NCKH - MHBM Trong Wimax

TRNG AI HOC KY THUT CNG NGHIP THAI NGUYN KHOA IN T ------------o0o------------
TAI NGHIN CU KHOA HOC NM 2012
M HA BO MT TRONG WIMAX
Nhom sinh vin thc hin
Chu nhim tai : Trng Vn Dng Cng tac vin : Hoang Cng Tha Nguyn Thi Ngoc Anh
Thai Nguyn, ngay 14 thang 04 nm 2012
Nghin cu khoa hoc nm 2012
M ha bo mt trong Wimax
LI NI U
Vin thng l mt lnh vc pht trin mnh m, khng ch gia tng v mt dch v m vn cng ngh cng c quan tm nhm p ng nhu cu ngy cng cao ca ngi s dng, c bit l vn bo mt thng tin ca ngi s dng trong mi trng truyn dn khng dy wireless. Thng tin khng dy (wireless-hay cn c gi l v tuyn) ang c mt ti khp mi ni v pht trin mt cch nhanh chng, cc h thng thng tin di ng t bo s dng cng ngh GSM v CDMA ang dn thay th cc h thng mng in thoi c nh hu tuyn.Cc h thng mng LAN khng dy- cn c bit vi tn thng dng hn l Wi-fi cng ang hin hu trn rt nhiu ta nh vn phng, cc khu vui chi gii tr. Trong vi nm gn y mt h thng mng MAN khng dy (Wireless MAN) thng c nhc nhiu n nh l mt gii php thay th v b sung cho cng ngh XDSL l Wimax. Wimax cn c gi l Tiu chun IEEE 802.16, n p ng c nhiu yu cu k thut v dch v kht khe m cc cng ngh truy nhp khng dy th h trc n (nh Wi-fi v Bluetooth) cha t c nh bn knh ph sng rng hn, bng thng truyn dn ln hn, s khch hng c th s dng ng thi nhiu hn, tnh bo mt tt hn, Wimax l cng ngh s dng truyn dn trong mi trng v tuyn, tn hiu s c pht qung b trn mt khong khng gian nht nh nn d b xen nhiu, ly cp hoc thay i thng tin do vy vic bo mt trong cng ngh ny cn c quan tm tm hiu, nh gi v phn tch trn nhiu kha cnh. ti: M ha bo mt trong Wimax di y l mt phn trong vn bo mt trong h thng Wimax. ti ny bao gm nh sau: Chng 1: Gii thiu tng quan v h thng Wimax, c im, u nhc im ca h thng, mt s chun ha dung trong h thng Wimax. Chng 2: Gii thiu,phn loi cc phng php m ha bo mt. Chng 3: Ma hoa bao mt trong Wimax Cng ngh Wimax vn ang c nghin cu v pht trin. Bo mt l mt vn tng i kh cng vi kh nng hiu bit hn ch ca nhm v vn m ha bo mt, do khng trnh c nhng sai st trong bi lm. Mong c s ng gp kin ca mi ngi quan tm n vn bo mt.
2
Trng Vn Dng k44DVT02
Ma hoa bao mt trong Wimax
CHNG I : GII THIU V WIMAX 1.1 Gii thiu v cng ngh Wimax Wimax (World Interoperability for Microware Access) Kh nng khai thc mng trn ton cu i vi mng truy nhp vi ba. y l mt k thut cho php ng dng truy nhp cho mt khu vc th rng ln. Ban u chun 802.16 c t chc IEEE a ra nhm gii quyt cc vn kt ni cui cng trong mt mng khng dy th WMAN hot ng trong tm nhn thng (Line of Sight) vi khong cch t 30 ti 50 km. N c thit k thc hin ng trc lu lng cho cc nh cung cp dch v Internet khng dy, kt ni cc im nng WiFi, cc h gia nh v cc doanh nghip.m bo QoS cho cc dch v thoi, video, hi ngh truyn hnh thi gian thc v cc dch v khc vi tc h tr ln ti 280 Mbit/s mi trm gc. Chun IEEE 802.16-2004 h tr thm cc hot ng khng trong tm nhn thng ti tn s hot ng t 2 ti 11 GHz vi cc kt ni dng mesh (li) cho c ngi dng c nh v kh chuyn. Chun mi nht IEEE 802.16e, c gii thiu vo ngy 28/2/2006 b sung thm kh nng h tr ngi dng di ng hot ng trong bng tn t 2 ti 6 GHz vi phm vi ph sng t 2-5 km. Chun ny ang c hy vng l s mang li dch v bng rng thc s cho nhng ngi dng thng xuyn di ng vi cc thit b nh laptop, PDA tch hp cng ngh Wimax. Thc t WiMax hot ng tng t WiFi nhng tc cao v khong cch ln hn rt nhiu cng vi mt s lng ln ngi dng. Mt h thng WiMax gm 2 phn : Trm pht: ging nh cc trm BTS trong mng thng tin di ng vi cng sut ln c th ph sng mt vng rng ti 8000km2.
Trm thu: c th l cc anten nh nh cc Card mng cm vo hoc c thit lp sn trn Mainboard bn trong cc my tnh, theo cch m WiFi vn dung.
3
Hinh 1.1 M hinh truyn thng cua mang Wimax. Cc trm pht BTS c kt ni ti mng Internet thng qua cc ng truyn tc cao dnh ring hoc c th c ni ti mt BTS khc nh mt trm trung chuyn bng ng truyn thng (line of sight), v chnh v vy WiMax c th ph sng n nhng vng rt xa. Cc anten thu/pht c th trao i thng tin vi nhau qua cc tia sng truyn thng hoc cc tia phn x. 1.1.1 Mt s c im cua Wimax Wimax c tiu chun ho theo chun IEEE 802.16. H thng Wimax l h thng a truy cp khng dy s dng cng ngh OFDMA c cc c im sau:
Khong cch gia trm thu v pht c th t 30Km ti 50Km.
Tc truyn c th thay i, c th ln ti 70Mbit/s Hot ng trong c hai mi trng truyn dn: ng truyn tm nhn thng LOS v ng truyn b che khut NLOS. Di tn lm vic t 2-11GHz v t 10-66GHz
4
rng bng tn ca WiMax t 5MHz n trn 20MHz c chia thnh nhiu bng con 1,75MHz. Mi bng con ny c chia nh hn na nh cng ngh OFDM, cho php nhiu thu bao c th truy cp ng thi mt hay nhiu knh mt cch linh hot m bo ti u hiu qu s dng bng tn. Cho php s dng c hai cng ngh TDD v FDD cho vic phn chia truyn dn ca hng ln (uplink) v hng xung (downlink). Trong c ch TDD, khung ng xung v ng ln chia s mt tn s nhng tch bit v mt thi gian. Trong FDD, truyn ti cc khung ng xung v ng ln din ra cng mt thi im, nhng ti cc tn s khc nhau. V cu trc phn lp, h thng WiMax c phn chia thnh 4 lp : Lp con hi t (Convergence) lm nhim v giao din gia lp a truy nhp v cc lp trn, lp iu khin a truy nhp (MAC layer), lp truyn dn (Transmission) v lp vt l (Physical)
Hinh 1.2 M hinh phn lp cua h thng Wimax 1.1.2. Cu hnh mng trong Wimax Cng ngh Wimax h tr mng PMP v mt dng ca cu hnh mng phn tn l mng li MESH . 1.1.2.1 Cu hinh mang im a im. PMP l mt mng truy nhp vi mt hoc nhiu BS c cng sut ln v nhiu SS nh hn. Ngi dng c th ngay lp tc truy nhp mng ch sau khi lp t thit b ngi dng. SS c th s dng cc anten tnh hng n cc BS, cc BS c th c nhiu anten c hng tc dng theo mi hng hay mt cung.
5
Vi cu hnh ny trm gc BS l im trung tm cho cc trm thu bao SS. hng DL c th l qung b, a im hay n im. Kt ni ca mt SS n BS c c trng qua nhn dng kt ni CID.
Hinh 1.3 Cu hinh mang im a im 1.1.2.2. Cu hnh mt li MESH Vi cu hnh ny SS c th lin lc trc tip vi nhau. Trm gc Mesh BS kt ni vi mt mng bn ngoi mng MESH [5]. Kiu MESH khc PMP l trong kiu PMP cc SS ch lin h vi BS v tt c lu lng i qua BS trong khi trong kiu MESH tt c cc node c th lin lc vi mi node khc mt cch trc tip hoc bng nh tuyn nhiu bc thng qua cc SS khc. Mt h thng vi truy nhp n mt kt ni backhaul c gi l Mesh BS, trong khi cc h thng cn li c gi l Mesh SS. D cho MESH c mt h thng c gi l Mesh BS, h thng ny cng phi phi hp qung b vi cc node khc.
6
Hinh 1.4 Cu hinh mt li Mesh 1.2 Gii thiu v cac chun Wimax Wimax l mt cng ngh truy nhp khng dy bng rng m h tr truy nhp c nh, lu tr, xch tay v di ng. c th ph hp vi cc kiu truy nhp khc nhau, hai phin bn chun dng Wimax c a ra. Phin bn u tin IEEE 802.16d-2004 s dng OFDM, ti u ha truy nhp c nh v lu tr. Phin bn hai IEEE 802.16e-2005 s dng SOFDMA h tr kh nng xch tay v tnh di ng. 1.2.1 Chun IEEE 802.16d-2004 Chun IEEE 802.16d-2004 c IEEE a ra vao thang 7 nm 2004. Chun IEEE 802.16d-2004 h tr truyn thng LOS trong di bng t 11-66GHz v NLOS trong di bng t 2-11GHz. Chun ny cng tp trung h tr cc ng dng c nh v lu tr. Hai k thut iu ch a sng mang h tr cho 802.16d2004 l OFDM 256 sng mang v OFDMA 2048 sng mang. Cc c tnh ca WiMAX da trn 802.16d-2004 ph hp vi cc ng dng c nh, trong s dng cc anten hng tnh, bi v OFDM t phc tp hn so vi SOFDMA. Do , cc mng 802.16-2004 c th c trin khai nhanh hn, vi chi ph thp hn. 1.2.2 Chun IEEE 802.16e-2005 Chun IEEE 802.16e-2005 c IEEE thng qua vao thang 12 nm 2005. Chun IEEE 802.16e-2005 h tr SOFDMA cho php thay i s lng sng
7
mang, b sung cho cc ch OFDM v OFDMA. Sng mang phn b thit k sao cho nh hng nhiu t nht ti cc thit b ngi dng bng cc anten ng hng. Hn na, IEEE 802.16e-2005 cn mun cung cp h tr cho MIMO,v AAS cng nh hard v soft handoff. N cng ci thin c kh nng tit kim ngun cho cc thit b mobile v tng cng bo mt hn. OFDMA a ra c tnh ca 802.16e nh linh hot hn khi qun l cc thit b ngi dng khc nhau vi nhiu kiu anten v cc yu t nh dng khc nhau. 802.16e a ra cc yu t cn thit khi h tr cc thu bao di ng l vic gim c nhiu cho cc thit b ngi dng nh cc anten ng hng v ci thin kh nng truyn NLOS. Cc knh ph xc nh cc knh con c th gn cho cc thu bao khc nhau tu thuc vo cc trng thi knh v cc yu cu d liu ca chng. iu ny to iu kin nh khai thc linh hot hn trong vic qun l bng thng v cng sut pht, v dn n vic s dng ti nguyn hiu qu hn. 1.2.3 Mt s chun 802.16 khac a. Chun IEEE 802.16f Chun IEEE802.16f cung cp ch qun l tham kho cho cc mng 802.162004 c bn. Ch ny bao gm mt h qun l mng-NMS(Network Management System), cc node mng, c s d liu lung dch v. BS v cc node qun l c la chn theo yu cu ca thng tin qun l v cung cp ti cc NMS thng qua cc giao thc qun l, nh SNMP(Simple Network Management Protocol) qua kt ni qun l th 2 nh ngha trong 802.16-2004.IEEE802.16f da trn cc SNMP phin bn 2, v c th hng v cc SNMP phin bn 1, v hin ny ang la chn h tr SNMP phin bn 3. b. Chun IEEE 802.16i Mc ch ca 802.16i l cung cp ci tin di ng trong MIB 802.16 trong tng MAC, tng PHY v cc qu trnh lin quan ti qun l. N s dng phng php lun giao thc trung bnh (Protocol-neutral Methodology) cho vic qun l mng xc nh ch ti nguyn v lin h thit lp gii php cho qun l cc thit b trong mng di ng 802.16 a nh cung cp. c. Chun IEEE 802.16g
8
Mc ch ca 802.16g l to ra cc qu trnh v trin khai dch v ca 802.162004 v 802.16-2005, cung cp h thng qun l mng qun l tng thch v hiu qu ti nguyn, tnh di ng v ph ca mng v mt bng qun l chun cho cc thit b 802.16 c nh v di ng. Hin nay thi chun IEEE 802.16 vn ang phat trin. d. Ngoai cac chun o con co cac chun sau cung ang c phat trin o la : chun IEEE 802.16k , chun IEEE 802.16h, chun IEEE 802.16j 1.3. Lp con bo mt trong Wimax Lp con bo mt c nh ngha trong IEEE 802.16e, v hiu chnh cho cc hot ng ca 802.16-2004, c mt s h bo mt (nh vic nhn thc ca BS) v cc yu cu bo mt cho cc dch v di ng khng ging nh cho cc dch v c nh. Lp con ny bao gm hai giao thc thnh phn sau[10][13] : Giao thc ng gi d liu (Data Encapsulation Protocol): Giao thc ny dng cho vic bo mt gi d liu truyn qua mng BWA c nh. Giao thc ny nh ngha to mt tp hp cc b mt m ph hp, nh kt hp gia m ha d liu v thut ton nhn thc, v quy lut p dng thut ton cho ti tin PDU ca lp MAC.
Giao thc qun l kha (Key Management Protocol): Giao thc ny cung cp phn phi kha bo mt d liu t BS ti SS.Qua giao thc qun l kha th SS v BS c ng b v kha d liu. Thm vo , BS cng s dng giao thc truy nhp vi iu kin bt buc ti cc mng dch v. 802.16e trin khai nh ngha c PKM phin bo 2 vi cc c tnh m rng.
CHNG II : CAC PHNG PHAP MA HOA BAO MT TRONG WIMAX 2.1. Gii thiu v m ha bo mt
9
Cm t Crytology-mt m, c xut pht t cc t Hi Lp kryptos- tm dch l hidden - b n, du v t logos- tm dch l word- t. Do , cm t Cryptology theo ngha chun nht l hidden word - t b n. Ngha ny a ra mc ch u tin ca mt m, c th l lm n ngha chnh ca t v bo v tnh an ton ca t v bo mt km theo. H thng m ha ch ra: mt tp cc thut ton mt m cng vi cc qu trnh qun l kha m h tr vic s dng cc thut ton ny ty theo hon cnh ng dng. Cc h thng m ha c th hoc khng s dng cc tham s b mt (v d nh: cc kha mt m,). Do , nu cc tham s b mt c s dng th chng c th hoc khng c chia s cho cc i tng tham gia. V th, c th phn tch thnh t nht 3 loi h thng mt m. l : H mt m ha khng s dng kha: Mt h mt m khng s dng kha l mt h mt m m khng s dng cc tham s b mt.
H mt m ha kha b mt: Mt h mt m kha b mt l h m s dng cc tham s b mt v chia s cc tham s gia cc i tng tham gia.
H mt m ha kha cng khai: Mt h mt m kha cng khai l h m s dng cc tham s b mt v khng chia s cc tham s gia cc i tng tham gia.
2.2. Cc phng php m ha bo mt

2.2.1. M ha khng dng kha 2.2.1.1. Hm m ri rc T tp s thc, ta bit rng cc hm m v hm Logarit l hm ngc ca nhau nn chng c th tnh nghim c cho nhau. iu ny dn ti vic chng ta phi tin tng vo quan im ny trong cu trc i s. Nh vy, tuy rng vi cc cu trc i s th ta c th tnh c nghim ca hm m, nhng ta khng th bit c thut ton c s dng tnh nghim ca hm Logarit. Theo cch ni thng thng th hm f: X ->Y l hm mt chiu nu tnh ton theo chiu X->Y th d nhng kh tnh theo chiu ngc li. V ta c nh ngha hm mt chiu nh sau : Mt hm f: X->Y l hm mt chiu nu f(x) c th tnh c nghim vi mi x X, nhng hm f-1(y) th khng th tnh c nghim vi y R Y.
10
Hnh 2.1 :M t hm mt chiu V d nh, ta c p l mt s nguyn t v g l mt hm sinh (hoc l gc) ca Z . Khi :

