You are on page 1of 64

NETWORK SECURITY

SYMMETRIC ENCRYPTION

11

Hai k thut m ha ch yu

M ha i xng
o

Bn gi v bn nhn s dng chung mt kha Cn gi l


o

M ha truyn thng

M ha kha ring / kha n / kha b mt

L k thut m ha duy nht trc nhng nm 70 Hin vn cn c dng rt ph bin

M ha kha cng khai (bt i xng)


o

Mi bn s dng mt cp kha
o

Mt kha cng khai + Mt kha ring

Cng b chnh thc nm 1976


An ninh Mng 22

Mt s cch phn loi khc

Theo phng thc x l


o

M ha khi
Mi ln x l mt khi nguyn bn v to ra khi bn m tng ng (chng hn 64 hay 128 bit)

M ha lung
X l d liu u vo lin tc (chng hn mi ln 1 bit)

Theo phng thc chuyn i


o

M ha thay th
Chuyn i mi phn t nguyn bn thnh mt phn t bn m tng ng

M ha hon v
B tr li v tr cc phn t trong nguyn bn

33

M hnh h m ha i xng
Kha b mt dng chung bi bn gi v bn nhn Kha b mt dng chung bi bn gi v bn nhn

Bn m truyn i

Nguyn bn u vo

Gii thut m ha

Gii thut gii m

Nguyn bn u ra

M ha Y = EK(X)

Gii m X = DK(Y)

An ninh Mng

44

M hnh h m ha i xng

Gm c 5 thnh phn
o o o o o

Nguyn bn Gii thut m ha Kha b mt Bn m Gii thut gii m

An ninh ph thuc vo s b mt ca kha, khng ph thuc vo s b mt ca gii thut

An ninh Mng

55

Ph m

L n lc gii m vn bn c m ha khng bit trc kha b mt C hai phng php ph m


o
o

Vt cn
Th tt c cc kha c th

o
o

Thm m
Khai thc nhng nhc im ca gii thut Da trn nhng c trng chung ca nguyn bn hoc mt s cp nguyn bn - bn m mu

An ninh Mng

66

Phng php ph m vt cn

V l thuyt c th th tt c cc gi tr kha cho n khi tm thy nguyn bn t bn m Da trn gi thit c th nhn bit c nguyn bn cn tm Tnh trung bnh cn th mt na tng s cc trng hp c th Thc t khng kh khi nu di kha ln

An ninh Mng

77

Thi gian tm kim trung bnh


Kch thc kha (bit) 32 56 S lng kha Thi gian cn thit (1 gii m/s) 232 = 4,3 x 109 256 = 7,2 x 1016 2128 = 3,4 x 1038 231 s = 35,8 pht 255 s = 1142 nm Thi gian cn thit (106 gii m/s) 2,15 ms 10,01 gi

128
168 26 k t

2127 s = 5,4 x 1024 nm


2167 s = 5,9 x 1036 nm 2 x 1026 s = nm

5,4 x 1018 nm
5,9 x 1030 nm 6,4 x 106 nm

2168 = 3,7 x 1050 Kha DES di 56 bit (hon v) Kha AES di 128+ bit 4 x 1026 26! = Kha 3DES di 168 bit

Tui v tr : ~ 1010 nm

6,4 x 1012

An ninh Mng

88

Cc k thut thm m

Ch c bn m
o

Ch bit gii thut m ha v bn m hin c

Bit nguyn bn
o

Bit thm mt s cp nguyn bn - bn m

Chn nguyn bn
o

Chn 1 nguyn bn, bit bn m tng ng

Chn bn m
o

Chn 1 bn m, bit nguyn bn tng ng

Chn vn bn
o

Kt hp chn nguyn bn v chn bn m


An ninh Mng 99

An ninh h m ha

An ninh v iu kin
o

Bn m khng cha thng tin xc nh duy nht nguyn bn tng ng, bt k vi s lng bao nhiu v tc my tnh th no Ch h m ha n mt ln l an ninh v iu kin

