
, 12, 0x8b44f7af)
a



b



c



d

Hm phi
tuyn
<<< s
M
j
t
i
Chng V: Ch

ky

i n t

va

ha

m bm
114
FF (c, d, a, b, M
10
, 17, 0xffff5bb1)
FF (b, c, d, a, M
11
, 22, 0x895cd7be)
FF (a, b, c, d, M
12
, 7, 0x6b901122)
FF (d, a, b, c, M
13
, 12, 0xfd987193)
FF (c, d, a, b, M
14
, 17, 0xa679438e)
FF (b, c, d, a, M
15
, 22, 0x49b40821).
Vng 2:
GG (a, b, c, d, M
1
, 5, 0x61e2562)
GG (d, a, b, c, M
6
, 9, 0xc040b340)
GG (c, d, a, b, M
11
, 14, 0x265e5a51)
GG (b, c, d, a, M
0
, 20, 0xe9b6c7aa)
GG (a, b, c, d, M
5
, 5, 0xd62f105d)
GG (d, a, b, c, M
10
, 9, 0x02441453)
GG (c, d, a, b, M
15
, 14, 0xd8a1e681)
GG (b, c, d, a, M
4
, 20, 0xe7d3fbc8)
GG (a, b, c, d, M
9
, 5, 0x21e1cde6)
GG (d, a, b, c, M
14
, 9, 0xc33707d6)
GG (c, d, a, b, M
3
, 14, 0xf4d50d87)
GG (b, c, d, a, M
8
, 20, 0x455a14ed)
GG (a, b, c, d, M
13
, 5, 0xa9e3e905)
GG (d, a, b, c, M
2
, 9, 0xfcefa3f8)
GG (c, d, a, b, M
7
, 14, 0x676f02d9)
GG (b, c, d, a, M
12
, 20, 0x8d2a4c8a).
Vng 3:
HH (a, b, c, d, M
5
, 4, 0xfffa3942)
HH (d, a, b, c, M
8
, 11, 0x8771f681)
HH (c, d, a, b, M
11
, 16, 0x6d9d6122)
HH (b, c, d, a, M
14
, 23, 0xfde5380c)
HH (a, b, c, d, M
1
, 4, 0xa4beea44)
HH (d, a, b, c, M
4
, 11, 0x4bdecfa9)
HH (c, d, a, b, M
7
, 16, 0xf6bb4b60)
HH (b, c, d, a, M
10
, 23, 0xbebfbc70)
HH (a, b, c, d, M
13
, 4, 0x289b7ec6)
HH (d, a, b, c, M
0
, 11, 0xeaa127fa)
HH (c, d, a, b, M
3
, 16, 0xd4ef3085)
HH (b, c, d, a, M
6
, 23, 0x04881d05)
HH (a, b, c, d, M
9
, 4, 0xd9d4d039)
HH (d, a, b, c, M
12
, 11, 0xe6db99e5)
HH (c, d, a, b, M
15
, 16, 0x1fa27cf8)
HH (b, c, d, a, M
2
, 23, 0xc4ac5665).
Vng 4:
II (a, b, c, d, M
0
, 6, 0xf4292244)
II (d, a, b, c, M
7
, 10, 0x432aff97)
Chng V: Ch

ky

i n t

va

ha

m bm
115
II (c, d, a, b, M
14
, 15, 0xab9423a7)
II (b, c, d, a, M
5
, 21, 0xfc93a039)
II (a, b, c, d, M
12
, 6, 0x655b59c3)
II (d, a, b, c, M
3
, 10, 0x8f0ccc92)
II (c, d, a, b, M
10
, 15, 0xffeff47d)
II (b, c, d, a, M
1
, 21, 0x85845dd1)
II (a, b, c, d, M
8
, 6, 0x6fa87e4f)
II (d, a, b, c, M
15
, 10, 0xfe2ce6e0)
II (c, d, a, b, M
6
, 15, 0xa3013414)
II (b, c, d, a, M
13
, 21, 0x4e0811a1)
II (a, b, c, d, M
4
, 6, 0xf7537e82)
II (d, a, b, c, M
11
, 10, 0xbd3af235)
II (c, d, a, b, M
2
, 15, 0x2ad7d2bb)
II (b, c, d, a, M
9
, 21, 0xeb86d391).
Nhng hng s t
i
c chon theo quy lut sau: bc th i gia tri t
i
la phn nguyn
cua 2
32
*abs(sin(i)), trong i = [0..63] c tinh theo radian.
Sau tt ca nhng bc nay a, b, c va d ln lt c cng vi A, B, C va D cho
kt qua u ra; va thut toan tip tuc vi khi d liu 512-bit tip theo cho n ht bc
in. u ra cui cng la mt khi 128-bit cua A, B, C va D, y chinh la ham Bm nhn
c.
b. Tinh bo mt trong MD5:
Ron Rivest a phac hoa nhng cai tin cua MD5 so vi MD4 nh sau:
Vng th 4 c thm vao (cn MD4 ch c 3 vng).
Mi bc c cng thm mt hng s duy nht.
Ham G vng 2 thay i t ((X Y) (X Z) (Y Z)) thnh ((X Z) (Y
(Z))) nhm giam tinh i xng cua G (giam tinh tuyn tnh).
Mi bc c cng kt qua cua bc trc n, lam cac qua trnh c tinh lin
kt, phu thuc ln nhau.
Vic cac khi con bi thay i khi vao vng 2 va vng 3 lam cho khun dang
cu trc vng lp thay i theo.
S lng lng bit dich trai cua mi vng c ti u va cac bc dich mi
vng l khc nhau.
Nm 1993, den Boer va Bosselaers a tm ra ung trong vic s dung ham nen
(vng 2 va 3) cua MD5. iu nay pha v quy lut thit k MD5 la chng lai s ung ,
nhng MD5 vn la ham Bm c s dung rng rai hin nay.
2.4.2. SHA (Secure Hash Algorithm)
Nm 1995, t chc NIST cng NSA a thit k ra thut toan ham Bm an toan
(SHA) s dung cho chun ch ky in t DSS. SHA c thit k da trn nhng
nguyn tc cua MD4/MD5, tao ra 160-bit gia tri Bm.
a. Miu t SHA:
Chng V: Ch

ky

i n t

va

ha

m bm
116
Cung ging vi MD5, bc in c cng thm mt bit 1va cac bit 0 cui bc
in bc in c th chia ht cho 512. SHA s dung 5 thanh ghi dich:
A = 0x67452301
B = 0xefcdab89
C = 0x98badcfe
D = 0x10325476
E = 0xc3d2e1f0
Bc in c chia ra thanh nhiu khi 512-bit. Ta cung t la a, b, c, d va e thay
cho A, B, C, D va E i vi khi 512-bit u tin cua bc in. SHA c bn vng lp chinh
vi mi vng thc hin 20 ln bin i: bao gm thc hin vi mt ham phi tuyn cua 3
trong 5 gia tri a, b, c, d va e; sau cung c cng va dich nh trong MD5.
SHA xac lp bn ham phi tuyn nh sau:
f
t
(X,Y,Z) = (X Y) ((X) Z) vi 0 t 19
f
t
(X,Y,Z) = X Y Z vi 20 t 39
f
t
(X,Y,Z) = (X Y) (X Z) (Y Z) vi 40 t 59
f
t
(X,Y,Z) = X Y Z vi 60 t 79.
Bn hng s s dung trong thut toan la:
K
t
= 2
1/2
/4 = 0x5a827999 vi 0 t 19
K
t
= 3
1/2
/4 = 0x6ed9eba1 vi 20 t 39
K
t
= 5
1/2
/4 = 0x8f1bbcdc vi 40 t 59
K
t
= 10
1/2
/4 = 0xca62c1d6 vi 60 t 79.
Cc khi bc in c m rng t 16 word 32-bit (M
0
n M
15
) thnh 80 word 32-
bit (W
0
n W
79
) bng vic s dung thut toan m rng:
W
t
= M
t
vi 0 t 15
W
t
= (W
t-3
W
t-8
W
t-14
W
t-16
) vi 16 t 79.
Ta c th miu ta mt vng lp cua SHA nh sau:
Chng V: Ch

ky

i n t

va

ha

m bm
117


Hnh 5.5: S mt vng lp cua SHA
Nu goi W
t
la biu din cua khi con th t cua bc in c m rng, va <<<s la
biu din dich trai s bit, th vng lp chinh cua SHA nh sau:
a = A, b = B, c = C, D = D, e = E,
for t = 0 to 79
{
TEMP = (a <<< 5) + f
t
(b, c, d) + e +W
t
+ K
t
,
e = d,
d = c,
c = b <<< 30,
b = a,
a = TEMP,
}
A = A + a, B = B + b, C = C + c, D = D + d, E = E + e,
Thut toan tip tuc vi khi 512-bit tip theo cho ti khi ht bc in, va kt qua sau
cng trong 4 thanh ghi A, B, C, D va E chinh la ham Bm SHA 160-bit.
b. Tinh bo mt trong SHA:
hiu r hn v tinh bao mt cua SHA, ta hay so sanh SHA vi MD5 c th
tm ra nhng im khac nhau cua hai ham Bm nay:
- MD5 v SHA u cng thm cac bit gia tao thanh nhng khi chia ht cho
512-bit, nhng SHA s dung cng mt ham phi tuyn f cho ca bn vng.
e
i-1


