Mc lc:

Li ni u ..2
Phn 1: M ha v cc vn lin quan ..3
1.1 Khi nim m ha d liu .....3
1.2 Hm bm ..4
1.2.1 Hm bm v ch k4
1.2.2 MD5 .......6
1.3 Thut ton m ha kha cng khai RSA .13
1.3.1 M t s lc ...13
1.3.2 Thut ton RSA ....16
1.3.3 Tnh bo mt ca gii thut RSA .19
1.3.4 Cc vn t ra trong thc t..20
Phn 2: Ch k in t v chng trnh ng dng ..23
2.1 Khi nim Ch k in t .......23
2.2 Cch thc hot ng ca ch k in t .....26
2.2.1 Qu trnh k ..28
2.2.2 Qu trnh xc nhn ch k trn ti liu ....29
2.3 Chng trnh ng dng ...32
2.3.1 Gii thiu chng trnh ....32
2.3.2 Mt s hnh nh ca chng trnh ...34
Kt lun 36











Li ni u:
Hin nay, vic m bo an ton thng tin, trnh mi nguy c b thay i, sao chp
hoc mt mt d liu trong cc ng dng trn mng lun l vn bc xc, c
nhiu ngi quan tm. Trong bi bo ny, em trnh by nhng vn lin quan v
m ha thng tin, thut ton bm MD5, thut ton m ha RSA v ch k in t.
T , ng dng thut ton MD5 v RSA phn tch qu trnh hot ng ca ch
k in t. Trn c s , em ra gii php ng dng ch k in t trn c s
kt hp gia thut ton bm MD5 v thut ton m ha RSA trong qu trnh gi v
nhn cc tp vn bn.
Trn thc t, ch k in t (Digital Signature) c ng dng rng ri trong
cc ng dng trn mng. Mt trong nhng ng dng quan trng ca ch k in t
l m bo an ton d liu khi truyn trn mng. Tuy nhin, khi xy dng mt ng
dng, cc nh pht trin thng ch tp trung xy dng cc chc nng ca h
thng, t quan tm n vn an ton trong qu trnh truyn tin.
Nhm gii quyt vn x l cc giao dch trao i vn bn trn mng, n nay
c nhiu gii php lin quan n vn m ha vn bn, nhng em chn v
xut gii php ng dng ch k in t trn c s kt hp gia thut ton bm MD5
v thut ton m ha RSA trong qu trnh gi v nhn tp vn bn ca h thng phn
mm qun l.
Bo mt thng tin l lnh vc rt rng, nn y ch l bc khi u em tip tc
nghin cu v ng dng cc thut ton m ha trong vic xy dng ng dng.
Trong bi bo ny, em trnh by nhng n i dung chnh nh sau: u tin em gii
thiu mt s vn lin quan trong lnh vc m ha d liu. Tip theo em tp trung
trnh by gii php ng dng ch k in t s dng MD5, RSA v ra cch thc
vn dng, trin khai trong qu trnh gi v nhn tp vn bn.
Trong bo co ny do em cha c thi gian nghin cu su hn nn cn nhiu
sai st mong thy (c) ng gp kin chng trnh ca em c hon thin hn .




Thi Nguyn, thng 11 nm 2010
Sinh vin thc hin: Nguyn Trng Khim
Lp : CNTT- K6B






Phn 1: M HA V CC VN LIN QUAN
1.1 Khi nim m ha d liu

M ha d liu l s dng mt phng php bin i d liu t dng bnh thng
sang mt dng khc, m mt ngi khng c thm quyn, khng c phng tin
gii m th khng th c hiu c. Gii m d liu l qu trnh ngc li, l s
dng mt phng php bin i d liu c m ha v dng thng tin ban u.

Hnh 1:Quy trnh m ha d liu
Sau y l mt s khi nim v k hiu lin quan v vn m ha d liu :

- M ha (Encryption): Qu trnh chuyn i d liu gc thnh d liu c m
ha sao ngi khc khng th c hiu c (k hiu E);
- Gii m (Decryption): Qu trnh ngc li ca m ha, bin i d liu c m
ha thnh dng gc ban u (k hiu D);
- Thng ip (Message), bn gc (Plaintext): Tp d liu cha m ha (k hiu M).
- Bn m (Ciphertext): Tp d liu c m ha (k hiu C).
Theo quy c, khi m ha th C = E(M) v khi gii m th M = D(C) = D(E(M))

Theo phng php truyn thng, ngi ta thng dng cng mt kha
m ha v gii m. Lc , kha phi c gi b mt tuyt i. Ngi ta gi y
l h thng m ha c in (hay cn gi l m ha i xng, mt kha, kha b
mt,...).
Mt s phng php m ha theo h thng m ha c in nh :
- M dch vng
- M thay th
- M Affine
- M Vigenre
- M Hill
- Cc h m dng






Do phc tp ca cc h m c in thp, khng m bo cho d liu truyn i
trn internet c an ton nn ngi ta nghin cu v pht trin mt h thng m ha
mi an ton hn v vn c s dng rng ri l h m DES. Phng php m ha
theo h thng m ha DES ti hin nay vn c s dng rng ri trong cc h thng
ln do c an ton kh cao.
Phng php khc s dng kha cng khai ( cn gi l phng php m ha bt
i xng, hay h thng hai kha) trong kha m ha v kha gii m l
khc nhau. Cc kha ny to thnh mt cp chuyn i ngc nhau v khng kha
no c th suy ra c t kha kia. Phn tip theo ca bi bo s cp n k thut
m ha ny.
1.2 Hm bm
1.2.1 Hm bm v ch k:
kim tra tnh ton vn ca mt khi data ln, ngi ta s dng ch k s
i din cho khi data (ging nh ch k trn vn bn) bng cch dng hm bm: vi
input l mt message bt k, output l mt chui bt c chiu di xc nh trc, chui bt
ny c gi l message_digest.
1.2. Hashing Hm Bm
Hashing l mt phng thc mt m nhng n khng phi l mt thut ton m
ho. ng nh vy, hashing ch s dng mt chng ch s duy nht c bit n vi tn
nh "hash value gi tr hash", "hash bm", Message Authentication Code (MAC),
fingerprint vn tay, hay mt on message. D liu u vo ca bn c th l mt file,
mt a mt qu trnh truyn thng tin trn mng, hay mt bc th in t. Thng s
hash value c s dng pht hin khi c s thay i ca ti nguyn. Ni cch khc,
hashing s dng n pht hin ra d liu c ton vn trong qu trnh lu tr hay trong
khi truyn hay khng.
V d, thng s hash value c tnh ton so snh vi thng s hash value
c to ra trc mt tun. Nu hai thng s ging nhau th d liu cha c s thay
i. Nu hai thng s c s khc nhau, th d liu b thay i. Trong hnh di y th
hin c bn v hash hay thng s MAC.
Thng s MAC value c tnh ton bi ngi gi (sender) v ngi nhn
(receive) vi cng mt thut ton.









