You are on page 1of 19

Nghin cu mt s ch k c bit trn

ng cong Elliptic

o Vit Anh

Trng i hc Cng ngh
Khoa Cng ngh thng tin
Lun vn Thc s ngnh: H thng thng tin; M s: 60 08 45
Ngi hng dn: PGS. TS. Trnh Nht Tin
Nm bo v: 2011

Abtract: Trnh by mt s khi nim c bn: Nu ln mt s khi nim c
bn v i s, s hc, cc khi nim v m ha, ch k s cng nh phc
tp thut ton. Nghin cu s ch k trn ng cong Elliptic: Nu ln
mt s s ch k s c bit trn ng cong Elliptic. Nghin cu ch k
ECC trong tin in t: Nu ln nhng ng dng ca ch k s trn ng
cong Elliptic(ECC) trong cc h thng tin in t. Xy dng chng trnh
m phng gii thut ch k s trn ng cong Elliptic: Xy dng mt
chng trnh nh nhm m phng mt s ch k s trn ng cong
Elliptic (ECDSA- Elliptic curve digital signature algorithm).

Keywords: Cng ngh thng tin; An ton d liu; Ch k; Tin in t;
ng cong Elliptic

Content
Chng 1. CC KHI NIM C BN
1.1. MT S KHI NIM TRONG S HC
1.1.1. S nguyn t
S nguyn a > 1 c gi l s nguyn t, nu a ch c c s l 1 v a.
Mt s nguyn ln hn 1 khng l s nguyn t th c gi l hp s.
V d cc s 2, 3, 5, 7 l s nguyn t; cc s 6, 8, 10, 12, 14, 15 l hp s.
Hai s a v b c gi l nguyn t cng nhau, nu chng c c s chung l
1, tc l nu gcd (a,b) = 1.
nh l 1.1 (Thut ton Euclid tm c s chung ln nht)
Vi mi a, b e Z, b = 0, tn ti duy nht q, r e Z : a = bq + r, 0 | | r b s <
Nu r = 0 th b|a, ngha l b l c s ca a.
Ngc li th b a. Vi a
1
, , a
k
e Z, nu b|a
i
(i = 1,, k) th b gi l c
chung ca a
1
,,

a
k.
.

c chung ln nht ca a
1
, , a
k
k hiu l gcd(a
1
, , a
k
) .
nh l 1.2
Nu a, b e Z v khc 0 th d = gcd(a, b) l phn t nh nht trong tt c cc
s nguyn dng c dng ax + by (x, y e Z)
H qu 1.3
Tn ti x, y e Z tha mn:
ax + by = c
khi v ch khi d|c vi d = gcd(a, b)
nh l 1.4
Vi a, m e Z, tn ti x e Z tha mn ax 1 mod m khi v ch khi gcd(a, m) =
1.
nh l 1.5 (nh l phn d Trung Quc)
Gi s m
1
, , m
r
e N i mt nguyn t cng nhau, gcd(m
i
, m
j
) = 1 vi mi
i = j. C a
1
, , a
r
e Z. Khi , h phng trnh
x a
i
(mod m
i
) ( r i s s 1 )
c mt nghim duy nht theo modulo M = m
1
x xm
r
l
x =

=
r
i
i i i
y M a
1
mod M
trong M
i
= M/m
i
v M
i
y
i
1 mod m
i

nh l 1.7 (Euler)
Vi a, m e Z tha mn gcd(a, m) = 1,
1
) (

u m
a mod m
nh l 1.8 (Fermat)
Cho p l s nguyn t v a e Z. Khi , ta c:
(1) a
p-1
1 mod p, nu p a.
(2) a
p
a mod p

1.2. MT S KHI NIM TRONG I S
1.2.1. Khi nim Nhm, Vnh, Trng
1/. Nhm
Nhm l cu trc bao gm tp G v ton t hai ngi * trn G. Vi a, b e G, a *
b e G c nh ngha nh sau:
1. a * (b * c) = (a * b) * c vi mi a, b, c e G
2. Tn ti e e G tha mn e * a = a * e = a vi mi a e G, (e c gi l
phn t trung ha).
3. Vi mi a e G, tn ti mt phn t b e G tha mn b * a = a * b = e
(b l duy nht v c gi l phn t nghch o ca a)
K hiu ,* G l nhm nhn v + , G l nhm cng. Trong nhm cng, phn
t trung ha l 0 v phn t nghch o ca a l a. Trong nhm nhn, phn t trung
ha l 1 v phn t nghch o ca a l a
-1
.
,* G c gi l nhm Abel nu a * b = b * a vi mi a, b thuc G.
2/. Vnh
Vnh l tp R vi 2 ton t cng (+) v nhn (.) vi cc iu kin sau:
1. + , R l nhm Abel.
2. a . (b . c) = (a . b) . c vi mi a, b, c e R.
3. a . (b + c) = a . b + a . c v (a + b) . c = a . c + b . c vi mi a, b, c e R.
3/. Trng
Trng F l vnh vi phn t n v e = 0 v F* = {a eF | a = 0 } l mt nhm
nhn.
nh l 1.11
Vnh Z
p
l mt trng khi v ch khi p l s nguyn t.
1.2.2. Trng hu hn
Trng hu hn l trng c hu hn cc phn t k hiu l F
q
hoc GF(q)
vi q l s cc phn t.
nh l 1.14
F l trng m rng bc n trn trng hu hn K. Nu K c q phn t th F c
q
n
phn t.
nh l 1.15
Trng hu hn F =
n
p
F l mt trng m rng ca Z
p
bc n v mi phn t
ca
n
p
F l mt nghim ca a thc x x
n
p
trn Z
p
.

1.3. KHI NIM V PHC TP CA THUT TON
1.3.1. Khi nim thut ton
Thut ton l mt dy hu hn cc thao tc c b tr theo mt trnh t xc
nh nhm gii quyt mt bi ton..
1.3.2. phc tp ca thut ton
Trc ht, hiu phc tp tnh ton (v khng gian hay v thi gian) ca
mt tin trnh tnh ton l s nh c dng hay s cc php ton s cp c thc
hin trong tin trnh tnh ton .
1.3.3 Mt s lp bi ton
Ta k hiu lp tt c vi cc bi ton gii c bi thut ton khng n nh
trong thi gian a thc l NP.
Ngi ta chng t c rng tt c nhng bi ton trong cc v d k trn
v rt nhiu cc bi ton t hp thng gp khc u thuc lp NP, d rng hu ht
chng u cha c chng t l thuc P. Mt bi ton A c gi l NP-y , nu
A eNP v vi mi B eNP u c Bo A.

