An Toan Bao Mat Thong Tin

7/31/2019 An Toan Bao Mat Thong Tin

1/123

AN TON V BOMT THNG TIN

GVTH: ThS. Trn Phng Nhung


2/123

Ni dung

Chng 1: Tng quan v an ton v bomt thng tin.

Chng 2: Cc phng php m ha cin

Chng 3: Chun m dliu DES

Chng 4: Mt m cng khai Chng 5: Cc sch k s

Chng 6: Hm bm


3/123

Chng 1: Tng quan v anton v bo mt thng tin.


4/123

Thng tin l mtbphn quan trng v l ti sn thucquynshuca cc tchc

S thithi v lmdng thng tin khng chnhhngnngisdnghoc cc ngdng m n cn gy racc huqu tai hi cho ton btchc

Thm vo s ra ica Internet gip cho vic truycp thng tin ngy cng tr nn d dng hn

1. Ti sao phi bo v thng tin


5/123

2. Khi nim h thng v ti snca h thng

Khi nim h thng :H thng l mt tp hp cc my tnh bao gmcc thnh phn, phncng, phn mm v d liu lm vic c tchlu qua thi gian.

Ti sn ca h thng bao gm:

Phn cng Phn mm

D liu

Cc truyn thng gia cc my tnh ca h thng

Mi trng lm vic Con ngi


6/123

3. Cc mi e do i vi mt hthng v cc bin php ngn chn

C 3 hnh thc ch yu e da i vi h thng:

Ph hoi: k th phhng thit b phn cng hoc phn mmhot ng trn h thng.

Sa i: Ti sn ca h thng bsa i tri php. iu nythng lm cho h thng khng lm ng chcnng ca n.Chng hn nh thay i mt khu, quyn ngi dng trong hthng lm h khng th truy cp vo h thng lm vic.

Can thip: Ti sn b truy cp binhng ngi khng c thmquyn. Cc truyn thng thc hin trn h thng bngn chn,sa i.


7/123

Cc e da i vi mt h thng thng tin c th n t ba loii tng nh sau: Cc i tng t ngay bn trong h thng (insider), y l

nhng ngi c quyn truy cp hp php i vi h thng.

Nhng i tng bn ngoi h thng (hacker, cracker), thngcc i tng ny tn cng qua nhng ng kt ni vi hthng nh Internet chng hn.

Cc phn mm (chng hn nh spyware, adware ) chy trnh thng.



8/123

Lp ng dng

Mc qun l

Mc kim sot

Mc ngi s dng

Lp dch v

Lp h tng

Lp ng dngKim sot truynhp

Chng thc

Chng chi b

Bo mt s liu

An ton lung tin

Nguyn vn s liu

Kh dng

Ring t

Nguy c

Tn cng

Ph hy

Ct b

Bc, tit l

Gin on

Sa i



9/123

Cc bin php ngn chn: iu khin thng qua phn mm: da vo cc c ch an ton

bo mt ca h thng nn (h iu hnh), cc thut ton mt mhc iu khin thng qua phn cng: cc c ch bo mt, cc

thut ton mt m hc c cng ha s dng iu khin thng qua cc chnh sch ca tchc: ban hnh

cc qui nh ca tchc nhm m bo tnh an ton bo mt

ca h thng.

3. Cc mi e do i vi mt hthng v cc bin php ngn

chn


10/123

Ba mc tiu chnh ca an ton bo mt thng tin:

Bo mtthng tin

Tnh sn sng

4. Mc tiu chung ca an ton bomt thng tin


11/123

Tnh bmt (Confidentiality): - mbo rng thng tin khng btruy cpbthp php Thutngprivacy thngcsdng khi dliucbo

v c lin quan ti cc thng tin mang tnh c nhn.

Tnh ton vn(Integrity):-mborng thng tin khng bsaibthp php.

Tnh sn dng (availability): - Ti sn lun sn sng c sdng bi nhng ngi c thm quyn.



12/123

Tnh xc thc (Authentication): - mborngd liunhncchcchn l dliugc ban u

Tnh khng th chi b (Non-repudation): -m bo rngngi gi hay ngi nhn d liu khng th chi b trchnhim sau khi gi v nhn thng tin.

Thm voschnh xcca thng tin cncnh gibi:



13/123

5. Cc chin lc an ton hthng

Giihnquynhntithiu(Last Privilege):theo nguyn tc ny btkmtitng no cng chc nhngquynhnnhtnhiviti nguyn mng.

Bov theo chiu su (Defence In Depth):Khng nn da vo mtch an ton no d cho chng rtmnh, m nn tonhiucch

an ton tnghln nhau. Nt tht (Choke Point):To ra mt cakhuhp, v chcho php

thng tin i vo hthngca mnh bng con ng duy nht chnh lcakhu ny.


