B GIO DC V O TO

TRNG I HC DUY TN
----- -----

TIU LUN MN
TINH TOAN HIU NNG CAO
ti:

TRNH BY H M HA DES

GVHD : PGS.TS. Trnh Nht Tin

HV:

V Tun Cng

Lp:

K2MCS

Kho:

2010-2012

Nng, thng 4 2011

MC LC
MC LC................................................................................................................... 2
1. Cc h ma khi ..................................................................................................... 3
1.2. Chun
ma ho d liu
DES (Data Encryption Standard)...................................4
1.2.1. M t s ma ho DES...........................................................................4
1.2.2. Hon vi IP va hon vi ngc IP-1...............................................................8
1.2.3. Thut toan sinh khoa con..........................................................................9
1.2.4. M t ham
f.............................................................................................11
1.2.5. Hm (nh xa) m rng

(E).......................................................................13
1.2.6. M t hp
S - Box....................................................................................14
1.2.7. Hp
P-Box................................................................................................17
2. Vi d v ma ho DES...........................................................................................17
3. Cc yu
im
cua
DES.........................................................................................21
3.1. Tnh b.......................................................................................................... 21
3.2. Kho yu
.......................................................................................................21
3.3. DES co cu
trc ai s...................................................................................

22
3.4. Khng gian kha K........................................................................................23
TI LIU THAM KHO...............................................................................................24

1. Cc h ma khi
Trong phn ny chng ta se tm hiu v h m khi in hnh l chun m ha d
liu DES (Data Encryption Standard) mt trong nhng h m khi c s dng rng ri
nht v l nn tng cho rt nhiu h m khi khc.
Chun m ha d liu DES l chun m ha c cng b bi Uy ban Tiu chun
quc gia Hoa Ky vao 15/02/1977. H m ny c xy dng da trn mt h ma khi ph
bin c tn la LUCIFER va c phat trin bi IBM.
DES c nhiu u im (nhanh, thut ton cng khai, d ci t) tuy nhin theo thi gian
nng lc ca my tnh pht trin cng vi cc k thut thm m mi c a ra cho thy
nhu cu v mt h m khi nhanh hn v chun m ha cao cp AES ra i. Chun ny ra
i da trn mt cuc thi thit k mt h m khi an ton hn thay th cho DES Uy ban
Tiu chun quc gia Hoa Ky (NIST). C rt nhiu h ma a c gi n lm ng c vin
cho AES nhng cui cng h m Rijndael ca hai tc gi ngi B l TS.Joan Daemen v
TS.Rijmen (vao nm 2001).
1.1. Mt ma khi
Cac h ma c in u c c im chung la tng ky t cua ban r c ma hoa tach
bit. iu nay lam cho vic pha ma tr nn d dang hn. Chinh v vy, trn thc t ngi
ta hay dng mt kiu mt ma khac, trong tng khi ky t cua ban r c ma hoa cng
mt lc nh la mt n vi ma hoa ng nht. Trong kiu ma hoa nay, cac tham s quan
trong la kich thc ( dai) cua mi khi va kich thc khoa.
iu kin ma hoa khi an toan:
-

Kich thc khi phai u ln chng lai phng an tn cng bng phng
phap thng k. Tuy nhin iu nay s dn n thi gian ma hoa s tng ln.

Khng gian khoa, tc chiu dai khoa phai u ln chng lai phng an tn
cng bng vt can. Tuy nhin khoa phai u ngn vic tao khoa, phn phi va
lu tr khoa c d dang.

Khi thit k mt h ma khi, phai am bao hai yu cu sau:

-

S hn loan (confusion): s phu thuc gia ban r va ban ma phai thc s

phc tap gy kh khn i vi vic tm quy lut tham ma. Mi quan h nay
tt nht la phi tuyn.

S khuch tan (diffusion): Mi bit cua ban r va kha phai anh hng ln cang
nhiu bit cua ban ma cang tt.

Trong khi s hn loan (confusion) c tao ra bng k thu t thay th th s khuch

tn (diffusion) c tao ra bng cac ky thut hoan v. Cac h ma khi ma chng ta xem xt
trong phn nay u tha man cac yu cu .
Ngoai cac h ma khi c trnh bay trong phn nay cn rt nhiu cac h ma khi khac
a phat trin qua thi gian (ti cac quc gia khac nhau va ng dung trong cac lnh vc khc
nhau), c th k ra y mt s h ma ni ting nh: Lucifer (1969), DES (1977), Madryga
3