Chng 2. S CH K TRN NG CONG ELLIPTIC

2.1. NG CONG ELLIPTIC
2.1.1. ng cong Elliptic theo cng thc Weierstrass
Gi K l trng hu hn hay v hn. ng cong elliptic c nh ngha trn
trng K bng cng thc Weierstrass: y
2
+a
1
xy+a
3
y=x
3
+a
2
x
2
+a
4
x+a
6
, trong a
i

eK.

Hnh 2.1. Mt v d v ng cong elliptic
2.1.2. ng cong Elliptic trn trng Galois
Nhm E trn trng Galois ( ) b , a E
p
nhn c bng cch tnh
p mod b ax x
3
+ + vi p x 0 < s . Cc hng s a, b l cc s nguyn khng m v
nh hn s nguyn t p v tha mn iu kin: 0 p mod b 27 a 4
2 3
= + .
2.1.3. ng cong Elliptic trn trng hu hn

ng cong elliptic c xy dng trn cc trng hu hn. C hai trng
hu hn thng c s dng: trng hu hn Fq vi q l s nguyn t hoc q l 2
m

(m l s nguyn).
Ty thuc vo trng hu hn F
q
, vi mi bc ca q, tn ti nhiu ng
cong elliptic. Do , vi mt trng hu hn c nh c q phn t v q ln, c nhiu
s la chn nhm ng cong elliptic.

2.1.3.1 ng cong elliptic trn trng F
P
(p l s nguyn t)
Cho p l s nguyn t (p > 3), Cho a, b e Fp sao cho 4a
3
+ 27b
2
0 trong
trng F
p
. Mt ng cong elliptic E(F
p
) trn F
p
(c nh ngha bi cc tham s a
v b) l mt tp hp cc cp gi tr (x, y) (x, y e Fp) tha cng thc: y
2
= x
3
+ ax +
b.
cng vi mt im O gi l im ti v cc. S lng im ca E(Fp) l #E(Fp)
tha nh l Hasse:
1 2 # ( ) 1 2
p
p p E F p p + s s + +
2.1.3.2 ng cong elliptic trn trng F
2
m
Mt ng cong elliptic E(F
2
m
) trn F
2
m
c nh ngha bi cc tham s a,
b e F
2
m
(vi b 0) l tp cc im (x, y) vi x e F
2
m
, y e F
2
m
tha cng thc:
y
2
+ xy = x
3
+ ax
2
+ b
cng vi im O l im ti v cc. S lng cc im thuc E(F
2
m
) k hiu
#E(F
2
m
) tho nh l Hasse:
( )
2
1 2 # 1 2
m
q q E F q q + s s + +

trong q = 2
m
. Ngoi ra, #E(F
2
m
) l s chn.
2.1.4 CC PHP TON TRN NG CONG ELLIPTIC
2.1.4.1 Php cng

Hnh 2.3. Php cng trn ng cong elliptic
tm im R, ta ni P v Q bng ng thng L. ng thng L s ct E ti
ba im P, Q v R(x, y). im R(x, y) s c tung l gi tr i ca y.
2.1.4.2 Php nhn
Php nhn i

Hnh 2.4. Php nhn i trn ng cong elliptic
Xt php nhn i (EDBL): nu cng hai im P, Q e E(R) vi P = Q th
ng thng L s l tip tuyn ca ng cong elliptic ti im P. Trng hp ny
im R s l giao im cn li ca L vi E. Lc R = 2P.
Php nhn kP
Php nhn kP nhn c bng cch thc hin lp k ln php cng.
2.1.5 S IM TRN NG CONG ELLIPTIC VI TRNG F
Q

Vic xy dng cc h mt m trn ng cong elliptic bao gm vic la chn
ng cong E thch hp v mt im G trn E gi l im c s. Xt trng K l F
q
.
nh l (Hasse)
N l s im ca E trn trng F
q
(trng hu hn q phn t). Khi :
|N (q + 1)| q 2 s T nh l Hasse suy ra #E(F
q
) = q + 1 t trong |t| q 2 s .
nh ngha Bc ca mt ng cong elliptic l s im ca ng cong .
Bc ca im G thuc E l s k sao cho kG = O; khi k = #E(F
q
) th G l im c s
ca E.

2.2. MT S S CH K TRN NG CONG ELLIPTIC

2.2.1 NHNG BN R VO NG CONG ELLIPTIC
Nhng bn r ln E l biu din li bn r nh l cc im trn E, nh
c th thc hin c cc tnh ton trn E. C mt s phng php thc hin vic
ny. Trong c 2 phng php chnh l nhng (imbeding) v mt n (mask).
2.2.1.1 Php nhng (Imbeding)
Cch 1
nhng m ln E(Z
p
) vi p l s nguyn t, chng hn p 3 (mod 4).
Gi s E(Z
p
) c cho bi phng trnh y
2
= x
3
+ ax
2
+ b v gi s m l s nguyn
tha mn 1 1000 / 0 s s p m .
Thm 3 ch s vo m c x tha mn p m x m < + s s ) 1 ( 1000 1000 Chng
ta s b sung cc ch s khc nhau cho n khi tm c x sao cho f(x) = x
3
+ ax + b
l mt s chnh phng trong Z
p
v y (vi f(x) = y
2
mod p ) tha mn p y mod 1 = .
im P
m
c to thnh khi nhng m ln E l:
)) ( , ( x f x P
m
=
C th d dng khi phc li m t ) (
p m
Z E P e bng cch loi b 3 ch s cui
ca ta x ca im P
m
.
Cch 2
Bc 1
S dng bng ch ci gm N k t. Chia bn r thnh cc khi c
di c nh l. Cc k t c nh s l 0,, N-1. Mt khi vn bn w cng vi
cc s
l
w
N x s s 0 to thnh mt nh x:
1 2
2
1
1
0 1 1 0
) ... (

+ + + + = =
l l
l l
w l
a N a N a N a x a a a w ,
t
w
N x s s 0
Bc 2 Chn mt gi tr k thch hp sao cho kN
l
< q. Vi mi j l phn t
ca F
q
tnh kx
w
+ j. Ly im P
w
u tin m ta x >kx
w
, 0 > j , v d
P
w
= (kx
w
+ j, *) ) (
q
F E e
Bc 3 Khi phc li khi bn r t P
w
bng cch tnh
(