Hnh 1: Th hin c bn v hash hay thng s MAC

Khng nh cc phng thc mt m khc, chng s lm thay i d liu thnh
mt dng mt m, qu trnh hashing s dng mt thng s hash value v khng thay i
d liu ban u. Bi v cc tnh nng c bit, hashing c th s dng bo v v kim
tra tnh ton vn ca d liu. N cng c kh nng s dng kim tra khi c mt tin
trnh copy c thc hin v m bo tnh chnh xc ca d liu khi chng c copy.
V d, khi mt cng c to ra mt bn copy, mt qu trnh hash c thc
hin trn a trc khi qu trnh nhn i c thc hin. Nu hai thng s hash ca
cng mi c to ra v thng s hash ca a ban u th qu trnh nhn i d liu
c thc hin chnh xc v m bo d liu khng c s thay i mt mt trong qu
trnh nhn bn. Vic hashing s dng m bo d liu c nguyn bn gip d liu
lu dng k thut s s lun d c nguyn bn sau v s ln copy v iu ny
khng th thc hin khi lu d liu cc dng khc v nh lu thng tin m thanh bng
bng t s b bin dng sau nhiu ln copy.
V d, Message Digest 5 (MD5) l mt thut ton hash vi 128-bit hash. iu ny
c ngha khng c vn vi d liu u vo v d liu u ra sau qu trnh hash bi n
lun lun thm vo 128 bits. Sc mnh ca qu trnh hashing l n c thc hin mt
chiu v khng th c phng thc no c th thc hin ngc li c converts
thng s hash thnh d liu ban u. Nu mt vi ngi c c cc thng s hash ca
ta, h khng th ly c d liu ban u. Tuy nhin khng phi l phng thc mt





m khng th tn cng. Hashing c th b tn cng bi cc phng thc o ngc hay
birthday attack. Phng thc tn cng bnh thng s dng l s dng cc cng c
password-cracking. Hu ht cc h thng lu tr passwords trong d liu accounts v
c hashed (bm). Hashs khng th thc hin ngc li, bi l mt gii php bo
mt, c ngha khng c cng c no c th chuyn ngc li mt password c hash
thnh mt password nguyn bn cha c hash. Tuy nhin mt thut ton no cng c
nhng bt cp ring, bng vic s dng cc phn mm, password crackers chng c th
pht hin ra on m them vo d liu ban u v ch cn xo on hash value i l c
th truy cp bnh thng. D liu Account thng khng c m ho, v d liu
password thng c hash do hu ht cc cng c crack password ch c th xo
password c t cho user m khng th view password .

Thut ton hashing thng c s dng:

Secure Hash Algorithm (SHA-1) vi - 160-bit hash value
Message Digest 5 (MD5) vi 128-bit hash value
Message Digest 4 (MD4) vi 128-bit hash value
Message Digest 2 (MD2) vi 128-bit hash value


- Cc tnh cht c bn ca hm bm:
+ L hm mt chiu, khng th thc hin php bin i ngc nh trong qu trnh
m ha v gii m, ngha l vi mt message_digest cho trc, kh c th tm c
mt message no m c hm bm bng message_digest ny.
+ Kh c th tm c hai message m c cng mt message_digest.
Cc gii thut bm c s dng hin nay l: MD2, MD4, MD5, SHS. Trong MD5 l
gii thut bm c s dng ph bin v n s c trnh by trong phn di.
1.2.2 MD5
- Gii thut MD5 c pht trin bi Ron Rivest MIT: nhn u vo l mt khi data
(message) c chiu di bt k, x l n thnh cc khi 512 bt, to u ra l mt
message_digest 128 bt. Qu trnh bao gm cc bc sau:
* Bc 1: message ban u c thm (padding) mt s bt (bt u l bt 1, k tip
l cc bt 0, s bt thm vo t 1 ti 512 bt) sao cho tng s bt sau khi thm vo cng
vi 64 (chii di ca message ban u) l bi s ca 512.







Hnh 2: To message_digest s dng MD5.

* Bc 2: khi to b m MD. B m 128 bt c dng cha kt qu trung
gian v cui cng ca hm bm. C th xem b m nh l 4 thanh ghi 32 bt. Cc thanh
ghi ny c khi to (dng s hex) nh sau:
A = 01234567; B = 89abcdef; C = fedcba98; D = 76543210
* Bc 3: x l message thnh tng khi 512 bt (16 t 32 bt). Qu trnh tnh
ton c chia thnh tng giai on, s giai on bng s chiu di (tnh theo bt) ca
message sau khi padding chia cho 512. Mi giai on nhn u vo l khi 512 bt ca
message c padding v message_digest ca giai on trc, cho ra kt qu l
message_digest mi (xem hnh 1). Mi giai on thc hin trong 4 bc (vng), bn
vng c cu trc ging nhau nhng mi vng s dng mt hm lun l khc nhau, c
c t l F, G, H, I. Trong hnh 2, bn vng c t nhn l f
F
, f
G
, f
H
, f
I
, ch rng
mi vng c cu trc hm tng qut nh nhau nhng ty thuc vo s khc nhau ca
hm thao tc (F, G, H, I).







Hnh 3: X l MD5 ca khi n 512 bt (HDMD5).

Mi vng c thc hin 16 bc tun t trn cc data A, B, C, D (hnh 3). Biu thc
tnh ton c s dng trong mi vng c dng:
a = b + CLS
s
(a + g(b,c,d) + X[k] + T[i]).









Trong :
. a, b, c, d: l 4 word A, B, C, D theo th t no .
. g: l mt trong cc hm F, G, H, I.
F(b,c,d) = (b & c) | (~b & d)
G(b,c,d) = (b & d) | (c & ~d)
H(b,c,d) = b ^ c ^ d
I(b,c,d) = c ^ (b & ~d)
. CLS
s
: dch vng bn tri s bt.
. X[k] = M[q*16 + k] : t 32 bt th k ca khi 512 bt th q ca message.
. T[i] = 2
32
* abs(sin(i)) : t 32 bt th i (i tnh theo radian) (xem bng).
. Php ton cng (+) tnh cho modulo 2
32


Hnh 4: Tc v ca MD5: [abcd k s i]






Bng T c xy dng t hm sin
T
1
= D76AA478 T
17
= F61E2562 T
33
= FFFA3942 T
49
= F4292244
T
2
= E8C7B756 T
18
= C040B340 T
34
= 8771F681 T
50
= 432AFF97
T
3
= 242070D8 T
19
= 265E5A51 T
35
= 69D96122 T
51
= AB9423A7
T
4
= C1BDCEEE T
20
= E9B6C7AA T
36
= FDE5380C T
52
= FC93A039
T
5
= F57C0FAF T
21
= D62F105D T
37
= A4BEEA44 T
53
= 655B59C3
T
6
= 4787C62A T
22
= 02441453 T
38
= 4BDECFA9 T
54
= 8F0CCC92
T
7
= A8304613 T
23
= D8A1E681 T
39
= F6BB4B60 T
55
= FFEFF47D
T
8
= FD469501 T
24
= E7D3FBC8 T
40
= BEBFBC70 T
56
= 85845DD1
T
9
= 698098D8 T
25
= 21E1CDE6 T
41
= 289B7EC6 T
57
= 6FA87E4F
T
10
= 8B44F7AF T
26
= C33707D6 T
42
= EAA127FA T
58
= FE2CE6E0
T
11
= FFFF5BB1 T
27
= F4D50D87 T
43
= D4EF3085 T
59
= A3014314
T
12
= 895CD7BE T
28
= 455A14ED T
44
= 04881D05 T
60
= 4E0811A1
T
13
= 6B901122 T
29
= A9E3E905 T
45
= D9D4D039 T
61
= F7537E82
T
14
= FD987193 T
30
= FCEFA3F8 T
46
= E6DB99E5 T
62
= BD3AF235
T
15
= A679438E T
31
= 676F02D9 T
47
= 1FA27CF8 T
63
= 2AD7D2BB
T
16
= 49B40281 T
32
= 8D2A4C8A T
48
= C4AC5665 T
64
= EB86D391