(1984), NewDES (1985), FEAL, REDOC, LOKI (1990), Khufu and Khafre (1990), RC2,
RC4, IDEA (1990), MMB, CA-1.1, Shipjack, GOST, CAST, Blowfish, SAFER, 3- Way,
Crab, SXAL8/MBAL, SAFER, RC5, RC6 ...
c im chung cua cac h ma khi la qua trnh ma ha lam vic vi cac khi d
liu (thng dang xu bit) c kich thc khac nhau (ti thiu la 64 bit), kha cua h ma
cung la mt xu bit c dai c inh (56 bit vi DES, cac h ma khac la 128, 256, hoc
thm chi 512 bit). Tt ca cac h ma nay u da trn ly thuyt cua Shannon a ra nm
1949 va nu mang ma ha hai ban r ging nhau s thu c cng mt ban ma. Hoat
ng cua cac h ma khi thng c thc hin qua mt s ln lp, mi ln s s dung mt
kha con c sinh ra t kha chinh.
1.2. Chun ma ho d liu DES (Data Encryption Standard)
Vao cui thp nin 60, h ma Lucifer a c a ra bi Horst Feistel. H m ny
gn lin vi hang IBM ni ting . Sau o Uy ban Tiu chun Hoa Ky dn xp vi IBM
thut toan ma ha nay thanh min phi va phat trin n thanh chun ma ha d liu va
cng b vo ngy 15/02/1977.
1.2.1. M t s ma ho DES
M t tng quan:
DES l thut ton m ha vi input l khi 64bit, output cng l khi 64 bit. Kha ma
ha c dai 56 bit, thc ra chnh xc hn phi l 64 bit vi cc bit v tr chia ht cho 8 c
th s dung la cac bit kim tra tnh chn l. S kho ca khng gian kho K la 256.

Chun m ho d liu DES

Thut toan thc hin 16 vng. T khoa input K, 16 kha con 48 bit Ki s c sinh ra,
mi khoa cho mt vong thc hin trong qua trinh ma hoa. Trong mi vong, 8 anh xa thay th
6 bit thanh 4 bit Si (cn goi la hp Si) c chon la ky cang va c inh, ky hiu chung la S
se c s dung. Ban r 64 bit se c s dung chia thanh hai na L0 va R0. Cac vng c
chc nng ging nhau, nhn input la Li-1 va Ri-1 t vong trc va sinh ra output la cac xu 32
bit Li va Ri nh sau:
Li = Ri-1; (1)
Ri = Li-1 f(Ri-1, Ki) trong o f(Ri-1, Ki) = P( S( E(Ri-1) Ki ) ); (2)
Trong :

la ky hiu cua php tuyn loai tr (XOR) cua hai xu bit theo modulo 2.

Ham f la mt ham phi tuyn.

4

 E la hoan vi m rng anh xa R i-1 t 32 bit thanh 48 bit (i khi tt ca cac bit se c
s dung hoc mt bit s c s dung hai ln).
P la hoan vi c i nh khac cua 32 bit.
Mt hoan vi bit khi u (IP) c s dung cho vong u tin ; sau vong cui cung na trai va
phai se c i cho nhau va cui cung xu kt qua se c hoan vi bit ln cui bi hoan vi
ngc cua IP (IP-1).
Qua trnh giai ma din ra tng t nhng vi cac khoa con ng dung vao cac vng trong theo th
t ngc lai.
C th hnh dung n gian la phn bn phai trong mi vng (sau khi m r ng input 32 bit thanh
8 ky t 6 bit xu 48 bit) s thc hin mt tinh toan thay th phu thuc khoa trn mi mt ky t
trong xu 48 bit, va sau s dung mt php chuyn bit c inh phn b lai cac bit cua cac ky
t kt qua hinh thanh nn output 32 bit.
Cac khoa con Ki (cha 48 bit cua K) c tinh bng cach s dung cac bang PC1 va PC2
(Permutation Choice 1 va 2). Trc tin 8 bit (k8, k16,,k64) cua K bi b i (ap dung PC1). 56
bit con lai c hoan vi va gan cho hai bin 28 bit C va D , va sau trong 16 vng lp ca C va
D s c quay 1 hoc 2 bit, va cac kha con 48 bit Ki c chon t kt qua cua vic ghp hai
xu vi nhau.
Nh vy, ta c th m ta toan b thut toan sinh ma DES di dang cng thc nh
sau:

Y = IP-1 f16 T f15 T ... f2 T f1 IP(x)