d
i-1


c
i-1


b
i-1


a
i-1


e
i


d
i


c
i


b
i


a
i


Hm phi
tuyn
<<< 30
<<< 5
W
t
K
t
Chng V: Ch

ky

i n t

va

ha

m bm
118
- MD5 s dung mi hng s duy nht cho mi bc bin i, SHA s dung mi
hng s cho mi vng bin i, hng s dich nay la mt s nguyn t i vi
ln cua word (ging vi MD4).
- Trong ham phi tuyn th 2 cua MD5 c s cai tin so vi MD4, SHA th s dung
lai ham phi tuyn cua MD4, tc (X Y) (X Z) (Y Z).
- Trong MD5 vi mi bc c cng kt qua cua bc trc . S khac bit
i vi SHA la ct th 5 c cng (khng phai b, c hay d nh trong MD5), iu
nay lam cho phng phap tn cng cua Boer-Bosselaers i vi SHA bi tht bai
(den Boer va Bosselaers la hai ngi a pha thanh cng 2 vng cui trong
MD4).
Cho n nay, cha c mt cng b nao c a ra trong vic tn cng SHA, bi
v dai cua ham Bm SHA la 160-bit, n c th chng lai phng phap tn cng bng
vet can (k ca birthday attack) tt hn so vi ham Bm MD5 128-bit.
2.5. Mt s

ng du ng cu

a ham Bm
Nh a

tri

nh ba

ph n u chng , ng dung chinh cua cac ham bm la s


dung vi cac h ch ky in t , trong o

thay vi

ky

tr c ti p ln ca

c vn ba

n , thng i p
(ma trong a s trng hp la rt ln, t c ch m) ng

i ta se

ky

ln gia

tri bm a i di n
cho toa

n b vn ba

n o

. i u na

y c bi t quan tro ng va

hi u qua

i vi

chu

ng ta bi t
r ng ca

c h ch

ky

i n t

u la

m vi c v

i ca

c phe

p ti

nh s ho c s l

n nn ba

n thn
chng a tng i chm, vi c s

du ng gia

tri bm thay cho toa

n b vn ba

n la

gia

i pha

p
toan din khc phuc c yu im nay cua cac h ch ky in t . Ngoai vic x dung
v

i ca

c h ch

ky

i n t

ha

m bm co

n c s dung vao cac muc ich khac nh : xac


th c ho

a thng i p, xac thc ha ngi dng.


i vi cac ng dung khng cn gi bi mt thng ip ma ch cn am bao thng
i p khng bi thay i trn

ng truy n ng

i ta se

du ng ha

m bm cho mu c i

ch xa

c
th c ti

nh nguyn ve n cu

a thng i p o

. Ch ng ha n chu

ng ta co

m t ph n m m ma


ngu n m

da ng setup mu n phn ph i cho ng

i du

ng , r rang vic gi phn mm


t

i ma

y ti

nh cu

a ng

i du

ng la

khng c n pha

i ma

ho

a , tuy nhin n u nh ph n m m o


bi thay i trn ng truyn (ch ng ha n nh bi g n thm ca

c spyware , virus ) th s
r t nguy hi m. a

m ba

o chu

ng ta se

cung c p gia

tri bm cu

a ph n m m (khi o


ph n m m chi

nh la

thng i p ). Ng

i du

ng se

download ca

ph n m m va

gia

tri bm
nh n c , sau o

ti n ha

nh bm la i , i sa

nh gia

tri bm nh n c v

i gia

tri bm
c cung c p cu

ng v

i ph n m m , n u hai gi a tri nay khp nhau th c th am bao


ph n m m khng bi s

a i trn

ng truy n. Hi n nay a s ca

c ph n m m ma

ngu n
m

u c phn ph i theo ca

ch na

y.
Trong ca

c h th ng yu c u co

xa

c th c ng

i du

ng nh ca

c h qua

n tri c s


li u, h i u ha

nh , cac ng dung web , ng dung dang desktop application , lu mt


kh u ng

i du

ng ng

i ta cu

ng s

du ng ca

c ha

m bm ho c ca

c h ma

trong ca

c vai tro


cua ham bm (khng s

du ng kho

a ). Khi o

m i ta

i khoa

n cu

a ng

i du

ng thay vi

lu
d

i da ng tn truy c p (username) va mt khu (password) s c lu di dang : tn


ng

i du

ng, gia tri bm cua mt khu . Khi m t ng

i du

ng ng nh p va

o h th ng , h
th ng se

l y tn truy c p , m t kh u ho nh p va

o , ki m tra xem co

tn truy c p na

o nh
v y hay khng . N u co

se

ti n ha

nh bm gia

tri m t kh u do ng

i du

ng nh p va

o , i
Chng V: Ch

ky

i n t

va

ha

m bm
119
sanh vi gia tri bm tng ng lu trong c s d liu (c th dang file text , xml, hay
file c s

li u cu

a m t h qua

n tri c s

li u na

o o

). N u k t qua

i sa

nh la

kh

p
th ngi dng la hp l , ng c la i n u khng kh

p co

nghi

a la

sai m t kh u . Hi n
nay t t ca

ca

c h qua

n tri c s

li u u c trang bi ca

c ha

m bm cho phe

p
ng

i du

ng ta o ra ca

c gia

tri bm cu

a m t kh u ng

i du

ng va

lu la i ca

c gia

tri bm na

y.
Vi c lu ca

c gia

tri bm a

m ba

o chu

ng ta khn g bi l m t kh u do m t kh u c lu


dang nguyn ban trn ma y ti

nh ho c khi truy n qua h th ng ma ng . H i u ha

nh Unix
s

du ng nguyn t c lu m t kh u nh trn v

i ha

m bm la

h ma

DES c l p la i 25
l n, m t kh u cua ngi dng c s dung nh kha cua h ma, ban r em ma ha la
xu 64 bit 0.
Ngay nay vi s phat trin manh m cua thng mai in t , cac giao dich u
c th c hi n t

xa, trn ca

c h th ng ma ng nn vi c

ng dung cua cac h ch ky in


t

va

i ke

m v

i o

la

ca

c ha

m bm nga

y ca

ng tr

nn quan tro ng . Moi thng tin trong


cac giao dich thng mai in t u cn c bao v bng cac ch ky , ham bm. V
th co

th no

i r ng i khi ca

c ha

m bm co

n quan tro ng hn ca

ca

c h ma

m t.
3. Bai tp
Bai tp 5.1: Cho h ch ky in t ElGamma c p = 1019, a = 191 la mt phn t
nguyn thuy cua Z
P
*
, x = 37.
a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ch ky trn.
b) ky ln ban r M = 102 ngi ta chon k = 143, hay thc hin ky a ra ch ky
tng ng.
c) Kim tra xem cp (K, S) = (251, 507) c la ch ky ln vn ban M = 127 hay
khng.
Bai tp 5.2: Cho h ch

ky

i n t

RSA c p = 31, q = 41, e = 271.


a) Hy tm kha cng khai K
P
, va kha bi mt K
S
cua h ma trn.
b) Hay tinh ch ky cho thng ip M = 100.
Bai tp 5.3: Cho thu t toa

n ch

ky

i n t

DSA co

q = 11, p = 67, = 9, = 62, kha bi


m t a = 4, ky ln vn ban M = 8, ng

i ta cho n k = 2. Hay xac inh ch ky ln vn ban


M.
Bai tp 5.4: Cho h ch

ky

i n t

RSA co

p = 47, q = 71, e= 79. Hay xac inh ch ky


cua h ma ln thng ip M = 688.
S

du ng m t trong ca

c ngn ng

l p tri

nh C, C++, Java ho c C# lam cac bai tp sau:


Bai tp 5.5: Cai t h ch ky in t RSA.
Bai t p 5.6: Cai t h ch ky in t El Gammal.
Bai tp 5.7: Cai t ham bm MD5.
Bai tp 5.8: Cai t ham bm SHA.
Gi y

: C th s dung cac th vin s ln nh MIRACL ho c ca

c th vi n ma

ngu n m


nh Crypto++ (chi ti t ta i i a chi

website: http://www.cryptopp.com/), Cryptolib ( chi ti t ta i


i a chi

website http://www.cs.auckland.ac.nz/~pgut001/cryptlib).