=
k
x
x
w

2.2.1.2 Php mt n (Mask)
biu din li bn r dng (m
1
, m
2
) thnh cc im P
m
trn E c th p dng
phng php masking bng cch nhn m
1
v m
2
vi cc ta x, y ca cc im trn
E. Gi s c im G e E c ta (x
G
, y
G
) th P
m
= (m
1
x
G
, m
2
y
G
).
2.2.2 S CH K TRN NG CONG ELLIPTIC
2.2.2.1 S ch k ECDSA
thit lp s ch k ECDSA(Elliptic Curve Digital Signature
Algorithm), cn xc nh cc tham s: la chn ng cong E trn trng hu hn F
q

vi c s p sao cho ph hp, im c s G e E(F
q
).
Sinh kha
1. Chn s ngu nhin d trong khong [2, n 1] lm kha b mt.
2. Tnh Q = dG lm kha cng khai.
K trn bn r m
1. Chn mt s ngu nhin k, 1 2 s s n k
2. Tnh kG = (x
1
, y
1
).
3. Tnh r = x
1
mod n. Nu r = 0, quay li bc 1.
4. Tnh k
-1
mod n.
5. Tnh s = k
-1
(m + dr) mod n. Nu s = 0, quay li bc 1.
6. Ch k trn thng ip m l (r, s)
Kim tra ch k
1. Kim tra r v s c l cc s t nhin trong khong [2, n 1] khng.
2. Tnh w = s
-1
mod n.
3. Tnh u
1
= mw mod n v u
2
= rw mod n.
4. Tnh X = u
1
G + u
2
Q = (x
X
, y
X
)
5. Nu X = O th ph nhn ch k. Ngc li tnh v = x
X
mod n.
6. Ch k ch c chp nhn nu v = r.
Chng minh
Nu ch k (r, s) trn m l ng th s = k
-1
(m + dr) mod n.
k s
-1
(m + dr) s
-1
m + s
-1
rd wm + wrd u
1
+ u
2
d (mod n).
V vy, u
1
G + u
2
Q = (u
1
+ u
2
d)G = kG, v v vy v = r.

2.2.2.2 S ch k Nyberg - Rueppel
Gi s E l mt ng cong Elliptic trn trng Z
p
(p>3 v nguyn t) sao cho
E cha mt nhm con cyclic H trong bi ton logarith ri rc l kh.
Vi
* *
p p
x P Z Z = ,
* *
p p
xZ ExZ C = , ta nh ngha:
{( , , , ) : } K E Q a R R aQ = = vi Q E e . Cc gi tr o v R l cng khai, a l b mt.
Vi ( , , , ) K E Q a R = , chn mt s ngu nhin
| |H
Z k e .Khi , vi
* *
2 1
) , (
p p
xZ Z x x x e = ta nh ngha ), , ( ) , ( d c k x sig
K
= trong :
1.
1 2
( , ) y y kQ =
2. p x hash y c mod ) (
1
+ =
3. p ac k d mod =
4. e x hash true d c x ver
K
= = ) ( ) , , (
5.
1 2
( , ) y y dQ cR = +
6. p y c e mod
1
=
2.2.2.3 S ch k m Harn trn EC
Nm 1994, Harn cng b mt s ch k m ta nh s ECDSA. Ch
k m l ch k thc hin trn mt vn bn m ngi k hon ton khng bit ni
dung. iu ny thc hin c v ngi trnh k s dng mt phng php no
che du ni dung ca vn bn gc ngi k khng bit. ngi k yn tm,
ngi xin cp ch k phi chng minh tnh hp l ca ni dung b che du.
Sinh kha
Chn cc tham s cho ng cong Elliptic
(1) Chn s nguyn t p v s nguyn n.
(2) Vi 2 phn t a
1
, a
2
ca GF(p
n
), xc nh phng trnh ca E trn GF(p
n
)
(
2 1
3 2
a x a x y + + = trong trng hp p>3) vi 0 27 4
2
2
3
1
= + a a
(3) Vi 2 phn t x
G
v y
G
trong GF(p
n
) xc nh mt im G = (x
G
, y
G
) trn
E(GF(p
n
)) (G = O vi O l im gc).
(4) Gi s im G c bc q
Vic sinh kha bao gm:
(1) Chn mt kha b mt d l s nguyn ngu nhin trong [2, q 1]
(2) Tnh kha cng khai Q, l mt im trn E sao cho Q = dG.
K m
Gi s Bob yu cu Alice k ln mt vn bn m
0
m m l i din ca vn bn
ny (m = H(m
0
) vi H l mt hm bm no ). Giao thc k c thc hin nh sau:
(1) Alice sinh ra cp kha ( R k , ) theo cch sau: chn ngu nhin ] 1 , 2 [ e q k v
tnh ) , (
k k
y x G k R = = . t r =
k
x , ri gi r v R cho Bob
(2) Bob chn cc tham s lm m ] 1 , 1 [ , e q b a , tnh R trn E sao cho
R = a R + bG = (x
k,
y
k
) v tnh r = c(x
k
) v r a r m m + =
1
) ( . Sau gi m cho
Alice ( m l m sau khi b lm m).
(3) Alice tnh ) (mod ) ( q k r m d s + + = , ri gi s cho Bob.
(4) Bob nhn c s , xa m c c ch k s trn m bng cch tnh
b s a s + =
Cp (r, s) l ch k trn m.
2.2.2.4 S ch k m bi Harn trn EC
a ch k hiu l ch k c to thnh bi nhiu ngi k. C vn bn cn
c k bi mt s ngi thay v mt ngi nhm bo m tnh an ton. Nhng
ngi k khng bit v ni dung vn bn k.
Sinh kha
Vic chn cc tham s cho ng cong elliptic tng t nh s ch k
Harn. Gi s rng c t ngi k l U
i
,

vi t i , . 1 = . Vic sinh kha c thc hin
qua cc bc:
(1) Mi ngi k U
i
chn ngu nhin mt kha b mt d
i
l mt s nguyn thuc
[2, q 1].
(2) Kha cng khai ca ngi k U
i
l im: Q
i
= d
i
G = (
i i
d d
y x , ), t i , . 1 =
(3) Kha cng khai cho tt c ngi k l: Q = Q
1
++ Q
t
= dG = (x
d
, y
d
) vi d
= d
1
+ + d
t
(mod q).
K m trn m
(1) Ngi k U
i
sinh mt ln cp (
i i
R k , ) bng cch chn ngu nhin
] 1 , 2 [ e q k
i
v tnh ) , (
i i
k k i i
y x G k R = = . U
i
t
i
r =
i
k
x , i = 1,, t
ri gi
i
r v
i
R cho Ban th k.
(2) Ban th k chn cc tham s lm m ] 1 , 1 [ , e q b a , tm im R trn E sao
cho ) , (
k k
y x bQ R a R = + = trong
t
R R R + =
1
v Q = Q
1
++ Q
t
. Ban th k tnh ) )(mod ( q x c r
k
= v r a b r m m + + =
1
) ( . Sau ,
gi m v r n cho tng ngi k U
i
.
(3) U
i
tnh ch k ) (mod ) ( q k r m d s
i i i
+ + = , i=1,, t , gi
i
s ti Ban th k.
(4) Ban th k tnh ) , ( ) (
i i
e e i i
y x Q r m G s = + v kim tra ) (mod
?
q x r
i
e i
= ,
i=1,, t. Ch k m nhm ECC l cp (r, s) trong ) (modq a s s =
v ) (mod ...
1
q s s s
t
+ + = .
2.3. MT S PHNG PHP TN CNG CH K ECC
2.3.1. Phng php tn cng baby-step giant - step
y l phng php tn cng u tin ln h mt m ECC do Shanks a ra,
v
thc hin vi thi gian l hm m. N gii bi ton DLP trong trng nguyn t Z
p