* p
Expp,g : Zp-1 Zp* x gx Hm ny c gi l hm m ri rc da trn g. N c nh ngha l mt ng cu t nhm cng (Zp-1, +) ti nhm nhn (Zp*, .). Ngha l Expp,g (x+ y) = Expp,g(x) (.) Expp,g(y). Bi v, Exp p.g l mt song nh, n c hm ngc c nh ngha nh sau: Logp,g : Z* Zp-1 x loggx Hm ny c gi l hm logarit ri rc. Vi mi x Z*p, hm logarit ri rc tnh c logarit ri rc ca x da vo g, c k hiu l loggx . 2.2.1.2. Hm bnh phng module Tng t nh hm m, hm bnh phng c th tnh c v kt qu ca hm ngc l cc s thc, nhng khng bit cch tnh ngc trong nhm Cyclic. Nu v d nh ta c Z*n , sau cc bnh phng module c th tnh c, nhng cc gc ca bnh phng module th ch tnh c nu tham s c bn ca n bit. Trong thc t, c th biu din gi tr m cc gc bnh phng module trong Zn* v h s n l cc gi tr tnh c. Do , hm bnh phng module ging nh hm mt chiu. Nhng, hm bnh phng module (khng khun dng chung) khng l hm n nh cng khng l hm ton nh. Tuy nhin, n c th l hm n nh hoc ton nh (s l song nh) nu domain v di u b hn ch
11
(v d nh, tp cc thng d bc 2 hoc cc bnh phng module n, ) vi n l s nguyn Blum. Khi hm : Square n : QR n QR n x x2 c gi l hm bnh phng. y l mt song nh, v do , hm ngc ca n l: Sqrt n : QR n QR n x x 1/2 c gi l hm gc bnh phng. Tng ng mi phn t trong tp QR n s c mt phn t ca QR n . 2.2.1.3. B to bt ngu nhin
Hnh 2.2: B to bt ngu nhin Tnh ngu nhin l mt trong nhng thnh phn c bn nht v l iu kin trc tin ca tnh bo mt trong mt h thng bo mt. Hin nay, s hnh thnh bo mt v cc gi tr ngu nhin khng on trc c (v d nh, cc bt ngu nhin hoc cc s ngu nhin, ) l phn trng tm ca hu ht cc vn lin quan ti h thng mt m. V d, khi xem xt h mt m kha b mt, ta phi bit s lng kha b mt c s dng. Ta cn phi c mt bit ngu nhin cho mi bit khc m ta mun m ha.Cn khi xem xt m ha cng khai th ta cn bit s lng bit ngu nhin to cc cp kha cng khai. Mt b to bit ngu nhin l mt thit b hoc thut ton m u ra l mt chui cc bit ngu nhin v c lp thng k vi nhau. Cc b to bt ngu nhin c th da trn phn cng hoc phn mm. Trc tin, ta cng tm hiu v b to bit ngu nhin da trn phn cng, khai thc tnh ngu nhin ca vic xut hin cc phng php v hin tng vt l. Mt s phng php v hin tng nh sau:
12
Khong thi gian gia cc ht phng x trong qu trnh phn r phng x. Tp m nhit t in tr v diode bn dn Tn s khng n nh trong my dao ng tn s chy Gi tr ca mt t bn dn cch in kim loi l tch in trong mt chu k c nh. S chuyn ng hn lon ca khng kh trong a kn l nguyn nhn dn ti thng ging ngu nhin trong tng sector ca a c b tr. m thanh ca microphone hoc video m u vo t my quay phim Tt nhin l, cc phng php v hin tng vt l khc c th c s dng bi cc b to bt ngu nhin da trn phn cng. B to bt ngu nhin da trn phn cng c th d dng tch hp trong h thng my tnh hin nay. Do b to bit ngu nhin da trn phn cng cha c trin khai rng ri nn n ch c s dng phc v cho cc ngun mang tnh ngu nhin. Vic thit k b to bt ngu nhin da trn phn mm l kh hn so vi thc hin trn phn cng. Mt s phng php da trn cc b to bt ngu nhin da trn phn mm l: H thng ng h Khong thi gian gia phm g v di chuyn chut Ni dung u vo/ u ra ca b m u vo cung cp bi ngi s dng Gi tr cc bin hot ng ca h thng, cng nh ti trng ca h thng hoc thng k mng C th phn on rng chin lc tt nht cho vic p ng yu cu ca cc bit ngu nhin khng th on c trong tnh trng thiu mt ngun tin cy n l cch tm c u vo ngu nhin t mt lng ln ca cc ngun m khng tng quan ti nhau, v kt hp chng bng mt hm trn mnh. Mt hm trn mnh, l mt s kt hp ca hai hoc nhiu u vo v tm mt u ra m bit u ra phi l mt hm phi tuyn phc ca tt c cc bit u vo khc bit hn. Trung bnh c thay i mt bit u vo s thay i mt na s bit u ra. Nhng bi v quan h ny l phc tp v phi tuyn nn khng ring bit u ra no c dm chc s thay i khi mt s thnh phn bit u vo thay i.
13
Mt v d n thun nh, mt hm m cng thm vo 232 . Cc hm trn mnh (vi hn 2 u vo) c th c xy dng s dng trong cc h thng mt m khc, cc hm Hash mt m hoc cc h mt m i xng. 2.2.2. Ma hoa khoa bi mt M ha kha b mt, hay cng c bit n l m ha i xng a c s dung t rt lu t n gian n nhng phng thc phc tap hn. Mt m i xng, hay mt m kha b mt gm c cc dng mt m m trong s dung mt kha duy nht cho c hai qu trnh m ha v gii m vn bn. Mt trong nhng phng php m ha n gin nht l phng php m ha thng c bit n bng ci tn mt m Caesar. Ma hoa khoa bi mt gm 5 phn chinh o la: Vn bn gc : y l mt bn tin hay mt loi d liu c th hiu c mt cch thng thng, c xem nh l u vo ca gii thut.
Thut ton m ha : Thut ton m ha biu din cc php thay th v bin i khc nhau trn vn bn gc.
Kha b mt : Kha b mt cng l u vo ca thut ton m ha. Kha c gi tr c lp vi vn bn gc cng nh vi thut ton. Thut ton s tnh ton c u ra da vo vic s dng mt kha xc nh. Nhng thay th v bin i chnh xc c biu din bi thut ton s ph thuc vo kha.
Vn bn mt m: y l bn tin xo trn ni dung c to ra vi t cch nh l u ra. N ph thuc vo vn bn gc v kha b mt. Vi mt bn tin c a ra, hai kha khc nau s to ra hai vn bn mt m khc nhau. Vn bn mt m nhn bn ngoi s nh l mt lung d liu ngu nhin khng th xc nh c ni dung, khi c nh.
Thut ton gii m: V c bn th y cng l mt thut ton m ha nhng hot ng theo chiu ngc li. N c thc hin vi vn bn m ha v kha b mt v s to li vn bn gc ban u.
14
Hnh 2.3 : M hnh n gin ca m ha thng thng 2.2.2.1. Mt ma Caesar Mt trong nhng mt m ha ra i sm nht l mt m Caesar, c to ra bi Julius Caecar trong cuc chin tranh Gallic, vo th k th nht trc cng nguyn. Trong loi mt m ha ny, mi ch ci t A n W c m ha bng cch chng s c th hin bng ch ci xut hin sau n 3 v tr trong bng ch ci. Ba ch ci X, Y, Z tng ng c biu din bi A, B, v C. Mc d Caesar s dng phng php dch i 3 nhng iu ny cng c th thc hin vi bt k con s no nm trong khong t 1 n 25. Trong hnh 2.4 biu din hai vng trn ng tm, vng bn ngoi quay t do. Nu ta bt u t ch ci A bn ngoi A, dch i 2 ch ci th kt qu thu c s l C s bn ngoi A Bao gm c dch 0, th c tt c 26 cch php dch.
Hnh 2.4 : My thc hin m ha Caesar Do ch c 26 kha nn mt m Caesar c th b tn thng d dng. Kha c th c xc nh ch t mt cp ch ci tng ng t bn tin gc v bn tin m
15
ha. Cch n gin nht tm c kha l c cc th tt trng hp dch, ch c 26 kha nn rt d dng. Mi ch ci c th c dch i ti a ln n 25 v tr nn c th ph c m ny, chng ta c th lit k ton b cc bn tin c th c v chn ra bn tin c ni dung ph hp nht. 2.2.2.2. Mt m Affine V mt m Caesar ch c th a ra c 25 cch bin i bn tin nht nh, nn y l phng php m ha khng thc s an ton. Mt m Affine l trng hp suy rng ca mt m Caesar, v n tt hn v kh nng bo mt. Mt m Affine p dng php nhn v php cng vo mi ch ci, s dng hm sau : y = (ax + b) mod m Trong x l gi tr s ca ch ci trong bn tin cha m ha, m l s ch ci trong bng ch ci bn tin cha m ha, a v b l cc s b mt, v y l kt qu thu c ca php bin i. y c th c gii m tr li x bng cc s dng biu thc: x = inverse (a)(y-b) mod m inverse(a) l gi tr m nu n c nhn vi kt qu a mod m s cho ta kt qu l 1 ((a * inverse(a)) mod m = 1.). V d : Gi s bn tin c m ha bng hm y = (11x+4) mod 26. m ha bn tin MONEY. Cc gi tr s tng ng vi bn tin gc MONEY l 12,14,13,4 v 24. p dng vo hm cho mi gi tr, ta thu c ln lt tng ng y = 6, 2, 17, 22, 28 ( M: y = (11*12 + 4) MOD 26 = 6 ). V cc ch ci tng ng l GCRWI, l bn tin c m ha. gii m, ta bin i hm s y thnh x = inverse (a) (y-b) mod m. Ta c x = inverse (11)( (y-4) mod 26. M inverse (11) mod 26 = 19, do x = 19 (y 4) mod 26. p dng vi bn tin m ha GCRWI ta thu c cc gi tr x = 12, 14, 13, 4, 24. Cc ch ci tng ng l MONEY. 2.2.2.3. Mt m thay th M ha thay th l mt trong nhng phng php m ha m bng ch ci m ha l s sp xp li ca bng ch ci cha m ha . Mc d vic c mt s lng ln cc kha l yu cu cn thit cho bo mt, nhng iu khng c ngha l h thng m ha l mnh. M ha thay th, mc d c 26! kh nng
16
thay i v tr sp xp, thc t li khng c kh nng bo mt cao v c th b ph mt cch d dng bng cch s dng tn sut xut hin ca cc ch ci. M ha thay th l phng php tt m ha cc bn tin cn m ha v hnh thc b ngoi v d dng ph. Vi d ta s dng t kha the cows go moo in the field. Bng ch ci cha m ha v bng ch ci c m ha c a ra nh sau: Plaintext: A B C D E F G H I J K L M N O P Q R S T U VWXYZ Ciphertext: T H E C O W S G M I N F L D A B J K P Q R U V X Y Z. Na u ca cc ch ci c m ha c chuyn i thng qua cm t kha (b qua nhng ch ci c lp li), v na sau c to ra bng cch s dng cc ch ci cn li ca bng ch ci t A-Z. V d, thc hin m ha bn tin Meet me at five oclock. m ha bn tin ny, n gin ch cn lit k mi ch ci trong bn tin tng ng vi mi ch ci c m ha trong bng ch ci. T ra thu c bn tin c m ha nh sau: LOOQLOTQWMUOAEFAEN. V ngi nhn bit c cm t kha, nn h c th d dng gii m uc bn tin m ha bng cch lit k ngc li t cc ch ci trong bng ch ci m ha sang cc ch ci trong bng ch ci cha m ha. T s thu c bn tin gii m : meetmeatfiveoclock Tuy nhin vic s dng phng php m ha ny cng c nhiu im khng thun li. Vn chnh ca phng php m ha thay th chnh l tn sut xut hin ca cc ch ci khng c che giu mt cht no. Nu bn tin c m ha LOOQLOTQWMUOAEFAEN c phn chia ra, ngi ta c th xc nh c tn sut xut hin ca mi ch ci v so snh chng vi tn sut xut hin ca cc ch ci trong ting Anh: O c s dng 4 ln trong bn tin m ha, L,Q,A v A xut hin mi ch ci 2 ln. 9 ch ci c tn sut xut hin nhiu nht trong ting Anh l E, T, A, O, N, I, S, R v H. T c th suy on c bn tin m ha.
17
2.2.2.4. Cc m hon v tng ng sau mt m hon v l to ra mt s thay i v tr ca cc ch ci trong bn tin gc, iu ny s lm xut hin bn tin m ha. M ha hon v khng c tnh bo mt cao bi v chng khng thay i cc ch ci trong bn tin gc hoc thm ch l xut hin nhiu ln, nhng chng c th c xy dng tr thnh phng php m ha bo mt hn. Mt v d ca m hon v l m rail fence. M Rail fence: l mt hon v theo ct ht sc n gin, ly mt chui v chia nh cc ch ci thnh hai nhm theo ng zigzag nh di y:
Bn tin gc : WHEN-DRINKING-WATER-REMEMBER-ITS-SOURCE. Zig : W E D I R N K I N G W T R E R M E B M E + R T S I S U C E. =
Zag: H N
A E
O R zag
Bn tin m ha = zig WEDIKNWTREEBRTSUCHNRNIGAERMMEIORE
Mt m Scytale: Vo th k th 4 trc cng nguyn, mt thit b tn l Scytale c s dng m ha cc bn tin ca qun i v chnh ph Spartan. Thit b bao gm mt tr g vi mt di giy cun quanh n. Khi giy c b i, n n gin ch l mt dy cc ch ci hn n, nhng trong khi cun xung quanh tr g, bn tin s tr nn r rng. Scytale ly tng t m ha rail fence v m rng n bng cch s dng mt kha c di xc nh h tr vic che giu bn tin. V d vn bn gc l When drinking water, remember its source, di l 34, ta chn di kha l 4. Chia bn tin di 34 ra cc kha di 4, ta c 8 cn d 2. Do ta lm trn di mi hng ca Scytale ln 9 v thm vo bn tin 2 ch ci Z.
W I E S
H N M S
E G E O
Bng 2.1 : M ha Scytale N D R W M U A B R T E C
I E R E
N R I Z
K R T Z
18
Bng cch sp xp cc ch ci theo tng ct t tri qua phi ta thu c : WIESHNMSEGEONWMUDABRRTECIERENRIZKRTZ. gii m, ta bit rng kch thc ca kha l 4, do ta vit 4 ch ci u tin t trn xung di ri n 4 ch ci tip theo. c cc ch ci v b i cc ch ci cui cng ta s nhn c bn tin gc. iu khng thun li cho phng php ny l vi nhng bn tin nh, vn bn m ha c th d dng b pht hin bng cch th cc gi tr kha khc nhau. M Rail fence khng c tnh thc t cao, do vic thit k n gin v bt k ngi no cng c th b gy. Ngc li m Scytale thc t li rt hu dng cho vic a nhng bn tin nhanh cn thit gii m bng tay. Vn chnh ca c hai loi m ny l cc ch ci khng thay i, do m tn sut xut hin ca cc ch ci c th gip khi phc bn tin gc. 2.2.2.5. Mt m Hill Mt loi mt m khc cng lin quan n vic chuyn i cc ch ci l mt m Hill, c pht trin bi nh ton hc Lester Hill vo nm 1929 [11]. Mt m Hill l mt v d ca mt m khi. Mt m khi l mt loi mt m m cc nhm cc ch ci c m ha cng vi nhau theo cc khi c di bng nhau. m ha mt bn tin s dng mt m Hill, ngi gi v ngi nhn trc ht phi thng nht v ma trn kha A c n n. A phi l ma trn kh nghch. Bn tin gc sau s c m ha theo cc khi c kch thc n. V d ta xt ma trn 22 v bn tin s c m ha theo cc khi 2 k t. Ma trn A: , bn tin MISSISSIPI (M~12,I~ 8)
Khi u tin MI c tnh ton tng ng:
Hai ch ci u tin ca bn tin m ha tng ng vi 2, 8 l CI. Lp li bc ny cho ton b bn tin. Nu khng c ch ci cho khi 2 ch th ta chn thm vo mt vi ch ci, nh Z Bn tin MI SS IS SI PP IK s c m ha thnh CI KK GE UW ER OY. Gii m mt m Hill: gii m mt bn tin, trc ht ta tnh ma trn nghch o ca ma trn kha A.
19
Sau nhn ma trn nghch o vi tng cp ch ci trong bn tin c m ha (theo mod 26) khi phc li bn tin gc. Ma trn nghch o tnh c :
Bn tin m ha : CIKKGEWEROY Pha nhn s tnh : gii m bn tin. Hai ch ci
u tng ng vi 12, 8 l M v I. Lp li php tnh nh trn ta s gii m ra c ton b bn tin. [23] 2.2.2.6. Mt m Vigenre Mt m Vigenere c l l mt m ni ting nht trong s cc mt m a ch ci c th tnh ton bng tay, c sng to bi Blaise de Vigenere, nh ngoi giao ngi Php th k 16. Mt m a thay th ch ci tng t vi mt m thay th n ch ci ngoi tr mt vn l cc ch ci c m ha c thay i mt cch lin tc trong qu trnh m ha bn tin. iu ny lm cho loi mt m ny gim c nguy c b xm hi bng cch s dng tn sut xut hin ca cc ch ci . Mt m Vigenre s dng bng ch ca Vigenere thc hin m ha.
Hnh 2.5 : The Vigenre Square
20
C hai phin bn khc nhau ca m ha Vigenre, phng php kha t ng v phng php t kha. Phng php kha t ng: m ha mt bn tin s dng phng php kha t ng Vigenere, ngui gi v ngi nhn trc ht phi thng nht vi nhau v kha b mt. Kha ny l mt ch ci n, s c thm vo u ca bn tin to kha. Ngi gi s m ha bn tin bng cch vit bn tin gc trn mt dng v vit kha dng di. Ngi gi s s dng bn tin cha m ha v kha chn hng v ct trong bng Vigenere. Hng c chn l hng m ch ci gc l ct u tin v ct c chn l ct m ch ci kha nm trn hng u tin. Mt ch ci m ha s l ch ci m xut hin trong bng Vigenere ti v tr giao gia hng v ct. V d, tm ch ci m ha, v tr u tin trong hng tng ng vi v tr ch ci T. Ct s tng ng vi ch ci L. Ch ci nm v tr giao gia hng v ct ny l ch ci m ha, trong trng hp ny l E. Tip tc lm nh vy vi mi cp ch ci s to c bn tin c m ha. gii m ta lm ngc li. V d, vi kha chnh l L : Bn tin gc : T O B E O R N O T T O B E Kha : L T O B E O R N O T T O B M ha : E H P F S F E B H M H P F nh gi bo mt : Phng php kha t ng Vigenere l phng php khng bo mt. Ch c 26 kha (26 ch ci trong bng ch ci). M c th b b gy mt cch d dng vi vic th tng ch ci. Ngi no mun c bn tin c m ha s dng phng php kha t ng ny ch cn th tng ch ci mt trong bng ch ci lm kha cho n khi to li c bn tin gc ban u. Vic ny c th c thc hin thm ch khng cn s gip ca my tnh, v c th thc hin c trong khong thi gian ngn. Tuy nhin tng ca phng php ny c th c s dng to ra mt loi m c bo mt cao hn. Phng php t kha: Phng php ny tng t nh phng php kha t ng, nhng thay v s dng mt ch ci ring l lm kha, n s dng mt cm t kha. T kha c th c di bt k no ln hn 1, n s cung cp mt s lng v hn cc kha. to kha, ngi gi vit keyword lp li trn mt dng pha di bn tin gc. Cp ch ci kha-bn tin gc trn mi ct v hng s c m ha s dng bng Vigenere tng t nh phng php kha t
21
ng.V d vi kha l t kha PUCK ta s vit thnh PUCKP CKPUC
UCKPU
nh gi bo mt: Mt m Vigenere s dng t kha c bo mt cao hn so vi phung php kha t ng, nhng n vn d b xm hi. T kha cng di th m ha cng bo mt. V d, nu t kha di bng bn tin m ha, th m ha ny l khng th b b gy nu mt kha mi c s dng cho mi bn tin. Thc t vi mi kha khc nhau c th nhn c cc bn tin khc, do nu s dng nhiu kha, th khng c cch no c th xch nh chnh xc c bn tin. V d bn tin m ha JTLOM FJRCS XM , nu s dng kha l hfikeniaoitz th ta s thu c bn tin gc l CODE IS BROKEN, cn nu s dng kha hfikenrnaygi th ta s thu c CODE IS SECURE. [23] 2.2.2.7. One - time pad Mt m One-time pad (OTP) c kim nghim rng y l loi mt m tuyt i bo mt, khng th b b gy trong thc t. V ngi ta chng minh rng bt k mt loi mt m khng th b b gy hay tuyt i bo mt th phi c thc hin theo nguyn l ca one-time pad. OTP c pht minh vo nm 1918 do Gilbert S. Vernam (1890-1960), mt nh mt m hc ca cng ty AT&T. Mt m Vernam l mt v d ni ting ca OTP. Mt m ny rt n gin: 1 lung bit bao gm bn tin cha m ha, v mt lung bt ngu nhin b mt c cng di vi bn tin gc, coi nh l kha. m ha bn tin vi kha, thc hin cng XOR tng cp bit kha v bn tin mt cch tun t thu c bit m ha. Nu kha thc s l ngu nhin th khng ngi tn cng no c mt c s no c th on c bn tin gc khi ch c trong tay bn tin m ha m ko c thng tin g v bn tin gc. V d v OTP : 0010110 0 010...11011100101011: Bn tin gc 0111011 1 010...10001011101011: Kha c to ngu nhin, c chiu di bng bn tin 0101101 1 000...01010111000000: Bn tin m ha 0111011 1 010...10001011101011: S dng li kha gii m
22
0010110 0 010...11011100101011: Khi phc li bn tin gc ban u Vn t ra l nu loi m ny t c tnh bo mt hon ho th ti sao n khng c s dng mt cch rng ri trn ton cu v ti sao con ngi vn s dng cc h thng m vn c kh nng b b gy. y ta thy rng, mt im quan trng cn phi xem xt l cc vn lin quan n vic s dng m ha i vi d liu lu tr c xu hng rt khc so vi cc vn lin quan n vic s dng m ha bo v cc cuc truyn thng. Mt iu quan trng cng cn phi nhn thy rng, chng ta thng tp trung vo truyn thng, bi v trng hp ny c cho l ng hn trong vic qun l. Kha gii m ging vi kha m ha trong khi thut ton gii m bao gm vic loi b i cc k t kha to ra vn bn gc. Cc h thng truyn thng ngy nay phi i mt vi mt vn rt kh khn. V dy bit c to ngu nhin nn vi ngi gi v ngi nhn vic to ra mt kha ging nh vy l khng th. Do mt trong s h phi to ra kha v sau gi b mt cho ngi kia. Nu kha c m bo tnh b mt th n l cn thit cho vic bo v trong sut qu trnh truyn dn. Nu cuc truyn thng ch c mt ng truyn th h cn phi c mt dy ngu nhin one-time pad khc bo v d liu truyn. Mt cch r rng nguyn nhn kiu ny dn n nhng yu cu khng th thc hin c vic to ra cc dy ngu nhin v hn, mi dy to ra c s dng bo v mt dy khc trong qu trnh truyn dn t ngi ny n ngi kia, gy tn km. Do onetime pad ch c s dng trong truyn thng khi gia cuc truyn thng ny cn c mt phng tin thng tin chuyn i m bo khc. One-time pad thng c s dng cho cc lin kt cn mc bo mt cao nht, nh ng hotline Moscow Washington chng hn. 2.2.2.8. RC4 RC4 l loi m ha theo lung kha chia s, c thit k bi Ron Rivest ti RSA Data Security, Inc. Thut ton RC4 c s dng mt cch ng nht vi c qu trnh m ha v gii m khi mt lung d liu c XOR vi chui kha c to ra. Thut ton l theo th t v n yu cu nhng thay i ln lt ca cc trng thi da vo chui kha. Do qu trnh thc hin c th i hi rt nhiu php tnh ton. Thut ton ny c cng b rng ri v c thc hin bi nhiu nh lp trnh. Thut ton m ha ny c s dng theo chun IEEE
23
802.11 trong WEP (giao thc m ha khng dy) s dng mt kha 20 v 1 kha 128 bit. c im ca RC4: RC4 s dng kha c di thay i cc byte t 1 n 256 to mt bng trng thi 256 byte. Bng trng thi c s dng cho vic to ra chui byte gi ngu nhin v sau to ra mt lung gi ngu nhin, m lung ny c XOR vi bn tin gc to ra bn tin m ha. Mi thnh phn trong bng trng thi c tro i t nht mt ln. Kha RC4 thng c gii hn 40 bit, bi v s gii hn ca u ra nhng i khi cng c s dng vi 128 bit. N c kh nng s dng cc kha t 1 dn 2048 bit. RC4 c s dng trong cc gi phn mm thng mi nh l Lotus Notes v Oracle Secure SQL.
Thut ton RC4 lm vic theo hai giai on, thit lp kha v m ha. Thit lp kha l giai on u tin v cng l kh khn nht ca thut ton. Trong qu trnh to kha N bit, kha m ha c s dng to mt bin m ha s dng hai mng , trng thi v kha, v N php kt hp. Cc php kt hp ny bao gm tro i byte, php modulo (chia ly d ) RC4 l loi m ha c tc nhanh, tc ca n nhanh hn DES n 10 ln, cc kha ca RC4 c s dng ch mt ln, v kh c th bit c cc gi tr trong bng trng thi cng nh l v tr no trong bng c s dng chn tng gi tr ca chui. Tuy nhin thut ton RC4 d b tn thng khi c cc cuc tn cng phn tch bng trng thi. Mt trong s 256 kha c th l kha yu. 2.2.2.9. DES Vo nm 1972, t chc NIST, sau ny c bit n di tn gi National Bureau of Standards, a ra yu cu xut mt thut ton m ha c th c s dng bo v thng tin. H mun mt thut ton rt bo mt, r, d dng hiu c v c kh nng thch ng vi nhiu ng dng khc nhau, c th c s dng bi cc t chc khc nhau cng nh l dng cng khai. Lc ny IBM a ra thut ton Lucifer. Thut ton ny c chuyn n t chc NSA (National Security Agency) nh gi bo mt ca n. NSA thc hin mt s thay i i vi thut ton vi mt thay i quan trng nht l thay th kha
24
128 bit thnh kha 56 bit. Nhiu ngi nghi ng vic thay i ca NSA lm cho thut ton yu i v thm vo mt b mt no cc nhn vin c v ca h c th gii m v m ha cc bn tin m ko cn dng n kha. xa b i nhng hoi nghi, NIST tip nhn thut ton thay i nh l mt tiu chun lin bang vo thng 11/1976. V tn thut ton c chuyn thnh DES (Data Encryption Standard) v c cng b vo thng 1/1977. DES l m ha khi vi ln khi 64bit. N s dng cc kha 56 bit, nhng n ging nh mt khi 64 bit, trong cc bit v tr th 8, 16, 24 l cc bit kim tra chn l, c sp xp vo mi khi 8 bit kim tra li ca kha. iu ny khin DES vn c th b b kha vi c nhng my tnh hin i v nhng phn cng c bit. Tuy nhin DES vn mnh khin cho hu ht cc hacker hot ng c lp cng nh l cc c nhn kh c th ph c, nhng n d dng b b gy bi chnh ph, cc t chc ti phm hay cc cng ty ln vi nhng phn cng c bit. DES dn dn tr nn yu v khng nn c s dng trong cc ng dng mi. V h qu tt yu l vo nm 2004 NIST rt lui khi chun DES. Mt phin bn bin i khc ca DES l 3DES, da trn c s l s dng DES ln (thng thng trong mt chui m ha-gii m-m ha vi ba kha khc nhau, khng lin quan n nhau). 3DES c cho rng l mnh hn nhiu so vi DES, tuy nhin n li chm hn so vi cc phng php m khi mi. Tuy nhin, thm ch d DES dng nh t c a thch s dng trong cc ng dng mi ngy nay, nhng vn c nhiu l do xem xt v nh gi tnh quan trng ca n. l mt m khi u tin c trin khai mt cch rng ri trong cc khu vc cng cng. Do n ng mt vai tr quan trng trong vic to ra cc phng php m ha bo mt c php cng khai. Thm ch ngy nay DES cn khng c xem l gii php thc t na, nhng n vn thng c s dng m t nhng k thut phn tch v gii m cc phng php m ha mi. 2.2.2.10. AES Vo nm 1997, NIST tin hnh la chn mt thut ton m ha i xng s dng bo v nhng thng tin nhy cm thuc lin bang. Nm 1998, NIST thng bo chp nhn 15 thut ton ng c v ku gi s gip ca cng ng nghin cu mt m hc trong vic phn tch cc thut ton ny. Da vo nhng phn tch ny, nm 1999, danh sch cui cng cn li 5 thut ton,
25
MARS, RC6, Rijndael, Serpent and Twofish. Thng 10/2000, mt trong s 5 thut ton ny c la chn nh l mt chun ca tng lai, l : phin bn c chnh sa ca Rijndael . Rijndael l tn kt hp ca hai nh pht minh ngi B, Joan Daemen v Vincent Rijmen; y l mt loi mt m khi. N dng mt khi u vo thng c ln 128 bit v to ra u ra tng ng mt khi cng kch c. S chuyn i yu cu mt u vo th 2, l kha b mt. Mt c im quan trng l kha c th c kch thc bt k, ph thuc vo mc ch s dng, v AES thng s dng 3 loi kha khc nhau l 128, 192 v 256 bit, k hiu AES128, AES-192, AES-256. Mt vn quan trng l nh gi kh nng ca AES trc cc cuc tn cng trn thc t. NIST tin hnh nh gi v cho rng kch thc kha nh nht ca AES 128 bit th thnh cng ca cc cuc tn cng bng phng php brute-force cng vi cng ngh ngy nay dng nh l khng kh thi. NIST d kin AES s c s dng rng ri trong cc ng dng trong thc t. Theo nh gi ca NIST, thut ton AES, hay Rijdael rt ph hp vi nhng mi trng hn ch v b nh cho c hai hot ng m ha v gii m. N yu cu b nh RAM v ROM rt nh. 2.2.3. M ha kha cng khai. Nhc im ca h mt i xng l yu cu phi c thng tin v kha gia bn gi v bn nhn qua mt knh an ton, trc khi gi mt bn tin an ton trc khi gi mt bn m bt k. Trn thc t iu ny rt kh m bo an ton cho kha b mt, v h c th cch xa nhau v ch c th lin lc vi nhau bng th tn in t (email). V vy h kh c th to mt knh bo mt an ton cho kha b mt c. tng xy dng mt h mt m ha cng khai hay bt i xng l tm ra mt h mt c kh nng tnh ton xc nh d k khi bit ek (dk l lut gii m, ek l lut m ha). Nu thc hin c nh vy quy tc m ek c th c cng khai bng cch cng b n trong mt danh b. Bi vy nn c thut ng m ha cng khai hay m ha bt i xng. u im ca h m ha bt i xng l ch khng nhng ch c mt ngi m bt c ai cng c th gi bn tin c m ha cho pha nhn bng cch dng mt m cng khai ek. Nhng ch c ngi nhn A mi l ngi duy nht c