Chng VI: Qun ly khoa
120
CHNG VI: QUAN LY KHOA
1. Qun ly

kho trong cc mang truyn tin


Trong cac chng trc, ta a lam quen vi cac phng phap lp ma va cac bai
toan quan trong khac lin quan n vic truyn tin bao mt trn cac mang truyn tin cng
cng ni chung. Ta cung a thy rng cac h mt ma khoa cng khai cng khai c nhiu
u vit hn cac h mt ma i xng trong vic lam nn tang cho cac giai phap an toan
thng tin, va c bit i vi cac h ma khoa i xng th vic thc hin i hi nhng
knh bi mt chuyn khoa hoc trao i khoa gia cac i tac, th v nguyn tc, i
vi cac h ma hoa vi khoa cng khai khng cn c nhng knh bi mt nh vy, v cac
khoa cng khai c th c truyn hay trao i cho nhau mt cach cng khai qua cac
knh truyn tin cng cng. Tuy nhin, trn thc t, bao am cho cac hoat ng thng
tin c tht s an toan, khng phai bt c thng tin nao v cac khoa cng khai cua mt
h ma, cua mt thut toan kim tra ch ky, cua mt giao thc xac nhn thng bao hay
xac nhn danh tinh cung phat cng khai mt cach tran lan trn mang cng cng, mc
d la cng khai nhng ngi ta cung mun la nhng ai cn bit th mi nn bit ma thi.
Do , mc d s dung cac h c khoa cng khai, ngi ta cung mun c nhng giao
thc thc hin vic trao i khoa gia cac i tac thc s c nhu cu giao lu thng tin
vi nhau, k ca trao i khoa cng khai. Vic trao i khoa gia cac chu th trong mt
cng ng nao c th c thit lp mt cach t do gia bt c hai ngi nao khi c
nhu cu trao i thng tin, hoc c th c thit lp mt cach tng i lu dai trong
thi gian nao trong ca cng ng vi s iu phi cua mt c quan c uy thac TA.
Vic trao i khoa trong trng hp th nht ta goi n gian la thoa thun khoa, cn
trong trng hp th hai ta goi la phn phi khoa; TA la ni thc hin vic phn phi,
cung la ni quan ly khoa. Vic thoa thun khoa ni chung khng cn c s tham gia cua
mt TA nao va ch c th xay ra khi cac h bao mt ma ta s dung la h c khoa cng
khai, cn vic phn phi khoa th c th xay ra i vi cac trng hp s dung cac h
khoa i xng cung nh cac h c khoa cng khai. Vic phn phi khoa vi vai tr quan
tri khoa cua mt TA la mt vic bnh thng, a tn tai rt lu trc khi c cac h mt ma
kho cng khai . Ta s bt u v

i mt vai h phn phi khoa nh vy, sau o

s gii
thiu mt s h phn phi hoc trao i khoa khi dng cac s an toan va bao mt vi
kho cng khai.
2. Mt s h phn phi kho
2.1. S phn phi kho Blom
Gia s ta c mt mang gm c n ngi dng va mi ngi dng u c nhu cu
trao i thng tin bi mt vi moi ngi trong mang. Gia s s mt ma c s dung
la mt s mt ma khoa i xng (chng han nh DES). Toan b mang cn c
2
) 1 ( n n
khoa khac nhau cho chng y cp ngi dng khac nhau trong mang. Mt c
quan uy thac TA quan ly chng y khoa va phai chuyn cho mi ngi dng (n-1) kho
chung vi (n-1) ngi cn lai trong mang; nh vy TA phai truyn bng nhng knh bi
mt tt ca la n(n-1) lt khoa n tt ca n ngi dng.
Chng VI: Qun ly khoa
121
Nm 1985, Blom nghi m t s phn ph i khoa

, ma sau y ta goi la s
Blom, trong tr

ng h p n gia

n nh t c m ta

nh sau:
- TA chon mt s nguyn t p n, va chon cho mi ngi dng A mt s
p A
Z r e
. S p va cac s r
A
c cng b cng khai.
- Sau , TA chon ba s ngu nhin a, b, c
p
Z e va lp a thc:
p cxy y x b a y x f mod ) ( ) , ( + + + =
- Vi mi ngi dng A, TA tinh p x b a r x f x g
A A A A
mod ) , ( ) ( + = = , trong
p br a a
A
mod
A
+ = , p cr b b
A A
mod + = . TA chuyn bi mt cp s (a
A
, b
A
) cho
A. Nh vy, A bit x b a x g
A A
+ =
A
) ( .
So vi vic TA phai truyn bi mt n(n-1) lt khoa trn th vi s Blom, TA ch
phai truyn n lt cac cp s (a
A
, b
A
) m thi.
Sau khi a thc hin xong cac cng vic chun bi , by gi nu hai ngi dng A
va B mun tao khoa chung truyn tin bng mt ma cho nhau th khoa chung K
A,B
s
l:
), , ( ) ( ) (
, B A A B B A B A
r r f r g r g K = = =
ma mi ngi A va B tinh c bng nhng thng tin mnh a c.
Nh vy, theo s phn phi nay, TA phn phi cho moi ngi dng mt phn bi
mt cua khoa, hai ngi dng bt ky phi hp phn bi mt cua ring mnh vi phn cng
khai cua ngi kia cng tao nn khoa bi mt chung cho hai ngi. S nay la an
toan theo ngha sau y: bt ky mt ngi thc ba C nao (k ca C la mt ngi tham gia
trong mang) c th c phat hin c khoa bi mt ring cua hai ngi A va B. Thc
vy, d C c la ngi tham gia trong mang i na, th cai ma C bit nhiu lm la hai s
a
C
, b
C
do TA cp cho. Ta chng minh rng vi nhng g ma C bit th bt ky gia tri
p
Z e
nao cung c th c chp nhn la K
A,B
. Nhng g ma C bit , k ca chp nhn
B A
K
,
= ,
c th hin thnh:
C C
C C
B A B A
b cr b
a br a
r cr r r b a
= +
= +
= + + + ) (

Nu xem a, b, c la n s, ta c inh thc cac h s v phai la:
), )( (
1 0
0 1
1
B C A C
C
C
B A B A
r r r r
r
r
r r r r
=
+

Theo gia thit chon cac s r, inh thc khac 0, do h phng trnh lun c
nghim (a, b, c), tc vic chp nhn la gia tri cua K
A,B
la hoan toan c th. Bt ky gia tri
Chng VI: Qun ly khoa
122
p
Z e nao cung c th c C chp nhn la K
A,B
, iu ng ngha vi vic C khng
bit K
A,B
la s nao.
Tuy nhin, nu c hai ngi tham gia C va D (khac A, B) lin minh vi nhau phat
hin K
A,B
th lai rt d dang, v ca C va D bit:
D D
D
C
C
b
a
b
a
= +
= +
= +
= +
cr b
br a
cr b
br a
D
C
C

bn phng trnh u xac inh (a, b, c) t tm c K
A,B
.
Ta c th m rng s Blom ni trn c mt s Blom tng quat, trong
moi khoa chung K
A,B
cua hai ngi dng A va B la bi mt hoan toan i vi bt ky lin
minh nao gm k ngi ngoai A va B, nhng khng cn la bi mt i vi moi lin minh
gm k+1 ngi tham gia trong mang. Mun vy, ta ch cn thay a thc f(x, y) ni trn
bng mt a thc i xng bc 2k sau y:

= =
=
k
i
k
j
j i
ij
p y x a y x f
0 0
, mod ) , (
trong
ji ij p ij
a a k j i Z a = s s e , , 0 , vi moi i, j.
2.2. H phn phi kho Kerberos
Kerberos la tn cua mt h dich vu phn phi (hay cp phat) khoa phin (sesion
key) cho tng phin truyn tin bao mt theo yu cu cua ngi dng trong mt mang
truyn tin. H mt ma c s dung thng la h c khoa i xng chng han nh DES.
thc hin h nay, trc ht c quan c uy thac (hay trung tm iu phi) TA
cn chia se mt khoa DES bi mt K
A
vi mi thanh vin A trong mang. Sau , mi ln A
c nhu cu truyn tin bao mt vi mt thanh vin khac B th yu cu TA cp mt khoa
phin cho ca A va B. Vic cp phat s c thc hin bng mt giao thc phn phi
khoa nh sau:
1) TA chon ngu nhin mt khoa phin K, xac inh mt tem thi gian T va thi
gian sng L (nh th c ngha la khoa phin K c gia tri s dung trong khoang thi gian
t T n T+L).
2) TA tnh ), , ), ( , (
1
L T B ID K e m
A
K
= ) , ), ( , (
2
L T A ID K e m
B
K
= va gi (m
1
, m
2
) n
A.
3) A dng ham giai ma
A
K
d cho m
1
thu c K, T, L, ID(B). Sau tinh
), ), ( (
3
T A ID e m
K
= va gi (m
3
, m
2
) cho B.
4) B dng cac ham giai ma
B
K
d cho m
2
v d
K
cho m
3
thu c K, T, L, ID(A)
va ID(A), T. Nu thy hai gia tri cua ID(A) va cua T trng nhau th B tinh tip m
4
= e
K
(T +
1) va gi m
4
cho A.
Chng VI: Qun ly khoa
123
5) A dng ham giai ma d
K
cho m
4
va th xem kt qua thu c c ng la T+1
hay khng.
Trong giao thc ni trn, cac ky hiu ID(A) va ID(B) la ch danh tinh cua A va cua B,
cac thng tin la cng khai.
Hoan thanh giao thc gm 5 bc ni trn, TA (cng vi A va B) a thc hin xong
vic cp phat mt khoa phin K cho hai ngi dng A va B truyn tin mt ma cho
nhau. Tt ca cac vic trao i cac thng tin trong giao thc u c thc hin trn
cac knh cng cng, d khoa K vn la bi mt (ch A, B va TA la c bit ma thi). Ngoai
vic cp phat khoa, giao thc cn thc hin c vic xac nhn khoa: B va A u tin
chc c rng i tac cua mnh a thc s c khoa K do kt qua cua vic thc hin cac
phep th bc 4 va 5. Thm na, ca A va B cn bit c thi han c hiu lc cua
kho.
Phn phi khoa bi mt theo giao thc Kerberos c tin cy cao, tuy nhin trong
thc t, vic s dung n cung i hi tn nhiu thi gian nn ngay nay cung ch c
dng trong nhng trng hp han ch.
2.3. H phn phi kho