c m rng cho bi ton EDLP.
Bi ton Tm k sao cho kG = Q trn E(F
q
) vi #E(F
q
) = N, gi s k tn ti thc s.
Thut ton
1. Chn s nguyn m > N .
2. Tnh mG.
3. Vi i = 0 n i = m-1 tnh (v lu li) iG.
4. Vi j = 0 n j = m-1 tnh (v lu li) Q jmG.
5. Sp xp danh sch trong bc 3 v 4 theo mt th t nht nh.
6. So snh cc danh sch cc bc 3 v 4 cho n khi tm c cp i, j
tha mn iG = Q jmG.
7. Kt qu tr li l k i + jm (mod N).
2.3.2 Phng php tn cng MOV
Phng php tn cng MOV (Menezes, Okamoto, v Vanstone) lm yu bi
ton logarit ri rc trn ng cong elliptic E(F
q
) thnh bi ton logarith ri rc trn
trng
m
q
F vi m no . Khi c th tn cng bng tn cng ch s, nht l khi m
nh.

2.3.3. Cc thut ton tn cng khc
Nhiu thut ton tn cng khc cng c chng minh l khng hiu qu vi
cc h mt m trn ng cong elliptic. Thut ton tn cng ch s p dng hiu qu
gii bi ton DLP nhng khng p dng c cho EDLP. Giao thc trao i kha
trn ng cong elliptic tng t giao thc Diffie Hellman cng chng li c tn
cng ca Western, Miller, v tn cng vi thi gian l hm m nh ca Adleman.
Thut ton tng t RSA ca Demytko cng an ton vi cc tn cng ng cu.
2.4. LA CHN NG CONG ELLIPTIC PH HP
2.4.1. Trng K
Cc ng cong elliptic trn trng nguyn t F
p
v trn trng
n
q
F c cc
tnh cht gip chng c th thc thi c trn cc thit b m vn m bo an ton.
2.4.2. Dng ca ng cong elliptic
Trc ht, chng ta cn xem cc dng ng cong elliptic. Trn trng F
q
c
hai lp ng cong elliptic c dng trong cc h m ha l supersingular v non-
supersingular (xem [22]). Xt F
q
c c s l 2 (g = 2
m
). Khi :
i) Tp tt c cc cp nghim (x, y) ca phng trnh y
2
+ ax = x
3
+ bx + c vi
a, b, c e F
q
v a = 0 (mod q) cng vi im trung ha O to thnh mt ng cong
elliptic dng supersingular.
ii) Tp tt c cc cp nghim (x, y) ca phng trnh y
2
+ ax = x
3
+ bx + c vi
a, b, c e F
q
v b = 0 (mod q) cng vi im trung ha O to thnh mt ng cong
elliptic dng non-supersingular.
Supersingular Curve:
Menezes v Vanstone tm ra cc u im ca cc ng cong elliptic
supersingular cho cc h mt m, c bit trn trng
r
F
2
. Tuy nhin, cc ng cong
supersingular c th b tn cng bng MOV.
Nonsupersingular:
u im ca cc ng cong nonsupersingular l n cung cp bo mt
tng ng nh cc ng cong supersingular nhng vi cc trng nh hn.
di kha ngn gip chng c th c trin khai trn cc thit b nh smart card. Hn
na, cc ng cong nonsupersingular c th chng li tn cng MOV, v d vi
nhm con cyclic c 2
160
.
2.4.3 Phng php la chn
C mt s phng php la chn cc ng cong elliptic. Phng php t
nhin nht l chn ngu nhin. Chn ngu nhin mt ng cong elliptic E trn
trng K v mt im c s PeE. K c chn v c nh trc. Phng php chn
ngu nhin Koblitz cho cc ng cong elliptic trn trng F
q
(vi q ln ) nh sau:


1. Chn ngu nhin 3 phn t t F
q
l x, y, a
2. Tnh b = y
2
(x
3
+ ax)
3. Kim tra 0 27 4
2 3
= + b a m bo phng trnh x
3
+ ax + b = 0
khng c nghim kp
4. Nu iu kin trn khng tha mn quay li bc 1
5. Cn li, t P = (x, y) v ng cong y
2
= x
3
+ ax + b l ng cong
cn chn.
S 2.4. Phng php chn ngu nhin Koblitz
2.5. MT S CHUN S DNG H MT ECC
Vic a ra mt chun chung cho cc h thng mt m, cc giao thc, cc giao
din l mt vic quan trng. Vic chun ha mang li 3 li ch chnh:
(1). Cho php kt hp phn cng v phn mm ca nhiu nh cung cp khc
nhau.
(2). a ra chun cho vic m bo an ton cc h thng di kha cnh mt m
hc
(3). Cho php c thit k chun cho cc mi trng ng dng khc nhau.
Cc ng cong elliptic c xem xt v nghin cu k lng bi cc nh ton
hc trong hn 10 nm v c kho st k bi cc t chc chun ha t nm 1995.
iu ny m bo rng tnh tin cy ca n c kim chng nh: ANSI X9, ATM
Forum, Certicom, FSTC, IEEE, P1363, IETF, ISO/IEC, NIST, OTP 0.9, SET,
WAP.
Chng 3. CH K ECC TRONG TIN IN T
3.1. THANH TON BNG TIN IN T
3.1.1. Khi nim tin in t
Tin in t (e-money, digital money, digital cash, electronic money,
electronic currency, digital currency hay internet money) l thut t vn cn m h v
cha nh ngha y . Tuy nhin c th hiu Tin in t l loi tin trao i theo
phng php in t, lin quan n mng my tnh v nhng h thng cha gi tr
dng s (digital stored value systems).
Tin in t c loi n danh v nh danh. H thng tin n danh khng tit l
thng tin nh danh ca ngi s dng, v h thng ny da vo S ch k m.
H thng tin nh danh tit l thng tin nh danh ca ngi s dng, h thng da
vo S ch k thng thng.
3.1.2. Lc giao dch
Lc giao dch ca h thng tin in t c bn, c 3 giao dch chnh sau:


















Hnh 3.1. M hnh giao dch c bn ca h thng tin in t.