14/123

im ni yu nht (Weakest Link):Chin lc ny da trn nguyntc: Mt dy xch chchctimt duy nht,mtbctngchcngtiimyunht.

Tnh ton cc:Cc hthng an ton ihiphi c tnh ton cccacc hthngccb.

Tnh adngbov:Cnphisdngnhiubin php bov khcnhau cho hthng khc nhau, nu khng c ktn cng vo cmththng th chng cngd dng tn cng vo cc hthng khc.

5. Cc chin lc an ton hthng


15/123

Quyn truy nhp: L lpbov trong cng nhmkim sot cc tinguyn camng v quynhn trn ti nguyn .

ng k tn /mt khu: Thc ra y cng l kim sot quyn truynhp, nhng khng phi truy nhp mc thng tin m mc h

thng. M ho d liu: D liu b bin i t dng nhn thc c sang

dng khng nhn thcc theo mt thut ton no v scbiningclitrmnhn(gii m).

Bovvt l:Ngncn cc truy nhpvt l vo hthng.

6. Cc mc bo v trn mng


16/123

Tng la: Ngn chn thm nhp tri php v lc b cc gi tin khngmungihocnhn v cc l do no bovmt my tnh hoccmngnib (intranet).



17/123

Quntrmng: Cng tc quntrmng my tnh phicthchinmt cch khoa hcmbo cc yu cu sau :

Ton bhthnghotng bnh thng trong gi lm vic.

C h thng d phng khi c scv phncnghoc phnmmxy ra.

Backup dliu quan trng theo nhk.

Bodngmng theo nhk.

Bomtd liu, phn quyn truy cp, tchc nhm lm vic

trn mng.



18/123

7. Cc phng php bo mt

Cc phng php quan trng

Vit mt m:m bo tnh b mt ca thng tin truyn thng

Xc thc quyn:c s dng xc minh, nhn dng quyn hnca cc thnh vin tham gia.


19/123

Mt m l mt ngnh khoa hc chuyn nghin cu cc phngphp truyn tin b mt. Mt m bao gm : Lp m v ph m.

Lp m bao gm hai qu trnh: m ha v gii m.Cc sn

phm ca lnh vc ny l cc h m mt , cc hm bm, cc hch k in t, cc c ch phn phi, qun l kha v cc giaothc mt m.

Ph m: Nghin cu cc phng php ph m hoc to m gi.

Sn phm ca lnh vc ny l cc phng php ph m , ccphng php gi mo ch k, cc phng php tn cng cchm bm v cc giao thc mt m

8. An ton thng tin bng mt m


20/123

Cch hiu truyn thng: gi b mt ni dung trao iGI vNHNtrao i vi nhau trong khi TRUNG GIAN tm

cch nghe ln

GI NHN

TRUNG GIAN



21/123

Mt trong nhng ngh thut bo v thng tin l bin i n thnhmt nh dng mi kh c.

Vit mt m c lin quan n vic m ho cc thng bo trc khi gichng i v tin hnh gii m chng lc nhn c



22/123

C 2phng thc m hoc bn: thay th v hon v:

Phng thc m ho thay th: lphng thc m ho m tngk t gc hay mt nhm k t gc ca bn r c thay thbi cct, cc k hiu khc hay kt hp vi nhau cho ph hp vi mt

phng thc nht nh v kho.

Phng thc m ho hon v: lphng thc m ho m cc tm ca bn r c sp xp li theo mt phng thc nht nh.



23/123

Vai tr cahmt m:

H mt m phi che du c ni dung ca vn bn r(PlainText).

To cc yu t xc thc thng tin, mbo thng tin lu hnhtrong h thng n ngi nhn hp php l xc thc(Authenticity).

Tchc cc sch k int,mbo khng c hintnggimo,mo danh gi thng tin trn mng.

9. H mt m


24/123

Khi nimcbn Bn r X cgi l l bn tin gc. Bn r c thc chia nh

c kch thc ph hp. Bn m Y l bn tin gcc m ho. y ta thng xt

phng php m ha m khng lm thay i kch thccabnr, tc l chng c cng di. M l thut ton E chuynbn r thnh bn m. Thng thng

chng ta cnthut ton m ha mnh, cho d k th bitcthut ton, nhng khng bit thng tin v kha cng khng tmcbn r.

9. H mt m


25/123

Khi nim c bn KhoK l thng tin tham s dng m ho, ch c ngi gi

v ngui nhn bit. Kha l c lp vi bn r v c di phhp vi yu cu bo mt.