26
th gii m c bn m bng cch s dng lut gii b mt dk ca mnh. tng v mt h mt kha bt i xng c Difie v Hellman a ra vo nm 1976. Cn vic hin thc ha n th do Rivest, Shamir v Adleman a ra ln u tin vo nm 1977 h to nn h mt ni ting RSA. K t cng b mt s h mt da trn cc bi ton khc nhau.Sau y ta s tm hiu mt s phng php m ha bt i xng hay mt m cng . 2.2.3.1. M RSA H thng kho cng cng u tin c thc hin vo nm 1977 bi Rivest, Shamir v Adleman c bit n vi tn gi l h thng mt m RSA. RSA da trn hm ca sp mt chiu. Lc RSA c chp nhn mt cch rng ri thc hin mc ch tip cn mt m m ha bt i xng. Hm ca sp mt chiu l mt hm c c tnh mt chiu (tc l hm c th d dng tnh theo chiu thun,nhng li rt kh khn tm ra hm ngc) v n tr nn d tnh ngc nu bit mt ca sp nht nh.
Hnh 2.6: Mt m ha/ Gii mt m h thng RSA. . c im: Qu trnh pht trin: nm 1983 h s n gm 69 ch s v n thnh cng trong sut thp k 80, n 1989 l 106 ch s, phng php ny to bi Lenstra v
27
Manasse. Thng 4 nm 1994 gm 129 to bi Atkins, Graff v Lenstra gi l RSA-129, cc m RSA nh RSA -100, RSA -110, ,RSA -500 l danh sch cc m RSA c cng khai trn internet. Hn ch: C bn kh nng tip cn tn cng vo thut ton RSA l: Brute force: Tc l th tt c cc loi kha b mt c th. Mathematical attacks: S dng mt vi gi tr gn ng trong tt c cc gi tr tng ng c gng phn tch tch ca hai s nguyn.
Timming attacks: iu ny ph thuc vo thi gian chy thut ton gii
m. Chosen ciphertext attacks: Loi tn cng ny tm kim cc c tnh ca thut ton RSA.
Tn cng la chn bn r (CPA: Chosen- Plaintext attack). K tn cng la chn trong cc bn r v tin hnh mt m thnh bn m tng ng, nhim v ca k tn cng l lm suy yu h thng mt m bng cch s dng cp bn m bn r. (CCA: Chosen ciphertext attack.) K tn cng c th gii m c bn m bng cch th tt c cc h s n. Do , h thng mt m RSA c an ton th phi m bo n=p.q phi ln kh c th tnh ton c ra n nh hin nay n c th l mt s c 200 s thp phn.
28
S ch s Xp thp phn x s bit 100 110 120 129 130 140 155 160 174 200 332 365 398 428 431 465 512 530 576 663
Thi gian t c 4/1991 4/1992 6/1993 4/1994 4/1996 2/1999 8/1999 4/2003 12/2003 5/2005
MIPS-year 7 75 830 5000 1000 2000 8000
Thut ton Quadratic sieve Quadratic sieve Quadratic sieve Quadratic sieve Generalized number Generalized number Generalized number Lattice sieve Lattice sieve Lattice sieve
Bng 2.2: Qu trnh phn tch tha s. H thng mt m m ha bt i xng c ng dng rng ri nht l RSA. Mc kh ca vic tn cng RSA l da vo kh ca vic tm ra h s nguyn t. H thng ch k theo RSA H thng mt m RSA thng gi v tr kim tra s ln truy nhp trong ngn hng, bo mt trong th in t n thng mi in t qua Internet
29
2.2.3.2. H mt Rabin Michael O. Rabin l ngi u tin tm ra v xut mt h thng mt m c th c chng minh bng cch tnh ton tng ng i vi cc bi ton kh (nh bi ton tm tha s thc) vo nm 1979. Nhc im chnh ca h thng mt m bt i xng Rabin l khi tin hnh gii m th cn dng kha b mt v bn m thu c tm ra bn cn bc hai cn thit, ri phi quyt nh chn cn bc hai no biu din ng bn tin bn r. Hn ch ny c th c khc phc bng cch thm mt s d tha i vi bn tin bn r ban u trong qu trnh m ha. Sau vi xc sut cao ca mt trong bn cn bc hai vi d tha ny, th ngi thu c th d dng la chn gi tr biu din ng bn tin bn r. Rabin pht trin h mt m ha bt i xng da vo phc tp ca vic tnh ton modul bnh phng ca mt s nguyn. L thuyt h mt Rabin c ngha quan trng trong vic a ra chng minh an ton cho h thng mt m m ha bt i xng. Thut ton m ha trong h mt Rabin c bit hiu qu v v vy n thch hp vi cc ng dng c nh nh mt m c thc hin bi thit b cm tay. Mt iu th v i vi h mt Rabin l c an ton trc s tn cng vo la chn bn r. Tuy nhin h thng Rabin li mt hon ton an ton trc s tn cng vo la chn bn m cng ging nh m RSA c kh nng tn cng vo bn m nhng thut ton gii m kh hn. 2.2.3.3. H mt El Gamal Nm 1976 Diffie v Hellman gii thiu h thng mt m kha cng cng vi mc ch trao i kha b mt gia 2 thc th qua mt knh cng cng. Ban u giao thc trao i kha Diffie-Hellman c th c s dng c m ha v gii m d liu hoc bn tin k s v kim tra ch k s. n nm 1985 Taher El Gamal tm ra mt cch chuyn i giao thc trao i kha Diffie-Hellman thnh h thng kha cng cng chnh thc (c dng mt m v gii m cc bn tin nh bn tin ch k s v kim tra ch k s). H mt El Gamal c cng b ln u tin vo nm 1985. H mt El Gamal pht trin h thng m ha cng khai da vo tnh kh gii ca bi ton logarit ri rc trn cc trng hu hn. Nm 1991 chnh ph M chn tiu chun ch k s da vo lc kha cng cng El Gamal.
30
El Gamal l mt thut ton m ha bt i xng l dng c bn ca chun ch k s DSS-Digital Signature Standard. Kch thc ca kha El Gamal xp x nh RSA, nhng tnh bo mt c tin tng hn da vo kh ca bi ton logarit ri rc. 2.2.3.4. H mt Mekle-Hellman. H mt Mekle-Hellman c m t ln u tin bi Mekle v Hellman vo nm 1978. Tnh bo mt ca h mt Mekle-Hellman da vo tnh kh gii ca bi ton tng hp cc bi ton con. Mc d h mt ny, v mt vi ng dng khc ca n b ph v rt sm vo nm 1980. u nhng nm 1980, h mt xp ba l (knapsack) Mekle-Hellman b ph v bi Shamir, Shamir c th s dng mt thut ton lp trnh s nguyn ca Lenstra ph v h thng. 2.2.3.5. H mt Mc Elice H mt Mc Elice s dng nguyn l thit k ging nh h mt MekleHellman. Lc Mc Eliece da vo m sa li. tng ca lc ny l u tin la chn mt loi m c bit vi thut ton gii m bit, sau ngu trang m ny nh mt m tuyn tnh ni chung. Trong h thng ny, bi ton NP c dng gii m mt m sa li tuyn tnh ni chung. M sa li l m c th sa c mt s li xut hin trong qu trnh truyn dn d liu qua mt knh nhiu. Tuy nhin, i vi nhiu lp c bit ca mt s m, thut ton a thc thi gian c thc hin, mt loi trong cc loi m l m Goppa c s dng nh chun ca h mt Mc Elice. H mt MC Elice da vo l thuyt i s v da trn bi ton gii m cho cc m tuyn tnh. 2.2.3.6. Mt m ng cong Ellip. Nm 1985, Neal Koblitz v Victor Miller c lp a ra khi nim v mt m ng cong Ellip. N da trn bi ton logarit ri rc. Hu ht cc chun ha v sn phm s dng mt m bt i xng cho m ha v ch k s s dng RSA .Nh chng ta bit nhng nm gn y, di kha bo mt RSA c tng ln, iu ny cng ng thi lm cho vic x l chm chp hn vi cc ng dng s dng RSA . Gnh nng ny c chia ra, c bit l i vi lnh vc thng mi in t ni m qun l s lng cc phin giao dch rt ln. Nguyn l hp dn ca ECC so vi RSA l n cung cp bo
31
mt ngang nhau cho mt kch thc kha nh hn rt nhiu, do lm gim c mo u s l. So snh kch thc kha trong iu kin ca kt qu tnh ton cho vic gii m: . Symmetric ECC-Based Scheme (key size in Scheme (size of n in bits) bits) 56 80 112 128 92 256 112 160 224 256 384 512 RSA/DSA (modulus size in bits)
512 1024 2048 3072 7680 15360
Bng 2.3: Bng so snh kch thc kha mt s loi m DSA: Digital signature Algorith. 2.2.3.7. Cc hm bm v tnh ton vn d liu. nh ngha hm bm: Hm bm l mt hm H c t nht hai tnh cht sau: Tnh cht nn: H s nh x mt u vo X c di bit hu hn ty ti mt u ra H(x) c di bt n hu hn.
Tnh cht d dng tnh ton: Vi H cho trc v mt u vo x c th d dng tnh c H(x).
Mt gi tr bm h mt c to ra bi mt hm H c dng:
h = H(M )
32
M l mt bn tin c di thay i v H ( M ) l gi tr bm c di c nh. Gi tr bm c kt ni n bn tin ca ngun ti mt thi im. Khi bn tin c gi nh l ng. Pha thu tin hnh nhn thc bn tin ny bng cch tin hnh tnh ton li gi tr bm. Bi v bn thn hm bm cng khng m bo tnh b mt, nn mt vi phng php yu cu bo v gi tr bm. Cc hm bm ng vai tr c bn trong mt m hin i. Hm bm s to ra mt u ra t cc bn tin u vo. u ra ny c nh ngha l m hm bm (kt qu bm, gi tr bm ) hay chnh xc hn hm bm h s to ra nh x cc xu bit c di n c nh. tng c bn ca vic s dng cc hm bm trong mt m l s dng chng nh mt nh biu din rt gn (i khi cn gi l vt, du tay s hay tm lc thng bo) ca xu vo. Cc hm bm c dng cho cc s ch k s kt hp vi vic m bo tnh ton vn ca d liu, khi bn tin trc ht c bm v ri gi tr bm (c xem nh i din cho bn tin cho bn) s c thay cho v tr bn tin gc. Mt lp cc hm bm c gi l cc m xc thc thng bo (MAC: Message Authentication Codes ) s cho php xc thc thng bo bng k thut i xng (mt m c in). Cc thut ton MAC s dng 2 u vo (bao gm bn tin v mt kha b mt) to ra mt u ra c kch c c nh (n bit) vi m bo rng nu khng bit kha th vic to ra cng mt u ra l khng kh thi. MAC c th c dng m bo tnh ton vn ca d liu, xc thc tnh nguyn bn ca s liu. Mt ng dng in hnh ca hm bm (khng dng kha ) m bo tnh ton vn ca d liu c m t nh sau: Gi tr bm ca mt bn tin ring x s c tnh thi im T1 (tnh ton vn ca gi tr hm bm ny (ch khng phi bn tin) s c bo v. Thi im T2 php kim tra sau s tin hnh kim tra xem liu thng bo c b sa i hay khng, tc l xem s liu bn tin x c ging bn tin gc hay khng. Gi tr bm ca x s c tnh ton v so snh vi gi tr bm c bo v, nu chng bng nhau th bn thu s chp nhn rng x=x ngha l bn tin khng b sa i. ng dng ny thng c gi l m pht hin s sa i MDC-Manipulation Detection Codes). Nhng yu cu i vi mt hm bm.
33
Mc ch ca mt hm bm l to ra fingerprint-du tay ca mt file, mt bn tin hoc khi d liu khc. hu ch i vi nhn thc bn tin, mt hm Hash phi c nhng c im sau. 1. H c th c t ti khi d liu c kch thc bt k. 2. H to u ra c di c nh.
3. H ( x) c 4.
tnh d dng vi bt k x no bi c phn cng v phn mm.
Vi bt k gi tr h th rt kh khn tm ra x da vo H ( x) = h, i khi ngi ta cn gi tnh cht ny l thuc tnh mt chiu. Vi khi x bt k, rt kh tnh ton tm ra mt gi tr y x sao cho H ( y ) = H ( x) , i khi gi tnh cht ny l tnh kh tm nghch nh th hai hay tnh kh va chm yu (weak collision resistance).
5.
Hm bm kh c kh nng tnh ton tm ra mt cp bt k (x,y) vi xy tho mn H ( x) = H ( y ) c im ny gi l tnh kh va chm hay kh va chm mnh (strong collision resistance).
6.
Tt c cc hm bm u s dng mt nguyn l chung. u vo (bn tin, file, ) c quan st bi mt chui tun t cc khi n bit. u vo x l tng khi mt ti mt thi im trong mt khun dng lp i lp li to ra mt hm bm n bit. 2.2.3.8. MD4 v MD5 MD4 v MD5 l cc thut ton phn loi bn tin (message digest) c pht trin bi Ron Rivest c s dng cho cc ng dng ch k s, ni m mt bn tin c nn li thnh mt loi (digest) v sau c m ha bi mt kha ring. MD4 v MD5 c thit k cho cc h thng my tnh 32 bit. MD4 c pht trin vo nm 1990, v hin nay c nh gi l khng cn tnh an ton. MD5 c m t bi phng th nghim RSA c a ra nm 1991 nh MD4 vi dy an ton v mc d chm hn MD4 nhng n c xem l vn an ton. Vi MD4, mt bn tin bn r c chn thm m bo di ca n cng thm 448 bit c th chia c cho 512. Mt s nh phn 64 bit biu din di bn tin ban u, sau c cng thm thnh khi 512 bit s dng chc nng nn lp, mi khi c x l trong bn vng khc nhau trong khi MD4 s dng 3 vng lp.
34
2.2.3.9. SHA v SHA-1 Thut ton bm bo mt SHA (Secure Hash Algorith) c pht trin Vin quc gia tiu chun v cng ngh. Tuy nhin thut ton ny tr nn km bo mt v thut ton ban u c sa li v cng b vo nm 1994 vi tn SHA-1. Tri ngc vi MD5, SHA-1 to ra mt tp bn tin 160 bit v c xem l an ton hn, mc d chm hn trong thc hin.N thc hin vi di bn bn r ln n 264 bit. 2.3 Xu hng phat trin cua ma hoa bao mt 2.3.1 Mt s ng dung tiu biu Ch ky s Digital signature Mt th tc kim tra tnh xc thc ca bn tin gia bn gi v bn nhn s dng mt m i xng l ch k s. Ch k s cho mt bn tin t mt ngi gi ring bit l mt gi tr mt m ph thuc vo bn tin v ngi gi n. H mt m ha bt i xng l cng c to ra ch k s. Lc ch k s da vo h thng kha nh RSA hoc El Gamal, nguyn l c bn rt n gin. Mi ngi s dng c mt kha ring v ch duy nht h mi c th s dng n chp thun nhn dng chng. Tuy nhin c mt m ha bt i xng tng ng m bt k ai bit c kha ny c th kim tra kha ring tng ng c s dng nhng khng th xc nh c kha ring. Kha ring c s dng phi c chp thun a cho bn nhn m bo c ni dung v ngun gc ca bn tin. Ch k c to ra t gi tr bm (tng ng vi bn tin) bng cch s dng cc thut ton bt i xng vi kha ring, v th ch nhng ngi s hu kha ring mi c th to ra ch k. Di y l lc ca ch k s:
35
Hnh 2.7: Lc ch k s Giao dch in t an ton (SET) Giao thc SET c pht trin bi ngn hng MasterCard v Visa ging nh phng php bo m an ton trong cc phin giao dch bng th ngn hng qua cc h thng mng m. N da vo thut ton DES v Triple DES m ha khi d liu ln v RSA cho m ha m ha bt i xng ca kha b mt v s th ngn hng. SET c nh gi l cc k an ton. Pay TV : H thng Pay TV l mt trong nhng mng truyn qung b truy nhp c iu khin. Trong mt h thng Pay TV thng thng, mi chng trnh c m ha vi kha duy nht ca mnh u tin cho vic truyn dn. Sau ngi ta s phi tr tin cho mt chng trnh c th bit c kha ny. R rng l iu ny s dn n mt vn l qun l kha nh th no, c th l lm sao chuyn kha n ng ngi xem. Mt gii php chung cho vn ny l cung cp cho mi thu bao mt th Smart Card m trong c cha kha b mt duy nht ca thu bao , s dng mt thut ton m ha bt i xng ( hay m ha cng khai). Th Smart card ny sau t vo trong mt u c hoc l mt phn ca TV, hoc l phn i km c cung cp bi nh qun l mng. Khi mt thu bao tr tin cho mt chng trnh c th, kha i xng s dng m ha chng trnh c m ha vi kha cng khai ca thu
36
bao v truyn i. Loi h thng ny s dng phng php kha hai tng vi s lai ha gia thut ton i xng v thut ton bt i xng. 2.3.2 Xu hng cua ma hoa bao mt trong tng lai Trn th gii ngy nay, vic bo v d liu c tnh cht nhy cm l mt trong nhng mi quan tm hng u cho cc t chc cng nh ngi tiu dng. T o ta nhn thy ma ha l phng php ng tin cy nht bo v d liu. Hin nay vic s dng m ha ang ln mnh nhanh chng, c pht trin trong cc vng cng nghip ln hn v thng qua s tng ln ca mt lot cc ng dng. Ch a ra mt cch n gin, mt m v m ha tr thnh mt trong nhng cng ngh hp dn nht trong ngnh cng nghip bo mt IT th thch hin nay m bo rng cc t chc IT c trang b y x l s thay i ny v ang t ra nn mng ngy nay p ng nhng nhu cu trong tng lai. Bc cui cng ca bo mt i vi d liu c nhn: V cc doanh nghip hot ng nhm mc ch p ng cc tiu chun bo mt d liu nghim ngt i vi vic thanh ton qua th (PCI DSS), do , iu u tin l cn phi bo v d liu th tn dng vn rt nhy cm ca khch hng, m trc ht l trong t tng ca h. R rng vic bo v d liu c nhn l vn then cht i vi s sng cn ca bt k mt cng ty no lu tr hay x l nhng thng tin ny. M ha tr thnh bc cui cng ca bo mt d liu bi v mt khi d liu c m ha, nu n b nh cp hay thm ch n gin ch l nhm a ch, th cng khng th lm th no c th c c nu khng c cc kha gii m d liu . Vi sc mnh ngy cng tng ln ca cc thut my tnh c in, cc thut ton hay l mt my tnh lng t, mt m c th b b kha ngay hoc cng c th s b b kha trong tng lai. Do vy, nu bn tin m ha c lu li, th cui cng n cng c th b gii m. i vi hu ht cc bn tin, iu ny c th khng quan trng, nhng i vi cc bn tin thuc v qun s, iu ny l rt quan trng, c bit l nu thi gian yu cu l ngn. Tuy nhin, hin ti tnh ton lng t vn cn non tr v chi ph ti nguyn cn thit cho chng cn qu ln. Song khi n xy ra, liu s l tn hiu chm ht cho mt m truyn thng. Vi vy cc nghin cu trong tng lai s tp trung vo hai kha cnh ca QKD ( hay mt m lng t) : lm gim kch thc cc thit b v tng tc bit
37
m bo cng nh l khong cch i vi phn phi kha bo mt, khi m tc hin nay ca mt m lng t l kh nh, khong 300-400 bit/s, v khong cch xa nht t c l 67km vi tc 60bit/s. Phi cnh tranh vi cc gii php vt tri v tin dng nhng cho n nay mt m lng t vn ang tn hng s tr gip mnh m ca c chnh ph M ln cng ng chu u thng qua chng trnh cng tc v nghin cu tp trung. Mt m lng t cn c mt khong tri rng ri hon thin trong nhng nm ti. 2.4 Kt lun M ha m ha cng khai hay m ha bt i xng l mt phn quan trng ca cc k thut c bit dng xc thc thng tin. Chng khng nhng ci thin c nhng hn ch ca cc loi m ha i xng hay m mt m cn c th kt hp vi m ha i xng to ra cc h thng c an ton cao hn, m bo thng tin gia cc ngi s dng vi nhau khi k tn cng nhm mc ch xu. Cc phng php mt m to ra mt li ch to ln trong cc lnh vc cuc sng ni chung v c bit quan trng i vi lnh vc vin thng nht l cc h thng v tuyn nh mobile, wifi, wimax m bo truyn thng tin ngi dng an ton, tin cy v chnh xc.
38
CHNG III : MA HOA D LIU TRONG WIMAX 3.1 Quy trinh bao mt trong h thng Wimax Quy trinh bao mt trong h thng Wimax gm ba bc:
Hinh 3.1 Quy trinh bao mt Xc thc (Authentication) Trm SS thc hin xc thc vi BS bng cch gi thng bo yeu cu xc thc (chng thc X.509). BS thc hin xc thc SS va thng lng kh nng bo mt vi SS (cc thut ton ma ha ma SS h tr), sau khi thng lng, mt SA c to va c tham chiu bi gi tr SAID. Tip , SS gi thng bo Authorization Request yu cu cp quyn truy cp. BS s kim tra va gi li thng bo Authorization Reply cha kha AK (Authentication Key) cho SS c s dng trong qu trinh trao i kha. Qu trinh xc thc hoan tt khi c BS va SS u gi kha AK. Trao i kha d liu (Data Key Exchange) Trm SS gi thng bo TEK Key Request yu cu BS cp cho mt kha ma ha lu lng TEK (Traffic Encryption Key), c s dng trong qu trinh ma ha d liu. BS sau khi kim tra li cc thng tin c SS gi n, nu cc thng tin hp l, BS s to ngu nhin mt kha TEK va gi li cho SS thng bo TEK Key Respond cha kha TEK. Qu trinh trao i kha d liu hoan tt khi c BS va SS u gi kha TEK.
M. ha d liu Sau khi qu trinh trao i kha d liu a thc hin xong, SS tin hanh ma ha d liu trc khi truyn. Qu trinh ma ha ch c thc hin cho phn payload ca MAC PDU. Cc thng bo qun tr khng c ma ha. 3.1.1 Xac thc Qua trinh xac thc c thc hin nh trn hinh:
Hinh 3.2 Qua trinh xac thc SS vi BS
u tin, SS gi thng bo Authentication Information cha chng thc X.509 (RFC 3280) ca nha sn xut SS. Chng thc nay gm mt public key va mt a ch MAC ca SS. Tip , SS gi thng bo Authorization Request cho BS, thng bo nay yu cu BS cp cho mt kha AK va cc gi tr SAID nh danh cc Static SA tng ng vi cc dch v ma SS a ng k. Thng bo Authorization Request bao gm: Mt chng thc X.509 ca nha sn xut SS. Mt b ma ha (Cryptographic Suite) ma SS h tr. Mi mt n v trong b ma ha bao gm mt cp thut ton ma ha va xc thc gi d liu ma SS h tr.
Mt gi tr SAID tng ng vi Primary SA. Sau khi nhn c thng bo Authorization Request, BS tin hanh xc thc SS da vao thng bo Authorization Request. Sau khi a nh danh c SS la hp php va xc nh c cc thut ton ma ha va cc giao thc c SS h tr, BS s s dng public key ca SS to kha AK (128 bit). Sau BS gi thng bo Authorization Reply cho SS, thng bo Authorization Reply bao gm: Mt kha AK. Mt s tun t kha (0-15) phn bit cc kha AK vi nhau. Mt gi tr thi gian sng (life-time) ca kha AK. Gi tr nay trong khong 1-70 ngay, mc nh la 7 ngay. Mt gi tr SAID tng ng vi Primary SA va mt hoc nhiu gi tr SAID nh danh cc Static SA tng ng vi cc dch v SS a ng k. Sau mt thi gian nht nh, SS thc hin qu trinh yu cu cp quyn li (Reauthorization) cp nht kha AK. Qu trinh Reauthorization tng t nh qu trinh Authorization ngoi tr vic SS khng gi thng bo Authentication Information. Mi kha AK c mt thi gian sng nht nh. Vi c BS va SS u h tr
ng thi hai kha AK tn ti cung mt lc nn thi gian sng nay c th chng ln nhau gia cc AK nhm trnh tinh trng cc dch v b tm ngng t ngt do gi tr life-time ca kha ht hn. Vi BS xc thc SS bng chng thc X.509, do c th trnh c nguy c b tn cng t cc SS gi danh. 3.1.2 Trao i khoa d liu Qua trinh trao i khoa d liu c m ta theo hinh ve:
Hinh 3.3 Qua trinh trao i khoa d liu Qu trinh trao i kha c thc hin tng ng vi tng dch v ma SS a ng k trong qu trinh thit lp kt ni. Mi dch v tng ng vi mt Static SA va c nh danh bi mt gi tr SAID tng ng. Sau khi a nhn c thng bo Authorization Reply, SS s dng gi tr kha AK to hai kha gm: kha ma ha kha (KEK Key Encryption Key) 128 bit c s dng ma ha kha TEK trong sut qu trinh truyn va kha xc thc thng bo (HMAC Hash functionbased Message Authentication Code) 160 bit. Tip SS gi thng bo TEK Request
yu cu BS cp cho mt kha ma ha lu lng TEK, kha nay c dung ma ha d liu. Thng bo TEK Request gm: S tun t kha AK c cp trong qu trinh xc thc. Mt gi tr SAID tng ng vi mt Static SA ca mt dch v c th ma SS a ng k. Mt gi tr HMAC-SHA1. Sau khi nhn thng bo TEK Key Request t SS, BS s dng thng tin trong thng bo TEK Key Request kim tra gi tr kha AK, nu phu hp s tin hanh to ngu nhin mt kha TEK (128 bit). Kha
TEK c to bi cc phng thc Triple-DES (s dng 128 bit KEK), hoc phng thc RSA (s dng public key ca SS), hoc phng thc AES (s dng 128 bit KEK). Cc phng thc ma ha nay c ch th bi gi tr ca mt n v trong b ma ha. Sau , BS gi thng bo TEK Key Reply cho SS, thng bo TEK Key Request gm: S tun t kha AK c cp trong qu trinh xc thc. Mt gi tr SAID tng ng vi mt Static SA ca mt dch v c th ma SS a ng k. Mt kha TEK a ma ha. Mt gi tr thi gian sng (life-time) ca kha TEK. Gi tr CBC-IV (CBC Inittialization Vector) ma ha d liu. Mt gi tr HMAC-SHA1 xc thc cc thng bo. Qu trinh trao i kha d liu hoan tt khi c BS va SS u gi kha TEK. 3.1.3 Ma hoa d liu Sau khi thc hin xong qu trinh trao i kha, phn d liu payload s c ma ha trc khi truyn s dng kha TEK. Ring cc thng bo qun tr thi khng c ma ha.
Hinh 3.4 inh dang payload trc va sau khi ma hoa Khi d liu payload sau khi ma ha c b sung hai trng: Trng PN (Packet Number) c dai 4 byte biu th s tun t gi sau khi ma ha, c tng ln mt n v mi khi mt MAC PDU c truyn. Trng Ciphertext ICV (Ciphertext Integrity Check Value) m t gi tr kim tra tnh toan vn phn payload a c ma ha. Chun IEEE 802.16 h tr hai thut ton ma ha d liu: Thut ton DES (Data Encryption Standard). Thut ton AES (Advanced Encryption Standard). 3.2. Chun m ho d liu DES (Data Encryption Standard) 3.2.1. Gii thiu v chun m ho d liu DES Nm 1972, Vin tiu chun v cng ngh quc gia Hoa k (National Institute of Standards and Technology-NIST) t ra yu cu xy dng mt thut ton m ho bo mt thng tin vi yu cu l d thc hin, s dng c rng ri trong nhiu lnh vc
v mc bo mt cao. Nm 1974, IBM gii thiu thut ton Lucifer, thut ton ny p ng hu ht cc yu cu ca NIST. Sau mt s sa i, nm 1976, Lucifer c NIST cng nhn l chun quc gia Hoa K v c i tn thnh Data Encryption
Standard (DES). DES c thng qua bi cc tiu chun quc gia (NBS) vi tn l FIPS PUB 46 vo nm 1977. Ngy nay, cc FIPS PUB c pht trin v trin khai bi NIST. Chun c xc nhn li vo nm 1983, 1988, 1993 v 1999, v chun c chnh thc thu hi vo thng 7 nm 2004. Tiu chun DES c xc nhn li vo nm 1999 c th c s dng bo v d liu nhy cm cao. Chun m ho d liu DES bao gm thut ton m ho d liu DES v thut ton m ho d liu bi ba TDEA nh c m t trong ANSI X9.52. DES l phng php mt m theo mt khi i xng, thao tc trn cc khi 64 bit c s dng mt kha 56 bit. DES mt m d liu trn cc khi 64 bit. u vo ca thut ton l mt khi 64 bit cha thng tin cn m ha (plaintext) v u ra ca thut ton l mt khi 64 bit cha cc thng tin c mt m ha (ciphertext) sau 16 vng lp ging nhau .Chiu di t kha l 56 bit c to ra bng cch b i 8 bit chn l ca mt t kha 64 bit cho. Kho 56 bit to ra 16 kho con 48 bit, v 16 hm lp k hiu l fkj vi j = 1, 2, , 16. thun tin ta k hiu nh sau: L v R l khi cc bit, LR biu th khi gm cc bit L c theo sau bi cc bit ca R. Do s ghp ni lin kt, v d nh B1B2B8 biu th khi gm cc bit ca B1 c theo sau bi cc bit ca B2 c theo sau bi cc bit ca B8. DES l i din chnh ca mt mt m Feistel. Do , hiu v DES, trc ht ta tm hiu s qua v mt m Feistel. Mt mt m Feistel l mt mt m khi vi mt cu trc c bit (gi l mng Feistel). Mu t l = 2 = { 0,1} v di khi l 2t (vi mi t N + ). Mt m Feistel chy trong cc vng r N + . Vi mi k K , r vng kho k1,, kr phi c to ra v s dng trn mi mt vng. Hm m ho Ek khi u bng vic chia khi bn tin nguyn bn m thnh 2 na m mi na c t bit. t L0 cho na bn tri v R0 cho na bn phi: m = (L0, R0).
Mt chui cc cp (Li, Ri) vi i = 1,, r sau c tnh ton quy nh sau:

( Li , Ri ) = ( R i 1 , Li 1 f ki ( Ri 1 ))
(3.1) (3.2)
Ngha l:
Li = Ri 1 v Ri = Li 1 f ki ( Ri 1 ) .
V d, nu i = 1, th L1 v R1 c tnh nh sau
L1 = 0 R R1 = L0 f k 1 ( R0 )
Tng t, nu i = 2 th L2 v R2 c tnh nh sau:
R2 = L1 f k 2 ( R1 )
Qu trnh ny c tip tc cho n vng cui th Lr v Rr c tnh nh sau:
Rt = Lr 1 f kr ( Rr 1 )
Cp (Lr, Rr) c biu din ngc li trong khi mt m. Do , m ho ca bn tin gc m s dng kho k c th c biu din theo cng thc nh sau:
E k (m) = Rk ( L0 , R0 ) = ( Rr , Lr )
(3.3)
Cng thc quy 3.1 cng c vit nh sau:

( Li 1 , Ri 1 ) = ( Ri f ki ( Li ), Li )
(3.4)
iu ny c ngha l c th tnh ton quy Li-1 v Ri-1 t Li, Ri v ki v xc nh (L0, R0) t (Rr, Lr) s dng kho vng theo th t ngc li (v d nh kr,, k1). Do , mt mt m Feistel c th lun c gii m s dng thut ton tng t v p dng cc kho vng theo th t ngc li. c tnh ny lm n gin ho vic thc hin hm gii m ang xt (thc t, cc hm m ho v gii m l ging nhau). By gi ta chi tit ho trn cc hm hoc cc thut ton m ho v gii m DES. 3.2.2. Thut ton m ha DES. Thut ton DES c thit k m ho v gii m ho cc khi d liu gm 64 bit di s iu khin ca mt kho k. Vic gii m phi c hon thnh bi vic s dng kho ging nh kho m ho nhng vi s to kho c thay i v vy m qu trnh gii m l ngc li so vi qu trnh m ho. Mt khi d liu c m ha phi thc hin mt s hon v khi u IP, sau thc hin php tnh ph thuc mt kho phc tp v cui cng l thc hin mt php v ngc li so vi hon v khi u IP-1. Vic tnh ton ph thuc kho c th c nh ngha n gin trong cc danh mc ca mt hm f, c gi l hm m ho, v mt biu kho. DES l mt mt m Feistel vi t = 32 v r = 16. iu ny c ngha l chiu di khi DES l 64 bit v do M = C = { 0,1} 64 , v thut ton m ho v gii m DES thc hin 16 vng lp. Hn na, cc kho DES l cc chui 64 bit vi c tnh b sung l bit cui cng ca mi byte c dng lm bit chn l. iu ny c ngha l tng
modulo 2 ca tt c cc bit trong mt byte phi l l v bit chn l c thit lp mt cch c quy tc. iu ny c th c biu din theo cng thc nh sau:
K = {(k ,...., k 64 )} { 0,1}
64
k
i =1
8 j +1
1(mod 2) vi j = 0,,7.
(3.5)
V d, F1DFBC9B79573413 l mt kho DES hp l. Tnh l ca n c th c kim tra s dng bng sau y: F1 DF BC 9B 79 57 34 13 1 1 1 1 0 0 0 0 1 1 0 0 1 1 0 0 1 0 1 0 1 0 1 0 1 1 1 1 1 1 1 1 0 1 1 1 1 0 0 0 0 1 1 0 0 1 1 0 0 1 0 1 0 1 0 1 1 1 0 1 1 1 0 1
Cho nn, 7 bit u tin ca mt byte kho DES xc nh bit cui cng, v kt qu l kch thc ca khng gian kho l 256 thay v 264. Nh cp trn, cc kho vng lp c rt ra t kho DES l ging nhau cho vic m ho v gii m, chng ch c s dng theo th t ngc li. Thut ton m ho DES c minh ho trong hnh 3.4 :
Hnh 3.4. Thut ton m ho DES m ho khi bn tin vn bn gc m s dng kho k, thut ton hot ng trong 3 bc: Bc1: 64 bit ca khi d liu vo m c m ho trc ht phi tri qua s hon v khi to IP. (bng 3.1) . Sau hon v khi to, khi ny s c chia lm hai khi con l khi Li (tri) v khi Ri (phi), mi khi ny di 32 bit . u vo c hon v c bit 58 ca u vo l bit u tin ca khi thng tin sau khi hon v, bit 50 l bit th hai, v tip tc vi bit th 7 l bit cui cng . Tc l nu m = m1m2m64 M = {0,1}64, th IP(m)=m58m50m7 M.
Bng 3.1. Hon v khi to IP 58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4 Li 62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 Ri 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7 Bc 2: Mt mt m Feistel 16 vng c p dng cho IP(m). Qu trnh sau y c lp li 16 ln to thnh 16 vng ca DES gm 16 cp L0-L15 v R0-R15: Hm lp DES f hot ng trn cc khi 32 bit v s dng mt kho k i 48 bit trong mi vng (tc l fki : {0,1}32 {0,1}32 vi mi ki {0,1}48). Nguyn l hot ng ca hm lp DES c minh ha trong hnh 3.6.
Hnh 3.6: Hm lp f ca DES.
Trc ht, 32 bit Rj, y j l s vng (1 j 15) c m rng thnh 48 bit bng vic s dng hm m rng E . E l k hiu mt hm nhn mt khi 32 bit l u
32 48 vo v to ra mt khi 48 bit l u ra. E : { 0,1} { 0,1}
Hm m rng hot ng c bn bng cch lp li mt vi bit. E l 48 bit ca u ra ca n, c vit thnh 8 khi, mi khi 6 bit, c c bng vic la chn cc bit trong cc u vo ca n theo th t theo bng la chn E bit di y. Nu R = r1r2r31r32, th E(R) =r32r31r32r1.
32 4 8 12 16 20 24 28
1 5 9 13 17 21 25 29
2 6 10 14 18 22 26 30
3 7 11 15 19 23 27 31
4 8 12 16 20 24 28 32
5 9 13 17 21 25 29 1
Bng 3.2. Bng la chn E bit. Vic s dng hm m rng c hai mc ch: u ra c cng kch thc vi kha, qua c th thc hin c php ton XOR; cung cp c mt kt qu di hn v s c nn trong qu trnh thao tc thay th trong cc hp S. Sau , chui 48 bit E(R) c cng modulo 2 vi kho k 48 bit. Kt qu c chia thnh cc 8 khi B1, B2,, B8, mi khi 6 bit (ngha l E ( R) k = B1 B2 B3 B4 B 5 B 6 B7 B8 v
Bi { 0,1} vi i = 1, 2, , 8 . Cc khi ny to thnh u vo cho cc hp S
6
(Substitution) c s dng bc tip theo. Cc hp S: S 1, S2, , S8 ca DES c minh ho trong bng 3.3. Mi hp S c biu din bi mt bng gm 4 hng v 16 ct.
Bt u t B1 = b1b2b3b4b5b6 l u vo th , bit u v cui ca khi 6 bit (tc l b1b6) c ly ra v s dng lm ch s hng ca bng S1, n c gi tr t 0 n 3, v 4 bit gia b2b3b4b5 c dng lm ch s ct, t 0 n 15. Gi tr c ch n trong bng S c ly ra v lu li. Vic ny c lp li i vi B2 v S2 cho n B8 v S8. Lc ny ta c 8 s 4 bit, khi ni li vi nhau theo th t thu c s to ra mt chui 32 bit.
V d: Nu S1 l hm c nh ngha trong bng ny v B1 = 011011 l u vo th hng l b1b6 = 01, l hng 1 v ct c xc nh bi b2b3b4b5 = 1101, l hng 13. Trong hng 1 ct 13 xut hin 5 v vy u ra l 0101. Do vy gi tr 0101 s c thay th cho 011011. Tc l 4 bit u ra 0101 t S1 s thay th cho 6 bit vo S1 l 011011. Sau khi qua cc hp S ta thu c 8 s 4 bit, khi ni li vi nhau theo th t thu c s to ra mt chui 32 bit. Chui bit C ny c hon v bit bng bng hon v P (Permutation). Hm hon v P to ra mt u ra 32 bit t mt u vo 32 bit bng vic hon v cc bit ca khi u vo. Nh mt hm c nh ngha bi bng 3.4 sau y:
Bng 3.3. Cc hp S
16 29 1 5 2 32 19 22
7 12 15 18 8 17 13 11
20 28 23 31 24 3 30 4
21 17 26 10 14 9 6 25
Bng 3.4. Hm hon v P. u ra P(C) ca hm P c nh ngha bi bng ny c c t u vo bng vic ly bit th 16 ca C lm bit u tin ca P(C) v bit th 7 lm bit th 2 ca P(C), v tip tc cho n khi bit th 25 ca C lm bit th 32 ca P(C). t S 1, S2,, S8 l 8 hm la chn ring bit, P l hm hon v v E l hm c nh ngha trn. xc nh f(R, k) trc ht ta xc nh B1, B2,, B8 l cc khi 6 bit : (3.6) Sau , khi f(R, K) c xc nh l: (3.7) Do , K E (R) trc ht c chia thnh cc khi 8 bit nh c ch ra trong (3.6). Sau , mi Bi l u vo ca Si v 8 khi S1(B1), S2(B2),, S8(B8) ca mi 4 bit c c kt vo trong mt khi n 32 bit biu din u vo ca P. u ra (3.7) sau l u ra ca hm f vi cc u vo R v K. Kt qu thu c sau khi hon v c XOR vi Lj-1 v chuyn vo Rj. Rj-1 c chuyn vo Lj. Lc ny ta c Lj v Rj mi. Ta tip tc tng j v lp li cc bc trn cho n khi j = 17, iu c ngha l 16 vng c thc hin v cc cha kho con k1 k16 c s dng. Khi c L16 v R16, chng c ghp li vi nhau theo cch chng b tch ra (L16 bn tri v R16 bn phi) thnh 64 bit. Lu trong vng lp cui cng th hai phn
bn phi v bn tri s khng i ch cho nhau na. Thay v th cc khi ghp R 16 || L16 s c s dng nh l u vo ca hon v cui cng ca 3.5. Bc 3: p dng hm hon v ngc IP-1 cho u ra ca bc 2. Nu u ra ca bc 2 l (L16,R16) th c = IP-1 = (R16, L16). Hm hon v ngc c minh ho trong bng 3.5 di y: 4 0 39 3 8 37 6 5 6 4 8 7 8 4 7 4 4 13 5 1 4 53 4 6 1 5 5 2 2 1 6 5 23 2 2 6 63 6 30 29 31 5 4 2 4 6 32
5 4 36 35 34 33 4 3 2 1 4 43 4 2 4 1 9 49 0 2 1 1 1 0 1 5 1 2 5 5
1 2 0 19 1 8 1 7
1 6 0 59 5 8 5 7 25 26 28 27
Bng 3.5. Hon v khi to ngc IP-1 ca DES. S to kho ca DES. Cui cng, chng ta phi gii thch 16 kho k1, , k16 {0,1}48 c to ra t kho DES k {0,1}64 nh th no. Chng ta s dng 2 hm c gi l PC1 v PC2. PC1 nh x mt chui 64 bit, c th l kho k ca DES thnh 2 chui 28 bit C v D. C th l : PC1: {0,1}64 {0,1}28 x {0,1}28. V PC2 nh x 2 chui 28 bit thnh 1 chui 48 bit. C th l: PC2: {0,1}28 x {0,1}28 {0,1}48
(3.8)
(3.9)
Hm PC1 c minh ho trong bng 3.6.
5 7 1 1 0 19 1 2 1 49 5 8 0 1
4 33 5 2 5 59 3 1 6 0 2 4 5
2 7
1 9 2 18 27 36
34 43 5
6 35 4 4
5 63 7 1 4 2 1 13 6 1 5 6 2 4 7
4 39 5 6 6 53 2 5 8 0 5 2 2 4 8 4 37 1 4 29 31 3 0 23 3 22 15
Bng 3.6: Hm la chn hon v 1: PC1 Na trn ca bng ch ra cc bit c ly t kho k xy dng C, v na di ca bng ch ra cc bit c ly t k xy dng D. Nu k = k1k2k64, th C=k57k49 k36 v D = k63k55k4. Lu rng, 8 bit chn l k8, k16, , k64 khng c xt n v khng xut hin trong C v trong D. Hm PC2 c minh ho trong bng 3.7 chui 28 bit l u vo ca hm c ghp thnh mt chui 56 bit. Nu chui ny l b 1b2b56 th hm PC2 tr chui ny v dng b14b17b32. Lu rng, ch 48 bit c xt n v b9, b18, b22, b25, b35, b38, b43 v b54 b loi b.
1 4 3 23 1 6 4 1 3 0 4 4 4 0 2 7
1 1 2 8 19 7 5 5
1 4 1
2 1 2 6 1 2 4 6 13 4 7 33 5 34 29 8 2 55 48 53 32 2 0 37 4 5 6 36 10 5
1 2 2 7 31 4 1 39 5 5
49 4
Bng 3.7 : Hm la chn hon v 2: PC2. to ra 16 kho vng k1, , k16 t kho k ca DES, (C0, D0) trc ht c khi to vi PC1(k) theo cu trc trc ni. Vi i = 1, 2, , 16, Ci sau c c to thnh mt chui l kt qa t mt php dch vng tri ca Ci-1 i vi v tr v Di c to thnh mt chui l kt qu ca vic dch vng tri Di-1 i vi v tr. Chng ta nh ngha vi vi i = 1, , 16: S sau dch vng tri: S ln lp S ln dch vng tri vi 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Bng 3.8. S dch vng tri (sch FIP) Chng hn, C3 v D3 c c t C2 v D2 tng ng bng 2 ln dch tri, C16 v D16 c c t C15 v D15 tng ng bng mt dch tri. Trong tt c cc trng hp, bng mt dch tri n ngha l mt php quay cc bit i mt v tr sang bn tri, v vy sau mt ln dch tri, cc bit trong 28 v tr l cc bit cc v tr 2, 3,, 28, 1 trc . Cui cng, kho vng ki l kt qu ca s ghp ni Ci v Di, v vic p dng PC2 to ra kt qu. C th l ki = PC2(Ci//Di). Do , bit u tin ca Kn l bit th 14 ca CnDn, bit th 2 ca Kn l bit th 17 ca CnDnv c nh vy, bit th 47 ca Kn l bit th 29 ca CDn v bit th 48 ca Kn l bit th 32 ca CnDn S tnh ton kho c minh ho trong hnh 3.7.
Hnh 3.7. S tnh ton kha. V d v tnh ton kho: Gi thit rng kha u vo 64 bit l K = 581fbc94d3a452ea, c bao gm c 8 bit chn l. Ch tm ba t kha u tin K1, K2, K3: C0 = bcd1a45 D0 = d22e87f S dng hnh 3.4, cc khi C1 v D1 c to ra t cc khi C0 v D0 bng cch dch i 1 bit sang bn tri nh sau: C1 = 79a348b D1 = a45d0ff Kha 48 bit k1 c ly ra nh s dng bng 2.3 (PC 2) bng cch nhp vo khi ghp ( C1,D1) do vy k1 = 27a169e58dda.
Khi c ghp ( C2, D2) c tnh t khi ( C1,| D1) bng cch dch i 1 bit sang bn tri nh di y: ( C2, D2) =f346916 48ba1ff
S dng bng 3.7 (PC 2), kha 48 bit k2 ti vng lp 2 s c tnh nh sau: k2=da91ddd7b748. Tng t nh vy ( C3, D3) c to ra bng cch dch ( C2, D2) sang bn tri 2 bit nh sau: ( C3, D3) =cd1a456 S dng bng 3.7 ta c: k3=1dc24bf89768 Hon ton tng t, tt c cc kha sau 16 vng lp u c th tnh c v ton b cc kha DES c lit k nh di y: k1 = 27a169e58dda k3 = 1dc24bf89768 k5 = b829c57c7cb8 k7 = c535b4a7fa32 k9 = e80d33d75314 k11 = 83b69cf0ba8d k13 = f6f0483f39ab k15 = 6c591f67a976 Gii m ho DES k2 = da91ddd7b748 k4 = 2359ae58fe2e k6 = 116e39a9787b k8 = d68ec5b50f76 k10 = e5aa2dd123ec k12 = 7c1ef27236bf k14 = 0ac756267973 k16 = 4f57a0c6c35b 22e87fd
Hon v IP-1 c p dng cho khi u ra l ngc li vi hon v khi to IP c p dng cho u vo. Hn na, t (3.2) c:
Li = Ri 1 v Ri = Li 1 f ki ( Ri 1 )
(3.10)
Do , gii m n ch cn p dng thut ton tng t vo mt khi bn tin c m ho, ch rng ti mi php lp ca vic tnh ton khi ging nhau ca cc bit kho K c s dng trong sut vic gii m nh c s dng trong sut vic m ho ca khi. Vic s dng cc k hiu ca mc trc, hon v ny c biu din bi phng trnh sau:
Li =Ri 1
(3.11)
Li 1 = Ri f(L i , k i )
(3.12)
y, R16L16 l khi u vo c hon v cho vic tnh ton gii m v L 0R0 l khi u ra trc. l, vi vic tnh ton gii m vi R 16L16 nh l u vo, k16 c s dng trong php lp u tin, k15 c s dng trong php lp th 2, v c nh vy vi K1 c s dng cho php lp th 16. Nh vy: DES l mt mt m Feistel v nh vy thut ton m ho tng t nh thut ton m ho. iu ny c ngha l thut ton m ho cng c s dng cho thut ton gii m. S khc nhau duy nht l s kho phi o ngc li, ngha l cc kha vng ca DES phi c s dng theo th t ngc li tc l k16k1 gii m vn bn m ho nhn [10] ngha l trong bc 2 ca qu trnh m ho d liu u vo trn Rj-1 s c XOR vi k17-j ch khng phi vi kj. thi im DES ra i, ngi ta tnh ton rng vic ph c kho m DES l rt kh khn, n i hi chi ph hng chc triu USD v tiu tn khong thi gian rt nhiu nm. Cng vi s pht trin ca cc loi my tnh v mng my tnh c tc tnh ton rt cao, kho m DES c th b ph trong khong thi gian ngy cng ngn vi chi ph ngy cng thp. D vy vic ny vn vt xa kh nng ca cc hacker thng thng v m ho DES vn tip tc tn ti trong nhiu lnh vc nh ngn hng, thng mi, thng tin... c bit vi s ra i ca th h DES mi-"Triple DES". Sau y, chng ta s xt n cc vn v an ninh ca DES. Cc xem xt v an ninh ca DES.
Do c cng nhn l chun vo nhng nm 1970, DES l i tng ca rt nhiu s nghin cu cn thn ca cng chng. Chng hn, ngi ta tm ra c 4 kho yu v 12 kho bn yu.
Mt kho DES c gi l yu nu DESk(DESk(m))= m vi tt c