Rt tin: A chuyn tin ca ng ta t ti khon ngn hng vo Ti
ca mnh (N c th l smart card hay l my Pc).
Thanh ton: A chuyn tin t Ti ca ng ta n ng B.

Gi tin: B chuyn tin nhn c vo ti khon ca ng ta ngn
hng.
Trong lc giao dch ny, c th thc hin 2 kiu giao dch: trc tuyn
(online) v ngoi tuyn (offline).
Trc tuyn: ng B lin lc vi ngn hng v kim tra tnh hp l ca ng tin
trc khi tin hnh th tc thanh ton v phn phi hng. Qu trnh thanh ton v qu
trnh tr tin (ghi tin vo ti khon ngi bn) c tin hnh ng thi.
Ngoi tuyn: qu trnh giao dch vi ngn hng v vic kim tra tnh hp l
ca ng tin c tin hnh sau qu trnh thanh ton.
3.1.3. Phn loi
Hin nay tin in t c th chia thnh hai loi: Tin in t nh danh
(identified e-money) v Tin in t n danh (anonymous identified e-money).
Tin in t nh danh cha thng tin nh danh ca ngi s dng t khi bt
u rt tin t ngn hng. Kiu lu thng tin ngi dng ging nh trng hp s
dng th tn dng trong thanh ton, tin in t nh danh cng cho php ngn hng
lu du vt ca tin khi lun chuyn.
Tin in t n danh ging nh tin giy thc s. ng tin in t n danh
c rt t mt ti khon, c th c tiu xi hay chuyn cho ngi khc m khng
li du vt.
Ngn hng
ng A
Rt tin
Thanh ton
Gi tin

ng B

Trong 2 loi tin in t trn, da vo phng php thc hin, c th chia mi
loi trn thnh 2 dng: trc tuyn (online) v ngoi tuyn (offline).
Trc tuyn: ngha l cn phi tng tc vi pha th ba kim sot giao dch.
Ngoi tuyn: ngha l c th kim sot c giao dch, m khng phi lin quan
trc tip n pha th ba (ngn hng)














Hnh 3.2. Phn loi tin in t.
3.1.4. Nhng c im ca tin in t
3.1.4.1 Tnh an ton
Tin in t phi khng th b sao chp (s dng li) hay gi mo. Chnh v
vy khi pht trin h thng tin in t, phi quan tm n vn gim thiu ri ro v
s gi mo v xy dng mt h thng xc thc tt.
3.1.4.2 Tnh ring t
Qu trnh thanh ton ca ngi tr tin phi c n danh, khng li du vt,
ngha l ngn hng khng ni c tin giao dch l ca ai.
3.1.4.3 Tnh c lp
Vic s dng tin in t khng ph thuc vo bt k v tr a l no. Tin c
th c chuyn qua mng my tnh hay cha trn nhng thit b nh khc nhau.
3.1.4.4 Tnh chuyn nhng
Cho php hai bn c th chuyn tin cho nhau m khng phi lin h vi bn th
3 (ngn hng). Tnh chuyn nhng l c trng ca tin mt, n cho php ngi s
hu tin chuyn cho ngi khc, m khng cn lin h vi ngn hng.
3.1.4.5 Tnh phn chia
Ngi dng c th phn chia ng tin s ca mnh thnh nhng ng tin c gi
tr nh hn, vi iu kin tng gi tr ca cc ng tin ny bng gi tr ca ng tin
in t ban u.
3.1.4.6 Tnh d s dng
Tnh d s dng ng tin vi ngi dng l c tnh rt quan trng. Bi v tin
in t l mt gii php mang tnh ph bin, nhm n nhiu i tng s dng.
3.2. MT S VN V TIN IN T
Hai vn ln nht hin nay t ra i vi tin in t bao gm: vn n danh
ngi s dng v vn ngn chn ngi s dng tiu mt ng tin in t nhiu
ln (double-spending).
Tu theo loi tin in t, s c nhng gii php khc nhau gii quyt cc vn
trn.
T
I

N

T


(
E
-
M
O
N
E
Y
)

nh danh
(Identified)
ngoi tuyn
(offline)
trc tuyn
(online)
n danh
(Anonymous)
nh danh
(Identified)
ngoi tuyn
(offline)
trc tuyn
(online)
3.2.1. Vn n danh
Trong h thng tin in t, gii quyt vn trn ngi ta s dng k
thut ch k s m. Ch k s m l mt dng c bit ca ch k in t, n i
hi ngi k thc hin k vo mt thng ip m khng bit ni dung ca n. Thm
vo , ngi k sau ny c th nhn thy cp ch k/thng ip, nhng khng th
bit c l mnh k thng ip khi no v u (mc d anh ta c th kim tra
c ch k l ng n). N cng ging nh k khi ang nhm mt vy.
Ch k s m m bo ngn hng khng th c c bt c mi lin h no gia
ng tin in t v ch s hu ca n.
3.2.2. Vn khai man gi tr ng tin
Tuy nhin gii php s dng ch k m lm ny sinh mt vn , l: iu g
xy ra nu nh ng A c tnh gian ln, gi ti ngn hng mt ng tin in t ghi gi
tr 50 $ k, nhng bo vi ngn hng l 1$. V ngn hng k m ln ng tin, nn
r rng l khng th bit c ni dung ca n. gii quyt trng hp gian ln
ny, c hai gii php c ra:
1. Cch r rng nht l ngn hng s dng mt kho cng khai khc nhau cho
mi loi tin. Ngha l nu c k ng tin khc bit th ngn hng phi cng khai k
kho cng khai.
Gi s vi n v tin c gi tr l 1$ th ngn hng s dng kho k
1
v 50$ th s
dng kho k
50
. Nh vy trng hp gian ln ca ng A s to ra ng tin c gi tr
50$ vi k
1
, y l ng tin khng hp l.
2. Phng php th hai l dng giao thc ct v chn (Cut and choose).
tng ca giao thc ny l: c mt ng tin c gi tr th ng A phi to k
ng tin, k hiu l C
1
,C
2
,...,C
k
. Mi ng tin u c gn nh danh, s khc
nhau duy nht gia chng l s s-ri.
ng A lm m nhng ng tin ny v gi chng n ngn hng.
Ngn hng yu cu ng A cung cp cc thng tin tng ng c th kh m k-
1 ng tin bt k. Ngn hng kh m v kim tra chng. Nu tt c u hp l, ngn
hng k m ln ng tin cn li C
i
(l ng tin m ngn hng khng kh m)