- Cc tc v [abcd k s i] trong mi vng l:


ABCD 0 7 1 1 5 17 5 4 33 0 6 49
DABC 1 12 2 6 9 18 8 11 34 7 10 50
CDAB 2 17 3 11 14 19 11 16 35 14 15 51
BCDA 3 22 4 0 20 20 14 23 36 5 21 52
ABCD 4 7 5 5 5 21 1 4 37 12 6 53
DABC 5 12 6 10 9 22 4 11 38 3 10 54
CDAB 6 17 7 15 14 23 7 16 39 10 15 55
BCDA 7 22 8 4 20 24 10 23 40 1 21 56
ABCD 8 7 9 9 5 25 13 4 41 8 6 57
DABC 9 12 10 14 9 26 0 11 42 15 10 58
CDAB 10 17 11 3 14 27 3 16 43 6 15 59
BCDA 11 22 12 8 20 28 6 23 44 13 21 60
ABCD 12 7 13 13 5 29 9 4 45 4 6 61
DABC 13 12 14 2 9 30 12 11 46 11 10 62
CDAB 14 17 15 7 14 31 15 16 47 2 15 63
BCDA 15 22 16 12 20 32 2 23 48 9 21 64




Vng 1 Vng 2 Vng 3 Vng 4





- Cc php ton dng trong gii thut MD5 gm c:
+ Php ton i (~): b bt.
+ Php ton and (&): and cc bt ca hai ton hng 32 bt vi nhau.
+ Php ton or (|): or cc bt ca hai ton hng 32 bt vi nhau.
+ Php ton xor (^): xor cc bt ca hai ton hng 32 bt vi nhau.
+ Php ton cng (+): cng modulo 2
32
hai ton hng 32 bt vi nhau.
+ Php ton dch tri vng (w << s): dch tri vng w (32 bt) vi s bt.
* Bc 4: xut (output). Tt c khi 512 bt L c x l th u ra giai on th
L l message_digest 128 bt.
C th tm tt hot ng ca MD5 nh sau:
MD
0
= IV
MD
q+1
= MD
q
+ f
I
(Y
q
, f
H
(Y
q
, f
G
(Y
q
,f
F
(Y
q
,MD
q
))))
MD = MD
L-1

Trong :
+ IV: gi tr khi to ca b m ABCD

c xc nh trong bc 2.
+ Y
q
: khi message 512 bt th q.
+ L: s khi message ( c padding).
+ MD: gi tr message_digest cui cng.
// M ha bng thut ton MD5
byte[] hash;
byte[] plainBytes = Encoding.Unicode.GetBytes(document);
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
hash = md5.ComputeHash(plainBytes);
md5.Clear();
//Kt thc m ha MD5





1.3 Thut ton m ha kha cng khai RSA:
Trong mt m hc, RSA l mt thut ton m ha kha cng cng. y l thut
ton u tin ph hp vi vic to ra ch k in t ng thi vi vic m ha. N nh
du mt s tin b vt bc ca lnh vc mt m hc trong vic s dng kha cng cng.
RSA ang c s dng ph bin trong thng mi in t v c cho l m bo an
ton vi iu kin di kha ln.
1.3.1 M t s luc:
Thut ton RSA c hai kha: kha cng khai (hay kha cng cng) v kha b mt
(hay kha c nhn). Mi kha l nhng s c nh s dng trong qu trnh m ha v gii
m. Kha cng khai c cng b rng ri cho mi ngi v c dng m ha.
Nhng thng tin c m ha bng kha cng khai ch c th c gii m bng kha b
mt tng ng. Ni cch khc, mi ngi u c th m ha nhng ch c ngi bit
kha c nhn mi c th gii m c.
Mt v d trc quan: Bob mun gi cho Alice mt thng tin mt m Bob mun
duy nht Alice c th c c. lm c iu ny, Alice gi cho Bob mt chic hp
c kha m v gi li cha kha. Bob nhn chic hp, cho vo mt t giy vit th
bnh thng v kha li (lc ny ngay c Bob cng khng th c li hay sa thng tin
trong th c na). Sau Bob gi chic hp li cho Alice. Alice m hp vi cha kha
ca mnh v c thng tin trong th. Trong v d ny, chic hp vi kha m ng vai
tr kha cng khai, chic cha kha chnh l kha b mt.


Lch s cuc cch mng ton hc m RSA v chnh ph in t:
Khi phng php m kha cng khai cha ra i, ngi ta s dng hu nh cng
mt 'cha kha' m ha cng nh gii m chung cho c ngi gi v ngi nhn
thng tin (h m i xng). Vi h m ny, mt trong nhng kh khn ln ca ngnh an
ninh v m ha lc l lm sao gi an ton cha kha b mt trn cc knh truyn tin
cng khai c nhiu ngi tham gia.






Hnh: Ba nh khoa hc Shamir, Rivest v Adleman
u nm 1969, James Ellis, mt chuyn gia thm m li lc ca C Quan
Truyn Thng Chnh Ph Anh Quc (GCHQ) ny ra tng c sc rng, nu
ngi nhn tin a mt nhiu no ln ng truyn cng khai m ch ring anh ta
bit cch kh nhiu, th mi thng tin mt gi n cho anh ta u c th a ln knh
truyn tin cng khai . Nhng ngi khc, d bt c tn hiu cng khng th no
gii m c tin mt.
Cui nm 1969, James Ellis nhn ra tng trn c th t c bng 'hm mt
chiu' (xem ph lc) Theo , ch c th tm hm ngc nu bit thng tin no ,
ging nh khi phc tn hiu khi bit ci nhiu do mnh to ra. Nhng ng khng thc
hin c iu ny, do khng bit liu hm mt chiu c tn ti hay khng.
Bn nm sau Clifford Cocks- mt nhn vin mi ca GCHQ- c Patterson,
thy hng dn, k cho nghe tng c o ca James Ellis v ng tm ra hm mt
chiu cn thit ch trong vng na gi: chnh l php nhn! Nhn hai s nguyn t
ln bao nhiu cng c l iu ht sc d dng, nhng khi bit tch ca chng, tm
li cc tha s th ta cn phn tch s cho ra tha s nguyn t. iu ny hu nh
khng th lm c vi cc s ln. ht vy, phn tch n (=p*q) ra tha s nguyn
t, cn chia ln lt n cho cc s nguyn t nh hn. Theo mt nh l ni ting trong
s hc, c khong (n/log n) s nguyn t b hn n. Nu n c khong 300 ch s th s
phi lm khong 10150/300 php chia. (Nu dng my tnh tc 1 t php tnh/giy,
ta s mt chng...t t t nm phn tch s n!) Nh vy, hm s thit lp s tng
ng gia hai s p, q vi tch n=pq chnh l hm mt chiu. Gii php tht n gin v
Cocks cng khng t cm nhn c y ngha ca kt qu t c. Kt qu ca