a Diffe-Hellman
H phn phi khoa Diffe-Hellman khng i hi TA phai bit va chuyn bt ky thng
tin mt nao v khoa cua cac ngi tham gia trong mang ho thit lp c khoa chung
bi mt cho vic truyn tin vi nhau.
Trong mt h phn phi khoa Diffe-Hellman, TA ch vic chon mt s nguyn t ln
p va mt phn t nguyn thuy o theo mod p sao cho bi ton tnh log
a
trong
*
p
Z la rt
kh. Cac s p va o c cng b cng khai cho moi ngi tham gia trong mang. Ngoai
ra, TA c mt s ch ky vi thut toan ky bi mt sig
TA
va thut toan kim tra cng khai
ver
TA
.
Mt thanh vin bt ky A vi danh tinh ID(A) tuy y chon mt s a
A
(0 a
A
p-2) v
tnh p b
a
A
mod
A
o = . A gi bi mt a
A
va ng ky cac thng tin (ID(A), b
A
) vi TA. TA cp
cho A chng ch:
C(A) = (ID(A), b
A
, sig
TA
(ID(A), b
A
)).
Cac chng ch cua cac thanh vin trong mang c th c lu gi trong mt c s
d liu cng khai hoc uy thac cho TA lu gi va cung cp cng khai cho cac thanh vin
mi khi cn n.
Khi hai thanh vin A va B trong mang cn c mt khoa bi mt chung truyn tin
bao mt cho nhau th A dng thng tin cng khai b
B
c trong C(B) kt hp vi s bi mt
cua mnh la a
A
tao nn khoa.
. mod mod
A
,
p p b K
A B
a a a
B B A
o = =
Khoa chung B cung tao ra c t cac thng tin cng khai b
A
cua A va s bi mt
a
B
cua mnh:
. mod mod
B
,
p p b K
B A
a a a
B B A
o = =
Chng VI: Qun ly khoa
124
bao am c cac thng tin v b
B
v b
A
la chinh xac, A va B c th dng thut
ton ver
TA
kim tra ch ky xac nhn cua TA trong cac chng ch C(B) va C(A) tng
ng.
C s

ly

thuy t a

m b ao cho s an toan cua cac phng phap trao i kha da


trn h phn ph i kho

a Diffie -Hellman la

ba

i toa

n Logarithm r

i ra c , c th tham khao
thm trong ph n 3.3 chng IV bi t thm.
3. Trao i kho va tho thun kho
3.1. Giao thc trao i kho Diffie-Hellman
H phn phi khoa Diffie-Hellman ni trong muc trc c th d dang bin i
thanh mt giao thc trao i (hay thoa thun) khoa trc tip gia cac ngi s dung ma
khng cn c s can thip cua mt TA lam nhim vu iu hanh hoc phn phi khoa. Mt
nhm bt ky ngi s dung c th thoa thun cng dng chung mt s nguyn t ln p
va mt phn t nguyn thuy o theo mod p, hai ngi bt ky trong nhm A va B mi khi
mun truyn tin bao mt cho nhau c th cng thc hin giao thc sau y trao i
kho:
1) A chon ngu nhin s a
A
(0 a
A
p-2) bi mt, tinh p b
a
A
mod
A
o = va gi b
A

cho B .
2) Tng t, B chon ngu nhin s a
B
(0 a
B
p-2) bi mt, tinh p b
a
B
mod
B
o =
va gi b
B
cho A.
3) A va B cng tinh c khoa chung:
). mod ( mod mod
A A
,
p p b p b K
B B
a a a
A
a
B B A
o = = =
Giao thc trao i khoa Diffie-Hellman c cac tinh cht sau:
- Giao thc la an toan i vi vic tn cng thu ng, ngha la mt ngi th ba
d bit b
A
v b
B
s kh ma bit c K
A,B
.
Chng ta bit rng bai toan bit b
A
v b
B
tm K
A,B
chinh la bai toan Diffie-Hellman,
bai toan nay tng ng vi bai toan pha ma ElGammal. By gi ta s chng minh iu
ny.
Phep mt ma ElGammal vi khoa K = ( | o , , , a p ), trong p
a
mod o | = cho ta t
mt ban r x va mt s ngu nhin
1
e
p
Z k lp c mt ma e
K
(x, k) = (y
1
, y
2
) vi
p y
k
mod
1
o = , . mod
2
p x y
k
| = Va phep giai ma c cho bi p y
k
mod
1
o = .
Gia s ta c thut toan A giai bai toan Diffie-Hellman. Ta s dng A pha ma
ElGammal nh sau:
Cho mt ma (y
1
, y
2
). Trc tin, dung A cho p y
k
mod
1
o = v , mod p
a
o | = ta
c p B y A
k ka
mod ) , (
1
| o = = . Sau , ta thu c ban r x t
k
| v y
2
nh sau:
. mod ) (
1
2
p y x
k
= |
Chng VI: Qun ly khoa
125
Ngc lai, gia s c mt thut toan khac la B dng pha ma ElGammal, tc
. mod ) ( ) , , , , (
1
1 2 2 1
p y y x y y p B
a
= = | o Ap dung B cho
A
b = | , y
1
= b
B
, y
2
=1, ta c
, mod ) ) .( 1 ( ) 1 , , , , (
A A
1 1 1
p b b b p B
B
a a a
B B A
o o = =

tc giai c bai toan Diffie-Hellman.
- Giao thc la khng an toan i vi vic tn cng chu ng bng cach anh
trao gia ng.
Ngha la mt ngi th ba C c th anh trao cac thng tin trao i gia A va B.
Chng han, C thay
A
a
o ma A inh gi cho B bi
A
a'
o v thay
B
a
o ma B inh gi cho A
bi
B
a'
o . Nh vy, sau khi thc hin giao thc trao i khoa, A a lp mt khoa chung
B
a a '
A
o vi C ma vn tng la vi B; ng thi B cung lp mt khoa chung
B A
a a'
o vi C
ma vn tng la vi A. C c th gia ma moi thng bao ma A tng nhm la mnh gi n
B cung nh moi thng bao ma B tng nhm la mnh gi n A.
Mt cach khc phuc kiu tn cng nay la lam sao A va B c kim th xac
nhn tinh ng n cua cac khoa cng khai b
A
v b
B
. Ngi ta a vao giao thc trao i
kho Diffie-Hellman thm vai tr iu phi cua mt TA c mt h phn phi khoa
Diffie-Hellman nh mt cach khc phuc nhc im nay. Trong h phn phi khoa Diffie-
Hellman, s can thip cua TA la rt yu, thc ra TA ch lam mi vic la cp chng ch xac
nhn khoa cng khai cho tng ngi dng ch khng i hi bit thm bt c mt bi mt
nao cua ngi dng. Tuy nhin, nu cha thoa man vi vai tr han ch cua TA th c
th cho TA mt vai tr xac nhn yu hn, khng lin quan g n khoa, chng han nh
xac nhn thut toan kim th ch ky cua ngi dng, cn ban thn cac thng tin v khoa
(ca bi mt ln cng khai) th do cac ngi dng trao i trc tip vi nhau. Vi cach khc
phuc c vai tr ht sc han ch cua TA, ta c giao thc sau y:
3.2. Giao thc trao i kho Diffie-Hellman co chng ch xc nhn
Mi ngi dng A c mt danh tinh ID(A) va mt s ch ky vi thut toan ky sig
A