M hol qu trnh chuyn bn r thnh bn m, thng thngbao gm vic p dng thut ton m ha v mt s qu trnh xl thng tin km theo.

Gii mchuyn bn m thnh bn r, y l qu trnh ngc lica m ha.

9. H mt m


26/123

Cc thnh phncamthmt m :

Mth mmt l b5 (P, C, K, E, D) tho mn cc iukin sau:-P l khng gian bn r: l tphuhn cc bn r cth c.- C l khng gian bn m: l tphuhn cc bn m cth c.- K l kkhng gian kho: l tphuhn cc kho cth c.

ivimi k K c mt quy tc m eK: P C v mt quy tcgii m tngng dK D.Vimi eK: P C v dK: C P l nhng hm m

dK (eK(x))=x vimibn r x P.

Hm gii m dk chnh l nh x ngc ca hm m ha ek

9. H mt m


27/123

Bn r M ho Gii m Bn rBn m

Kho

Qu trnh m ha v gii m thng tin

9. H mt m


28/123

10. Phn loi h mt m

Hmtixng (hay cn gi l mt m kha b mt): l nhnghmt dng chung mt kho c trong qu trnh m ho dliu v gii md liu. Do kho phicgi b mttuyti. Mtsthut tonni ting trong m ho i xng l: DES, Triple DES(3DES), RC4,

AES

Hmt m btixng (hay cn gi l mt m kha cng khai): Cchmt ny dng mt kho m ho sau dng mt kho khc gii m, ngha l kho m ho v gii m l khc nhau. Cc khony to nn tngcpchuyningc nhau v khng c kho no cth suy c t kho kia. Kho dng m ho c th cng khai

nhng kho dng gii m phigi b mt. Do trong thut tonny c 2 loi kho: Kho m ho cgi l kha cng khai-PublicKey, kho gii m cgi l kha b mt - Private Key. Mtsthut ton m ho cng khai niting: Diffle-Hellman, RSA,


29/123

C ba phng php chnh cho vic m ho v gii m

S dng kho i xng

S dng kho bt i xng

S dng hm bm mt chiu

10. Cc phng php m ho


30/123

10.1 M ho i xng

An intro toPKI and fewdeploy hints

AxCvGsmWe#4^,sdgfMwir3:dkJeTsY8R\s@!q3%


input: vn bn thun tu Vn bn mt m

Hai kho gingnhau

M ho Gii m

output: vn bn thun tu

DES

DES


31/123

Cc kho ging nhau c s dng cho vic m ho v gii m Thut ton m ho s dng kho i xng thng c bit n l

DES (Data Encryption Standard)

Cc thut ton m ho i xng khc c bit n nh:-Triple DES, DESX, GDES, RDES - 168 bit key

-RC2, RC4, RC5 - variable length up to 2048 bits

-IDEA - basis of PGP - 128 bit key

10.1 M ho i xng


32/123

10.2 M ho bt i xng


Py75c%bn&*)9|fDe^bDzjF@g5=&nmdFgegMs


Hai kho khc nhau

M ho Gii m

input: vn bn thun tu Vn bn mt m output: vn bn thun tu

RSA RSA


33/123

Cc kho dng cho m ho v gii m khc nhau nhng cngmt mu v l cp i duy nht(kho private/public)

Kho private ch c bit n bi ngi gi

Kho public c bit n bi nhiu ngi hn n c sdng bi nhng nhm ngi ng tin cy c xc thc

Thut ton m ho s dng kho bt i xng thng c bit

n l RSA (Rivest,Shamir and Adleman 1978)

10.2 M ho bt i xng


34/123

Mt hm bm Hnhn c mt thng bo mvi mt di bt kt u vo v a ra mt xu bt hc di c nh u ra h =H(m).

Hm bm l mt hm mt chiu, iu c ngha l ta khng thtnh ton c u vo mnu bit u ra h.

Thut ton s dng hm bm thng c bit n l MD5

10.3 Hm bm


35/123

10.4 To ra ch k s

3kJfgf*$&Py75c%bn

This is thedocumentcreated by

Gianni

Thng bo hoc File Ch k sThng bo sau khi lut ho

Signatory'sprivate key

priv

Pht sinhhm bm

SHA, MD5

M hobt i xng

RSA

This is thedocumentcreated by

Gianni 3kJfgf*$&

SignedDocument

(Typically 128 bits)


36/123

Xc minh quyn hn ca cc thnh vin tham gia truyn thng

Phng php ph bin:

S dng Password : xc thc ngi s dng

11. Xc thc quyn


37/123

S dng Kerberos: phng thc m ho v xc thc trong AD cacng ngh Window

S dng Secure Remote Password (SRP): l mt giao thc xc

thc i vi cc truy cp t xa S dng Hardware Token S dng SSL/TLS Certificate Based Client Authentication: s dng