Trong
T m ta php hoan vi cua cac khi LiRi (1 i 15).
fi m ta vic dng ham f vi khoa Ki (1 i 16).
Thu t toan chi tit:
Input: ban r M = m1m2m64, kha 64 bit K = k1k2k64 (bao gm ca 8 bit chn le, vic thm
bit chn le sao cho cac oan khoa 8 bit co s bit 1 la le)
Output: ban ma 64 bit C = c1c2c64
1. Sinh khoa con. Tinh cac kha con theo thut toan sinh kha con bn di
2. (L0,R0) IP(m
1m2m64) (S dung bang hoan vi IP hoan vi cac bit , kt qua nhn c
chia thanh hai na la L0 = m58m50m8, R0 = m57m49m7.)
3. (16 vng) for i = 1 to 16
Tinh cac Li va Ri theo cac cng thc (1) va (2), vic tinh
f(Ri-1, Ki) = P( S( E(Ri-1) Ki ) ) c thc hin nh sau:
a) M rng Ri-1 = r1r2r32 t 32 bit thanh 48 bit bng cach s dung hoan vi m rng E.
T E(Ri-1). (V th T = r32r1r2r32r1)
b) T T Ki. Biu din T nh la cac xu gm 8 ky t 6 bit T = (B1,,B8)
c) T (S1(B1), S2(B2),,S8(B8)). Trong o Si(Bi) anh xa b1b2b6 thanh cac xu 4 bit cua phn
t thuc hang r va ct c cua cac bang Si (S box) trong o r = 2 * b1 + b6 va c = b2b3b4b5 la mt s
nhi phn t 0 ti 15. Chng han S1(011011) s cho r = 1 va c = 13 va kt qua la 5 biu din di
dang nhi phn la 0101.
d) T P(T) trong o P la hoan vi c inh hoan vi 32 bit cua T = t1t2t32 sinh ra t16t7
t25.
4. b1b2b64 (R16, L16) (i vi tri cac khi cui cung L16, R16
5

5. C IP-1(b1b2b64) (Bin i s dung IP-1, C = b40b8b25)

S 16 vng lp cua DES:

Bn r (64 bit)

IP

L0(32 bit)

R0(32 bit)
K1 (48 bit)
f

R1 = L0 f(R0, K1)

L1 = R0

Ki (48 bit)
f

Ri = Li-1 f(Ri-1, Ki)

Li = Ri-1

K15 (48 bit)

f

R15 = L14 f(R14, K15)

L15 = R14

K16 (48 bit)

f

L16 = L15 f(R15, K16)

R16 = L15

-1

IP

Bn m (64 bit)
S ma hoa DES

1.2.2. Hon vi IP va hon vi ngc IP-1

Bang hoan vi IP c a ra trong bang di y:
58 50 42 34 26 18 10 2 60 52 44

36

28

20

12

62

54

46

38

30

22

14

64

56

48

40

32

24

16

57

49

41

33

25

17

59

51

43

35

27

19

11

61

53

45

37

29

21

13

63

55

47

39

31

23

15

Bang 3.6: Bang hoan vi IP

-1

Bang hoan vi ngc IP :

40

48

16

56

24

64

32

39

47

15

55

23

63

31

38

46

14

54

22

62

30

37

45

13

53

21

61

29

36

44

12

52

20

60

28

35

43

11

51

19

59

27

34

42

10

50

18

58

26

33

41

49

17

57

25

Bang 3.7: Bang hoan vi ngc IP-1

Hai hoan vi IP v IP-1 khng c y ngha g v mt mt ma ma hoan toan nhm tao
iu kin cho vic chip hoa thut toan DES.
S cu trc mt vng DES:
Li-1

Ri-1

Kho

Vng dch
Hm m
rng (E)

Vng dch

Trt t nn
(PC-2)

S-Box

P-Box
Hm f

Li

Ri

Kho

Kho K

S mt vng DES
1.2.3. Thut toan sinh khoa con
Mi sau vng lp cua DES chay cng thut toan nh nhau nhng vi 16 kho con
khc nhau. Cac kho con u c sinh ra t khoa chinh cua DES bng mt thut toan
sinh khoa con. Khoa chinh K (64 bit) i qua 16 bc bin i, tai mi bc bin i nay
mt khoa con c sinh ra vi dai 48 bit.
C th m ta thut toan sinh cac kha con chi tit nh sau:
Input: kha 64 bit K = k1k2...k64 (bao gm ca 8 bit kim tra tinh chn le)
Output: 16 kha con 48 bit Ki, 1 i 16.
1) inh nghia v i, 1 i 16 nh sau: vi = 1 i vi i {1,2,9,16}; vi = 2 cho
cac
trng hp khac (y la cac gia tri dich trai cho cac quay vong 28 bit bn di).
2) T PC1(K); biu din T thanh cac na 28 bit (C0, D0) (S dung bang PC1
chon cac bit t K: C0 = k57k49...k36, D0 = k63k55...k4.)
3) For i from 1 to 16, tinh cac K i nh sau: Ci (Ci-1 vi), Di (Di-1 vi),
Ki PC2(Ci, Di). ( S dung bang PC 2 chon 48 bit t xu ghep b 1b2...b56 cua C i va D i:
Ki = b14b17...b32. la ky hiu dich vong trai.)
S sinh cc khoa con cua DES:
Kho chnh (64 bit)
PC-1
C0 (28 bit)

LS1

C1 (28 bit)

LS2

Ci (28 bit)