An ninh tnh ton


o

Tha mn mt trong hai iu kin


Chi ph ph m vt qu gi tr thng tin Thi gian ph m vt qu tui th thng tin

Thc t tha mn hai iu kin


Khng c nhc im Kha c qu nhiu gi tr khng th th ht An ninh Mng 1010

M ha thay th c in

Cc ch ci ca nguyn bn c thay th bi cc ch ci khc, hoc cc s, hoc cc k hiu Nu nguyn bn c coi nh mt chui bit th thay th cc mu bit trong nguyn bn bng cc mu bit ca bn m

An ninh Mng

1111

H m ha Caesar

H m ha thay th xut hin sm nht & n gin nht S dng u tin bi Julius Caesar vo mc ch qun s Dch chuyn xoay vng theo th t ch ci
o

Kha k l s bc dch chuyn Vi mi ch ci ca vn bn


t p = 0 nu ch ci l a, p = 1 nu ch ci l b,... M ha : C = E(p) = (p + k) mod 26 Gii m : p = D(C) = (C - k) mod 26

V d : M ha "meet me after class" vi k = 3


An ninh Mng 1212

Ph m h m ha Caesar

Phng php vt cn
o

Kha ch l mt ch ci (hay mt s gia 1 v 25) Th tt c 25 kha c th D dng thc hin

Ba yu t quan trng
o

Bit trc cc gii thut m ha v gii m Ch c 25 kha th

Bit v c th d dng nhn ra c ngn ng ca nguyn bn

V d : Ph m "GCUA VQ DTGCM"

An ninh Mng

1313

H m ha n bng

Thay mt ch ci ny bng mt ch ci khc theo trt t bt k sao cho mi ch ci ch c mt thay th duy nht v ngc li Kha di 26 ch ci

V d
o

Kha

a b cd e fg h i j k l mnopqr st u vw x y z MNBVCXZASDFGHJKLPOIUYTREWQ
o

Nguyn bn

i love you
An ninh Mng

1414

Ph m h m ha n bng

Phng php vt cn
o

Kha di 26 k t S lng kha c th = 26! = 4 x 1026 Rt kh thc hin

Khai thc nhng nhc im ca gii thut


o

Bit r tn s cc ch ci ting Anh


C th suy ra cc cp ch ci nguyn bn - ch ci bn m V d : ch ci xut hin nhiu nht c th tng ng vi 'e'

C th nhn ra cc b i v b ba ch ci
V d b i : 'th', 'an', 'ed' V d b ba : 'ing', 'the', 'est' An ninh Mng 1515

Cc tn s ch ci ting Anh

Nguyn i Th

Tn s tng i (%)

An ninh Mng

1616

V d ph m h n bng

Cho bn m
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

Tnh tn s ch ci tng i on P l e, Z l t on ZW l th v ZWP l the Tip tc on v th, cui cng c


it was disclosed yesterday that several informal but direct contacts have been made with political representatives of the viet cong in moscow

An ninh Mng

1717

H m ha Playfair (1)

H m ha nhiu ch
o

Gim bt tng quan cu trc gia bn m v nguyn bn bng cch m ha ng thi nhiu ch ci ca nguyn bn

S dng 1 ma trn ch ci 5x5 xy dng trn c s 1 t kha


o o o

in cc ch ci ca t kha (b cc ch trng)

in nt ma trn vi cc ch khc ca bng ch ci


I v J chim cng mt ca ma trn

An ninh Mng

1818

H m ha Playfair (2)

V d ma trn vi t kha MONARCHY

M C E L U

O H F P V

N Y G Q

A B

R D

I/J K S T Z

W X

M ha 2 ch ci mt lc
o

Nu 2 ch ging nhau, tch ra bi 1 ch in thm

Nu 2 ch nm cng hng, thay bi cc ch bn phi


Nu 2 ch nm cng ct, thay bi cc ch bn di Cc trng hp khc, mi ch ci c thay bi ch ci khc cng hng, trn ct ch ci cng cp An ninh Mng 1919