SSL/TLS m ho, xc thc trong VPN, Web S dng X.509 Public Key

S dng PGP Public Key S dng SPKI Public Key S dng XKMS Public Key. S dng XML Digital Signature

11. Xc thc quyn


38/123

12.Tiu chun nh gi h mtm

an ton:Mthmtca vo sdngiuu tin phic an ton cao. Chng phi c phng php bov m chda trn s b mt

ca cc kho, cn thut ton th cng khai. Timtthiim,an ton camtthut ton phthuc: Nu chi ph hay ph tncnthit ph vmtthut ton ln

hn gi trca thng tin m ha thut ton th thut ton tmthic coi l an ton.

Nuthi gian cnthit dng ph vmtthut ton l qulu th thut ton tmthic coi l an ton.

Nulngdliucnthit ph vmtthut ton qu lnso vi lngd liuc m ho th thut ton tmthic coi l an ton

Bn m C khng c c cc cim gy ch , nghi ng.


39/123

Tc m v gii m: Khi nh gi hmt m chng ta phich n tc m v gii m. Hmt tt th thi gian m vgii m nhanh.

Phn phi kha:Mthmt m phthuc vo kha, kha ny

c truyn cng khai hay truyn kha b mt. Phn phi khab mt th chi ph s cao hn so vi cc hmt c kha cngkhai. V vyycng l mt tiu ch khi lachnhmt m.

12.Tiu chun nh gi h mtm


40/123

13. M hnh truyn tin c bn camt m hc v lut Kirchoff


41/123

Theo lut Kirchoff (1835 - 1903) (mt nguyn tc c bn trongm ho) th: tonbcch m/gii mtrkho l khngbmtivikch.

Y ngha ca lut Kirchoff:s an ton ca cc h m mt khng

phi da vo sphc tp ca thut ton m ha s dng.

13. M hnh truyn tin c bn camt m hc v lut Kirchoff


42/123

Cc kiutn cng khc nhau

EbitcY (ciphertext only attack).

Eavesdropper: k nghe trm (Eve)

E bit mt s cp plaintext-ciphertext X-Y (known plaintext

attack).

Ebit ccryptogram cho mt s tin X do bn thn son ra(chosen plaintext attack).

14. Cc loi tn cng


43/123

15. Mt s ng dng ca m hatrong security

Mt s ng dng ca m ho trong i sng hng ngy ni chung vtrong lnh vc bo mt ni ring. l:

Securing Email

Authentication System

Secure E-commerce

Virtual Private Network

Wireless Encryption


44/123

Chng 2: Cc phngphp m ha c in


45/123

1. Modulo s hc

- Ta c a b(mod n) nu a = kn + btrong k l mt s nguyn.

- Nu a v b dng v a nhhn n, chng ta c th gi a l phnd ca b khi chia cho n.

- Ngi ta cn gi b l thng d ca a theo modulo n, v a l ngd ca b theo modulo n


46/123

1. Modulo s hc

V d:

Ta c: 42=4.9+6 vy 42 6 (mod 9)

Ta c cu hi; -42 ? (mod9), ta thy -42= -4.9-6

-42 -6 (mod 9) nhng -6 -6+9 3 (mod 9)

Vy nn -42 3 (mod 9)


47/123

- Modulo s hc cng ging nh s hc bnh thng, bao gm ccphp giao hon, kt hp v phn phi. Mt khc gim mi gi trtrung gian trong sut qu trnh tnh ton.(a+b) mod n = ((a mod n) + (b mod n)) mod n

(a- b) mod n = ((a mod n) - (b mod n)) mod n

(ab) mod n = ((a mod n) (b mod n)) mod n

(a (b + c)) mod n = (((a b) mod n) + ((a c) mod n)) mod n

- Cc php tnh trong cc h m mt hu ht u thc hin i vi

mt modulo N no .

1. Modulo s hc

2 Vnh Z


48/123

- Tp cc s nguyn ZN = {0, 1, , N-1} trong N l mt stnhin dng vi hai php ton cng (+) v nhn (.) c nhngha nh sau

- Theo tnh cht ca modulo s hc chng ta d dng nhn thyZN l mt vnh giao hon v kt hp. Hu ht cc tnh ton trongcc h m mt u c thc hin trn mt vnh ZN no .