LS1

D0 (28 bit)

LS1

D1(28 bit)

PC-2

K1 (48 bit)

PC-2

Ki (48 bit)

LS2

Di (28 bit)

LS1

C16 (28 bit)

D16 (28 bit)

PC-2

K16 (48 bit)

S tao khoa con cua DES

64 bit u vao s giam xung cn 56 bit bng cach b i 8 bit ( cac vi tri chia ht
cho 8), cac bit nay dng kim tra bit chn le. Sau 56 bit nay lai c trich ly 48 bit
sinh ra cho 16 vng khoa cua DES.
Bang trt t khoa (PC-1):
57 49 41 33 25

17

58

50

42

34

26

18

10

59

51

43

35

27

19

11

60

52

44

36

63

55

47

39

31

23

15

62

54

46

38

30

22

14

61

53

45

37

29

21

13

28

20

12

Bang 3.8: Bang PC-1

u tin 56 bit khoa c chia ra thanh hai na 28 bit. Sau , hai na 28 bit ny
c dich vng trai hoc 1 hoc 2 bit phu thuc vao s bit dich tng ng vi vng .
S bit dich cua cac vng (LS):
1

10

11

12

13

14

15

16

S bit dich 1

Vng lp

Bang 3.9: Bang dich bit tai cac vng lp cua DES
Sau khi dich vng, mt bang chon 48 bit c s dung . V cach hoan vi nay cua
cac bit c chon nh mt t hp con cua cac bit nn c goi la hoan vi nn hay trt t
nn.
Bang trt t nn(PC-2):
14 17 11 24

28

15

21

10

23

19

12

26

16

27

20

13

41

52

31

37

47

55

30

40

51

45

33

48

44

49

39

56

34

53

46

42

50

36

29

32

Bang 3.10: Bang PC-2

Vi du nh chng ta c th nhn t hy bit vi tri 33 cua khoa s dich sang vi tri 35 ra

ngoai, cn bit vi tri 18 cua khoa s bi b qua. Chinh vic dich vng nay, tao nn mt tp
hp con cua khoa c s dung trong mi t hp khoa. Mi bit c s dung khoang 14 ln
trong tng s 16 t hp khoa, d khng phai tt ca cac bit c s dung mt cach chinh
xac cng mt lc trong mi ln s dung.

1.2.4. M t ham f
Hm f(Ri-1,Ki) la mt ham c hai bin vao: bin th nht Ri-1 la mt xu bit c dai
32 bit, bin th hai khoa Ki la mt xu bit c dai 48 bit. u ra cua f la mt xu bit c
dai 32 bit. Ham f c th la ham bt ky tuy nhin v ngun gc sc manh cua DES
nm trong ham f nn vic chon ham f phai cn thn tranh bi pha ma mt cach d dang.

Thng thng ham f c chon thng la ham c tinh cht f = f-1, tc f(f(x)) = x.
Trong s m ta ma hoa cua DES c cng b bi Uy ban Tiu chun Quc gia
Hoa Ky (The Untied States Nation Bureau of Standard), ham f thc hin cac vic sau:

Bin th nht Ri-1 c m rng thanh mt xu bit c dai 48 bit theo mt

ham m rng c inh E. Thc cht ham m rng E(Ri-1) la mt hoan vi c lp trong lp
lai 16 bit cua Ri-1.
Tnh E(Ri-1) Ki va vit kt qua thanh 8 xu 6 bit B1B2B3B4B5B6B7B8.

a 8 khi Bi vao 8 bang S1, S2, ..., S8 (c goi la cac hp S-Box). Mi hp

S-Box la mt bang 4*16 c inh c cac ct t 0 n 15 va cac hang t 0 n 3. Vi mi
xu 6 bit Bi = b1b2b3b4b5b6, ta tinh c Si(Bi) nh sau: hai bit b1b6 xac inh hang r trong
hp Si, bn bit b2b3b4b5 xac inh ct c trong hp Si. Khi , Si(Bi) s xac inh phn t Ci =
Si(r,c), phn t nay vit di dang nhi phn 4 bit. Nh vy, 8 khi 6 bit Bi (1 i 8) s
cho ra 8 khi 4 bit Ci vi (1 i 8).

Xu bit C = C1C2C3C4C5C6C7C8 c dai 32 bit c hoan vi theo php hoan

vi P (hp P-Box). Kt qua P(C) s la kt qua cua ham f(Ri-1, Ki), va cung chinh la Ri cho
vng sau.
Ham f cung c th m ta bng hnh v sau:

Ri-1 (32 bit)

Hm m rng (E)

Kho Ki (48 bit)

48 bit
48 bit

86 bit
S1

S2

S3

S4

S5

S6

S7

S8
84 bit

32 bit
P
32 bit
Ri (32 bit)

Hnh 3.5: S ham f

1.2.5. Hm (nh xa) m rng (E)
Ham m rng (E) s tng dai cua Ri t 32 bit ln 48 bit bng cach thay i cac
th t cua cac bit cung nh lp lai cac bit. Vic thc hin nay nhm hai muc ich:

Lam dai cua Ri cng c vi khoa K thc hin vic cng modulo XOR.