Ph m h m ha Playfair

An ninh m bo hn nhiu h m ha n ch C 26 x 26 = 676 cp ch ci


o o

Vic gii m tng cp kh khn hn Cn phn tch 676 tn s xut hin thay v 26

Tng c qun i Anh, M s dng rng ri

Bn m vn cn lu li nhiu cu trc ca nguyn bn


Vn c th ph m c v ch c vi trm cp ch ci cn gii m
An ninh Mng 2020

H m ha Vigenre

L mt h m ha a bng
o

S dng nhiu bng m ha Kha gip chn bng tng ng vi mi ch ci

Kt hp 26 h Ceasar (bc dch chuyn 0 - 25)


o

Kha K = k1k2...kd gm d ch ci s dng lp i lp li vi cc ch ci ca vn bn


Ch ci th i tng ng vi h Ceasar bc chuyn i

V d
o

Kha :

deceptivedeceptivedeceptive

Nguyn bn : wearediscoveredsaveyourself Bn m : ZICVTWQNGRZGVTWAVZHCQYGLMGJ

An ninh Mng

2121

Ph m h m ha Vigenre

Phng php vt cn
o

Kh thc hin, nht l nu kha gm nhiu ch ci

Khai thc nhng nhc im ca gii thut


o

Cu trc ca nguyn bn c che y tt hn h Playfair nhng khng hon ton bin mt Ch vic tm di kha sau ph m tng h Ceasar Cch tm di kha
Nu di kha nh so vi di vn bn, c th pht hin 1 dy vn bn lp li nhiu ln Khong cch gia 2 dy vn bn lp l 1 bi s ca di kha T suy ra di kha

An ninh Mng

2222

H m ha kha t ng

Vigenre xut t kha khng lp li m c gn vo u nguyn bn


o

Nu bit t kha s gii m c cc ch ci u tin S dng cc ch ci ny lm kha gii m cc ch cc tip theo,...

V d :
o

Kha : M ha :

deceptivewearediscoveredsav ZICVTWQNGKZEIIGASXSTSLVVWLA

nguyn bn : wearediscoveredsaveyourself

Vn c th s dng k thut thng k ph m


o

Kha v nguyn bn c cng tn s cc ch ci


An ninh Mng 2323

n mt ln

L h m ha thay th khng th ph c xut bi Joseph Mauborgne Kha ngu nhin, di bng di vn bn, ch s dng mt ln Gia nguyn bn v bn m khng c bt k quan h no v thng k Vi bt k nguyn bn v bn m no cng tn ti mt kha tng ng Kh khn vic to kha v m bo phn phi kha an ninh
An ninh Mng 2424

M ha hon v c in

Che y ni dung vn bn bng cch sp xp li trt t cc ch ci Khng thay i cc ch ci ca nguyn bn Bn m c tn s xut hin cc ch ci ging nh nguyn bn

An ninh Mng

2525

H m ha hng ro

Vit cc ch ci theo ng cho trn mt s hng nht nh Sau c theo tng hng mt V d
o o
o

Nguyn bn : attack at midnight M ha vi cao hng ro l 2


a t t a c k a t m i d n i g h t

Bn m : ATCAMDIHTAKTINGT
An ninh Mng 2626

H m ha hng

Vit cc ch ci theo hng vo 1 s ct nht nh Sau hon v cc ct trc khi c theo ct Kha l th t c cc ct V d
o

Kha :

4 3 1 2 5 6 7

Nguyn bn : a t t a c k p
o s t p o n e d u n t i l t

w o a m x y z
o

Bn m :
TTNAAPTMTSUOAODWCOIXKNLYPETZ

An ninh Mng

2727

M ha tch hp

Cc h m ha thay th v hon v khng an ton v nhng c im ca ngn ng Kt hp s dng nhiu h m ha s khin vic ph m kh hn
o o o