64
m M = { 0,1}
ngha l vic m ho DES vi kho k l ngc vi chnh n. Tc l nu m c m ho 2 ln vi mt kho yu th kt qu li l m.
Cc kho k1 v k2 ca DES c gi l bn yu nu DESk1(DESk2(m)) = m vi tt c m M ={0,1}64, ngha l vic m ho DES vi kho k1 v k2 l ngc nhau.
Do cc c tnh bn ca cc kho DES yu v bn yu m chng khng c s dng trong thc t. V ch c 16 = 24 kho nh vy nn xc sut to ra ngu nhin mt kho nh vy l:
24 = 2 52 2.22.10 16 56 2
Xc sut ny khng gy rc ri c bit. Do , khng cn lo lng qu nhiu v cc kho yu v bn yu trong vic thit lp mt ng dng xc nh. T quan im thc t, vn an ninh v d b tn thng chnh ca DES chnh l chiu di kho (v khng gian kho) tng i nh ca n. Lu rng, mt kho DES l mt chiu di 56 bit hiu qu, v do , khng gian kho ch bao gm 2 56 phn t. Do , vic tm kim thnh cng mt kho trong trng hp xu nht l sau 256 ln th nghim v trung bnh l 256/2 = 255 ln th nghim. Hn na, m ho DES c c tnh sau:
DES k (m) = DES k (m)
(3.13)
c tnh ny c th c s dng trong tn cng vn bn gc bit thu hp khng gian kho 2 ln. Nu mt i phng bit 2 cp vn bn gc vn bn m ha
( m, c1 ) vi c1 = DES k (m) v ( m, c 2 ) vi c 2 = DES k (m) th anh ta c th tnh ton cho mi
kho c th chn k ' gi tr c = DES k ' (m) v kim tra gi tr ny c ph hp vi c1 hay