Cho kt qua dai hn c th c nn trong sut qua trnh thay th.

Tuy nhin, ca hai muc ich nay u nhm mt muc tiu chinh la bao mt d liu.
Bng cach cho php 1 bit c th chn vao hai vi tri thay th, s phu thuc cua cac bit u ra
vi cac bit u vao s trai rng ra. DES c thit k vi iu kin la mi bit cua ban ma
phu thuc vao mi bit cua ban r va khoa.
S ham m rng:

1 2 3 4

5 6 7 8

9 10 11 12

13 14 15 16

32

32

1 2 3 4 5 4 5 6 7 8 9 8 9 10 11 12 1312 1314 15 16 1716

Hnh 3.6: S ham m rng (E)
i khi n c goi la ham E-Box, mi 4 bit cua khi vao, bit th nht va bit th t
tng ng vi 2 bit cua u ra, trong khi bit th 2 va 3 tng ng vi 1 bit u ra. Bang
sau y miu ta vi tri cua bit ra so vi bit vao.
Bang m ta ham m rng (E):
32 1
2
3
4

10

11

12

13

12

13

14

15

16

17

16

17

18

19

20

21

20

21

22

23

24

25

24

25

26

27

28

29

28

29

30

31

32

Bang 3.11: Bang m ta ham m rng E

Vi du nh bit vi tri s 3 cua khi vao s di chuyn n vi tri s 4 cua khi ra v bit
vi tri 21 u vao s di chuyn n vi tri 30 va 32 u ra.
1.2.6. M t hp S - Box
i vi s ma hoa DES, moi tinh toan u la tuyn tinh, tc la vic tinh php
tuyn loai tr XOR cua hai u ra cung ging vi php tuyn loai tr XOR cua hai u
vao ri tinh toan u ra. Ch duy nht c cac tinh toan vi hp S la phi tuyn. Chinh v vy
cac hp S-Box (cha ng cac thanh phn phi tuyn cua h mt) la quan trong nht i vi
mt cua h ma, chinh cac hp S tao nn s hn loan (confusion) va s khuch tan
(diffusion) cua DES. Nm 1976, NSA a a ra tiu chun thit k hp S nh sau:

Mi hang trong mi hp S la mt hoan vi cua cac s nguyn t 0 n 15.

Khng c hp S nao la ham Affine hay tuyn tinh i vi cac u vao cua n.

S thay i cua mt bit u vao s dn n s thay i it nht hai bit u ra.


i vi hp S bt ky va vi u vao x (mt xu bit c dai bng 6) bt ky, th
S(x) v S(x 001100) phai khac nhau it nht la 2 bit.
NSA cung tit l 3 thuc tinh cua hp S, nhng thuc tinh nay am bao tinh
confusion va diffusion cua thut toan:

Cac bit vao lun phu thuc khng tuyn tinh vi cac bit ra.

Sa i mt bit vao lam thay i it nht la hai bit ra.

Khi mt bit vao c gi c inh va 5 bit cn lai cho thay i th hp S th hin

mt tinh cht c goi la phn b ng nht: so sanh s lng bit s 0 va 1 cac u ra
lun mc cn bng. Tinh cht nay khin cho vic phn tich theo ly thuyt thng k
tm cach pha hp S la v ich.
Sau khi cng modulo vi khoa K, kt qua thu c chui 48 bit chia lam 8 khi a
vao 8 hp S-Box. Mi hp S-Box c 6 bit u vao va 4 bit u ra (tng b nh yu cu
cho 8 hp S-Box chun DES la 256 bytes). Kt qua thu c la mt chui 32 bit tip tuc
vao hp P-Box.
Ta c th xy dng cac hp S cua ring mnh, tuy nhin cung c th dng cac hp
S chun a c cng b:
14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
0