Cocks c gi tuyt mt. N c sc thuyt phc ln trong ni b GCHQ. Nhng
phng tin tnh ton thi khng cho php trin khai thut ton. Nm 1978, kt qu
ca Cocks c Rivest, Shamir v Adleman pht minh li! chnh l cuc cch mng
trong lnh vc mt m, cuc cch mng mang tn RSA (ghp ch u tn ca ba nh
khoa hc trn).
RSA, cuc cch mng ca cc nh ton hc.
H m RSA a n mt cuc cch mng thc s. Gi y, vi h m RSA,
khng cn phi gi cha kha gii m cho ngi nhn thng tin na. H m RSA s
dng 2 kha. Kha lp m ca ti c cng khai vi ngi ta ( ngi ta c th gi
thng tin m ha cho ti), cn kha gii m ca ti l kha ring ti gi, do ch ti
mi c th c c thng tin m ha ngi gi, cn ngi khc khng th tm ra
kho gii m trong mt thi gian chp nhn c.
T khi RSA ra i n nay, c nhiu ngi a ra nhiu h m vi cc hm mt
chiu khc nhau. Tuy nhin, ch c RSA v h m gn vi n, h m ng cong elliptic,
l c s dng rng ri, v ngi ta c th tin hm c dng ng l hm mt chiu.
RSA v chnh ph in t
Trong chnh ph in t, c hai iu quan trng. Mt l, lm th no bo m
cc vn bn trao i qua mng khng b thay i ni dung (m bo tnh ton vn ca
vn bn). Hai l, lm th no xc minh ngi gi vn bn (xc nhn ch th).
RSA cng nh cc h m kha cng khai khc gii quyt trn vn 2 vn t
ra. Tuy nhin, tc m ha ca RSA rt chm (gp chng 1000 ln so vi cc h m
i xng), nn vi cc vn bn ln, vic m ho bng RSA l khng kh thi. Do vy,
RSA c ng dng gii quyt cc vn trn theo mt s phng thc c o
ring. Th d: xc nhn 'gi tr bm'- mt c trng thu gn, ging nh 'vn tay' ca vn
bn - thay v xc nhn vn bn, dng kt hp m i xng, nh DES, IDEA ( m
ho vn bn) v RSA ( m ha cha kha )...
Ngy nay, cc h m kha cng khai v cc tin ch i km c thng mi
ha. Bn c th mua trn th trng hoc ti t Internet v dng (nh mt s ngi,
mt s cng ty lm). Tuy nhin, cn nh rng, an ton ca cc sn phm nh vy
khng cao. Nh phn tch trn y, cht ca vn l phi c nhng s nguyn t
ln lp kha. Khng ai cho ta bit rng, trong h m m ta mua v, cc s nguyn t
c dng sinh ra nh th no. Chng ngu nhin n mc no, hay l c sn





trong mt kho ca ngi lm kha. V nu cn, ngi bn cho ta c th tm ra kha gii
m ca bng cch duyt ton b ci kho m anh ta bit r. iu ny hon ton tng
t nh khi ta mn kha ca hng xm v kha ca nh mnh, m khng bit h cn
cha d tr no khc khng. D nhin vn c th lm nh vy, khi ngi hng xm ny
tin cy, v nht l khi m nh chng ta khng c ci g qu n mc ngi ta phi
ly bng mi gi. Nhng nu l mt ch ngn hng th hy thn trng! Cng nh vy,
vi cc h thng i hi an ton cao, nh chnh ph in t trong tng lai ca Vit
Nam chng hn, th khng th dng nhng b kha mua trn th trng nh vy c.
Cho nn, phi t lm ly. Cng vic nh th hin ang c tin hnh mt s c quan
ca Vit Nam, trong c Vin Ton Hc (Vin Khoa Hc v Cng Ngh Vit Nam).
Cho n nay, ngi ta vn tin rng RSA, h m ng cong elliptic, l khng th
ph c. iu ny khng cn chnh xc na, v c mt s phng php tn cng
RSA c cng b mc d vn cha a ra chng trnh hon chnh.
1.3.2 Thut ton RSA
To kha RSA:
Gi s Alice v Bob cn trao i thng tin b mt thng qua mt knh khng an
ton (v d nh Internet). Vi thut ton RSA, Alice u tin cn to ra cho mnh cp
kha gm kha cng khai v kha b mt theo cc bc sau:
1. Chn 2 s nguyn t ln p v q vi pq, la chn ngu nhin v c lp.
2. Tnh: N=p*q.
3. Tnh: (N) = (p-1)(q-1).
4. Chn mt s t nhin e sao cho 1 < e <(N) v l s nguyn t cng nhau vi
(N)
5. Tnh: d sao cho de 1 (mod (N)) (hay d= (1 + i * Phi_N) / E) vi i= n , 1
Kha cng khai: Ku = {e,N}
Kha b mt: Kprl = {d,p,q}
Alice gi kha cng khai cho Bob, v gi b mt kha c nhn ca mnh. y, p
v q gi vai tr rt quan trng. Chng l cc phn t ca n v cho php tnh d khi bit e.
Nu khng s dng dng sau ca kha b mt (dng CRT) th p v q s c xa ngay
sau khi thc hin xong qu trnh to kha.







M ha:
Gi s Bob mun gi on thng tin M cho Alice. u tin Bob chuyn M thnh
mt s m < n theo mt hm c th o ngc (t m c th xc nh li M) c tha
thun trc.
M m
Lc ny Bob c m v bit n cng nh e do Alice gi. Bob s tnh c l bn m ha
ca m theo cng thc:
C=m
e
mod N
Hm trn c th tnh d dng s dng phng php tnh hm m (mun) bng
phng php bnh phng (exponentiation by squaring). Cui cng Bob gi c cho Alice.
Gii m:
Alice nhn c t Bob v bit kha b mt d. Alice c th tm c m t c theo cng
thc sau:
m = c
d
mod N
Bit m, Alice tm li M theo phng php tha thun trc. Qu trnh gii m
hot ng v ta c
c
d
(m
e
)
d
m
ed
(mod N)
Do ed 1 (mod p-1) v ed 1 (mod q-1), (theo nh l Fermat nh) nn:
(m
ed
m (mod p) v m
ed
m (mod q)
Do p v q l hai s nguyn t cng nhau, p dng nh l s d Trung quc, ta c:
(m
ed
m (mod p*q)
hay:
c
d
m (mod N)

C th tm tt gii thut RSA nh bng sau:

To kha phc tp
To 2 s nguyn t ln p v q
Tnh n = p*q, 0(n) = (p-1)*(q-1)
Chn 1 s ngu nhin 1<e<0(n): gcd(0(n), e) = 1
Tnh d: d = e
-1
mod 0(n) (gii thut Extended
Euclidean)
Kha cng khai KU = [e, n]
Kha b mt KR = [d, n]

0((logn)
2
)
0((log(0(n))
2
)
0((logn)
3
)







Bng 1: M t phc tp ca gii thut RSA

M ha
on tin : M < n
M ha : C = M
e
mod n


Gii m
on tin m: C
Gii m : M = C
d
mod n
Bng 2: M ha v gii m trong RSA
- phc tp:
+ Cng 2 s k bt: 0(k)
+ Nhn 2 s k bt: 0(k
2
)
+ 2 k bt mod n : 0(k
2
)
+ x
c
mod n : 0(k
3
)
tnh x
c
mod n cn c-1 php nhn modulus khng hiu qu (do c ln) s dng
gii thut square_multiply gim s php nhn mod nhiu nht 2l (l l s bt nh phn
ca c, l<=k vi k l s bt nh phn ca x)
V d
Sau y l mt v d vi nhng s c th. y chng ta s dng nhng s nh tin
tnh ton cn trong thc t phi dng cc s c gi tr ln.
p = 61 S nguyn t th nht (gi b mt hoc hy sau khi to
kha)
q = 53 S nguyn t th hai (gi b mt hoc hy sau khi to
kha)
N = pq = 3233 Mun (cng b cng khai)
e = 17 S m cng khai
d = 2753 S m b mt
Bng 3: V d c th RSA






Kha cng khai l cp (e, N). Kha b mt l d. Hm m ha l:
encrypt(m) = m
e
mod N = m
17
mod 3233
vi m l vn bn r. Hm gii m l:
decrypt(c) = c
d
mod N = c
2753
mod 3233
vi c l vn bn m.
m ha vn bn c gi tr 123, ta thc hin php tnh:
encrypt(123) = 123
17
mod 3233 = 855
gii m vn bn c gi tr 855, ta thc hin php tnh:
decrypt(855) = 855
2753
mod 3233 = 123
C hai php tnh trn u c th c thc hin hiu qu vi phng php tnh
hm m (mun) bng phng php bnh phng.