2. Vnh ZN

2 Vnh Z


49/123

- Trn vnh ZN

s0 l phn t trung ha v

s1 c gi l phn tn v v

- V d N=9

2. Vnh ZN

3 Ph t h h h


50/123

3. Phn t nghch o trn vnhZN

- Trn mt vnh s nguyn ZN ngi ta a ra khi nim v snghch o ca mt snh sau:

(GCD-Greatest Common Divisor) c s chung ln nht


51/123

Shift Cipher:

Mt trong nhngphng php lu inhtcsdng mha

Thng ip c m ha bng cch dch chuyn xoay vngtng k tikv tr trong bngch ci

Trnghpvik=3gi l phng phpm ha Caesar.

4. Cc h mt m c in Hm dch vng ( shift cipher)


52/123

Phng php ngin, Thao tc x l m ha v gii m cthchin nhanh chng Khng gian kha K= {0, 1, 2, , n-1} = Zn Db ph vbng cch thmikhnng kha k



53/123

V d:

M ha mt thng ipcbiudinbng cc ch ci tA n Z (26 ch ci), ta sdngZ26.

Thng ip c m ha s khng an ton v c th ddng bgii m bng cch thlnlt26 gi tr kha k.

Tnh trung bnh, thng ipc m ha c thbgiim sau khong26/2 = 13lnth kha



54/123

Ta c s m nh sau:Gi s P = C = K = Z26vi 0k25M ha:ek(x) = x +k mod 26Gii m: dk(x) = y -k mod 26

(x,yZ26)



55/123

V d K=17. Cho bn mX= x1; x2; : : : ; x6 = A T T A C K.

X= x1; x2; : : : ; x6 = 0;19;19;0;2;10. M ha

y1 = x1 + kmod 26 = 0 + 17 mod 26 = 17 = R.

y2 = y3 = 19 + 17 mod 26 = 10 = K.

y4 = 17 = R.

y5 = 2 + 17 mod 26 = 19 = T.

y6 = 10 + 17 mod 26 = 1 = B.

Gii mY= y1; y2; : : : ; y6 = R K K R T B.


5 C h t i H h


56/123

5. Cc h mt m c in- H m hathay th(Substitution Cipher)

Substitution Cipher:

Phng php m ha niting

csdngphbin hng trmnm nay

Thchinvic m ha thng ipbng cch hon v cc phnttrong bng ch ci hay tng qut hn l hon v cc phn ttrong tpngunP

5 Cc h mt m c in H m ha


57/123


5 Cc h mt m c in- H m


58/123

n gin, thao tc m ha v gii m c thc hin nhanhchng

Khng gian kha Kgmn! phnt

Khcphchnchcaphng php Shift Cipher: victn cngbng cch vt cn cc gi tr kha kKl khng kh thi

Tht s an ton???

5. Cc h mt m c in- H mha thay th(Substitution Cipher)

5 C h t i H h


59/123

?AH?A?A?NG ??NG

AO VCO JO IBU RIBU

AOVCO JO IBU RIBU

MAHOAVAUNG DUNG

Tn cngda trn tns xut hin

ca k ttrong ngn

ng


5 C h t i H h


60/123

i ?a?ei ?a? i ?????e?e?

L FDPH L VDZ L FRQTXHUHG

L FDPHL VDZ L FRQTXHUHG

i came i saw i conquered


5 Cc h mt m c in H m ha


61/123

Chn mt hon v p: Z26Z26 lm kho. VD: M ho

ep(a)=X

Gii m

dp(A)=d

nguyenthanhnhut SOUDHSMGXSGSGUM



62/123

an ton ca m thay th

Mt kho l mt hon v ca 26 ch ci.

C 26! ( 4.1026) hon v (kho)

Ph m:

Khng th duyt tng kho mt. Cch khc?

5 Cc h mt m c in H m


63/123

Phn tch tn s

K t: E > T > R > N > I > O > A > S

Nhm 2 k t (digraph): TH > HE > IN > ER > RE > ON >AN > EN

Nhm 3 k t (Trigraph): THE > AND > TIO > ATI > FOR >THA > TER > RES

5. Cc h mt m c in- H mha thay th(Substitution Cipher)

6 Cc h mt m c in H


64/123

SubstitutionCipher

ShiftCipher

AffineCipher

6. Cc h mt m c in - Hm Affine

6 Cc h mt m c in - H


65/123

gii m chnh xc thng tin ???ekphi l song nh

nybaxZxZy nn mod,!,

av nnguyn t cng nhau: gcd(a,n)=1

6. Cc h mt m c in - Hm Affine



66/123

V d: Gi s P= C= Z26.

av 26nguyn t cng nhau: gcd(a,n)=1

6. Cc h mt m c in - H mAffine



67/123

M tuyn tnh l mt m thay th c dnge(x) = ax + b (mod 26), trong a, b Z26.Trng hp a = 1 l m dch chuyn.