va thut toan kim th ver
A
. TA cung c mt vai tr xac nhn, nhng khng phai xac nhn
bt ky thng tin nao lin quan n vic tao khoa mt ma cua ngi dng (d la khoa bi
mt hay khoa cng khai), ma ch la xac nhn mt thng tin it quan h khac nh thut toan
kim th ch ky cua ngi dng. Cn ban thn cac thng tin lin quan n vic tao khoa
mt ma th cac ngi dng s trao i trc tip vi nhau. TA cung c mt s ch ky
cua mnh, gm mt thut toan ky sig
TA
va mt thut toan kim th cng khai ver
TA
. Chng
ch ma TA cp cho mi ngi A s la:
C(A) = (ID(A), ver
A
, sig
TA
(ID(A), ver
A
)).
R rang trong chng ch TA khng xac nhn bt ky iu g lin quan n vic tao
khoa cua A ca. Vic trao i khoa gia hai ngi dng A va B c thc hin theo giao
thc sau y:
1) A chon ngu nhin s a
A
(0 a
A
p-2), tnh p b
a
A
mod
A
o = va gi b
A
cho B.
2) B chon ngu nhin s a
B
(0 a
B
p-2), tnh p b
B
a
B
mod o = tinh tip
, mod p b K
B
a
A
= ), , (
A B B B
b b sig y = va gi (C(A), b
B
, y
B
) cho A.
Chng VI: Qun ly khoa
126
3) A tnh , mod p b K
A
a
B
= dng ver
B
kim th y
B
, dng ver
TA
kim th C(B),
sau tinh y
A
= sig
A
(b
A
, b
B
) va gi (C(A), y
A
) cho B.
4) B dng ver
A
kim th y
A
v dng ver
TA
kim th C(A).
Nu tt ca cac bc c thc hin va cac phep kim th u cho kt qua ng
n th giao thc c kt thc, va ca A va B u c c khoa chung K. Do vic dng
cac thut toan kim th nn A bit chc gia tri b
B
la cua B va B bit chc gia tri b
A
cua A,
loai tr kha nng mt ngi C nao khac anh trao cac gia tri gia ng.
3.3. Giao thc trao i kho Matsumoto-Takashima-Imai
Giao thc trnh bay trong muc trn dng ba ln chuyn tin qua lai thit lp mt
khoa chung. Cac tac gia Nht Matsumoto, Takashima va Imai nghi mt cai tin ch
dng mt giao thc gm hai ln chuyn tin (mt t A n B va mt t B n A) thoa
thun khoa nh sau:
Ta gia s rng trc khi thc hin giao thc, TA a ky cp chng ch cho mi
ngi dng A theo cach trong giao thc trao i DH:
C(A) = (ID(A), b
A
, sig
TA
(ID(A), b
A
)).
va thut toan kim th ch ky ver
TA
la cng khai. Trong giao thc nay, cac b
A
khng
trc tip tao nn cac khoa mt ma cho truyn tin, ma vi mi phin truyn tin bao mt,
khoa phin (sesion key) s c tao ra cho tng phin theo giao thc.
Giao thc trao i khoa phin MTI gm ba bc (trong c hai ln chuyn tin)
nh sau:
1) A chon ngu nhin s r
A
(0 r
A
p-2), tnh , mod p s
A
r
A
o = va gi (C(A), s
A
)
cho B.
2) B chon ngu nhin s r
B
(0 r
B
p-2), tnh , mod p s
B
r
B
o = va gi (C(B), s
B
)
cho A.
3) A tnh , mod .
A
p b s K
A
r
B
a
B
= vi gia tri b
B
thu c t C(B)
B tnh , mod . p b s K
B B
r
B
a
A
= vi gia tri b
B
thu c t C(A).
Hai cach tinh cho cng mt gia tri . mod
A
p K
a r a r
B B A
+
=o
Giao thc nay cung c kha nng gi bi mt khoa K nh i vi giao thc Diffie-
Hellman trc s tn cng thu ng. Tuy nhin, v khng c chng ch i vi cac gia tri
s
A
, s
B
nn vn c nguy c cua s tn cng tich cc bng vic anh trao gia ng bi
mt ngi C nao theo kiu sau y:

L ra A gi n B cp (C(A), s
A
) th C anh trao bng cach (C(A), s
A
) va gi n B
gia tri (C(A), s
A
) vi p s
A
r
A
mod '
'
o = . Va ngc lai, ang l B gi n A gia tri (C(B), s
B
)
C(A),
A
r'
o

A

C

B
C(A),
A
r
o
C(B),
B
r'
o C(B),
B
r
o
Chng VI: Qun ly khoa
127
th C anh trao bng cach nhn (C(B), s
B
) va gi n A gia tri (C(B), s
B
) vi
p s
B
r
B
mod '
'
o = . Khi A tinh c khoa:
, mod
A
'
1
p K
a r a r
B B A
+
=o
va B tinh c khoa:
. mod
A
'
2
p K
a r a r
B B A
+
=o
Hai gia tri K
1
v K
2
nay khac nhau nn khng gip A va B truyn tin c cho nhau,
nhng C khng c kha nng tinh c gia tri nao trong hai gia tri (v khng bit a
A
v
a
B
) nn khac vi giao thc Diffie-Hellman, y C ch c th pha ri, ch khng th anh
cp thng tin c.
3.4. Giao thc Girault trao i kho khng chng ch
Giao thc Girault c xut nm 1991. Trong giao thc nay, ngi s dung A
khng cn dng chng ch C(A) ma thay bng mt khoa cng khai t chng thc c
cp trc bi mt TA. Phng phap nay s dung kt hp cac c tinh cua bai toan RSA
va logarit ri rac.
Gia s n la tich cua hai s nguyn t ln p va q, n = p*q, p va q c dang p = 2p
1
+1,
q = 2q
1
+1, trong p
1
v q
1
cung la cac s nguyn t. Nhm nhn
*
n
Z ng cu vi tich
* *
q p
xZ Z . Cp cao nht cua mt phn t trong
*
n
Z la bi chung be nht cua p-1 v q-1, tc
la bng 2p
1
q
1
. Gia s o la mt phn t cp 2p
1
q
1
cua
*
n
Z . Nhm tun hoan sinh bi o
c ky hiu la G, bai toan tinh logarit ri rac theo c s o trong G c gia thit la rt
kh.
Cac s n va o la cng khai. Ch TA bit p, q. TA chon s mu cng khai e vi
UCLN(e, ) (n | ) = 1, va gi bi mt ). ( mod
1
n e d |

=
Mi ngi dng A c mt danh tinh ID(A), chon ngu nhin mt s G a e
A
, gi bi
mt a
A
v tnh n b
a
A
mod
A
o = , ri gi a
A
, b
A
cho TA. TA th lai iu kin n b
a
A
mod
A
o =
, ri cp cho A mt khoa cng khai t chng thc p
A
= (b
A
-ID(A))
d
mod n. Trong kho
cng khai p
A
khng c thng tin v a
A
nhng TA cn bit a
A
th iu kin
n b
a
A
mod
A
o = .
Giao thc Girault trao i khoa gia hai ngi dng A va B c thc hin bi cac
bc sau y:
1) A chon ngu nhin G r
A
e , tnh n s
A
r
A
mod o = va gi cho B cac gia tri (ID(A),
p
A
, s
A
).
2) B chon ngu nhin G r
B
e , tnh n s
B
r
B
mod o = va gi cho B cac gia tri (ID(B),
p
B
, s
B
).
3) A tnh kho , mod )) ( (
A
n V ID p s K
A
r e
B
a
B
+ =
B tnh kho . mod )) ( (
B
n A ID p s K
B
r e
A
a
A
+ =
Chng VI: Qun ly khoa
128
Ca hai gia tri cua K u bng nhau va bng . mod
A
n K
a r a r
B B A
+
=o .
Bng cac lp lun tng t nh muc trc, ta d thy rng mt ngi th ba C
kh ma tao ra cac thng tin gia mao gi n A hoc B, nu tn cng bng cach anh
trao gia ng th c th pha ri ngn can A va B tao lp khoa chung nhng khng
th anh cp thng tin trao i gia A va B.
Cn lai vn : tai sao TA cn bit a
A
va th iu kin n b
a
A
mod
A
o = trc khi
cp p
A
cho A! Ta gia s rng TA khng bit a
A
va cp p
A
= (b
A
-ID(A))
d
mod n cho A , v
th xem c th xay ra chuyn g?
Mt ngi th ba C c th chon mt gia tri a
A
v tnh n b
a
A
mod '
A
'
o = , ri tinh b
C
=
b
A
- ID(A) ID(C) va a (ID(C), b
C
) cho TA. TA s cp cho C mt khoa cng khai t
chng thc:
p
C
= (b
C
ID(C))
d
mod n.
V b
C
ID(C) = b
A
ID(A) nn thc t C a c cp:
p
C
= p
A
= (b
A
ID(A))
d
mod n.
By gi gia s A va B thc hin giao thc trao i khoa va C xen vao gia. Nh
vy, A gi cho B ) mod , ), ( ( n p A ID
A
r
A
o , nhng do C anh trao nn B s nhn c
) mod , ' ), ( (
'
n p A ID
A
r
A
o . Do , B va C tinh c cng mt khoa:
, mod )) ( ( mod '
' ' ' '
A
n B ID p s n K
A A B B A
r e
B
a
B
a r a r
+ = =
+
o
cn A tinh c khoa . mod
A
n K
a r a r
B B A
+
=o