15 7

14 2

13 1

14 8

13 6

11 15 12 9

14 10 0

6 13

15 12 8

10 6

12 11 9

11 3

10 5

Bang 3.12: Hp S1
15 1

14 6

11 3

13 4

14 7

11 10 4

13 8

10 1

15 2

13 12 0

14 12 0

10 6

13 1

15 4

8 12 6

11 6

12 0

10

9 11 5
3

15

5 14 9

Bang 3.13: Hp S2
10 0

14 6 3 15 5

13 7

3 4

13 6

10 13 0

6 10 2

13 12 7

11 4

14 12 11 15 1

8 15 3 0

11 1

12 15 10 14 7

6 9

8 7

15 14 3

11 5

12

Bang 3.14: Hp S3
7

13 14 3

13 8

11 5

15 0

10 1

12 1

11 12 4 15
10 14 9

10 6
3

12 11 7

15 0

10 1

13 15 1

13 8

14 5

11 12 7

2 14

Bang 3.15: Hp S4
2

12 4

14 11 2 12 4
4

11 8

10 11 6

15 10 3

12 5

0 14

13 1

1 11 10 13 7

12 7

13 6

14 2

15 9

15 0

15 13 0 14 9

10 4

14 7

5 11

Bang 3.16: Hp S5
12 1

10 15 9

10 15 4

13 3

13 14 0

11 3

10 1

13 11 6

10 6

12 2

15 8

15 14 2

12

12 7

12 9

14 15 5

12 3

2 12 9

15 10 11 14 1

8 13

Bang 3.17: Hp S6
4

11 2

14 15 0
4

13 3

12 9

13 0

11 7

10 14 3

11 13 12 3

14 10 15 6

11 13 8

10 7

Bang 3.18: Hp S7
13 2

15 11 1

15 13 8

10 3

11 4

12 14 2

14 7

10 8

10 9

14 5

12 5

11 0

14 9

10 13 15 3

13 15 12 9

11

Hp S8
V d:
Gia s u vao cua hp S6 la chui bit 110011 t 31 n 36 . Bit u tin va bit cui
cng kt hp lai thanh 11 tng ng vi hang 3 cua hp S6. Bn bit gia c gia tri 1001,
tng ng vi ct 9. Nh vy, gia tri nhn c la 14 (s m cua ct, hang bt u t
0) va gia tri 1110 c thay th cho gia tri 110110 u ra.

1.2.7. Hp P-Box
Vic hoan vi nay mang tinh n anh, ngha la mt bit u vao s cho mt bit u ra,
khng bit nao c s dung hai ln hay bi b qua. Hp P-Box thc cht ch lam chc
nng sp xp n thun theo bang sau:
Bang m ta hp P-Box (P):
16 7

20

21

29

12

28

17

15

23

26

18

31

10

24

14

32

27

19

13

30

22

11

25

Bang 3.20: Bang hoan vi P

Vi du nh bit 21 s dich chuyn n bit th 4, trong khi bit th 4 lai dich chuyn n bit
31. Kt qua cui cng cua hp P -Box lai c XOR vi n a trai cua khi 64 bit cua chinh
n (tc Li-1 tao ra Ri ) va sau na trai va n a phai ao cho nhau va bt u mt vng
khac.
2. Vi d v ma ho DES
c th hiu r hn v phng phap ma hoa DES, chng ta hay xt vi du sau:

Mt ban r mang ni dung: 0123456789ABCDEF.

S dung khoa ( dang thp phn): 133457799BBCDFFI. Khoa nay dang

nhi phn la mt chui bit nh sau (khng c bit kim tra):

00010010011010010101101111001001101101111011011111111000
Chuyn i IP, chng ta ly ra L0 v R0:
L0 = 11001100000000001100110011111111

L0 = R0 = 11110000101010101111000010101010
16 vng ma hoa c thc hin nh sau:
E(R0)

011110100001010101010101011110100001010101010101

K1

000110110000001011101111111111000111000001110010

E(R0) K1

011000010001011110111010100001100110010100100111

u ra S-Box

01011100100000101011010110010111

f(R0,K1)

00100011010010101010100110111011

L2=R1

11101111010010100110010101000100

E(R1)

011101011110101001010100001100001010101000001001

K2

011110011010111011011001110110111100100111100101

E(R1) K2

000011000100010010001101111010110110001111101100

u ra S-Box

11111000110100000011101010101110

f(R1,K2)

00111100101010111000011110100011

L3=R2

11001100000000010111011100001001

E(R2)

111001011000000000000010101110101110100001010011

K3

010101011111110010001010010000101100111110011001

E(R2) K3

101100000111110010001000111110000010011111001010

u ra S-Box

00100111000100001110000101101111

f(R2,K3)

01001101000101100110111010110000

L4=R3

10100010010111000000101111110100

E(R3)

010100000100001011111000000001010111111110101001

K4

011100101010110111010110110110110011010100011101

E(R3) K4

001000101110111100101110110111100100101010110100

u ra S-Box

00100001111011011001111100111010

f(R3,K4)

10111011001000110111011101001100

L5=R4

01110111001000100000000001000101

E(R4)

101110101110100100000100000000000000001000001010

K5

011111001110110000000111111010110101001110101000

E(R4) K5

110001100000010100000011111010110101000110100010

u ra S-Box

01010000110010000011000111101011

f(R4,K5)

00101000000100111010110111000011

L6=R5

10001010010011111010011000110111

E(R5)