c 2 hay khng.
Nu c = c1 th k ' l kho ng. Thc t k = k ' do c = DES k (m) v c1 = DES k (m) . Nu c = c 2 th k ' l kha ng. Thc t, k = k ' do c = DES k ' (m) , c 2 = DES k (m) v
DES k (m) = DES k (m) .
V vy, trong mi th nghim vi kho c th chn k, i phng cng c th kim tra vic thm vo kho c th chn k ' . Nh cp t trc, iu ny thu hp khng gian kho vi h s 2. C th kt lun rng vic tm kim mt ton b kho thnh cng sau trung bnh 254 th nghim.
Tnh kh thi ca vic tm kim ton b kho c tho lun chung vo nm 1977. Lu rng vic tm kim ton b kho cn nhiu thi gian nhng hu nh khng cn b nh. Mt khc, nu c nhiu b nh v sn sng tnh ton trc vn bn mt m cho bt k bn tin vn bn gc nhn m no v tt c cc kho k c th th c th lu tr cc cp (c, k) v nhanh chng tm ra kho ng trong mt tn cng vn bn gc bit. Do , c nhiu l do cho vic cn bng thi gian - b nh. Trong trng hp khc, rt nhiu ngi tho lun v kh nng thit k v xy dng thc cc my k thut chuyn dng thc hin vic tm kim mt kho ton th cho DES. Nm 1998 khi mt my tm kim da trn phn cng c tn l Deep Crack c xy dng bi Hip hi chuyn bo v quyn t do cho ngi dng my tnh EFF (Electronic Frontier Foundation). Deep Crack chi 200.000$ xy dng v bao gm 1536 b x l, mi b x l c kh nng tm kim 60 triu kho mt giy. Thi gian thc hin mt tm kim kho ton b l:
2 56 2 55 = = 390 ,937 ( s ) 2 p 60 ,000 ,000 .2.1,536 60 ,000 ,000 .1,536 Kt
Do , Deep Crack c th khi phc mt kho DES trong xp x 6516 giy, 109 gi hay 4.5 ngy.
Hn na, cng c th ginh thi gian ri ca cc h thng my tnh mng tm kim cc kho DES v chy mt tm kim ton b kho. Nu cc h thng my tnh tham gia vo tm kim th mt kho DES c th c tm kim m khng cn xy dng mt my chuyn dng nh Deep Crack. V d, vo thng 1 nm 1999, s tham gia ca d n mng phn b ph mt kho DES trong 23 gi. Hn 100.000 h thng my tnh tham gia, nhn v thc hin mt phn nh cng vic. iu ny cho php c th kim tra cc kho vi tc 250 t kho trong mt giy. R rng l chiu di kho tng i nh v tnh kh thi tng ng ca vic tm kim ton b kho l vn an ninh v d b tn thng nghim trng nht ca DES. Ch c mt vi kh nng bo v mt m khi vi chiu di kho nh, nh DES, chng li loi tn cng ny. V d, mt ngi c th thay i thng xuyn kho, xo vn bn gc bit hoc s dng mt phng php to kho phc tp. Mt tng th v gim chm mt tn cng tm kim ton b kho c a ra do Rivest v c bit n vi tn m ho tt c hoc khng g c. N to ra mt ch m ho cho cc mt m khi m m bo rng phi gii m ton b vn bn mt m trc khi c th xc nh mt khi bn tin vn bn m ho. iu ny c ngha l mt tn cng
tm kim ton b kho tng phn vi m ho tt c hoc khng g c c lm chm li bi mt h s bng vi s cc khi vn bn mt m. Phng php n gin nht bo v mt m khi chng li vic tm kim ton b kho l lm vic vi cc kho di ph hp. N khng ni rng cc mt m hin i vi chiu di kho 128 bit v nhiu hn l bn vng vi cc tn cng tm kim kho ton b vi cng ngh hin ti. Trong mt t liu nm 1996 c vit bi mt nhm cc nh mt m hc ni ting phn on rng cc kho cn c chiu di t nht l 75 bit v chng di t nht 90 bit nu d liu phi c bo v tho ng trong 20 nm ti (tc l ti tn nm 2016). Lu rng nhng con s ny ch cung cp mt gii hn thp cho chiu di kho, khng c l do no cho lm vic vi cc kho di hn trong v tr u tin. Trong thc hnh, c 3 kh nng gii quyt vn v chiu di kho nh ca DES:
1. DES c th c ci tin theo cch m b chiu di kho tng i nh ca n.

2.
DES c th c lp li nhiu ln.
3. C th s dng mt h thng m ho i xng khc vi chiu di kho ln hn. Kh nng u tin dn ti mt ci tin DES c gi l DESX. Kh nng th 2 dn ti TDEA. Kh nng th ba dn ti AES. DESX. ti gn vi mt ci tin ca DES m b chiu di kho tng i nh ca n, Rivest pht trin v xut mt k thut n gin gi l DESX. DESX ph hp thc t v trc ht n l h thng m ho i xng u tin c s dng bi h thng tp m ho (EFS: Encryption File System) trong h iu hnh Microsoft Windows 2000. Cu trc DESX c minh ho trong hnh 3.7.
Hnh 3.8: Cu trc DESX. B sung vo kho k ca DES, cu trc DESX s dng 2 kho b sung 64 bit k 1 v k2. Chng c cng modulo 2 vi bn tin vn bn gc m trc v sau khi din ra m ho DES. Do , m ho DESX ca bn tin vn bn gc m s dng cc kho k, k 1, k2 c th c biu din theo cng thc di y:
c = k 2 DES k (m k1 ) (3.14)
DESX yu cu tng s 56 + 64 + 64 = 184 bit cho cc kho. Nh vy, n ci thin tnh bn chng li vic tm kim ton b kho . Tuy nhin, n khng ci thin bn chng li cc tn cng phn tch mt m khc, nh l phn tch mt m vi phn hay phn tch mt m tuyn tnh (vic bo v tng phn vi nhng tn cng ny khng l mt mc tiu thit k ca DESX).
TDEA Nh cp t trc, mt kh nng gii quyt vn chiu di kho nh l lp li DES nhiu ln. C 2 im to thnh kh nng trn: Th nht, vic lp li nhiu ln vi kha ging nhau khng an ton hn nhiu so vi mt m ho n. l do mt i phng cng c th lp li cc hm m ho nhiu ln. V d, nu DES c lp li 2 ln (vi kho ging nhau) th mi bc ca vic kim tra kho cng l 2 ln (v i phng phi lm mt m ha kp). Do , vic lp li nhiu phi thng xuyn c thc hin vi cc kho khc nhau ci thin an ninh. Th hai, vic lp li nhiu ln ch ra rng cc hm m ho DES khng ng vi vn ghp chui (tc l chng khng cung cp mt nhm). Nu cc hm m ho DES cung cp mt nhm th chng s tn ti mt kha k3 cho tt c cc cp (k1,k2) ca cc kho DES, nh DES k 3 = DES k1 DES k 2 . iu ny l ng tic, v vic s dng DES lp li khng cung cp bt k u im an ninh no.
Chng li iu ny, kh nng u tin l lp DES l m ho kp vi 2 kho c lp nhau. Tuy nhin, ln u tin n c Diffie v Hellman ch ra rng m ho kp khng c bit hu ch do s tn ti ca mt tn cng giao nhau gia. Gi s mt i phng c mt vi cp vn bn gc vn bn m ho (mi, ci), trong ci c to ra t mt m ho kp ca mi vi k1 v k2, v anh ta mun tm k1 v k2. Tn cng giao nhau gia c minh ho trong hnh 3.7, n hot ng theo 4 bc sau y:
i phng tnh ton mt bng trc tin (tc l bng 1) vi 256 phn t. Mi phn t bao gm mt kho DES ki c th chn v kt qu ca vic p dng kho m ho bn tin vn bn gc m1. Bng 1 c sp xp theo th t s bng cc vn bn mt m kt qu. Do , phn t (ci,ki) tr ti vn bn mt m l kt qu ca vic m ho m1 vi kho ki vi i =1,, 256.
1.
i phng tnh ton bng th hai (c th l bng 2) vi 256 phn t. Mi phn t bao gm mt kho DES c th chn kj v kt qu ca vic p dng kho gii
2.
m vn bn m ha c1. Bng 2 c sp xp theo th t s bng cc vn bn gc kt qu. Do , phn t (mj, kj) tr ti vn bn gc l kt qu ca vic gii m c1 vi kj vi j = 1,,256.
Hnh 3.9: Tn cng giao nhau gia chng li DES kp.. i phng tm kim qua cc bng c sp xp tm cc phn t ph hp. Mi phn t ph hp ci = pj to ra ki nh mt kho c th chn cho k1 v kj nh mt kho c th chn cho k2 (v ki m ha m1 thnh mt gi tr m kj gii m ra c1).
3.
Nu c nhiu cp ph hp (hu nh chc chn s xy ra), i phng kim tra cc cp c th chn (k1,k2) chng li m2 v c2. Nu nhiu cp c th chn vn lm vic vi m2 v c2 th phng php kim tra tng t c p dng cho m3 v c3. Vic ny tip tc cho ti khi cn li mt cp c th chn n. Lu rng cp c th chn ng lun lm vic trong khi mt cp c th chn khng ng hu nh chc chn khng lm vic c vi bt k cp (mi,ci) ring bit no.
4.
Tn cng giao nhau gia khng gy rc ri c bit, v n yu cu 2 bng vi mi bng c 256 phn t. Tuy nhin, s tn ti kt hp ca cc tn cng l l do
lp li DES 3 ln, v thc hin triple DES (3DES). C th l DES kp l tt nhng do triple DES khng kh hn nhiu, n thng c thc hin v tr u tin. Nh cp t trc, FIPS PUB 46 3 nh r TDEA v s xc nh ny cng ph hp vi ANSI X9.52. Thut ton m ho d liu bi ba (Triple DES hay 3DES)
Mt kho TDEA bao gm 3 kho c tr ti nh mt chm cha kho (tc l k= (k1k2k3)) [10]. Thao tc m ho TDEA bin i mt khi u vo 64 bit thnh mt khi u ra 64 bit c xc nh nh sau:
c = E k 3 ( Dk 2 ( E k1 (m)))
(3.12)
Do , mt m ho TDEA hay 3DES thng c tr ti nh EDE (m ho-gii m m ho: encrypt decrypt - encryp). L do m php lp th 2 ca DES l gii m (thay th cho mt s m ho) l vic thc mt 3DES c th d dng tr v vic thc hin DES mt kho n bng vic thc hin tt c 3 php lp vi cng kho k. Nu chng ta tnh c = E k 3 ( Dk 2 ( E k1 (m))) , thc t chng ta tnh c = E k ( Dk ( E k (m))) . Thao tc gii m TDEA: vic bin i mt khi u vo 64 bit thnh mt khi u ra 64 bit c xc nh nh sau:
m = Dk1 ( E k 2 ( Dk 3 (c)))
(3.13)
FIPS PUB 46 3 xc nh 3 la chn sau y cho chm kho k = (k1, k2,k3):