B va C c cng mt khoa khac vi khoa cua A nhng B vn ngh rng mnh c
chung khoa vi A. V th, C c th giai ma moi thng bao ma B gi cho A, tc anh cp
thng tin t B n A. Vic TA bit a
A
va th iu kin n b
a
A
mod
A
o = trc khi cp p
A
cho A la loai tr kha nng anh trao nh vy cua mt ke tn cng C.
4.Bai tp
Bai tp 6.1: Gia s A va B s dung ky thut phn phi kha Diffie -Hellman truy n tin
cho nhau v

i s nguyn t c cho n la

p = 71 va phn t nguyn thuy = 7.


a) N u kho

a bi

m t cu

a A la

X
A
= 5 th kha cng khai cua A la g?
b) N u kho

a bi

m t cu

a B la

X
B
= 12 th kha cng khai cua B la g?
c) Cho bi t kho

a bi

m t du

ng truy n tin?
Bai tp 6.2: A va

B s

du ng ky

thu t phn ph i kho

a Diffie-Hellman truy n tin cho


nhau v

i p = 11 va phn t nguyn thuy = 2.


a) Hay chng minh rng = 2 u

ng la

ph n t

nguyn thu

y cu

a Z
*
11
.
b) N u kho

a cng khai cu

a A la

Y
A
= 9 th kha bi mt cua A la bao nhiu?
(ID)A, p'
A
,
A
r'
o

A

C

B
(ID)A, p
A
,
A
r
o
(ID)B, p
B
,
B
r
o (ID)B, p
B
,
B
r
o
Chng VI: Qun ly khoa
129
c) Gia s B c kha cng khai la Y
B
= 3, hay tm kha bi mt dng truyn tin
gi

a A va

B.


Chng VII: Giao th

c m t ma


130
CHNG VII: GIAO TH C MT MA
1. Giao thc
inh nghia:
Mt giao thc (protocol) ch n gin l mt chui cc bc thc hin trong o co it
nht 2 bn tham d, c thit k thc hin mt nhim v no o.[2]
inh ngha nay n gian nhng cht ch: mt chui cac bc ngha la mt day
cac bc c th t, c u c cui, bc trc phai c kt thc trc khi thc hin
bc sau. C it nht hai bn tham gia ngha la c th c nhiu ngi cng tham gia
thc hin chui bc nay, do nu mt ngi thc hin mt chui cac bc th khng
th goi la mt giao thc c. Va cui cng mt giao thc phai c thit k nhm at
c ti mt kt qua nao .
Mt giao thc c nhng c tinh nh sau:
Cac bn tham gia phai hiu cach thc va cac bc thc hin mt giao thc khi
tham gia thc hin.
Cac bn phai ng y tuyt i tun thu cac bc.
Giao thc phai r rang, tt ca cac bc phai c vit tng minh, khng c
ch nao gy nn kha nng hiu nhm.
Giao thc phai y u, tt ca cac tnh hung bin i u phai c a ra.
Giao thc mt ma la mt giao thc c vn dung cac kin thc cua ly thuyt mt ma
at c cac muc tiu v mt an toan va bao mt cho h thng. Cac thanh phn tham
gia c th la ban b tin tng ln nhau, nhng cung c th la nhng ke ich cua nhau.
Mt giao thc mt ma c lin quan n cac thut toan cua mt ma nhng thng thng
muc ich cua n i xa hn la tinh bao mt thun tuy. Cac bn c th tham d vao vic
chia se cac phn cua mt bi mt c dng chit xut ra mt thng tin nao , c th
cng kt hp phat ra mt chui s ngu nhin, c th chng minh danh tinh cua mnh
cho bn kia hay ng thi ky vao mt vn ban hp ng. Toan b vn cua ly thuyt
mt ma y la lam sao d ra va chng lai cac kha nng nghe trm hay la di.
Nguyn tc thit k giao thc: phai lam sao khng ai, khng bn nao c th
thu c nhiu hn, bit c nhiu hn nhng g ma thit k ban u gia inh.
2. Mc ich cua cc giao thc
Ngay nay, vi s phat trin vu bao cua h thng may tinh toan cu i n tng h
gia nh, vic a cac nghi thc thu tuc lam n bnh thng cua ngi ta thc hin qua
mang cung la khng bao xa. Nh vy cn phai thit k nhng thu tuc lam vic tng ng
cho may tinh c th thay th cho cac thu tuc trong i thng. im khac bit c
trng y la by gi ngi lam vic vi nhau thng qua cac may tinh ma khng cn
thy mt nhau na. Hn na may tinh khng phai la ngi, n khng th d dang thich
nghi vi thay i nh chng ta y. V vy cn tinh n moi tnh hung, moi kha nng c
th cua giao thc.
Chng VII: Giao th

c m t ma


131
Rt nhiu cac thu tuc lam n hang ngay cua chng ta c tin tng da trn s
c mt cng nhau cua cac bn i tac, chinh v th nn vic xy dng nhng giao thc
trn may tinh la khng cn n gian nh cac thu tuc i thng ma n thay th. Ban c
t hi xem ngi ta c th trao mt chng tin mt cho mt ngi la nh mua hang c
c khng? Hay th hi xem ban c dam gi th cho chinh phu vi phiu bu cua ban
ma khng c cac thu tuc am bao v vic giu tn. Tht la ngy th nu tin rng moi
ngi lam vic trn mang may tinh u trung thc. Va cung tht la ca tin nu cho rng
cac nha quan tri mang, hay thm chi ngay ca cac nha thit k ra cac mang nay la trung
thc n cng. D hu ht la nh th nhng ch cn mt thiu s nhng ngi khng
trung thc cung u ngy ra thit hai nu chng ta khng c cac bin phap am bao.
Vi phng phap hnh thc hoa, chng ta c th th thit k cac giao thc ri tm
hiu, kim tra kha nng cua n c vng hay khng trc moi kiu xm pham cua cac ke
khng trung thc; t ma cai tin, phat trin ln chng lai cac kiu tn cng . Bng
cach ma ngi ta a xy dng cac giao thc cho cac may tinh giai quyt c cac
nhim vu, cac bai toan i sng hang ngay.
Hn na giao thc may tinh la mt hnh thc tru tng hoa va khng quan tm
n vic cai t cu th. Mt giao thc la ging nhau d n c cai t trn bt c h
iu hanh nao. V th mt khi chng a c th khng inh c tin cy cua giao thc
ta c th ap dung n bt c u, d la cho may tinh, cho in thoai hay cho mt l vi
sng thng minh ...
3. Cc bn tham gia vao giao thc (the players in protocol)
c th tip cn thng nht vi tt ca cac giao thc th mt iu cn thit la c
mt qui inh thng nht cach goi tn tt ca cac bn tham gia va dinh liu c th c trong
giao thc: [6]
Alice bn th nht trong cac giao thc.
Bob bn th hai trong cac giao thc.
Carol bn tham gia th ba trong cac giao thc.
Dave bn tham gia th t trong cac giao thc.
Eve ke nghe trm (eavesdropper).
Mallory
ke tn cng chu ng c nhiu quyn lc trn mang va rt nguy him
(malicious active attacker).
Trent trong tai (trusted arbitrator).
Walter
ngi canh gac (warden), c th ng canh gac Alice va Bob trong mt
s giao thc .
Peggy ngi chng minh (prover).
Victor
ngi thm tra (verifier), Peggy cn phai chng minh vi Victor v mt
quyn s hu nao chng han nh danh tinh cua anh ta khai la ng
hay anh ta ng la ke c thm quyn c truy nhp vao mt ni
quan trong ...
Chng VII: Giao th