110001010100001001011111110100001100000110101111

K6

011000111010010100111110010100000111101100101111

E(R5) K6

101001101110011101100001100000001011101010000000

u ra S-Box

01000001111100110100110000111101

F(R5,K6)

10011110010001011100110100101100

L7=R6

11101001011001111100110101101001

E(R6)

111101010010101100001111111001011010101101010011

K7

111011001000010010110111111101100001100010111100

E(R6) K7

000110011010111110111000000100111011001111101111

u ra S-Box

00010000011101010100000010101101

F(R6,K7)

10001100000001010001110000100111

L8=R7

00000110010010101011101000010000

E(R7)

000000001100001001010101010111110100000010100000

K8

111101111000101000111010110000010011101111111011

E(R7) K8

111101110100100001101111100111100111101101011011

u ra S-Box

01101100000110000111110010101110

F(R7,K8)

00111100000011101000011011111001

L9=R8

11010101011010010100101110010000

E(R8)

011010101010101101010010101001010111110010100001

K9

111000001101101111101011111011011110011110000001

E(R8) K9

100010100111000010111001010010001001101100100000

u ra S-Box

00010001000011000101011101110111

F(R8,K9)

00100010001101100111110001101010

L10=R9

00100100011111001100011001111010

E(R9)

000100001000001111111001011000001100001111110100

K10

101100011111001101000111101110100100011001001111

101000010111000010111110110110101000010110111011

E(R9) K10

u ra S-Box

11011010000001000101001001110101

F(R9,K10)

01100010101111001001110000100010

L11=R10

10110111110101011101011110110010

E(R10)

010110101111111010101011111010101111110110100101

K11

001000010101111111010011110111101101001110000110

E(R10) K11

011110111010000101111000001101000010111000100011

u ra S-Box

01110011000001011101000100000001

f(R10,K11)

11100001000001001111101000000010

L12=R11

11000101011110000011110001111000

E(R11)

= 011000001010101111110000000111111000001111110001

K12

= 011101010111000111110101100101000110011111101001

E(R11)

= 000101011101101000000101100010111110010000011000

u ra S-Box

= 01111011100010110010011000110101

f(R11,K12)

= 11000010011010001100111111101010

L13=R12

= 01110101101111010001100001011000

E(R12)

001110101011110111111010100011110000001011110000

K13

100101111100010111010001111110101011101001000001

E(R12) K13 =

101011010111100000101011011101011011100010110001

u ra S-Box

10011010110100011000101101001111

f(R12,K13)

11011101101110110010100100100010

L14=R13

00011000110000110001010101011010

E(R13)

000011110001011000000110100010101010101011110100

K14

010111110100001110110111111100101110011100111010

E(R13) K14 =

010100000101010110110001011110000100110111001110

u ra S-Box

01100100011110011001101011110001

f(R13,K14)

10110111001100011000111001010101

L15=R14

11000010100011001001011000001101

E(R14)

111000000101010001011001010010101100000001011011

K15

101111111001000110001101001111010011111100001010

E(R14) K15 =

010111111100010111010100011101111111111101010001

u ra S-Box

10110010111010001000110100111100

f(R14,K15)

01011011100000010010011101101110

L16=R15

01000011010000100011001000110100

E(R15)

001000000110101000000100000110100100000110101000

K16

110010110011110110001011000011100001011111110101

E(R15) K16

111010110101011110001111000101000101011001011101

u ra S-Box

10100111100000110010010000101001

f(R15,K16)

11001000110000000100111110011000

R16

00001010010011001101100110010101

Vi du v cac bc thc hin cua DES

Cui cng, chuyn i IP-1, ta thu c ban ma ( dang Hecxa):

85E813540F0AB405.

3. Cc yu im cua DES
3.1. Tnh b
Nu ta ky hiu u la phn b cua u (vi du nh: 0100101 la phn b cua 1011010) th
DES c tinh cht sau:
y = DES(x,k) y = DES( x , k )
Cho nn nu ta bit ma y c ma hoa t thng tin x vi khoa K th ta suy ra c ban
ma y c ma hoa t ban r x vi khoa k . Tinh cht nay chinh la mt yu im cua DES
bi v qua i phng c th loai b i mt s khoa phai th khi tin hanh
th giai ma theo kiu vt can.
3.2. Kho yu
Khoa yu la cac khoa ma theo thut toan sinh khoa con th tt ca 16 khoa con u nh

nhau:
K1 = K2 = ... = K15 = K16
iu khin cho vic m ha va giai ma i vi khoa yu la ging ht nhau. C
tt ca 4 khoa yu sau:
Kho yu (Hex)
0101 0101