v gi
li cho ng A.
Ngn hng c s m bo cao rng ng tin cn li cng l hp l v nu ng A
gi km ng tin khng hp php trong s k ng tin, th xc sut b pht hin t
nht l k-1/k. Xc sut ny cng cao nu k cng ln. Tuy nhin nu k qu ln th h
thng x l phi trao i nhiu d liu.
3.2.3. Vn tiu xi mt ng tin nhiu ln
- i vi h thng Tin in t trc tuyn:
H thng yu cu ngi bn hng lin lc ti ngn hng vi mi ln bn. Ngn
hng lu gi thng tin tt c nhng ng tin in t tiu xi trc y v c th
d dng cho ngi bn hng bit ng tin no cn kh nng tiu xi c. Nu ngn
hng bo rng ng tin no thc s c tiu xi ri, th ngi bn hng lp
tc t chi bn hng. iu ny ging nh cch m nhng nh bn hng hin ti kim
tra th tn dng ti nhng im bn hng.
- i vi h thng Tin in t ngoi tuyn:
Pht hin vic tiu xi hai ln s c thc hin bng hai cch khc nhau.
Cch th nht l to th thng minh c bit (special smart card) cha con chip
chng trm cp. Trong nhng h thng khc, chip ny cn c gi l ngi theo
di. Chip theo di s lu mt lng nh d liu ca tt c nhng phn tin tin in
t c tiu xi qua smart card. Nu ngi s hu smart card c gng sao chp
tin in t ny v tiu xi n ln hai, th chip theo di (c gn vo smart card) s
pht hin c hnh ng ny, v khng cho php giao dch tiu xi. Bi v chip
theo di dng chng s gian di, ngi s hu smart card ny khng th xo c
d liu tr khi h ph hu smart card.
Cch th hai l da vo cu trc ca tin in t v nhng giao thc mt m
c th truy vt tm ra k gian ln (tiu xi hai ln). Nu nh ngi s dng bit rng
h s b bt khi c tnh gian ln, v l thuyt th t l hnh ng gian ln s b gim i.
iu thun li ca phng php l chng khng i hi nhng con chip c bit. H
thng c th c pht trin trn chng trnh phn mm (software) v c th chy
trn my tnh c nhn thng thng hay smart card.
- Tin in t nh danh-ngoi tuyn (Identified offline):
Da vo thng tin nh danh truy vt tm ra k gian ln. Trong qu trnh giao
dch, nh danh ca ngi s dng c tch lu y trn ng i ca ng tin
v thng tin nh danh s "trng thnh" mi ln n c tiu xi. Nhng chi tit
thng tin mi ln giao dch c gn vo phn tin in t, v i vi n khi n c
chuyn t ngi ny sang ngi khc.
Khi tin in t chuyn ti ngn hng, h kim tra d liu ca n, xem tin
in t c b tiu xi hai ln khng ?. Ngn hng s dng nhng thng tin ny ln
theo vt ca nhng giao dch, pht hin ra ngi no tiu xi hai ln.
- Tin in t n danh-ngoi tuyn (Anonymous Offline):
y l dng phc tp nht, bi v h thng phi lm sao va m bo tnh n
danh ca ngi dng, va m bo c th truy vt c nh danh ngi dng trong
trong hp xy ra vi phm (tiu xi hai ln).
Gii php cho h thng ny l gn thng tin ln ng tin mi ln giao dch.
Thng tin ny s trng thnh vi mi giao dch. Khi tin in t n ngn hng, h
s kim tra trong c s d liu xem tin ny c tiu cha. Nu ngn hng pht
hin tin ny c tiu trc y, th h s s dng thng tin tch lu xc nh
nh danh ca k gian ln (ngi tiu xi hai ln).
Tuy nhin thng tin c tch lu trong trng hp ny ch c th dng ln
theo vt giao dch nu nh tin in t c tiu hai ln, ngha l ch khi c gian ln
th ngn hng mi c th truy li thng tin ca ngi s dng.
Nu tin in t n danh khng b tiu hai ln, th ngn hng khng th pht hin
c nh danh ca ngi tiu tin, cng nh khng th xy dng li ng i ca
tin in t.
3.3. CH K ECC DNG TRONG TIN IN T
3.3.1. S dng ch k m nhm n danh ngi dng tin in t
S ch k m nhm chc chn rng bn A (khch hng) khng mun ngi
k B (ngn hng) bit c nh danh ca mnh.
Ni dung s nh sau:
Chun b:
- K hiu ch k m cho ngi k B l Sig
B
(X). Sig
B
(X) l ch k ca B trn
X
- Hm f v g (ch c bit bi ngi gi) trong : g(Sig
B
(f(m)))= Sig
B
(m)
- m l vn bn cn k.
- H l hm bm c th l SHA-1 hoc MD5.
f c gi l hm lm m, g l hm xa m v f(m) l thng ip b lm m.
ng cong Elliptic trn trng hu hn F
p
vi p l s nguyn t v q l s
nguyn t nh hn p-1
Sinh kha:
Chn 2 im Q v R l 2 im trn ng cong E(F
p
). Kha b mt ca ngn
hng (ngi k) cho ch k m l cp (s
1
,s
2
)

trong s
1
,s
2
thuc Z
q
. Kha cng khai
l (Q,R,V) trong V= s
1
Q+s
2
R.
K m:
Lc din ra theo cc bc sau:
Bc 1: Ngn hng chn cc s ngu nhin k
1
, k
2
thuc Z
q
.
Tnh X= k
1
Q+k
2
R
Gi X n cho khch hng.
Bc 2: Khch hng chn ngu nhin s |, , oe Z
q

Tnh L=X+| Q+ R+o V v e= H( m||L) - o .
Khch hng gi e cho ngn hng. m l thng ip c k.
Bc 3: Ngn hng tnh
o
1
=k
1
-e. s
1
mod q v o
2
=k
2
-e.s
2
mod q
Gi cp( o
1
, o
2
) cho khch hng.
Bc 4: Khch hng tnh =
o
1
+| mod q, o=
o
2
+ mod q.
(L, , o) l ch k ca ngn hng.
3.3.2. S dng ch k "dng mt ln" nhm trnh tiu mt ng tin hai ln
S ch k dng mt ln (one-time signature) l mt khi nim vn cn kh
mi m song rt quan trng, c bit l trong mt s m hnh v tin in t. Lun
vn s trnh by v s ch k dng mt ln ca Schnorr.
Ni dung s nh sau:
Chun b: Chn P l mt im trn ng cong Elliptic trn trng hu hn F
p

vi p l mt s nguyn t ln, q l mt s nguyn t v q < p-1.
Sinh kha:
- Ngi dng, gi s l Alice, chn S
k
<p e Z
q
ngu nhin lm kha b
mt
- Tnh P
k
= S
k
.P lm kha cng khai
K:
Gi s Alice cn k ln thng ip m
Alice ly ngu nhin o e Z
q
*
, o < p
- Tnh P'=o .P
- Tnh c'=H(P'||m)
- Tnh d=( o +c'.S
k
)

mod p
- Ch k trn thng ip m l cp (c',d).
Nhn xt:
S o khng c dng qu mt ln to ra cc ch k khc nhau.