Hai thay th to nn mt thay th phc tp hn Hai hon v to nn mt hon v phc tp hn Mt thay th vi mt hon v to nn mt h m ha phc tp hn nhiu

L cu ni t cc h m ha c in n cc h m ha hin i
An ninh Mng 2828

M ha khi

So vi m ha lung
o

M ha khi x l thng bo theo tng khi M ha lung x l thng bo 1 bit hoc 1 byte mi ln

Ging nh thay th cc k t rt ln (
o

64 bit)

Bng m ha gm 2n u vo (n l di khi)
Mi khi u vo ng vi mt khi m ha duy nht
Tnh thun nghch

di kha l n x 2n bit qu ln

Xy dng t cc khi nh hn
Hu ht cc h m ha khi i xng da trn cu trc h m ha Feistel
An ninh Mng

2929

Mng S-P

Mng thay th (S) - hon v (P) xut bi Claude Shannon vo nm 1949 L c s ca cc h m ha khi hin i Da trn 2 php m ha c in
o

Php thay th : Hp S Php hon v : Hp P

an xen cc chc nng


o

Khuch tn : Hp P (kt hp vi hp S)
Pht ta cu trc thng k ca nguyn bn khp bn m

Gy ln : Hp S
Lm phc tp ha mi quan h gia bn m v kha

An ninh Mng

3030

Hp S
u vo 3 bit

0 1 0

0 1 2 3 4 5 6 7

0 1 2 3 4 5 6 7

u ra 3 bit

1
0

Lu : Hp S c tnh thun nghch

An ninh Mng

3131

Hp P
u vo 4 bit

1 1

1 0

1 1 1 0

1 0 1 1

1 0

1
1

Lu : Hp P c tnh thun nghch

An ninh Mng

3232

M ha Feistel

xut bi Horst Feistel da trn khi nim h m ha tch hp thun nghch ca Shannon Phn mi khi di 2w bit thnh 2 na L0 v R0 X l qua n vng Chia kha K thnh n kha con K1, K2,..., Kn Ti mi vng i
o

Thc hin thay th na bn tri Li-1 bng cch XOR n vi F(Ki, Ri-1)
F thng gi l hm chuyn i hay hm vng

o o

Hon v hai na Li v Ri

An ninh Mng

3333

Nguyn bn (2w bit) L0 Vng 1 + L1


w bit w bit

R0

K1

. . .
Vng n

. . .
+ F

R1 Kn

Ln Ln+1 Bn m (2w bit)


An ninh Mng

Rn Rn+1

3434

Cc c trng h Feistel

di khi
o

Khi cng ln cng an ninh (thng 64 bit)

di kha
o

Kha cng di cng an ninh (thng 128 bit)

S vng
o

Cng nhiu vng cng an ninh (thng 16 vng)

Gii thut sinh m con


o

Cng phc tp cng kh ph m

Hm vng
o

Cng phc tp cng kh ph m

nh hng n ci t v phn tch


An ninh Mng 3535

Gii m Feistel

Ging gii thut m ha, ch khc


o o

Bn m l d liu u vo Cc kha con c dng theo th t ngc li

Ti mi vng kt qu u ra chnh l cc d liu u vo ca qu trnh m ha


o
o

i vi qu trnh m ha
Li = Ri-1 Ri = Li-1 F(Ri-1, Ki)

o
o

i vi qu trnh gii m
Ri-1 = Li

Li-1 = Ri

F(Li, Ki)

An ninh Mng

3636

Chun m ha d liu

DES (Data Encryption Standard) c cng nhn chun nm 1977 Phng thc m ha c s dng rng ri nht Tn gii thut l DEA (Data Encryption Algorithm) L mt bin th ca h m ha Feistel, b xung thm cc hon v u v cui Kch thc khi : 64 bit