0101 0101

C0

D0

{0}28 {0}28

FEFE FEFE FEFE FEFE {1}28 {1}28

1F1F 1F1F 0E0E 0E0E

{0}28 {1}28

E0E0 E0E0 F1F1 F1F1

{1}28 {0}28

Cac kha yu cua DES

ng thi cn c 6 cp khoa na yu (semi-weak key) khac vi thuc tinh nh sau:
y = DES(x,k1) v y = DES(x,k2)
ngha la vi 2 khoa khac nhau nhng ma hoa ra cng mt ban ma t cng mt ban r
C0

D0

Semi-weak key (Hex)

{01}14 {01}14 01FE

01FE
{01}14 {10}14
1FE0
{01}14 {0}28 0EF1

01FE
1FE0

0EF1 E01F

{01}14 {1}28 01E0

01F1
{0}28 {01}14
1FFE
{1}28 {01}14
0EFE

01E0

01F1

01FE FE01
FE01

FE01

D0
14

FE01 {10}

{10}14

{10}14 {01}14
E01F

F10E

F10E E001 E001 F101

F101

FE1F
0EFE FE1F
FE0E
Cac kha na yu cua DES
1FFE

C0

{10}14 {0}28
{10}14 {1}28
{0}28 {10}14

FE0E

{1}28 {10}14

3.3. DES co cu trc ai s

Vi 64 bit khi ban r c th c anh xa ln tt ca vi tri cua 64 bit khi ban ma
trong 264 cach. Trong thut toan DES, vi 56 bit khoa, c th cho chng ta 256 (khoang
1017) vi tri anh xa. Vi vic a ma hoa th khng gian anh xa cn ln hn. Tuy nhin iu
nay ch ng nu vic ma hoa DES la khng c cu trc.
Vi DES c cu trc ai s th vic a ma hoa s c xem ngang bng vi vic n

ma hoa. Vi du nh c hai khoa bt ky K1 v K2 th s lun c khoa th K3 nh sau:

EK2(EK1(x)) = EK3(x)
Ni mt cach khac, vic ma hoa DES mang tich cht nhm, u tin ma hoa ban r
bng khoa K1 sau la khoa K2 s ging vi vic ma hoa khoa K3. iu nay thc s quan
trong nu s dung DES trong a ma hoa. Nu mt nhm c phat vi cu trc ham qua
nh th tinh an toan s giam.
3.4. Khng gian kha K
DES c 256 = 1017 khoa. Nu chng ta bit c mt cp tin/ma th chng ta c th
th tt ca 1017 kha nng nay tm ra khoa cho kt qua khp nht. Gia s nh mt php th
mt 10-6s, th chng s mt 1011s, tc 7300 nm. Nhng vi cac may tinh c ch tao theo
x ly song song. Chng han vi 107 con chipset ma DES chay song song th by gi mi
mt con chipset ch phai chiu trach nhim tinh toan vi 1010 php th. Chipset ma DES
ngay nay c th x ly tc 4.5107 bit/s tc c th lam c hn 105 php ma DES trong
mt giy.
Vao nm 1976 va 1977, Diffie va Hellman a c lng rng c th ch tao c mt
may tinh chuyn dung vt can khng gian khoa DES trong ngay vi cai gia 20 triu
la. Nm 1984, chipset ma hoa DES vi tc ma hoa 256000 ln/giy. Nm
1987, a tng ln 512000 ln/giy. Vao nm 1993, Michael Wiener a thit k mt may
tinh chuyn dung vi gia 1 triu la s dung phng phap vt can giai ma DES
trung bnh trong vng 3,5 gi (va chm nht la 7 gi).
n nm 1990, hai nha toan hoc ngi Do Thai - Biham v Shamir - a phat minh ra
phng phap pha ma vi sai (diferential cryptanalyis), y la mt ky thut s dung nhng
phng oan khac nhau trong ban r a ra nhng thng tin trong ban ma. Vi phng
phap nay, Biham va Shamir a chng minh rng n hiu qua hn ca phng phap vt can.
Pha ma vi sai la thut toan xem xt nhng cp ma hoa khac nhau, y la nhng cp
ma hoa ma ban r cua chng la khac bit. Ngi ta s phn tich tin trnh bin i cua
nhng cp ma nay thng qua cac vng cua DES khi chng c ma hoa vi cng mt khoa
K. Sau s chon hai ban r khac nhau mt cach ngu nhin hp ly nht. S dung s khac
nhau cua kt qua ma hoa va gan cho nhng khoa khac nhau mt cach ph hp nht. Khi phn
tch nhiu hn nhng cp ban ma, chng ta s tm ra mt khoa c xem la ng nht.

TI LIU THAM KHO

[1] PGS.TS. Trnh Nht Tin, Bi ging an ton thng tin
[2] Giao trinh An toan va bao mt thng tin, Khoa cng ngh thng tin, Trng ai hoc

hang hai.
[3] Giao an An toan bao mt thng tin, Ha Thi Thanh, Nguyn Vn Tao.