c m t ma


132
4. Cc dang giao thc
4.1. Giao thc co trong tai
Ngi trong tai la ngi thoa man cac iu kin sau:
Khng c quyn li ring trong giao thc va khng thin vi cho mt bn nao.
Cac bn tham gia c quyn li trong giao thc u tin tng vao trong tai rng
bt ky cai g ma anh ta ni va lam u la ng va chinh xac, ng thi tin tng anh ta s
hoan thanh trach nhim cua mnh trong giao thc.
Nh vy trong tai c th ng ra gip hoan thanh cac giao thc gia nhng bn
tham gia khng tin tng ln nhau.
V d 1:
Alice mun ban mt chic xe cho mt ngi la la Bob. Bob mun tra bng sec, tuy
nhin Alice lai khng c cach nao bit c sec c gia tri tht s hay khng. Do
vy, c ta ch mun c chuyn sec trc khi giao xe cho Bob va y chinh la mu
thun b tc v Bob cung chng tin g Alice nn anh ta s khng a sec trc khi nhn
c chic xe.
Cach giai quyt s thng qua Trent (ngi ma ca Bob va Alice u tin tng) va
mt giao thc s din ra nh sau am bao tinh trung thc:
Alice chuyn vt cn ban cho Trent
Bob a t sec cho Alice.
Alice chuyn sec vao tai khoan cua c ta ngn hang.
i mt khoang thi gian nht inh n khi sec a chuyn xong, Trent s giao
hang cho Bob. Nu t sec khng hp l th Alice s bao cho Trent bit vi bng chng cu
th va Trent s giao tra lai hang cho c ta.
Trong giao thc nay:
Alice tin tng rng Trent s khng trao hang cho Bob tr khi sec c
chuyn xong va s chuyn lai hang cho c ta nu sec khng c gia tri.
Bob tin tng Trent s gi hang trong thi gian sec c chuyn va s giao
n cho anh ta mt khi c chuyn xong.
Trent khng quan tm n vic t sec c gia tri tht s va c chuyn c hay
khng, anh ta lam phn vic cua mnh trong ca hai trng hp c th xay ra ng nh
giao thc qui inh, n gian v anh ta s c tra tin cng trong ca hai trng hp.
Vi d 2:
Nha bng cung c th ng ra lam trong tai cho ALice va Bob. Bob s dung mt cai
sec c chng nhn cua nha bng mua ban vi Alice:
Bob vit mt sec va chuyn cho nha bng.
Sau khi cm mt s tin t tai khoan cua Bob bng gia tri cua t sec, nha bng
ky chng nhn ln sec va chuyn tra lai cho Bob.
Chng VII: Giao th

c m t ma


133
Alice giao xe cho Bob cng lc Bob a Alice t sec c chng nhn cua nha
bng.
Alice chuyn sec vao nha bng.
Giao thc nay thc hin c bi v Alice tin tng vao chng nhn cua nha bng,
tin rng nha bng cm gi s tin cua Bob cho c ta ma khng s dung n vao u t
bt c u.
T tng nay c em ap dung vao th gii may tinh, tuy nhin y xut hin
mt s vn nht inh i vi h thng my tnh:
C th d dang tm thy va t lng tin vao mt bn th ba trung gian (trong
tai) nu ta bit va c th nhn tn mt ho. Tuy nhin nu hai bn tham gia giao thc a
nghi ng nhau th vic cng t lng tin vao mt bn th ba nao nm u khut
din trn mang may tinh cung tr nn c th ang ng.
Mang may tinh phai tn thm chi phi quan ly va bao tr may tinh trong tai.
Lun lun c nhng khoang tr vn gn lin vi bt ky mt giao thc c trong
ti no.
Trong tai phai tham gia vao moi giao dich trn mang, iu c ngha s
tr nn mt im tht nt c chai (bottleneck), d tc trn mang mt khi giao thc a
c trin khai cho mt ng dung rng rai. Tng cng s trong tai c th gip tranh b
tc nay nhng lai lam tng thm chi phi quan ly bao tr nhng may tinh c trong tai .
Bi v tt ca moi ngi trn mang u tin trong tai, d gy ra y mt im
nhay cam chiu ap lc tn cng tp trung t cac ke rnh rp pha h thng.
4.2. Giao thc co ngi phn x
yn tm giao dich, Alice va Bob cn mi mt trong tai c uy tin cao, tuy nhin
y s nay sinh vn v vic phai tra s tin xng ang cho ngi nay, r rang la
khng phai khng ang k. V vy ngi ta a nay sinh y ngh chia giao thc c trong ti
tham d (arbitrated protocol) thanh hai phn giao thc (subprotocol) hai cp di:
Mt la mt giao thc khng cn n trong tai, thc hin bt ky khi nao mun
tin hanh giao dich.
Hai la mt arbitrated giao thc ch c s dung khi Alice va Bob cai nhau v
mun c ngi phn x.
V th trong trng hp nay ta khng dng khai nim ngi trong tai (arbitrated) vi
ngha la ngi phai trc tip tham gia vao giao thc, ma s dung ngi phn x
(adjudicator), bao ham y ngha ngi nay khng cn phai c mt khi Alice va Bob tin
hanh giao dich ma ch c mi n khi Alice va Bob yu cu giai quyt tranh cai.
Cung ging nh trong tai, ngi phn x phai khng c quyn li lin can n giao
dich cua Alice va Bob, va c ca hai ngi nay tin tng. Anh ta khng tham gia trc
tip vao giao dich nh trong tai nhng s ng ra xac inh xem la giao dich c c
tin hanh ng khng va xac inh bn sai bn ng nu nh c tranh cai.Nhng im
khac bit gia trong tai va ngi phn x la ngi phn x khng phai lun lun cn
thit, nu c tranh cai th mi cn ngi phn x (khng c tranh cai th thi).
Chng VII: Giao th

c m t ma


134
Cac thm phan la nhng ngi phn x chuyn nghip. Khac vi cng chng vin,
mt thm phan - ngi ma s ch c bit n hp ng nay khi nao mt trong hai
ngi Alice hay Bob li ngi kia ra toa. Giao thc dng cho ky kt hp ng nay c th
c hnh thc hoa nh sau:
Vi d:
Tai moi thi im:
Alice va Bob thoa thun cac iu khoan trong hp ng.
Alice ky hp ng.
Bob ky hp ng.
Khi c tranh cai cn giai quyt:
Alice va Bob n gp quan toa nh phn x.
Alice a ra chng c cua c ta.
Bob trnh bay cac chng c cua anh ta.
Quan toa xem xet cac chng c va phan quyt.
Y tng dng ngi phn x nay c th em vao ap dung trn may tinh. Trong
nhng giao thc th nay nu c mt bn tham gia ma khng trung thc th d liu lu
c t giao thc s cho phep ngi phn x sau nay phat hin c ai la ngi a la
di. Nh vy thay v ngn chn trc s la ao, giao thc ngi phn x s phat hin
c la di nu xay ra, thc t nay khi c ph bin rng rai s c tac dung ngn
chn, lam li bc nhng ke c y inh la ao.
4.3. Giao thc t phn x


Giao thc t phn x

la loai tt nht trong s cac giao thc. Loai giao thc nay t
ban thn n c th am bao c tinh cng bng, khng cn n trong tai hay mt thm
phan phn x khi tranh cai. Ngha la giao thc loai nay c ch ra sao cho khng th
c cac k h cho tranh cai nay sinh. Nu c bn nao c y sai lut th tin trnh s cho
phep phia bn kia phat hin ra ngay va giao thc dng lai ngay lp tc. iu mong mun
cho tt ca cac giao thc u nn ch tao nh th, nhng ang tic la khng phai lc nao
cung c giao thc loai nay cho moi tnh hung.
5. Cc dang tn cng i vi giao thc
Nu nh giao thc c coi nh mt nghi thc giao tip cac bn lam vic vi
nhau th i vi cryptography giao thc, bn di cai v ngoai giao la cac ky thut,
cac thut toan mt ma c vn dung, cai t trong cac bc cu th cua giao thc. Cac
tn cng cua ke pha hoai nhm pha hoai tinh an ninh cua h thng cung nh xm pham
tinh bi mt ring t cua thng tin, c th hng vao mt trong cac yu t sau: cac x ly
ky thut, cac thut toan mt ma hay la chinh ban thn giao thc.
Trong phn nay, chng ta hay gac lai kha nng th nht - gia s rng cac ky thut
va thut toan mt ma u la an toan; chng ta ch xem xet kha nng th hai, tc la phn
tich cac dang tn cng c th, trong ke th li dung cac ke h logic kim li hay
pha hoai. Cac dang tn cng c th phn thanh hai loai chinh nh sau:
Chng VII: Giao th