Nu Alice s dng o qu mt ln cho hai thng ip khc nhau th bt k ai
c hai thng ip trn u c th gii m c kha b mt S
k
. V vy, s ch k
loi ny c gi l s ch k dng mt ln. S ch k dng mt ln c ng
dng nhm trnh trng hp tiu mt ng tin 2 ln trong m hnh tin in t
3.3.3. S tin in t xut
S c xut bi Jayaprakash Kar
[1]
v Banshidhar Majhi
[2]
l s kt
hp da trn s ch k dng mt ln ca Schnorr v S ch k m Okamoto-
Schnorr. V l s kt hp gia 2 s trn nn lc ny c kh nng n danh v
trnh c tnh hung tiu mt ng tin 2 ln.
Lc bao gm 3 bn: khch hng, thng gia v ngn hng. Ngn
hng v khch hng c th truy vt c khch hng gian ln. Lc s dng ch
k mt ln trnh tnh trng tiu mt ng tin 2 ln trong bc thanh ton.
C 3 giao thc l:
Rt tin vi s tham gia ca khch hng v ngn hng
Thanh ton vi s tham gia ca khch hng v thng gia. Qu trnh ny
c thm bn th 3 tin cy (lut s) v thm 2 giao thc na xy ra gia
ngn hng v lut s 3 nhm truy vt s gian ln hoc tiu mt ng tin
2 ln nu c.
Gi tin vi s tham gia ca thng gia v ngn hng.
Chun b:
M t ng cong Elliptic:
p>=3 l mt s nguyn t. Ly a, b e F
p
sao cho 4a
3
+27b
2
#0. Mt
ng cong Elliptic trn trng hu hn F
p
c nh ngha bi 2 tham s a v b l
tp hp ca cc im c ta (x,y) sao cho y
2
=x
3
+ax+b. im c s G c bc n.
Sinh kha:
a. Ngn hng:
Ngn hng tnh cc tham s sau y:
Chn mt s b mt s
1
,s
2
nm trong khong t [1, n-1] lm kha b mt
lm m.
Kha cng khai ca ngn hng l (Q,R,V) trong : V= s
1
.Q+ s
2
.R
b. Khch hng
Chn mt kha b mt ngu nhin s
k
trong khong [1, n-1]
Tnh P
k
=s
k
.P
Kha cng khai ca khch hng l P
k
.
Kha b mt l s
k
.
c. Bn th 3 tin cy.
Bn th 3 ng tin thc hin cc cng on sau:
Chn mt kha b mt u
t
nm trong khong [1, n-1]
Tnh P
t
= u
t
. P
Kha cng khai ca bn th 3 l P
t.

Kha b mt l u
t
.
d. Hm bm mt chiu H c th ly l SHA-1 hoc MD5
1./ Giao thc rt tin:
Giao thc rt tin vi s tham gia ca khch hng v ngn hng trong
khch hng rt tin t ngn hng.
Trong giao thc ny khch hng nhn ly gi tr thi gian ht hn T
v
ca tin
(mi ng tin c mt thi hn s dng) t ngn hng, to ra ng tin in t m' v
ly ch k m ca ngn hng. Cui cng khch hng nhn ly tin in t. V th
khch hng thc hin cc giao thc sau vi ngn hng:
a. Ngn hng chn mt s ngu nhin r nm trong khong [1, n-1], tnh U=r.R v
gi n ti khch hng.
b. Cho mi ng tin, khch hng chn mt s ngu nhin o nm trong khong
[1, n-1] v tnh U'=o .U
c. Ngn hng chn s ngu nhin k
1
v k
2
nm trong khong [1, n-1] v tnh T=
k
1
.Q+ k
2
.U. Sa gi tr thi gian ht hn T
v
v k vo n. Ri sau gi T, T
v
,
Sig
bank
(T
v
) cho khch hng.
d. Khch hng to tin in t m'=m|| T
v
||Sig
bank
(T
v
) ||ID trong ID l s nh
danh ca khch hng. Chn s ngu nhin ( |
1
, |
2
, ) nm trong khong [1, n-1].
Tnh T'= T+|
1
.Q+|
2
.U+ .V v c'= H(m',U',T') v c=c'- .
Sau khch hng k ln thnh phn tin in t c s dng lc k mt ln
Schnorr.
K m v k mt ln:
Khch hng chn kha ngu nhin 0<o <p
Tnh P'=o . P
Tnh d=( o +c'.s
k
) mod p
[1]. Jayaprakash Kar- Department of Information Technology- Al Musanna College of Technology- Sultanate of Oman
[2]. Banshidhar Majhi- Department of Computer Science of Engineering National Institute of Technology


2. Banshidhar Majhi- Department of Computer Science of Engineering National Institute of Technology

Ch k ln thnh phn tin in t c l cp (d, P'). Sau khch hng gi cp
ch k (d, P') cho ngn hng. Ngn hng kim tra da vo biu thc sau:
P'=d.P-c'.P
k.
e. Sau ngn hng to ra ch k m s dng lc ch k m Okamoto-
Schnorr. Giao thc con c thc hin bi ngn hng v khch hng theo cc bc
sau:
Ngn hng tnh
o
1
=k
1
-c. s
1
mod p,
o
2
=k
2
-c. s
2
.r
-1
mod p v gi cp (
o
1
,
o
2
)
ti khch hng.
Khch hng tnh
o
1
'=
o
1
+|
1
mod p v
o
2
'=o
-1
.
o
2
+|
2
mod p
Ngn hng tnh C
ID
=x
1
mod p trong T=(x
1
,y
1
)