Kch thc kha : 56 bit


S vng : 16 Tng gy nhiu tranh ci v an ninh
An ninh Mng 3737

Gii thut m ha DES


Nguyn bn (64 bit)
giao hon thun vng 1 vng 2 K1 K2 Kha 56 bit giao hon

giao hon
giao hon

dch vng tri


dch vng tri

. . .
vng n Kn giao hon

. . .

dch vng tri

hon i 32 bit
giao hon nghch Bn m (64 bit) An ninh Mng 3838

Mt vng DES
<-----32 bit------> <-----32 bit------>

Li1

Ri-1
m rng g/hon --- 48 bit

x
hp S

Ki
--- 48 bit --- 32 bit --- 32 bit

giao hon

x
Li Ri
3939

Ph m DES

Kha 56 bit c 256 = 7,2 x 1016 gi tr c th Phng php vt cn t ra khng thc t Tc tnh ton cao c th ph c kha
o

1997 : 70000 my tnh ph m DES trong 96 ngy 1998 : Electronic Frontier Foundation (EFF) ph m DES bng my chuyn dng (250000$) trong < 3 ngy 1999 : 100000 my tnh ph m trong 22 gi

Vn cn phi nhn bit c nguyn bn


Thc t DES vn c s dng khng c vn Nu cn an ninh hn : 3DES hay chun mi AES
An ninh Mng 4040

H m ha 3DES

S dng 3 kha v chy 3 ln gii thut DES


o

M ha : C = EK3[DK2[EK1[p]]] Gii m : p = DK1[EK2[DK3[C]]]

di kha thc t l 168 bit


o

Khng tn ti K4 = 56 sao cho C = EK4(p)

V sao 3 ln : trnh tn cng "gp nhau gia"


o

C = EK2(EK1(p))

X = EK1(p) = DK2(C)

Nu bit mt cp (p, C)
M ha p vi 256 kha v gii m C vi 256 kha So snh tm ra K1 v K2 tng ng Kim tra li vi 1 cp (p, C) mi; nu OK th K1 v K2 l kha An ninh Mng 4141

Chun m ha tin tin

AES (Advanced Encryption Standard) c cng nhn chun mi nm 2001 Tn gii thut l Rijndael (Rijmen + Daemen) An ninh hn v nhanh hn 3DES Kch thc khi : 128 bit Kch thc kha : 128/192/256 bit S vng : 10/12/14 Cu trc mng S-P, nhng khng theo h Feistel
o

Khng chia mi khi lm i

An ninh Mng

4242

Cc h m ha khi khc (1)

IDEA (International Data Encryption Algorithm)


o

Khi 64 bit, kha 128 bit, 8 vng Theo cu trc mng S-P, nhng khng theo h Feistel
Mi khi chia lm 4

Rt an ninh Bn quyn bi Ascom nhng dng min ph

Blowfish
o

Khi 64 bit, kha 32-448 bit (ngm nh 128 bit), 16 vng

Theo cu trc h Feistel


An ninh, kh nhanh v gn nh T do s dng

An ninh Mng

4343

Cc h m ha khi khc (2)

RC5
o

Pht trin bi Ron Rivest Khi 32/64/128 bit, kha 0-2040 bit, 0-255 vng n gin, thch hp cc b x l c rng khc nhau Theo cu trc h Feistel

CAST-128
o

Pht trin bi Carlisle Adams v Stafford Tavares Khi 64 bit, kha 40-128 bit, 12/16 vng Theo cu trc h Feistel Bn quyn bi Entrust nhng dng min ph An ninh Mng

C 3 loi hm vng dng xen k


o

4444

Cc phng thc m ha khi

ECB (Electronic Codebook)


o

M ha tng khi ring r


Khi nguyn bn hin thi c XOR vi khi bn m trc M phng m ha lung (n v s bit)
s bit m ha trc c a vo thanh ghi u vo hin thi s bit tri u ra trc c a vo thanh ghi u vo hin thi

CBC (Cipher Block Chaining)


o

CFB (Cipher Feedback)


o
o

OFB (Output Feeback)


o

CTR (Counter)
o

XOR mi khi nguyn bn vi 1 gi tr thanh m m ha


An ninh Mng 4545

Phng thc ECB


p1 p2 pN

M ha C1

M ha C2 M ha

...