1.3.3 Tnh bo mt ca gii thut RSA:

V kha l cng khai, nn ngi gii m thng da vo cp kha ny tm cp kha b
mt. iu quan trng l da vo n tnh hai tha s p, q ca n t tnh c d. C
nhiu gii thut nh th, u tin ta xt trng hp n gin nht l ngi gii m bit
c u(n) . Khi tnh p, q a v vic gii hai phng trnh sau:
n = p.q
u(n) = (p-1)(q-1)
Thay q=n/p ta c phng trnh bc hai:
p
2
(n - u(n) + 1)p + n = 0
Hai nghim ca phng trnh bc hai ny s l p, q. Tuy nhin vn c c
u(n) cn kh hn tnh hai tha s ca n nhiu.







Mt s phng php tn cng m ha RSA : (xem ph lc)
a. Phng php p-1:
b. B kha khi bit c s m d ca hm gii m:
c. B kha da trn cc attack lp li:
d. S che du thng tin trong h thng RSA
e. Tn cng da trn thi gian
f. Tn cng la chn thch nghi bn m

1.3.4 Cc vn t ra trong thc t
Qu trnh to kha
Vic tm ra 2 s nguyn t ln p v q thng c thc hin bng cch th xc
sut cc s ngu nhin c ln ph hp (dng php kim tra nguyn t cho php loi b
hu ht cc hp s). p v q cn cn c chn khng qu gn nhau phng trng hp
phn tch n bng phng php phn tch Fermat. Ngoi ra, nu p-1 hoc q-1 c tha s
nguyn t nh th n cng c th d dng b phn tch v v th p v q cngcn c th
trnh kh nng ny.
Bn cnh , cn trnh s dng cc phng php tm s ngu nhin m ngi tn
cng c th li dng bit thm thng tin v vic la chn (cn dng cc b to s ngu
nhin tt). Yu cu y l cc s c la chn cn ng thi ngu nhin v khng d
on c. y l cc yu cu khc nhau: mt s c th c la chn ngu nhin
(khng c kiu mu trong kt qu) nhng nu c th d on c d ch mt phn th an
ninh ca thut ton cng khng c m bo. Mt v d l bng cc s ngu nhin do
tp on Rand xut bn vo nhng nm 1950 c th rt thc s ngu nhin nhng ngi
tn cng cng c bng ny. Nu ngi tn cng on c mt na ch s ca p hay q
th chng c th d dng tm ra na cn li (theo nghin cu ca Donald Coppersmith
vo nm 1997)
Mt im na cn nhn mnh l kha b mt d phi ln. Nm 1990, Wiener ch ra
rng nu gi tr ca p nm trong khong q v 2q (kh ph bin) v d < n
1/4
/3 th c th tm
ra c d t n v e.
Mc d e tng c gi tr l 3 nhng hin nay cc s m nh khng cn c s
dng do c th to nn nhng l hng ( cp phn chuyn i vn bn r). Gi tr
thng dng hin nay l 65537 v c xem l ln v cng khng qu ln nh hng
ti vic thc hin hm m.







Kch thc v tc m ha kha trong RSA
- Kch thc kha trong RSA:
Ty thuc vo tnh bo mt cn thit ca mi ngi v thi gian sng ca kha
m kha c chiu di thch hp:
+ Loi Export : 512 bt
+ Loi Personnal : 768 bt
+ Loi Commercial: 1024 bt
+ Loi Militery : 2048 bt
- Chu k sng ca kha ph thuc:
+ Vic ng k v to kha.
+ Vic phn b kha.
+ Vic kch hot hoc khng kch hot kha.
+ Vic thay th hoc cp nhp kha.
+ Vic hy b kha.
+ Vic kt thc kha bao gm s ph hoi hoc s lu tr.
Tc v hiu qu ca nhiu phn mm thng mi c sn v cng c phn cng
ca RSA ang gia tng 1 cch nhanh chng. Vi pentium 90Mhz, b toolkit BSAFE 3.0
ca c quan bo mt d liu RSA t tc tnh kha b mt l 21,6Kbps vi kha 512
bt v 7,4Kbps vi kha 1024 bt. Phn cng RSA nhanh nht t hn 300 Kbps vi
kha 512 bt, nu c x l song song th t 600 Kbps vi kha 512 bt v 185Kbps
vi kha 970 bt. Ngi ta mong i rng tc RSA s t 1Mbps vo cui nm1999.
So snh vi gii thut DES v cc gii thut m khi khc th RSA chm hn: v phn
mm DES nhanh hn RSA 100 ln, v phn cng DES nhanh hn RSA t 1000 ti
10000 ln ty thuc cng c (implementation) s dng (thng tin ny c ly t
http://www.rsa.com).
Nhn xt : RSA c tc thc hin chm hn ng k so vi DES v cc thut
ton m ha i xng khc. Trn thc t, Bob s dng mt thut ton m ha i xng
no m ha vn bn cn gi v ch s dng RSA m ha kha gii m (thng
thng kha ngn hn nhiu so vi vn bn).
Phng thc ny cng to ra nhng vn an ninh mi. Mt v d l cn phi to ra kha
i xng tht s ngu nhin. Nu khng, ngi tn cng (thng k hiu l Eve) s b
qua RSA v tp trung vo vic on kha i xng.
Phn phi kha
Cng ging nh cc thut ton m ha khc, cch thc phn phi kha cng khai
l mt trong nhng yu t quyt nh i vi an ton ca RSA. Qu trnh phn phi
kha cn chng li c tn cng ng gia (man-in-the-middle attack). Gi s Eve c
th gi cho Bob mt kha bt k v khin Bob tin rng l kha (cng khai) ca Alice.
ng thi Eve c kh nng c c thng tin trao i gia Bob v Alice. Khi , Eve s
gi cho Bob kha cng khai ca chnh mnh (m Bob ngh rng l kha ca Alice).