Gii m: Tm x?y = ax + b (mod 26)

ax = y b (mod 26)x = a-1(y b) (mod 26).

Vn : Tnh a-1. c a-1, i hi (a,26)=1.Tnh a-1: Thut ton Euclide m rng.



68/123

VD: bi tp

a = 5, b = 3: y = 5x + 3 (mod 26).

M ho: NGUYENTHANHNHUT ?

6 Cc h mt m c in - H m


69/123

V d Kha

Plain(a): abcdefghijklmnopqrstuvwxyz

Cipher(b): DKVQFIBJWPESCXHTMYAUOLRGZN M ha:

Plaintext: ifwewishtoreplaceletters

Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA


6 Cc h mt m c in - H m


70/123

nkh nng chn gi tr b (n)kh nng chn gi tr a n(n)kh nng chn la kha k= (a, b)



71/123

7. Thut ton Euclide m rng


72/123

Xy dng dy s:

Nhn xt:

7. Thut ton Euclide m rng

8 Phng php Vigenere


73/123

8. Phng php Vigenere

Trong phng php m ha bng thay th: vi mt kha kcchn, mi phn t xPc nh x vo duy nhtmt phn t yC.

Phng php Vigeneres dng kha c di m.

c t tn theo nh khoa hc Blaise de Vigenere (th k 16) C th xem phng php m ha Vigenere bao gmmphp m

ha bngdchchuync p dnglun phin nhau theo chu k

Khng gian kha Kcaphng php Vigenere c sphn t lnm

V d: n=26, m=5 th khng gian kha ~1.1 x 107

8 Phng php Vigenere


74/123


8 Phng php Vigenere


75/123

V d: m= 6 v keyword l CIPHER Suy ra, kha k= (2, 8, 15, 7, 4, 17) Cho bn r: thiscryptosystemisnotsecure

Vy bn m l: vpxzgiaxivwoubttmjpwizitwzt



76/123

9. Phng php m ha Hill

Phng php Hill (1929) Tc gi: Lester S. Hill

tng chnh:

S dng mt hp tuyn tnh ca mk t trong plaintext to ra mk t trong ciphertext

V d:

9 Ph h h Hill


77/123


9 Phng php m ha Hill


78/123




79/123




80/123




81/123


10 Cc h m dng


82/123

nhngha

Mtm dng lmtb (P,C,K,L,F,E,D) tho mndccciukin sau:1. P lmttphuhn ccbn r cth.2. C ltphuhn ccbn m cth.3. K ltphuhn cc kho cth ( khng gian kho)4. L ltphuhn ccbchca dng kho.5. F = (f1 f2...) lbto dng kho. Vii1

fi : KP i -1 L

6. VimizL cmtquytcm ezE vmtquytcgiimtngngdzD . ez : P C v dz : C P l cchmtho mn dz(ez(x))= xvimibn r xP.

10. Cc h m dng

10. Cc h m dng


83/123

Cc m dng thngc m t trong cc bchnh phn tc lP= C=L=Z2. Trong trnghp ny, cc php ton m v gii m lphp cng theo modulo 2.

10. Cc h m dng

10. Cc h m dng


84/123

Ch :Nu ta coi "0" biuth gi tr "sai" v "1" biuth gi tr"ng"trong is Boolean th php cng theo moulo 2sngvi phphocloitr (XOR).

Bng chn l php cng theo modul 2 gingnhbng chn l ca

php ton XOR

10. Cc h m dng

10. Cc h m dng


85/123

Hm m ha v gii m cthchinbi cng mt php ton lphp cng theo modulo 2(hay php XOR)

V:

Trong vi zi=0 v zi=1 th

10. Cc h m dng

10. Cc h m dng


86/123

V d: m ha k tAbi Alice

K t A trong bng m ASCII c tng ng vi m6510=10000012c m ha bih kha z1,,z7=0101101

Hm m ha:

Hm gii m:

10. Cc h m dng

11. M ha One-time Pad(OTP)


87/123

nh ngha 1 :Mthmt c coi l an ton khngiukin khin khngthbph ngaycvikhnng tnh ton khnghnch.

OTPxuthin tu thk20 v cn c tn gi khc l VernamCipher, OTP cmnh danh l ci chn thnh ca ngnh m hadliu.

OTP l thut ton duy nhtchng minh cv l thuyt l khngth ph c ngay cvi ti nguyn v tn(tc l c thchnglikiutn cng brute-force).

c thtcmcbomtca OTP, ttcnhngiukin sau phictha mn:

di ca cha kha phingbng di vnbncn m

ha. Cha kha chc dng mtln. Cha kha phi l mt s ngu nhin thc.