M ha CN

C1

C2

CN

Gii m

Gii m

...

Gii m

p1

p2
Gii m An ninh Mng

pN
4646

nh gi ECB

Nhng khi lp li trong nguyn bn c th thy c trong bn m Nu thng bo di, c th


o o

Gip phn tch ph m To c hi thay th hoc b tr li cc khi

Nhc im do cc khi c m ha c lp

Ch yu dng gi thng bo c t khi


o

V d gi kha

An ninh Mng

4747

Phng thc CBC


IV
p1 p2 pN

CN-1
K M ha C1 K M ha C2 M ha C1 K IV p1 p2 Gii m K C2 Gii m CN

...

M ha
CN

...

K CN-1

Gii m

pN 4848

Gii m An ninh Mng

nh gi CBC

Mi khi m ha ph thuc vo tt c cc khi nguyn bn trc


o

S lp li cc khi nguyn bn khng th hin trong bn m ha Thay i trong mi khi nguyn bn nh hng n tt c cc khi bn m v sau Cn c m ha ging kha Nn khc nhau i vi cc thng bo khc nhau

Cn 1 gi tr u IV bn gi v bn nhn u bit
o

Cn x l c bit khi nguyn bn khng y cui cng

Dng m ha d liu ln, xc thc

An ninh Mng

4949

M ha CFB
IV
Thanh ghi dch 64-s bit | s bit Thanh ghi dch 64-s bit | s bit

CM-1
Thanh ghi dch 64-s bit | s bit

64 K M ha K

64 M ha

...

64 K M ha

64
p1 s
Chn s bit B i 64-s bit

64
p2 s
Chn s bit B i 64-s bit

64
pM s
Chn s bit B i 64-s bit

s
s C1

C2

CM

An ninh Mng

5050

Gii m CFB
IV
Thanh ghi dch 64-s bit | s bit Thanh ghi dch 64-s bit | s bit

CM-1
Thanh ghi dch 64-s bit | s bit

64 K M ha 64
Chn s bit B i 64-s bit

64 K s
Chn s bit

M ha 64
B i 64-s bit

...
C2

64 K M ha 64
Chn s bit B i 64-s bit

s C1

CM

p1

p2

pM

An ninh Mng

5151

nh gi CFB

Thch hp khi d liu nhn c theo tng n v bit hay byte Khng cn n thng bo lm trn khi Cho php s lng bit bt k
o

K hiu CFB-1, CFB-8, CFB-64,...

L phng thc lung ph bin nht

Dng gii thut m ha ngay c khi gii m


Li xy ra khi truyn 1 khi m ha s lan rng sang cc khi tip sau
An ninh Mng 5252

M ha OFB
IV
Thanh ghi dch 64-s bit | s bit Thanh ghi dch 64-s bit | s bit

OM-1
Thanh ghi dch 64-s bit | s bit

64 K M ha 64
Chn s bit B i 64-s bit Chn s bit

64 K M ha 64
B i 64-s bit

...

64 K M ha 64
Chn s bit B i 64-s bit

p1
s

s
s

p2 s

pM s

C1

C2 An ninh Mng

CM 5353

Gii m OFB
IV
Thanh ghi dch 64-s bit | s bit Thanh ghi dch 64-s bit | s bit

OM-1
Thanh ghi dch 64-s bit | s bit

64

64

M ha 64
Chn s bit B i 64-s bit

K
s

M ha 64
Chn s bit B i 64-s bit

...
C2

64

M ha 64
Chn s bit B i 64-s bit

s s C1 p2 s s pM CM

p1

An ninh Mng

5454

nh gi OFB

Tng t CFB ch khc l phn hi ly t u ra gii thut m ha, c lp vi thng bo Khng bao gi s dng li cng kha v IV Li truyn 1 khi m ha khng nh hng n cc khi khc Thng bo d b sa i ni dung