c m t ma


135
Vi dang tn cng thu ng: ke ich ch ng ngoai nghe trm ch khng can
thip hay anh hng g n giao thc. Muc ich cua n la c gng quan sat va thu lm
thng tin. Tuy nhin thng tin nghe trm c ch dang ma hoa, do ke ich cn phai
bit cach phn tich, giai ma th mi dng c (cipher only attack). Mc d hnh thc tn
cng nay khng manh nhng rt kh phat hin v ke ich khng gy ng.
Vi dang tn cng chu ng (active attack): ke ich la mt th lc trong mang,
nm nhiu kha nng va phng tin c th chu ng tn cng can thip, gy anh
hng phc tap n giao thc. N c th ng gia vi mt cai tn khac can thip vao
giao thc bng nhng thng bao kiu mi, xoa b nhng thng bao ang phat trn
ng truyn, thay th thng bao tht bng thng bao gia, ngt ngang cac knh thng tin
hay sa cha vao cac kho thng tin trn mang. Cac kha nng khac nhau nay la phu thuc
vao t chc mang va vai tr cua ke ich trn mang.
Ke tn cng trong tn cng thu ng (Eve) ch c gng thu lm thng tin t cac
bn tham gia giao thc, thng qua thu nhp cac thng bao truyn tin gia cac bn
phn tich giai ma. Trong khi , ke tn cng chu ng (Mallory) c th gy ra cac tac hai
rt phc tap a dang. Ke tn cng c th c muc ich n thun la tm c tin ma n
quan tm, nhng ngoai ra n c th gy ra cac pha hoai khac nh pha hoai ng truyn
truy nhp vao nhng h thng thng tin ma ch danh cho nhng ngi c u thm quyn.
Ke ich trong tn cng chu ng tht s rt nguy him, c bit la trong cac giao
thc ma cac bn khac nhau khng nht thit phai tin nhau. Hn na phai nh rng ke
ich khng phai ch c th la nhng ke xa la bn ngoai ma n c th la mt ca nhn hp
phap trong h thng, thm chi ngay chinh la ngi quan tri mang. Ngoai ra cn c th c
nhiu ca nhn lin kt vi nhau thanh mt nhm ke ich, lam tng ln s nguy him cho
giao thc.
Mt iu cung c th xay ra la Mallory lai chinh la i tac trong giao thc. Anh ta c
th c hanh ng la di hoc la khng chiu tun theo giao thc. Loai ke ich nay c
la ke la ao (cheater). Ke la ao thuc loai thu ng th c th lam ng theo giao thc
nhng lai c tnh thu nht thm thng tin t cac bn i tac hn la c phep theo qui
inh. Ke la ao chu ng th pha v giao thc trong mt c gng la di. Rt kh gi
an toan cho mt giao thc nu nh phn ln cac bn tham gia u la nhng ke la ao
chu ng, tuy nhin i khi ngi ta cung c cac bin phap cac bn hp phap c th
d ra c s la ao ang din ra. Tt nhin cac giao thc cung cn phai c bao v
chng lai nhng ke la ao loai thu ng.


Tai liu tham kho
136
TAI LIU THAM KHAO
[1] Nik Goots, Boris Izotov, Alex Moldovyan and Nik Moldovyan, Modern Cryptography-
Protect Your Data with Fast Block Ciphers, A-LIST Publishing , 2003.
[2] Whitfield Diffie, Martin E. Hellman, New Directions in Cryptography, IEEE
transactions on information theory, Vol. IT-22, No. 6, November 1976.
[3] Randy Nichols (LANAKI), Classical cryptography course, 1995.
http://www.forturecity.com/course/LANAKI.html
[4] A.Menezes, P. van Oorchot, and S.Vanstone, Hand book of Applied Cryptography,
CRC Press, 1996. http://www.cacr.math.uwaterloo.ca/hac
[5] Douglas R.Stinson, Cryptography: theory and practice, CRC Press,
1995.http://www.mindspring.com/~pate/stinson/
[6] Bruce Schneier, Applied Cryptography, Second Edition: Protocols, Algorthms, and
Source Code in C (cloth), MIST Press, 1996.
[7] Gil Held, Learn Encryption Techniques with BASIC and C++, CRC Press, 1998.
[8] FIPS 186 - (DSS)http://www.itl.nist.gov/fipspubs/fip186.htm
[9] Jean Berstel, Dominique, Theory of code, Academic Press Inc, 1985.
[10] C. Shannon, Communication theory of secret systems (tap chi khoa hoc), 1949.
[11] RSA library. www.fpt.rsa.org/PKI
[12] System and Network Security. http://www.cs.ncl.ac.uk/old/modules/2000-
01/csc331/notes/
[13] Cryptography and Computer Security.
http://www.cs.adfa.edu.au/teaching/studinfo/csc/lectures/
[14] http://www.securitydynamics.com/rsalabs/changelenges/factoring/rsa155.html.
[15] Data security and cryptography. http://www.islab.oregonestate.edu/koc/ece575
[16] OPT8 Advanced Cryptography.
http://www.isg.rhul.ac.uk/msc/teaching/opt8/macs.pdf
thi tham kha

o
137
1:
Cu 1 : Cho h m Hill c M = 2 v ma trn kha A =
(

7 3
5 12
hy thc hin
m ha vi xu S = HARD.

Cu 2 : V m hnh qun l kha da vo h m kha cng khai. Gii thch
r cc chc nng v cc bc thc hin.

Cu 3: Cc mnh sau ng hay sai, gii thch?
1. So vi tn cng ch ng tn cng th ng nguy him hn.
2. Giao thc 3 bc Shamir h tr kh nng xc thc ha ngun gc thng
ip.
3. C ch m mc xch an ton hn c ch bng tra m in t
4. Mt trong cc yu im ca cc h m mt kha cng khai l chm.
5. Giao thc 3 bc Shamir l giao thc trao i thng tin khng cn trao i
kha.
6. Cc h m m t RSA, ElGamma, Knapsack c go i la

ca

c h ma

m t
kha cng khai v kha ca chng u c cng khai ha.
2:
Cu 1 : V lc ch s dng m khi mc xch CBC . M ta

thu t toa

n
sinh va

gia

i ma

.

Cu 2 : Cho kho

a K =
(

7 3
8 11
v tin gc l July xc nh trn trng Z
26
.
Tm tin m theo gii thut Hill cipher.

Cu 3: Cc mnh sau ng hay sai, gii thch?
1. Tt c c 4 loi hm bm: cc hm bm da vo cc h m khi (chng
hn nh DES), cc hm bm da vo cc php tnh s hc, cc hm bm
c bit v cc hm bm da vo cc h m kha cng khai.
2. Mt trong cc yu im chnh ca h Knapsack l vic lu kha cn b
nh ln.
3. Chun m ha d liu (DES) khng cn an ton nn khng cn c dng
trong thc t.
4. tng tnh bo mt cho DES c th m ha nhiu ln vi cc kha khc
nhau.
5. Trong h m ElGamma lun xut hin hin tng l bn r.
6. s dng c ch bng tra m in t (EBC) khi ci t khng cn c
mt ga tr khi to IV.
3:
Cu 1 : V lc ch s dng m khi phn hi CFB . M ta

thu t toa

n
sinh va

gia

i ma

.
thi tham kha

o
138

Cu 2 : Cho ve

c t siu tng A = (1, 2, 4, 8, 16, 32, 64, 128), m = 301, u =


31, v tin gc (bn r) l 10. Tm tin m (bn m) theo gia

i thu t Knapsack.

Cu 3: Cc mnh sau ng hay sai, gii thch?
1. Trong ch m mc xch thng ip c chia thnh n khi, nu nh
khi th i b li trc khi em m ha th s lm nh hng ti cc khi
m ha sau .
2. Cho N = 2000, khi gi tr hm le ca N: u(N) = 800.
3. Giao thc 3 bc Shamir l giao thc trao i thng tin khng cn trao i
kha.
4. Cc h ch k in t hot ng theo 3 bc: sinh ch k, gi ch k v
kim tra ch k.
5. Cc h m mt SKC v PKC u cho php s dng trong m hnh ch k
in t.
6. C ch m mc xch an ton hn c ch bng tra m in t.

4:
Cu 1 : V lc gii t hu t sinh ma

DES va

gia

i thi

ch ca

c cng th

c c
dng.

Cu 2 : Cho ve

c t siu tng a = (1, 2, 4, 8, 16, 32, 64, 128), m = 300, w = 29,


v tin gc l 16. Tm tin m theo gii thut Knapsack.

Cu 3: Cc mnh sau ng hay sai, gii thch?
1. T lut Kierchoff suy ra mun tng an ton ca mt h m mt cn s
dng thut ton m ha cng phc tp cng tt.
2. So vi kiu tn cng th ng kiu tn cng ch ng kh pht hin hn
v nguy him hn.
3. Giao thc 3 bc Shamir l giao thc trao i thng tin khng cn trao i
kha.
4. Mt trong cc yu im chnh ca h Knapsack l vic lu kha cn b
nh ln.
5. iu kin giao thc 3 bc Shamir hot ng l:
E
Z2
-1
(E
Z1
(E
Z2
( X ))) = E
Z2
(X).
6. Cc h m mt kha cng khai thng c gi l PKC trong PKC c
ngha l Private Key Cryptography.
5:
Cu 1 : V lc sinh kha t kha chnh ca DES v gii thch cc cng
th

c c du

ng.

Cu 2 : Cho p = 13, q = 23, e = 173, v tin m l 122. Tm tin gc theo gii
thu t RSA.
thi tham kha

o
139

Cu 3: Cc mnh sau ng hay sai, gii thch?
1. C ch CBC l c ch s dng m khi n gin nht v d dng nht.
2. Trong c ch ECB nu mt khi no b hng trc khi a vo m ha
s lm nh hng ti tt c cc khi m ha ng trc n.
3. Kha m ha ca chun m ha d liu c di bng 56 bit.
4. Cc ch s dng m khi u s dng cc n v khi d liu 64 bit..
5. Trong h m ElGamma lun xut hin hin tng l bn r.
6. C ch m mc xch an ton hn c ch bng tra m in t.

You might also like