11. M ha One time Pad(OTP)



88/123

nh ngha 2: Trong h m ha OTP ta c|P|=|C|=|K| vi




89/123

Mi nghe qua c vnginnhng trong thctnhngiukin ny khc ththa mn c. Gis Alice mun m ha ch 10MB dliubngOTP, c taphicnmt cha kha c di 10MB. to ra mtsngunhin lnnhvy Alice cnmtbtosngu nhin thc (TRNG - TrueRandom Number Generator). Cc thitb ny sdngngunngu nhinvt l nhs phn r ht nhn haybcxnnvtr. Hnnaviclutr,

chuyn giao v bo v mt cha kha nh vy cng ht sc kh khn.

D dng hn, Alice cng c th dng mtbtosngu nhin o (PRNG -Pseudo Random Number Generator) nhng khi mcbomtgimxung gnbng zero hay cng lm ch tng ng vi mt thut tondng nh RC4 m thi.

Do c nhng kh khn nh vy nn vic s dng OTP trong thc t lkhng kh thi.


12. L thuyt thng tin


90/123

y g

K thut ln xn v rm r (Confusion and Diffusion)

Theo Shannon, c hai k thut c bn che du sd thathng tin trong thng bo gc, l: s ln xn vs rm r.



91/123

K thut ln xn (Confusion): che du mi quan h gia bnr v gc. K thut ny lm tht bi cc c gng nghin cu bnm tm kim thng tin d tha v thng k mu. Phngphp d nht thc hin iu ny l thng qua k thut thay

th. Mt h m ho thay th n gin, chng hn h m dchvng Caesar, da trn nn tng ca s thay th cc ch ci cabn r, ngha lch ci ny c thay thbngch ci khc

y g



92/123

K thut rm r (Diffusion): lm mt i sd tha ca bnr bng cch tng s ph bn m vo bn r (v kha). Cngvic tm kim s d tha ca ngi thm m s rt mt thigian v phc tp. Cch n gin nht to ra s rm r l thng

qua vic i ch (hay cn gi lk thut hon v). Thng thng cc h m hin i thng kt hp c hai k

thut thay th v hon v to ra cc thut ton m ha c an ton cao hn.

y g

13. L thuyt phc tp


93/123

Lthuytthng tin chochng tabit rngmtthuttonmhocthbbil. Cnlthuyt phctp chobitkhnngb thmm camth mmt.

an ton tnh ton :

nh ngha: Mt h mt c gi l an ton v mt tnh ton nu c mt

thuttonttnht phn thcn tnhtN php ton, viN lmtsrtln no.

2.2. an ton khng iu kin

nh ngha 1: Mthmt c coi l an ton khngiukin khin khngth

bph ngaycvikhnng tnh ton khnghnch.

y p p


94/123

Chng 3: Chun m d liu DES

(Data Encryption Standard)


95/123

1.Gii thiu chung v DES

- Ngy 13/5/1973 y ban quc gia v tiu chuncaM cng byu cuvhmt m p dng cho ton quc.iu ny tnn mng cho chun m ha dliu, hay l DES.

- Lc u Des c cng ty IBM pht trinth m Lucifer, cngb vo nm 1975.

- Sau Des c xem nh l chun m ha dliu cho cc ngdng.


96/123

2. c im ca thut ton DES

DES l thut ton m ha khi, di mikhi l 64 bit .

Kha dng trong DES c di ton b l 64 bit. Tuy nhin chc 56 bit thcscsdng; 8 bit cn lichdng cho vickim tra.

Des xut ra bn m 64 bit.

Thut ton thc hin 16 vng

M ho v gii m csdng cng mt kho.

DES cthitkchy trn phncng.

3. M t thut ton


97/123

3. M t thut ton

3. M t thut ton


98/123

3. M t thut ton

3. M t thut ton


99/123

Thut ton c thc hin trong 3 giai on:

1. Cho bn r x (64bit) c hon v khi to IP (InitialPermutation) to nn xu bit x0.

x0=IP(x)=L0R0

L0 l 32 bit u tin ca x0.R0 l 32 bit cui ca x0.

3. M t thut ton

3. M t thut ton


100/123

58 50 42 34 26 18 10 2

60 52 44 36 28 20 12 4

62 54 46 38 30 22 14 6

64 56 48 40 32 24 16 8

57 49 41 33 25 17 9 1

59 51 43 35 27 19 11 3

61 53 45 37 29 21 13 5

63 55 47 39 31 23 15 7

Hon vkhiunhmichkhid liu vo , thay iv tr ca ccbt trong khidliu vo. V d, hon vkhiuchuyn bt 1 thnh bt58, bt 2 thnh bt 50, bt 3 thnh bt 42,...