Ch nn dng OFB-64
C th tit kim thi gian bng cch thc hin gii thut m ha trc khi nhn c d liu
An ninh Mng 5555

Phng thc CTR


Bin m K p1 C1 Bin m K C1 M ha K M ha K p2 C2 M ha Bin m + 1 M ha Bin m + N - 1 Bin m + 1 M ha Bin m + N - 1

...

K pN

M ha

CN

...

M ha

C2 p1 p2
Gii m An ninh Mng

CN pN
5656

nh gi CTR

Hiu qu cao
o o

C th thc hin m ha (hoc gii m) song song C th thc hin gii thut m ha trc nu cn

C th x l bt k khi no trc cc khi khc An ninh khng km g cc phng thc khc

n gin, ch cn ci t gii thut m ha, khng cn n gii thut gii m


Khng bao gi s dng li cng gi tr kha v bin m (tng t OFB)
An ninh Mng 5757

B tr cng c m ha

Gii php hu hiu v ph bin nht chng li cc mi e da n an ninh mng l m ha thc hin m ha, cn xc nh
o o

M ha nhng g Thc hin m ha u

C 2 phng n c bn
o o

M ha lin kt
M ha u cui

An ninh Mng

5858

M ha lin kt

Cng c m ha c sp t 2 u ca mi lin kt c nguy c b tn cng m bo an ninh vic lu chuyn thng tin trn tt c cc lin kt mng

Cc mng ln cn n rt nhiu cng c m ha


Cn cung cp rt nhiu kha Nguy c b tn cng ti mi chuyn mch
o

Cc gi tin cn c m ha mi khi i vo mt chuyn mch gi c c a ch phn u

Thc hin tng vt l hoc tng lin kt


An ninh Mng 5959

M ha u cui

Qu trnh m ha c thc hin 2 h thng u cui m bo an ninh d liu ngi dng Ch cn mt kha cho 2 u cui m bo xc thc mc nht nh Mu lu chuyn thng tin khng c bo v
o

Cc phn u gi tin cn c truyn ti tng minh


Cng ln cao cng t thng tin cn m ha v cng an ninh nhng cng phc tp vi nhiu thc th v An ninh Mng 6060 kha

Thc hin tng mng tr ln


o

Kt hp cc phng n m ha

Cng c m ha u cui PSN : Packet-switching node Cng c m ha lin kt An ninh Mng 6161

Qun l kha b mt

Vn i vi m ha i xng l lm sao phn phi kha an ninh n cc bn truyn tin


o

Thng h thng mt an ninh l do khng qun l tt vic phn phi kha b mt Kha phin (tm thi)
Dng m ha d liu trong mt phin kt ni

Phn cp kha
o
o

Hy b khi ht phin

o
o

Kha ch (lu di)


Dng m ha cc kha phin, m bo phn phi chng mt cch an ninh
An ninh Mng 6262

Cc cch phn phi kha

Kha c th c chn bi bn A v gi theo ng vt l n bn B Kha c th c chn bi mt bn th ba, sau gi theo ng vt l n A v B Nu A v B c mt kha dng chung th mt bn c th gi kha mi n bn kia, s dng kha c m ha kha mi

Nu mi bn A v B u c mt knh m ha n mt bn th ba C th C c th gi kha theo cc knh m ha n A v B


An ninh Mng 6363

Phn phi kha t ng


1. 2. 3.

4.

Host gi gi tin yu cu kt ni FEP m gi tin; hi KDC kha phin KDC phn phi kha phin n 2 host Gi tin m c truyn i

FEP = Front End Processor KDC = Key Distribution Center

An ninh Mng

6464

You might also like