La chn kho 1: k1, k2 v k3 l cc kho c lp; La chn kho 2: k1, k2 l cc kho c lp v k3 = k1;
La chn kho 3: Tt c cc kho bng nhau (tc l k1 = k2 = k 3 ). Nh cp t trc, vic thc hin 3DES biu din vic thc hin DES mt kho n. Vic m ho v gii m TDEA c minh ho trong hnh di y:
Hnh 3.10. S m ho v gii m Triple DES. ng dng ca thut ton DES: DES thng c dng m ho bo mt cc thng tin trong qu trnh truyn tin cng nh lu tr thng tin. Mt ng dng quan trng khc ca DES l kim tra tnh xc thc ca mt khu truy nhp vo mt h thng (h thng qun l bn hng, qun l thit b vin thng), hay to v kim tra tnh hp l ca mt m s b mt (th internet, th in thoi di ng tr trc), hoc ca mt th thng minh (th tn dng, th payphone). Sau y ta xt ng dng ca DES trong Wimax. l DES trong ch CBC (DES - CBC) 3.2.3. DES trong ch CBC Phn ny ni v thut ton DES c s dng trong ch Cipher Block Chaining (CBC) v c coi l phng php m bo an ton cho vic ng gi cc ti trng (ESP: Encapsulating Security Payload). ESP m bo tnh b mt cho cc datagram IP bng cch mt m ha cc d liu ti trng. Trong IEEE 802.16, s dng DES trong ch CBC cho bo mt d liu. DES trong ch CBC (chui khi mt m) s dng kho DES 56 bit (TEK) v CBC IV (vct khi to). Ch CBC yu cu mt vect khi to ngu nhin an ton h thng (RSA, 2004).
Vic s dng DES trong ch CBC, trng ti tin ca MAC PDU c m ho, nhng GMH v CRC th khng. Hnh 3.11 minh ha qu trnh m ho.
Hnh 3.11. M ho DES CBC.
Ch CBC yu cu mt vect khi to IV di 64 bit-trng chiu di vi kch thc khi. IV phi l mt s ngu nhin ngn nga vic to ra cc thng tin m ha c th nhn dng c. IV c tnh ton bng vic thc hin hm XOR ca tham s IV trong SA v ni dung ca trng ng b PHY. CBC IV c tnh ton khc nhau cho DL v UL. Trong DL, CBC c khi to vi hm XOR trong ca tham s IV c trong thng tin kho TEK v s khung hin ti (c cn chnh ng). Trong UL, CBC c khi to vi hm XOR ca tham s IV c trong thng tin kho TEK v s khung ca khung m trong UL MAP cp s truyn dn c th c truyn dn. Qu trnh m ho DES s dng IV v TEK t SA ca kt ni m ho ti ca PDU. Ti vn bn m ho ny sau thay th ti vn bn gc ban u. Bit EC trong GMH s c lp ln 1 ch rng mt ti c m ho v cc bit EKS c s dng m ho ti. Nu bao gm CRC, th CRC s c cp nht cho ti vn bn m ho mi.
Vic m ho khi bn tin vn bn nguyn gc mi, khng ch ph thuc vo mi v kho k m cn ph thuc vo tt c cc khi bn tin m1, , mi-1 trc cng nh mt vect khi to IV phi khng c gi b mt. Hm m ho kt qu theo ng
cnh, ngha l cc khi bn tin vn bn nguyn gc ging nhau thng c nh x vo cc khi vn bn mt m khc nhau. t m M l mt bn tin vn bn nguyn gc di mt cch tu c chia thnh t khi n bit m1, m2,, mt. Nguyn l lm vic ca ch CBC c minh ho trong hnh v 3.12.
Hnh 3.12Nguyn l lm vic ca ch CBC.
Trong bc u tin, c0 c khi to vi vect khi to (bc ny khng c minh ho trong hnh). Vi i = 1, 2, , t, khi bn tin vn bn nguyn gc m i sau c cng modulo 2 vi ci-1 (tc l khi vn bn m ho t vng trc) v tng c m ho vi kho k to ra khi vn bn m ho ci ( pha tri). Bi vy, hm m ho c th c nh ngha quy nh sau:
c 0 = IV
ci = E k ( mi ci 1 ) vi 1 i t
(3.14) (3.15)
Do s dng mt IV, vn bn mt m l mt khi di hn bn tin vn bn gc. Do , ch CBC khng bo ton di v dn ti s m rng bn tin ca mt khi (tc l, s m rng bn tin thc t ph thuc vo chiu di khi ca h thng m ho s dng). Trong trng hp khc, cc khi vn bn mt m kt qu ci (i= 0, 1, , t) c truyn ti thit b gii m v u vo mt hng i (c s dng cho gii m). Mt ln na, hng i c khi to vi c0 = IV. gii m ci (i = 1, , t), thit b gii m gii m ci vi kho k v cng kt qu vi ci-1 theo modulo 2 ( pha bn phi). Kt qu to ra khi bn tin vn bn gc mi. Do , hm gii m c th c nh ngha quy nh sau: c 0 = IV
mi = Dk (ci ) ci 1
vi 1 i t
(3.16)
C th c kim tra mt cch d dng, hm quy ny to ra mt khi bn tin vn bn gc mi ng:
mi = Dk (ci ) ci 1 = Dk ( E k (mi ci 1 )) ci 1 = mi ci 1 ci 1 = mi
(3.17)
u im chnh ca ch CBC l n loi b nhng nhc im c cp trc ca ch ECB. l: Trong ch ECB, cc bn tin vn bn gc ging nhau c nh x vo cc khi vn bn m ho ging nhau (nu kho nh nhau). iu ny l bt li, v mt vn bn m ho nhiu khi c th khm ph/ bc l ra s liu thng k v bn tin vn bn gc tng ng, thm ch nu khng th gii m ton b vn bn m ho. Thc t, loi s liu thng k ny l ci m php phn tch m ho thng tm kim v l ci m chng c gng li dng theo cch ny hay cch khc. cc khi bn tin vn bn nguyn gc ging nhau thng c nh x vo cc khi vn bn mt m khc nhau Trong ch CBC, cc khi bn tin vn bn nguyn gc ging nhau thng c nh x vo cc khi vn bn mt m khc nhau. Ch ECB khng bo v mt chui cc khi vn bn m ha. iu ny c ngha l mt i phng c th thay i mt bn tin di mt cch n gin bng cch xo i hay sp xp li cc khi n l trong . Nu mt i phng c cc khi vn bn m ho c m ho vi kho ging nhau th anh ta cng c th chn chng vo vn bn m ho. Lu rng, trong cc trng hp ny, i phng cn c c th gii m bt k khi vn bn m ho no c s dng trong cuc tn cng. Tuy nhin, cng c mt vi nhc im cn phi nh khi s dng h thng m ho bt i xng trong ch CBC. Thc trng cc khi vn bn mt m c xu chui li cng ngha l cc li c truyn lan, v phi x l vi truyn lan li v cc h qu ca cc khi vn bn mt m c truyn khng ng (ngha l cc li truyn dn). Chng hn, nu khi vn bn mt m ci c truyn dn vi mt li th ci v khi dy con (ngha l ci+1) gii m khng ng. Tt c cc khi vn bn m ho khc (l c1, , ci-1, ci+2, , ct) gii m ng, tr khi c cc li truyn dn khc. Lu rng thc trng mt khi vn bn mt m truyn khng ng ch nh hng n 2 khi xut rng cc phn t giao tip c th bt u vi cc IV khc nhau, v s khc nhau ch nh hng n khi vn bn mt m u tin (c tnh ny l quan trng nu 2 phn t khng chia s mt IV chung).
Nu s dng Triple DES vi 3 kha khc nhau th s c hai ch lm vic chnh l ch bn trong CBC v ch bn ngoi CBC nh minh ha trn 3.12 Ch bn trong (inner) CBC: Ch ny c 3 IV khc nhau: S0 = EK1(P1 (IV)1), T0 = EK1(P2 S0),R0 = EK1(P3 T0) (3.18) S1 = DK2(S0 (IV)2), T1 = DK2(T0 S1),R1 = DK2(R0 T1) (3.19) C1= EK3 (S1 (IV)3), C2 = EK3(T1 C1),C3 = EK3(R1 C2) (3.20) Ch bn ngoi (outer) CBC: Ch ny ch yu cu 1 IV: C1 = EK3(DK2(EK1(P1 IV))) (3.21) C2 = EK3(DK2(EK1(P2 C1))) (3.22) C3 = EK3(DK2(EK1(P3 C2))) (3.23) Hnh 3.13 m t hot ng ca Triple DES trong ch CBC
Hnh 3.13 Triple DES trong ch CBC. Nh vy: cung cp s an ton cho d liu c truyn trong Wimax, chun IEEE 802.16 thc hin s dng DES trong ch CBC. Hin nay, DES c xem nh l khng an ton (do nhng vn v an ninh phn tch trn) v c thay th bi chun m ho tin tin AES. Do , chun IEEE 802.16e xc nh vic s dng AES trong m ho. Phn tip theo ca chng, nhm s trnh by v chun m ho tin tin AES.
3.2. Chun m ha tin tin AES-Advanced Encryptiom Standard

3.2.1. Gii thiu v m ha AES. Chun m ha tin tin AES l loi m ginh chin thng trong cuc thi, c t chc vo nm 1997 bi chnh ph US, sau khi chun m ha d liu DES c cho l qu yu do n c kch thc kha nh v do s pht trin ca cng ngh v sc mnh ca vi x l. 15 ng c vin c chp nhn vo nm 1998, v cn c vo nhng bnh lun ca cng ng, danh sch rt gn cn 5 ng c vo nm 1999. Thng 10 nm 2000, mt thut ton trong s 5 thut ton ny c la chn nh l mt chun ca tng lai, l: phin bn c chnh sa ca Rijndael . Thut ton ny c thit k
thay th cho thut ton DES, do cc nh khoa hc ngi B l Joan Daemen v Vincent Rijmen pht minh nm 1997. Do vy n cn c gi l thut ton Rijndael, y l thut ton cc khi cipher, l a n bit ca mt khi d liu cn mt m (plaintext) u vo v chuyn i n thnh n bit ca mt khi d liu mt m ha (ciphertext) u ra thng qua vic s dng mt kha i xng . AES dng mt khi u vo thng c ln 128 bit v to ra u ra tng ng mt khi cng kch c. Mt c im quan trng l kha c th c kch thc bt k, ph thuc vo mc ch s dng, v AES thng s dng 3 loi kha khc nhau l 128, 192 v 256 bit, k hiu AES-128, AES-192, AES-256. Mt s quy c k hiu: u vo v u ra: Mi u vo v u ra i vi thut ton AES bao gm mt chui 128 bit. Cc chui bit ny i khi cn c gi l cc khi v s bit chng cha trong dng ch di ca khi. Kha m ha cho thut ton AES cng l mt chui bit c di 128, 192 hay 256 bit. Cc bit trong chui c nh s bt u t 0 v kt thc v tr nh hn chiu di chui l 1. S i c gn cho 1 bit c xem nh l ch s, v nm trong di 0 i < 128, 0 i <192, 0 i <256, ty thuc vo chiu di khi v chiu di kha nh trn.
Bytes : n v c bn ca qu trnh thc hin trong AES l byte. u vo, u ra v kha m ha c m t nh l mt dy byte. u vo, u ra, kha c k hiu l a, cc byte trong dy kt qu c k hiu theo 2 dng an hoc a[n], trong n l mt trong cc s trong cc di sau : Block length = 128 bits, 0 n < 16 , Key
length = 128 bits, 0 n < 16, Key length = 192 bits, 0 n < 24, Key length = 256 bits, 0 n < 32. Tt c cc gi tr trong thut ton AES c biu din nh l s ghp ni ca cc gi tr bit ring bit c sp xp {b7, b6, b5, b4, b3, b2, b1, b0}. Cc byte nh ny biu din c nh l cc phn t trng hu hn s dng biu din a thc sau :
Dy cc byte: Dy cc byte c biu din di dng a0a1a2 a15. Cc byte v

cc bit trong byte c vit t dy 128 bit input0 input1 input2 input126 input127 uc vit nh sau : a0 = {input0, input1,,input7} a0 = {input8, input9,,input15} a0 = {input120, input121,,input127} Mt cch tng qut : an = {input8n, input8n+1,,input8n+7}
Hnh 3.14: Ch s byte v bit
Bng trng thi (State): Hot ng ca thut ton AES c biu din theo mt
mng hai chiu cc bytes, gi l bng trng thi. Bng trng thi bao gm 4 hng bytes, mi hng cha Nb byte, trong Nb l di khi chia cho 32. Trong bng trng thi, byte c k hiu l s, v mi byte c 2 ch s ring bit l ch s hng r, 0 r < 4 v ch s ct c, 0 c < Nb, k hiu s[r,c], hay sr,c. Ti bc bt u m ha hay gii m, u vo c sao chp vo bng trng thi. Qu trnh m ha v gii m sau c thc hin trn bng trng thi ny, ri cc gi tr cui cng ca bng c sao chp thnh u ra, c m t nh hnh sau:
Hnh 3.15 : Bng trng thi u vo v u ra. Vi s[r, c] = in[r + 4c],0 r < 4, 0 c < Nb v out[r + 4c] = s[r, c], r <4, 0 c<Nb.
Bng trng thi nh l mt mng ca cc ct: 4 byte trong mi ct ca bng

trng thi hnh thnh t m 32 bit, trong s hng r cung cp ch s cho 4 byte trong mi t. Bng trng thi do c biu din nh l mt mng mt chiu gm cc t 32 bit w0w3 : w0 = s0,0 s1,0 s2,0 s3,0 s1,3 s2,3 s3,3 Cc php ton c s dng: ; w2 = s0,2 s1,2s2,2s3,2 ; w1 = s0,1 s1,1 s2,1 s3,1 ; w3 = s0,3
Php cng XOR Php nhn: Trong biu din a thc, php nhn trong trng hu hn GF(28) k
hiu l tng ng vi php nhn a thc theo modulo ca mt a thc sinh bc 8 (mt a thc c gi l a thc sinh nu n ch chia ht cho 1 v chnh n). i vi thut ton AES, a thc sinh ny l : m(x) = x8 + x4 + x3 + x +1. V d : Cc a thc vi h s trong trng GF(28): Cc a thc bc 4 vi cc h s l cc thnh phn trng hu hn c th c nh ngha nh sau: a(x) = a3x3 + a2x2 + a1x + a0, c k hiu nh l mt t m [a0, a1, a2, a3], biu din mt t 4 byte. Khi thc hin cng hay nhn hai a thc kiu ny, ta ch thc hin cng XOR, nhn cc h s ( mi h s l 1 chui 8 bit) vi nhau. V d :
c(x) = c6x6 + c5x5 + c4x4 + c3x3 + c2x2 + c1x + c0 c0 = a0