Sau , Eve c tt c vn bn m ha do Bob gi, gii m vi kha b mt ca mnh, gi
1 bn copy ng thi m ha bng kha cng khai ca Alice v gi cho Alice. V nguyn
tc, c Bob v Alice u khng pht hin ra s can thip ca ngi th ba. Cc phng
php chng li dng tn cng ny thng da trn cc chng thc kha cng khai (digital
certificate) hoc cc thnh phn ca h tng kha cng khai (public key infrastructure -
PKI).
Chuyn i vn bn r:
Trc khi thc hin m ha, ta phi thc hin vic chuyn i vn bn r (chuyn
i t M sang m) sao cho khng c gi tr no ca M to ra vn bn m khng an ton.
Nu khng c qu trnh ny, RSA s gp phi mt s vn sau:
- Nu m = 0 hoc m = 1 s to ra cc bn m c gi tr l 0 v 1 tng ng
- Khi m ha vi s m nh (chng hn e = 3) v m cng c gi tr nh, gi tr m
e

cng nhn gi tr nh (so vi n). Nh vy php mun khng c tc dng v c th
d dng tm c m bng cch khai cn bc e ca c (b qua mun).
- RSA l phng php m ha xc nh (khng c thnh phn ngu nhin) nn
ngi tn cng c th thc hin tn cng la chn bn r bng cch to ra mt
bng tra gia bn r v bn m. Khi gp mt bn m, ngi tn cng s dng bng
tra tm ra bn r tng ng.
Trn thc t, ta thng gp 2 vn u khi gi cc bn tin ASCII ngn vi m l
nhm vi k t ASCII. Mt on tin ch c 1 k t NULL s c gn gi tr m = 0 v
cho ra bn m l 0 bt k gi tr ca e v N. Tng t, mt k t ASCII khc, SOH, c
gi tr 1 s lun cho ra bn m l 1. Vi cc h thng dng gi tr e nh th tt c k t
ASCII u cho kt qu m ha khng an ton v gi tr ln nht ca m ch l 255 v 255
3

nh hn gi tr n chp nhn c. Nhng bn m ny s d dng b ph m.
trnh gp phi nhng vn trn, RSA trn thc t thng bao gm mt hnh
thc chuyn i ngu nhin ha m trc khi m ha. Qu trnh chuyn i ny phi m
bo rng m khng ri vo cc gi tr khng an ton. Sau khi chuyn i, mi bn r khi
m ha s cho ra mt trong s kh nng trong tp hp bn m. iu ny lm gim tnh
kh thi ca phng php tn cng la chn bn r (mt bn r s c th tng ng vi
nhiu bn m tu thuc vo cch chuyn i).
Mt s tiu chun, chng hn nh PKCS, c thit k chuyn i bn r
trc khi m ha bng RSA. Cc phng php chuyn i ny b sung thm bt vo M.
Cc phng php chuyn i cn c thit k cn thn trnh nhng dng tn cng
phc tp tn dng kh nng bit trc c cu trc ca bn r. Phin bn ban u ca
PKCS dng mt phng php c ng (ad-hoc) m v sau c bit l khng an ton
trc tn cng la chn bn r thch ng (adaptive chosen ciphertext attack). Cc
phng php chuyn i hin i s dng cc k thut nh chuyn i m ha bt i
xng ti u (Optimal Asymmetric Encryption Padding - OAEP) chng li tn cng





dng ny. Tiu chun PKCS cn c b sung cc tnh nng khc m bo an ton
cho ch k RSA (Probabilistic Signature Scheme for RSA - RSA-PSS).
To ch k vo vn bn:
Thut ton RSA cn c dng to ch k in t cho vn bn. Gi s Alice
mun gi cho Bob mt vn bn c ch k ca mnh. lm vic ny, Alice to ra mt
gi tr bm (hash value) ca vn bn cn k v tnh gi tr m d mod N ca n (ging nh
khi Alice thc hin gii m). Gi tr cui cng chnh l ch k in t ca vn bn ang
xt. Khi Bob nhn c vn bn cng vi ch k in t, anh ta tnh gi tr m 3 mod n
ca ch k ng thi vi vic tnh gi tr bm ca vn bn. Nu 2 gi tr ny nh nhau th
Bob bit rng ngi to ra ch k bit kha b mt ca Alice v vn bn khng b thay
i sau khi k.
Cn ch rng cc phng php chuyn i bn r (nh RSA-PSS) gi vai tr
quan trng i vi qu trnh m ha cng nh ch k in t v khng c dng kha
chung cho ng thi cho c hai mc ch trn.

Phn 2: CH K IN T V CHNG TRNH NG DNG
2.1 Khi nim Ch k in t
Ch k in t (Digital Signature) da trn k thut s dng m ha kha cng
khai. Trong , c ngi gi v ngi nhn, mi ngi c mt cp kha l kha b mt,
hay ring t (Private Key) v kha cng khai (Public Key).
Ch k in t hot ng khi mt ngi gi mt thng ip, ngi dng
kha ring ca mnh m ha thng ip sang mt dng kh nhn dng. Ngi nhn
dng kha cng khai ca ng i gi m ha thng ip. Tuy nhin, an ton tht s
phi c cc bc b sung. Do , thut ton bm MD5 v thut ton m ha RSA c th
c p dng xy dng ng dng ch k in t.
S ch k RSA c cho bi b nm:
S = (P, A, K, S, V)
Trong P = A = Z
n
, vi n = p.q l tch ca hai s nguyn t ln p,q, K l tp cc
cp kha K = (K, K), vi K = a v K = (n,b), a v b l hai s thuc
*
n
Z tha mn a.b
1 (mod | (n)). Cc hm sig
K
v ver
K
c xc nh nh sau :
sig
K
(x) = x
a
mod n
ver
K
(x,y) = ng x y
b
(mod n).





D chng minh c rng s c nh ngha nh vy l hp thc, tc l vi
mi x e P vi mi ch k y eA;
ver
K
(x,y) = ng y sig
K
(x).
Ch rng tuy hai vn xc nhn v bo mt theo s RSA l c b ngoi
ging nhau, nhng ni dung ca chng l hon ton khc nhau : Khi a gi thng bo x
cho B, B c cn c xc nhn ng thc l thng bo do A gi, A phi gi km theo
ch k sig
K
(x), tc l A gi cho B (x, sig
K
(x)), trong cc thng tin gi i , thng bo
x hon ton khng c gi b mt. cng tng t nh vy, nu dng s mt m RSA,
khi mt ch A nhn c mt bn mt m e
K
(x) t B th A chi tit rng thng bo x
c bo mt, ch khng c g xc nhn x l .....B.
Nu ta mun h truyn tin ca ta va c tnh bo mt va c tnh xc nhn, th ta
phi s dng ng thi c hai h mt m v xc nhn (bng ch k). Gi s trn mng
truyn tin cng cng, ta c c hai h mt m kha cng khai S
1
v h xc nhn bng ch
k S
2
. Gi s B c b kha mt m K = (K, K) vi K = n, e) v K = d trong h S
1
, v
A c b kha ch k K
x
= (K
s
, K
s
) vi K
x
= a v K
s
= (n,b) trong h S
2
. A c th gi
n B mt thng bo va bo mt va c ch k xc nhn nh sau : A k trn thng
bo x trc, ri thay cho vic gi n B vn bn c lp theo kha cng khai ca B,
tc l gi cho B e
K
((x, ) x ( sig '
s
K
). Nhn c vn bn mt m B s dng thut ton
gii m d
K
ca mnh thu c (x, ) x ( sig '
s
K
), sau dng thut ton kim th ch k
cng khai
'
s
K
ver ca A xc nhn ch k
'
s
K
sig (x) ng l ca A trn x.
V d v ch k in t RSA.
M t s ch k RSA :
+ Gi s n = p * q ; trong p, q l cc s nguyn t ln.
+ P = A = Z
n
, K = {(n, b, a) : a e mod 1 ,
*
b a z
n
|(n)} ;
+ Kho b mt k = a; kho cng khai k = (n,b);
+ K: x e P, y = Sig
k
(x) = x
a
mod n.
+ Kim tra ch k: Ver
k
(x, y) = true x y
b
mod n ;
V d:
Chn p =23, q = 29 ; ta tnh c n = 23 * 29 = 667 ; |(n) = 22 * 28 = 616;
chn b = 3, a = 411 (411 * 3 = 1233 1 mod 616 )





k x = 56; y = 56
411

=235.
Kim tra: 56 235
3
(=12977875)mod 667 nn ch k l ng;
M hnh ch k in t s dng kha cng khai:

Hnh 5: M hnh ch k in t
Ch k in t (digital signature) l on d liu ngn nh km vi vn bn gc
chng thc tc gi ca vn bn v gip ngi nhn kim tra tnh ton vn ca ni
dung vn bn gc.
Ch k in t c to ra bng cch p dng thut ton bm mt chiu trn vn
bn gc to ra bn phn tch vn bn (message digest) hay cn gi l fingerprint, sau
m ha bng private key to ra ch k s nh km vi vn bn gc gi i. Khi
nhn, vn bn c tch lm 2 phn, phn vn bn gc c tnh li fingerprint so
snh vi fingerprint c cng c phc hi t vic gii m ch k s (xem hnh 3).






Ch k in t v chng ch in t
Ch k in t hot ng da trn h thng m ha kha cng khai. H thng m
ha ny gm hai kha, kha b mt v kha cng khai (khc vi h thng m ha kha
i xng, ch gm mt kha cho c qu trnh m ha v gii m). Mi ch th c mt cp
kha nh vy, ch th s gi kha b mt, cn kha cng khai ca ch th s c a
ra cng cng bt k ai cng c th bit. Nguyn tc ca h thng m ha kha cng
khai l, nu ta m ha bng kha b mt th ch kha cng khai mi gii m thng tin
c, v ngc li, nu ta m ha bng kha cng khai, th ch c kha b mt mi gii
m c.
Gi :
Sau khi ng k mt chng ch s (vi nh cung cp chng ch s), ta c cp
mt kha ring (kha b mt) lu mt ch 'kn' (n) trn PC ca chng ta.
Trc khi gi vn bn, chng ta p dng mt thut ton phn mm nhn gi tr
bm ca vn bn gc.
Chng ta m ha gi tr bm bng kha ring (hay gi l 'k' ln gi tr bm),
v thu c ci gi l ch k in t.
Sau vn bn gc c gi i cng vi ch k in t v kha cng khai ca
chng ta.
Nhn:
Khi nhn c th, ngi nhn s dng kha cng khai ca ngi gi gii m ch
k in t bit c ngi gi c ng l ta khng, v ng thi thu c gi
tr bm ca vn bn gc.
Ngi nhn cng dng thut ton bm thu c gi tr bm ca vn bn nhn
c.
Nu 2 gi tr bm bng nhau th vn bn c khng nh l ton vn (khng b
thay i t sau khi ngi gi k).
Kim tra xc nhn trn ti liu k
Gi s B mun xc nhn ti liu TL l ca A, vi ch k l bn m TL. B s dng
kha cng khai ca A gii m bn m TL ca A. Sau khi gii m, B thu c mt bn
gii m TL, anh ta so snh bn gii m TL ny mi ti liu TL. Nu bn gii m TL
ging vi ti liu TL th ch k l ng ca A.
Mt s trng hp xy ra vi ch k in t, cng ging nh cc trng hp xy
ra vi ch k truyn thng. V d, khi ti liu TL ca A b thay i (d ch mt k t,
mt du chm, hay mt k hiu bt k), khi B xc nhn, anh ta s thy bn gii m TL
khc vi ti liu TL ca A. B s kt lun rng ti liu b thay i, khng phi l ti
liu A k.





Trng hp khc, nu A l kha b mt, ngha l vn bn ti liu ca anh c th
k bi ngi khc c kha b mt ca A. Khi mt ai xc nhn ti liu c cho l ca
A k, ch k vn l hp l, mc d khng phi chnh A k. Nh vy, ch k ca A s
khng cn gi tr php l na. Do , vic gi kha b mt l tuyt i quan trng trong
h thng ch k in t.
2.2 Cch lm vic ca Ch k in t
Digital Signature c to ra v kim tra bng mt m, l mt phng php
thuc lnh vc ton hc, n chuyn ton b message thnh mt dng kh c th nhn
dng v c th c gii m. Digital signature s dng hai kha thng dng, mt kha
to ra digital signature hoc chuyn message thnh dng kh nhn dng, mt kha dng
kim tra digital signature hoc chuyn message m ha v dng nguyn thy ca
n.
Digital signature l cch c bn bo mt cho mt ti liu in t (e-mail,
spreaDigital Signatureheet_bng tnh, text file,..) ng tin cy. ng tin ngha l ta bit ai
to ra ti liu v ta bit n khng b thay i trong bt c cch no t ngi to ra n.
Digital signature da vo thut ton m ho bo m tin cy. M ho l qu
trnh mang tt c d liu t mt my tnh gi sang my tnh khc v m ha n thnh mt
dng m ch c my tnh c gi mi c th gii m. tin cy l qu trnh kim tra
xc nhn c thng tin n t mt ngun tin cy. Hai qu trnh ny lin quan cht ch
n digital signature.
Mt Digital Signature c th c xem nh mt gi tr s, c biu din nh mt
dy cc k t, v c s dng trong tin hc nh mt biu thc ton hc. Biu thc ph
thuc vo hai u vo: dy cc k t biu din dng d liu in t c k v s bo
mt c tham chiu n nh mt signature public key, iu ny c ngha l vi mi ch
k th ch duy nht ngi k mi c th truy xut n public key. Public key l kho
cng khai cho tt c mi ngi, n ging nh s in thoi trong danh b in thoi, cho
php vic kim tra ch k. Kt qu cho thy vic biu din ch k s gn vo d liu
in t ging nh s dng ch k tay trn giy trong ti liu vn bn.
Digital signature lm vic da trn hai kho l public key v private key v thc
hin qua hai giai on l vic hnh thnh ch k trn ti liu pha ngi gi v vic xc
nhn ti liu nhn c chnh xc v nguyn vn hay khng pha ngi nhn.
Vn bo mt digital signature khng ging vi cc phng php m ho c
in l ch dng mt kho cho c vic m ho ngi gi v gii m ngi nhn m s
dng hai kho: private key m ho v public key gii m kim tra.






2.2.1 Qu trnh k trong Message
Bc mt:
Bm ti liu gi thnh cc hash-value hay cn c gi l Message Digest,
cc Message Digest ny s c tnh ton a vo qu trnh m ho ch k.
Bc hai: Tnh Message Digest
Trong bc hai ca tin trnh, mt hash-value (gi tr bm) ca mt message
thng c gi l Message Digest c tnh ton bng cch p dng cc thut ton
bm m ho cryptographic hashing arthgorithm nh MD2, MD4, MD5,
SHA1,Mt hash-value tnh ca message l mt dy bit lin tc, c di c
nh, c trch rt t message theo cch no .
Tt c cc thut ton chnh xc cho vic tnh ton message digest c cung cp
nh mt php bin i ton hc, trong c mt bit n t input message c bin i
th mt digest khc c gi n. Vi cch lm vic nh vy cc thut ton l rt bo
m tin cy trc cc cuc tn cng.
Bc ba: Tnh Digital Signature
Trong bc hai ca vic k message, thng tin nhn c trong bc bm
message (Message Digest) m ho vi kho private key ca ngi k vo message,
v th mt gi tr bm gii m cng c gi l Digital Signature c gi n. V
mc ch ny, cc thut ton m ho cho vic tnh ch k s t message digest c
dng. Thut ton thng c s dng l RSA, DIGITAL SIGNATUREA,
ECDIGITAL SIGNATUREA. Thng thng, ch k s gn vo message trong nh
dng c bit kim tra khi cn thit.