Ngn hng lu tr (ID, C
ID
) trong c s d liu
Cui cng khi to dng d liu ( m',T',
o
1
',
o
2
', U')
kim tra ai cng c th kim tra bi ng thc sau:
T'=
o
1
'.Q+
o
2
'.U'+c'.V
trong c' c tnh theo cng thc sau: c'=H(m',U',T').
Khch hng thc hin cc giao thc con vi bn th 3 tin cy :
a. Khch hng gi dng d liu (m',T',
o
1
',
o
2
', U') v T cho bn th 3 tin cy
b. Bn th 3 kim tra ch k ca ng tin b lm m bng ng thc P'=d.P-
c'.P
k.
. Nu sai th cc giao thc con ny cng tht bi. Nu ng bn th 3 s chp
nhn ch k.
c. Bn th 3 to ra ch k theo cc bc sau:
Chn mt s ngu nhin lm kha: 0<q<p
Tnh P''=q.P
Tnh s=( q+c'.u
1
) mod p
d. Bn th 3 gi ch k l cp (P'',s ) ti khch hng.
e. Bn th 3 tnh C
ID
=x
1
mod p (trong T=(x
1
,y
1
) ), lu C
ID
v
dng d liu (m',T',
o
1
',
o
2
', U'). Dng d liu hoc tin in t c i din
bi (m',T',
o
1
',
o
2
', U',P'',s)
2./ Giao thc thanh ton:
Giao thc thanh ton bao gm khch hng v thng gia trong khch hng
thanh ton tin cho thng gia.
a. Khch hng gi (m',T',
o
1
',
o
2
', U',P'',s) cho thng gia .
b. Thng gia xc minh ch k m bi ng thc : P'=d.P-c'.P
k
c. Cui cng thng gia s xc minh tnh chn thc ca ch k mt ln v d nh
cp (P'',s ) theo ng thc sau:
P''=s.P-c'.P
t
3./ Giao thc gi tin:
Giao thc bao gm thng gia v ngn hng. Ti y thng gia s gi tin in
t ti ngn hng. Nhng c thm s tng tc cho vic truy vt v ngn nga tiu mt
ng tin 2 ln.
a. Thng gia gi tin (m',T',
o
1
',
o
2
', U',P'',s) cho ngn hng. b. Ngn hng
kim tra thi hn T
v
cho mi ng tin
c. Ngn hng kim tra tnh hp l ca cc ng tin bng cch kim tra ch k
dng mt ln ca bn th 3 bng ng thc P''=s.P-c'.P
t
v ch k m ca ngn hng
bng ng thc T'=
o
1
'.Q+
o
2
'.U'+c'.V
d. Ngn hng xc minh xem ng tin c tiu 2 ln hay cha?. Nu ng
tin cha bao gi c gi trc , ngn hng s chp nhn ng tin.
4./ Giao thc truy vt s gian ln:
Giao thc truy vt bao gm ngn hng v bn th 3. Giao thc ny c s dng
d tm ra nh danh ca khch hng trong trng hp khch hng gian ln trong qu
trnh giao dch. Tin c lun chuyn c th b t chi nu nh tnh nh danh ca
khch hng l bt hp php trong giao thc ny. Cc bc ca qu trnh ny nh sau:
Ngn hng gi tin(m',T',
o
1
',
o
2
', U',P'',s) v T=(x
1
,y
1
) cho bn th 3 tin cy
Bn th 3 tin cy xc minh tnh hp l ca tin bng cch s dng ng thc :
c'=H(m',U',T'). Tnh C
ID
=x
1
mod p v gi C
ID
ti ngn hng. Ch l C
ID
c lin
kt ti nh danh ca khch hng trong c s d liu ca ngn hng.
5./ Vn tiu mt ng tin 2 ln:
Mi ng tin u c thi hn s dng. Do tin phi c gi vo ngn hng
trc thi hn T
v
. Trong h thng tin in t khi mt thng gia nhn c tin,
ng ta c th yu cu ngn hng xem ng tin tng c tiu hay cha. Nu
ng tin c tiu, ngn hng s hy giao dch. V th thng gia khng cn phi
yu cu ch k th mt ln t bn th 3 tin cy. Trong h thng ngoi tuyn, qu trnh
tiu mt ng tin 2 ln khng th ngn chn nhng pht hin th c th. Ch k dng
mt ln c th l gii php cho vn ny. Trong bc trc khch hng chn s
ngu nhin duy nht o v nhn ch k m ca ngn hng.. V th nu khch hng s
dng o nhiu hn mt ln cho mi i din m' ca tng dng tin, kha b mt ca
khch hng c th pht gic . Do khch hng s khng c s dng dng tin qu 1
ln. Nu khng trong bc cui cng qu trnh tiu ng tin 2 ln c th b pht hin
ra v ngn hng c th nhn ra c s phm php vi s gip ca bn th 3. Giao
thc pht hin vic tiu 1 ng tin 2 ln nh sau:
a. Khch hng gi nh danh ca mnh cho ngn hng
b. Ngn hng gi T=(x
1
,y
1
) cho bn th 3
c. Bn th 3 ng tin tnh C
ID
= x
1
mod p v tm s ph thuc ca dng d liu
(m',T',
o
1
',
o
2
', U',P'',s) v gi tin cho ngn hng. Ch l C
ID
lin kt ti ng tin
trong c s d liu ca bn th 3.
d. Ngn hng c th t chi tin hoc kim tra vic tiu mt ng tin 2 ln.

Reference:
[1] A Novel Fair Tracing E-cash system based on Elliptic Curve Discrete
Logarithm Problem- Jayaprakash Kar, Banshidhar Majhi-
www.sersc.org/journals/IJSIA/vol3_no4_2009/2.pdf
[2] J. W. S. Cassels, 1991, Lectures on Elliptic Curves, Cambridge Unviersity
Press.
[3] Elisabeth Oswald, 2005, Introduction to Elliptic Curve Cryptography,
Institue for Applied Information Processing and Communication, Austria.
[4] M. J. B. Robshaw, Yigun Lisa Yin, 1997, Elliptic Curve Cryptosystems,
RSA Laboratories.
[5] Certicom, 2000, Remarks on the security of the elliptic curve cryptosystems.
[6] Koblitz, Neal, 199-4, A Course in Number Theory and Cryptography, New
York Springer Verlag.
[7] Weisstein, Eric, 2004, MathWorld http://mathworld.wolfram.com
[8] Don Johnson, Alfred Menezes, Scott Vanstone, 2000, The Elliptic Curve
Digital Signature Algorithm (ECDSA) Certicom Research, Canada.
[9] Joe Hurd, course notes 2005, Elliptic Curve Cryptography A case study in
formalization using a higher order logic theorem prover, Oxford University.
[10] Constantin Popescu, 1999, Blind Signature and Blind Multisignature
Schemes using Elliptic Curves.
[11] Zulfikar Amin Ramzan, 1999, Group Blind Digital Signatures: Theory and
Applications, Master thesis of Science, MIT.
[12] Scott Vanstone, 2005, Deployments of Elliptic Curve Cryptography,
University of Waterloo.
[13] Hng dn chi tit ci t Ubuntu 10.10 t CD: http://forum.ubuntu-
vn.org/viewtopic.php?f=58&t=1504

You might also like