b0 b3
c4 = a3
b1
a2
b2
a1
c1 = a1 b0
a0 a1
b1
c5 = a3 a0 c6 = a3
b2
a2
b3
c2 = a2 *
b0
b1
b2
b3
Trong ta k hiu c(x)=a(x) b(x), b(x) = b3x3 + b2x2 + b1x + b0. Kt qu c(x) thu c khng biu din mt t 4 byte, do vy bc tip theo khi thc hin php nhn l chia c(x) theo modulo cho a thc bc 4 (chia ly d), kt qu thu c s l a thc c bc nh hn 4. i vi thut ton AES, bc ny c thc hin vi a thc x4 + 1, do ta c xi mod (x4 1) = xi mod 4. Bi v x4 + 1 khng phi l a thc bt kh quy trn trng GF(28), nn php nhn vi mt a thc bc 4 c nh l tt yu khng kh nghch. Tuy nhin thut ton AES ch r mt a thc bc 4 c nh c hm nghch o, l : a(x) = {03}x3 + {01}x2 + {01}x + {} va a-1(x) = {0b}x3 + {0d}x2 + {09}x + {0e} 3.2.2. Thut ton m ha AES. Vi thut ton AES, di khi u vo, khi u ra v bng trng thi l 128 bit. iu ny c th hin bi gi tr Nb=4, tng ng vi cc t m 32 bit (s ct) trong bng trng thi. di ca kha K l 128, 192 v 256 bit. di kha c biu din bi Nk = 4, 6 hay 8, tng ng vi cc t m 32 bit (s ct) trong kha. S vng lp c dng trong qu trnh thc hin thut ton ph thuc vo kch thc ca kha. S vng lp c k hiu l Nr, trong Nr=10 khi Nk=4, Nr=12 khi Nk=6 v Nr=14 khi Nk=8.
Bng 3.9 : Kha - khi bit - s vng. Cho c hai qu trnh m ha v gii m, thut ton AES s dng mt hm vng lp bao gm 4 php chuyn i nh hng byte :
Thay th byte, s dng mt bng thay th (S-box). Dch chuyn cc hng trong bng trng thi bng cc dch khc nhau. Kt hp d liu trong cc ct ca bng trng thi. Cng kha vng lp vo bng trng thi.
Hnh 3.16: S thut ton m ha v gii m AES-128 M ha: Khi u qu trnh m ha, u vo c sao chp vo bng trng thi. Sau khi kha vng lp khi u c cng vo, bng trng thi c chuyn i bng cch thc hin hm vng lp 10,12 hay 14 ln (ty thuc vo di kha), vi vng lp cui cng khc cht t so vi Nr-1 vng trc . Bng trng thi cui cng sau c sao chp n u ra. Hm lp c tham s ha bng cch s dng h thng kha, bao gm mt mng mt chiu ca cc t m 4 byte c suy ra t phng php m rng kha. 4 php
chuyn i c k hiu SubBytes, ShiftRows, MixColumns v AddRoundKey. Vng lp cui cng s khng bao gm hm chuyn i MixColumns. Chuyn i SubBytes: Php chuyn i SubBytes l mt php thay th byte khng tuyn tnh, hot ng mt cch c lp trn mi byte ca bng trng thi bng cch s dng mt bng thay th S-box.
Hnh 3.17: p dng S-box cho mi byte ca bng trng thi S-box c s dng trong php chuyn i SubBytes di dng hexa:
Bng 3.10: Bng S-box
Hnh 3.18 : Dch vng trong 3 hng cui ca bng trng thi. Php chuyn i ShiftRows: Trong php chuyn i ShiftRows, cc byte trong 3 hng cui ca bng trng thi c dch quay vng theo s byte. Hng u tin, r=0, khng dch chuyn. Chuyn i ShiftRows c thc hin theo biu thc sau:
Trong gi tr dch shift(r,Nb) ph thuc vo s hng, r. V d shift(1,4)=1; shift(2,4)=2; shift(3,4)=3. M t trong hnh 3.18 Php chuyn i MixColumns: Php chuyn i MixColumns thc hin trn tng ct ca bng trng thi. Cc ct c xem nh l cc a thc trn trng GF(2 8) v nhn modulo x4+1 vi a thc c nh a(x): a(x) = {03}x3 + {01}x2 + {01}x + {02} Php nhn s'(x) = a1(x) s(x) c th c biu din di dng ma trn:
Hnh 3.19: Hot ng Mixcolumn trn tng ct ca bng trng thi Php chuyn i AddRoundKey: Mt kha vng lp c cng vo bng trng thi bng php cng XOR. Mi kha vng bao gm c Nb t m t h thng kha. Nb t m ny c cng vo cc ct ca bng trng thi:
trong [wi] l t m h thng kha v vng lp round l mt gi tr trong di 0round Nr. Trong m ha, vic cng kha vng khi to c thc hin khi round=0 v vic p dng php chuyn i AddRoundKey vi Nr round cn li c thc hin khi 1roundNr.
Hnh 3.20: XOR mi ct trong bng trng thi vi mt t trong h thng kha
Hnh 3.21: Vng lp m ha AES M rng kha: Thut ton AES ly kha m ha K v thc hin qu trnh m rng kha to ra h thng kha. Vic m rng kha to ra tng cng Nb(Nr+1) t m: thut ton yu cu mt b Nb t m khi to , v mi Nr vng yu cu Nb t m ca d liu kha, do vy tng cng l Nb(Nr+1). H thng kha thu c bao gm mt mng tuyn tnh cc t m 4 byte, k hiu [wi], vi i nm trong khong 0iNb(Nr+1). Thut ton m rng kha thc hin vi 3 hm sau: Hm RotWord: ly mt t 4 byte lm u vo [a0,a1,a2,a3] v tin hnh vic hon v vng nh sau: [a1,a2,a3,a0] .
Hm SubWord: ly mt t 4 byte lm u vo v s dng bng S-box cho tng byte trong s bn 4 byte ny to ra t u ra.
Hm Rcon[i]: biu th ma trn t hng s lp v cha gi tr c cho nh sau: [x ,{00},{00},{00}] trong x = {02}
i-1
Thut ton m rng kha nh sau : i=0 while (i<Nk) w[i] = word (key[4*i], key[4*i+1], key[4*i+2], key[4*i+3]) i = i+1 end while i = Nk while (i<Nb*(Nr+1)) temp = w[i-1] if (i mod Nk = 0) temp = SubWord (RotWord(temp)) xor Rcon[i/Nk] else if (Nk>6 and i mod Nk = 4) temp = SubWord(temp) end if w[i] = w[i-Nk] xor temp i=i+1 end while V d: m rng kha 128 bit Gi s kha l : 2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c Vi Nk=4 ta c : w0 = 2b7e1516 ; w1 = 28aed2a6 ; w2 = abf71588 ; w3 = 09cf4f3c
Bng 3.11: M rng kha 128bit Gii m: Qu trnh gii m c thc hin ngc li vi qu trnh m ha. Cc php chuyn i c s dng trong qu trnh gii m l InvShiftRows, InvSubBytes, InvMixColumns v AddRoundKey. Ban u kha vng khi to cng c cng XOR vi u vo. Hnh 3.24 l s gii m AES Chuyn i InvShiftRows : y l hm ngc ca hm ShiftRows. Cc byte trong 3 hng cui ca bng trng thi c dch chuyn vng. Hng u tin r=0 khng dch chuyn. Theo biu thc sau :
Hnh 3.22 : InvShiftRows. Chuyn i InvSubBytes : y l php chuyn i ngc vi php chuyn i thay th, m trong bng S-box ngc c p dng vo i vi mi byte trong bng trng thi.
Bng 3.12 : Bng S-box o
Php chuyn i InvMixColumns: l php o ca MixColumns. Php ny thc hin trn tng ct ca bng trng thi. Cc ct c xem nh l cc da thc trn trng GF(28) v nhn modulo x4+1 vi mt a thc c nh ( a thc a-1(x) nu trn) : s(x) = a1(x) s(x). Ta thu c :
Hnh 3.23: S gii m AES-128 . V d v m ha AES-128: Gi s ta c : Input = 32 43 f6 a8 88 5a 30 8d 31 31 98 a2 e0 37 07 34 Cipher Key = 2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c Nh vy Nb=4, Nk=4 v Nr=10. Ta c tin trnh m ha nh sau:
Bng 3.13: M ha AES-128.
3.2.3. AES-CCM trong Wimax Chun IEEE 802.16e b sung thm s dng AES cung cp mt phng php m ha d liu mnh. N xc nh s dng AES trong 4 ch : CBC (Cipher Block
Chaining) , counter encryption (CTR), CTR cng vi m nhn thc bn tin CBC (CCM) v ECB. ECB n gin l m ha tng khi c ca vn bn gc, s dng cng mt kha. Trong ch CBC, u vo ca thut ton m ha l php XOR ca khi bn tin gc vi khi bn tin c m ha trc . Vi ch CTR, mt khi ca bn tin gc cha m ha c XOR vi khi m . Ch CTR c xem nh tt hn ch CBC do n c kh nng thc hin qu trnh x l d liu song song, thc hin x l trc cc khi d liu, v n hot ng n gin hn. Ch CCM b sung thm kh nng xc nh nhn thc ca bn tin c m ha cho ch CTR. Ch ECB c s dng m ha cc TEK (Traffic Encryption Key kha mt
m lu lng c s dng m ha d liu truyn dn gia cc trm gc BS v cc trm thu bao SS). Chun IEEE 802.16e b sung thut ton bo mt AES-CCM s dng kha 128 bit (TEK) nh mt phng thc m ha d liu mi, trong vic m bo s kim tra tnh nguyn vn ca bn tin v chng li phng thc tn cng replay (pht li) bng cch s dng s PN (Packet Number). Pha pht xy dng mt ln duy nht s ngu nhin ha mt m cho mi gi, bo m tnh duy nht v thm vo k thut nhn thc d liu. CCM l ch lm vic trong cng mt kha c th c s dng cho c vic mt m ha cng nh nhn thc.CCM s dng AES-CTR cho vic mt m ha, CBC-MAC cho m bo tnh ton vn ca bn tin. Trc tin n s tnh ton MIC (message integrity code: M ton vn ca bn tin) bng cch s dng CBC-MAC , tip mt m ha bn tin v MAC bng cch s dng AES-CTR [13]. i vi vic truyn d liu, cc thit b ca chun 802.16 s dng thut ton AESCCM (hoc DES-CBC cng c php s dng, tuy nhin n khng cung cp s bo v) ng gi. Ch hot ng CCM ca AES yu cu my pht to ra mt nonce duy nht, l mt b ngu nhin m ha tng gi tin. IEEE 802.16e nh r mt nonce c 13 byte, nh hnh v. Byte t 0 n 4 c xy dng t 5 byte u tin ca GMH (Generic MAC Header). Byte t 5-8 c dng d tr v tt c u c t bng 0. Byte t 9-12 c t cho s gi (Packet Number PN). PN lin quan ti mt SA (SA l tp hp ca thng tin bo mt mt trm gc BS v mt hay nhiu trm thu bao SS ca n, chia s h tr bo mt cho cuc truyn thng thng qua mng Wimax) v c t bng 1 khi SA (Security Association lin kt bo mt) c thit lp v khi mt
TEK mi c ci t. V nonce ph thuc vo GMH, nn nhng thay i trn GMH c th c pht hin bi my thu. Vic xy dng CCM trong 802.16 yu cu mt gi tr ngu nhin (nonce) 13 byte. Mt b m ln s cho php thng tin c tip tc thc hin m khng phi np li kho, trong khi vn xm nhp c vo phn mo u kh ln ca PDU. Mt gi tr PN nh hn s dn ti vic phi np li kho thng xuyn hn. ti u ho phn mo u cho PDU, chun 802.16 s dng 5 byte u tin ca GMH v 4 byte c gi tr l 0 in y 9 byte v s dng 4 byte PN xy dng nonce.
Hnh 3.24: Nonce.
Hnh 3.25: CCM CBC Block
Hnh 3.26 : CCM counter block. to mt m nhn thc bn tin, AES-CCM s dng mt s thay i ca ch CBC. Thay v s dng mt IV, mt khi CBC khi to c ni thm vo phn m u ca bn tin trc khi n c m ha. Nh trong hnh 3.24, khi CBC khi to bao gm mt c, gi nonce, v di ti tin. m ha ti tin v m nhn thc bn tin, AES-CCM s dng ch CTR. Vi
ch hot ng ny, n khi b m c to, trong n l s khi cn thit ph hp kch thc bn tin cng vi mt khi dnh cho m nhn thc bn tin (AES s dng khi d liu 128 bit). Khi u tin c s dng m ha m nhn thc bn tin v cc khi cn li dng m ha ti tin. Nh trong hnh 3.25, khi b m bao gm 1 c, gi nonce v khi s m i, trong i t 0 n n. M nhn thc bn tin c to ra bng cch m ha khi CBC khi to v ti tin gc. Hnh 3.26 miu t vic to m nhn thc bn tin v s m ha ca m nhn thc bn tin. Bc u tin trong vic to m nhn thc bn tin l tch ti tin gc cha m ha t PDU v thm vo khi CBC khi to vo u gi. Sau khi ny c m ha bng cch s dng thut ton AES trong ch CBC vi TEK t SA ca kt ni. 128 bit sau cng (kch thc ca mt khi AES) ca u ra m ha c la chn biu din m nhn thc bn tin. Bn gi s thc hin qu trnh ny v sau s m ha m nhn thc bn tin cng vi bn tin. Bn nhn s gii m bn tin v m nhn thc bn tin, v sau thc hin qu trnh tng t trn bn tin. Pha bn nhn sau s so snh m nhn thc bn tin
n to ra vi m nhn thc bn tin nhn c. Nu chng ging nhau th bn tin l xc thc, nu khng th bn tin s b hy b. Vic m ha m nhn thc bn tin c tin hnh bng khi m m ha 0 s dng AES trong ch CTR vi TEK t SA ca kt ni. Khi c m ha ny sau c cng XOR vi m nhn thc bn tin to ra phin bn c m ha.
Hnh 3.27 : Qu trnh m ha v to m nhn thc bn tin
Hnh 3.28: M ha ti tin AES-CCM
PN sau c thm vo pha trc ti tin c m ha v m nhn thc bn tin c thm vo pha sau. Sau khi d liu ny thay th cho bn tin gc cha m ha. Bit EC trong GMH s c t bng 1 xc nh ti tin c m ha v cc bit EKS s c set xc nh TEK c s dng m ha ti tin. Nu c thm CRC th n s cp nht nhng ti tin mi.
KT LUN Nghin cu k thut bo mt l mt qu trnh lu di. Chun mi nht dnh cho WiMAX, IEEE 802.16e m ra cnh ca mi cho tnh di ng trong mng khng dy, nhng cng lm tng thm cc nguy c tn cng, bi gi y k tn cng khng cn b rng buc v v tr na. y, c thm nhiu vn ny sinh nh vic qun l kha gia cc BS, roaming nhn thc ngi dng. Hin nay, cc nh cung cp sn phm tung ra th trng mt s sn phm WIMAX, cng ngh ny cng ang c trin khai th nghim. Do cc t chc kinh doanh, cc nh cung cp dch v, cc chuyn gia IT nn tm hiu k cng cc vn bo mt lin quan n WIMAX trc khi trin khai cng ngh mi ny. WiMAX c h tr nhiu hn t nh cung cp dch v cho truy cp khng dy bng thng rng. WiMAX khng an ton t knh m gip cho c LOS v NLOS ph
linh ng vi ngi s dng di chuyn.Tiu im ti l cc giao thc PKM, m vai tr quan trng l s an ton trong kt ni v truyn qua BWA. Qu trnh chng thc ca ngi s dng , trao i kha, v m ha d liu tng qut vi s nhn mnh chng thc v xc thc, xut x ca kha, m ha MDPU payload, tng ng. Tuy vy, nhng c tnh bo mt mi trong nhng tiu chun gn y c bao trm v mt s vn m ca bo mt WiMAX nh hng cho nhng nghin cu tng lai.
TAI LIU THAM KHAO 1. Cac tai liu v Wimax cua thy Phan Thanh Hin 2. Bo mt trong WiMAX, TS. L Nht Thng & KS. Hong c Tnh, Tp ch BCVT&CNTT, 14/12/2007. http://www.tapchibcvt.gov.vn/vi-VN/congnghetruyenthong/2008/1/17852.bcvt . 3. Wimax A wireless Technology Revolution, G.S.V.Radha Krishna Rao, G.Radhamani, Auerbach Publications, Taylor & Francis Group, 2008. 4. Gio trnh mt m hc PGS_TS Nguyn Bnh. NXB Bu in 01/2004 5. Cng ngh truy cp mng NGN - Nguyn Vit Hng Tng cng ty Bu chnh Vin thng Vit Nam Hc vin cng ngh Bu chnh Vin thng 5/2007. 6. tai tham khao : Vn bao mt trong Wimax http://www.scribd.com/doc/82441011/15/Chu%E1%BA%A9n-ma-hoa-tien-ti %E1%BA%BFn-AES-Advanced-Encryptiom-Standard

NCKH - MHBM Trong Wimax

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

NCKH - MHBM Trong Wimax

Uploaded by

Copyright:

Available Formats

TRNG AI HOC KY THUT CNG NGHIP THAI NGUYN KHOA IN T ------------o0o------------

TAI NGHIN CU KHOA HOC NM 2012

Thai Nguyn, ngay 14 thang 04 nm 2012

Nghin cu khoa hoc nm 2012

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Khong cch gia trm thu v pht c th t 30Km ti 50Km.

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

2.2. Cc phng php m ha bo mt

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Hnh 2.1 :M t hm mt chiu V d nh, ta c p l mt s nguyn t v g l mt hm sinh (hoc l gc) ca Z . Khi :

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Bn tin gc : WHEN-DRINKING-WATER-REMEMBER-ITS-SOURCE. Zig : W E D I R N K I N G W T R E R M E B M E + R T S I S U C E. =

Bn tin m ha = zig WEDIKNWTREEBRTSUCHNRNIGAERMMEIORE

Bng 2.1 : M ha Scytale N D R W M U A B R T E C

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Khi u tin MI c tnh ton tng ng:

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Bn tin m ha : CIKKGEWEROY Pha nhn s tnh : gii m bn tin. Hai ch ci

Hnh 2.5 : The Vigenre Square

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

ng.V d vi kha l t kha PUCK ta s vit thnh PUCKP CKPUC

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax

Nghin cu khoa hoc nm 2012

Ma hoa bao mt trong Wimax