Hnh 6: Qu trnh k trong message







2.2.2 Qu trnh kim tra xc nhn ch k trn ti liu.
K thut Digital Signature cho php ngi nhn message c km ch k kim tra
tnh xc thc v tnh ton vn ca n. Qu trnh kim tra ch k s - digital signature
verification nhm mc ch xc nh mt message gi i c k bng kho private
key ng vi kha public key gi i hay khng. Digital signature verification khng
th xc nhn c hay khng mt message c k bi ngi gi. Nu chng ta mun
kim tra c hay khng vi ngi k trong mt message gi i, chng ta cn nhn c
public key theo cch no . iu ny thc hin hoc bng cch ly public key trong
cch an ton (v d nh floppy disk hoc CD) hoc vi s tr gip ca Public Key
Intrasfication theo mt giy chng nhn s. Nu khng c mt cch an ton nhn
kho public key thc s t ngi gi, chng ta khng c kh nng kim tra message
c gi l c phi xc thc ca ngi ny hay khng.
Nh vy, vic kim tra mt Digital Signature c thc hin trong 3 bc:
Bc mt: Tnh Current Hash-Value
Trong bc mt, mt hash-value ca message k c tnh. Vi vic tnh ny th vn
s dng thut ton bm nh dng trong sut qu trnh k. Hash-value nhn c c
gi l current hash-value bi v n c tnh t trng thi hin thi ca message.
Bc hai: Tnh Original Hash-Value
Trong bc hai ca qu trnh kim tra digital signature, digital signature c gii m vi
cng vi thut ton m ho c s dng trong sut qu trnh k. Vic gii m c
thc hin bng kho public key tng ng vi kho private key c dng trong sut qu
trnh k ca message. Kt qu l, chng ta nhn c original hash-value m c
tnh t message gc trong sut bc mt ca qu trnh k (original message digest)
Bc ba: So snh Current hash-value vi Original hash-value
Trong bc ba, chng ta i chiu current hash-value nhn c trong bc mt
vi original hash-value nhn c trong bc hai. Nu hai gi tr ny ging ht nhau th
vic kim tra s thnh cng nu chng minh c message c k vi kho private
key ng vi kho public key c dng trong qu trnh kim tra. Nu hai gi tr ny
khc nhau th ngha l digital signature l sai v vic kim tra l tht bi.







Hnh 7: Qu trnh kim tra xc nhn ch k trn ti liu

Nh vy qu trnh hot ng ca mt digital signature c minh ho nh hnh sau:










Encrypt
Private Key
















Hnh 8: Qu trnh lm vic ca mt Digital Signature

Nguyn nhn ca vic sai ch k: c 3 l do ca vic nhn mt digital signature
sai
Nu digital signature l gi mo v c gii m vi kho public key, gi tr
nguyn thu nhn c s khng phi l original hash-value ca message gc tuy mt vi
gi tr khc c ging.
Nu message b i sau khi k, current hash-value c tnh t message gi
mo ny s khc vi original hash-value bi v hai message khc nhau th hash-value
khc nhau.
Decrypt
Public Key





Nu public key khng tng ng vi private key c dng trong khi k, original
hash-value nhn c bi s gii m ch k vi mt kho khng ng s khng phi l
gi tr ng.
2.3 chng trnh ng dng
2.3.1 Gii thiu chng trnh
Chng trnh em xy dng gm 3 modul chnh:
# Form gii thiu chng trnh ng dng
# Form chng trnh k ln vn bn (*.txt)
# Form thng tin lin quan v s hng dn s dng
Cch s dng chng trnh :
K ln vn bn : ngi gi cn lm cc bc sau k ln vn bn
Bc 1: M chng trnh ln ta nhn thy l form thng tin chng trnh ng
dng gm cc thng tin v bi, tn gio vin, tn ngi thc hin v ngy thng nm
xy dng chng trnh .
Bc 2: Chuyn sang tab chng trnh chnh k v xc nhn k ln van bn
ta lm mt s thao tc sau :
- Load file vn bn (*.txt ) cn k bng cch nhn vo nt Browse. Ni dung
vn bn c hin th trong textbox Ni dung file.
- Nhn nut to kha hoc load key t file c sn trong my tnh
- Nhn botton K nhn to ch k in t, ch k ny c gn vo cui ni
dung vn bn. Lu li vn bn ny gi i.
Bc 3: Gi i vn bn k nhn v public key cho ngi nhn
Xc thc ch k: Ngi nhn sau khi nhn c vn bn k, xc thc cn
lm cc bc sau:
Bc 1: M chng trnh v Load file vn bn k nhn ln bng nhn botton
Browse.
Bc 2: Load public key m nhn c t ngi gi.





Bc 3: Xc thc bng cch nhn botton Kim tra. Nu vn bn v ch k ng
ca ngi gi th s hin thng bo ni dung vn bn khng b thay i v ch k chnh
xc l ca ngi gi.
2.3.2 Mt s hnh nh ca chng trnh :



Hnh 5: Giao din gii thiu chng trnh ch k in t










Hnh 6: Giao din chng trnh k ln vn bn







Hnh 7 : Trnh t cc thng bo xut hin khi xc nhn ch k













Kt lun

Trong sut qu trnh tm hiu v hon thnh ti ca mnh gip cho ti nm bt
v hiu c cc khi nim, cch thc to ch k in t cng nh cc gii php xc thc
ch k v ng dng ca n. Hn na, cn hiu c cc c ch hot ng ca cc h m
ha b mt, h m cng khai thng dng nh CAESAR, RSA. Tm hiu phng php s
l vi s ln xy dng kha . Bn cnh , vn dng c cch thc hot ng ca
h m RSA v gii thut bm xy dng c chng trnh m ha v gii m d liu, v
to ra ch k in t nhm tng tnh nng an ton v xc thc d liu.
Tuy nhin, trc nhng kt qu t c vn cn tn ti nhiu hn ch. Chn hn
nh chng trnh ci t cha tng qut, vn cn bm st l thuyt v tnh ng dng thc
tin cha cao, chng trnh ch phm vi to ch k v kim tra tnh ton vn ca d
liu m cha xc thc c ngi dng. Ngoi ra, d liu m ha ch c th l nhng
khi d liu nh.
khc phc nhng hn ch , cn c nhng hng pht trin ph hp nh l
m rng kh nng m ha v gii m ca cc h m ha tng tnh an ton v bo mt cho
nhng khi d liu ln trong qu trnh truyn tin. Chng trnh cn thm tnh nng qun
l thng tin c nhn ca ngi s dng, xc thc ngi dng v gn tnh trch nhim
cho h i vi cc thng ip d liu; nhm gip hon thin chng trnh mang tnh thc
t, c ng dng thc tin i vi cc t chc hay c nhn c yu cu cao v tnh bo mt
ca thng ip d liu.





Em xin trn thnh cm n!
Sinh vin:
Nguyn Trng Khim