3. M t thut ton

B chuyn v IP

3. M t thut ton


101/123

2. T L0 v R0s lp 16 vng, ti mi vng tnh:

Li=Ri-1

Ri=Li-1f(Ri-1,Ki) vi i= 1, 2,,16vi:l php XOR ca hai xu bit:

0 0=0 , 1 1=01 0=1, 0 1=1

f l hm m ta s m t sau.Kil cc xu c di 48 bit c tnh nh l cc hm

ca kha K.K1n K16lp nn mt lch kha.

3

3. M t thut ton


102/123

3. Ti vng th 16, R16 i chcho L16. Sau ghp 2 naR16, L16 cho i qua hon vnghch o ca hon v IP stnh c bn m. Bn m

cng c di 64 bt.

4

0

8 4

8

1

6

5

6

2

4

6

4

3

2

3

9

7 4

7

1

5

5

5

2

3

6

3

3

1

3

8

6 4

6

1

4

5

4

2

2

6

2

3

0

3

7

5 4

5

1

3

5

3

2

1

6

1

2

9

3

6

4 4

4

1

2

5

2

2

0

6

0

2

8

35

3 43

11 51

19

59

27

3

4

2 4

2

1

0

5

0

1

8

5

8

2

6

3

3

1 4

1

9 4

9

1

7

5

7

2

5

Hon v IP-1

3. M t thut ton


103/123

S tnh hm f(Ri-1,Ki)

Hm f


104/123

Hm f

1. i s u Ri-1s c m rng thnh xu c di 48 bittng ng vi hm m rng E c nh. E(Ri) bao gm 32 bitt Ri, c hon v theo mt cch thc xc nh, vi 16 bitc to ra 2 ln.

Hm f lyisu l xu nhp Ri-1 (32 bit) isth hai l Ki(48 bit) v to ra xu xut c di 32 bit. Cc bc sau cthchin.

H f


105/123

32 1 2 3 4 5

4 5 6 7 8 9

8 9 10 11 12 13

12 13 14 15 16 1716 17 18 19 20 21

20 21 22 23 24 25

24 25 26 27 28 29

28 29 30 31 32 1

Hm m rng E

Hm f

H f


106/123

2. Tnh E(Ri-1) Ki kt qu c mt khi c di 48 bit.Khi ny sc chia lm 8 khi B=B1B2B3B4B5B6B7B8. Mikhi ny c di l 6 bt.

3. Bck tip l cho cc khi Bi i qua hp Sisbinmtkhi c di 6 bit thnh mtkhi Ci c di 4 bt.

Hm f


107/123

S-box

Mihp S-box l mtbnggm 4 hng v 16 ctcnhst0. Nhvymihp S c hng 0,1,2,3. Ct 0,1,2,,15. Miphntcahp l mts 4 bt. Su bt vo hp S s xc nhs hng vsct tm ktqu ra.

Mikhi Bi c 6 bt k hiu l b1, b2, b3, b4, b5 v b6. Bt b1 v b6ckthp thnh mts 2 bt, nhn gi trt 0 n 3, tngngvimt hng trong bng S. Bn bt gia, t b2 ti b5, ckthp thnh mts 4 bt, nhn gi trt 0 n 15, tngngvimtct trong bng S.

S-box


108/123

S box

S-box


109/123

S box

S-box


110/123

S box

S-box


111/123

S bo

S-box


112/123

14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7

0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8

4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0

15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

b2b3b4b5=1100

b1b6=00

Hp S1

- Mi xu xut 4 bit ca cc hp S c a vo cc Cj tngng: Cj = Sj(Bj) (1


113/123

4. Xu bit C = C1C2C3C4C5C6C7C8 c di 32 bit c honv tng ng vi hon v c nh P. Kt qu c P(C)=f(Ri,Ki). 16 7 20 21

29 12 28 17

1 15 23 26

5 18 31 10

2 8 24 14

32 27 3 9

19 13 30 6

22 11 4 25

Hon v P

Hm f

Kh K


114/123

Kha K

- K l mt xu c di 64 bit trong 56 bit dng lm kha v8 bit dng kim tra sbng nhau (pht hinli).

- Cc bit cc v tr 8, 16,, 64 c xc nh, sao cho mibyte cha s l cc s 1, v vy tng li c th c pht

hin trong mi 8 bit.- Cc bit kim tra s bng nhau l c b qua khi tnh lch

kha.

S tnh kha K1 K2 K16


115/123

S tnh kha K1, K2, , K16

Kha K


116/123

Qu trnh to cc kha con (subkeys) t kha K c m

t nh sau:Cho kha K 64 bit, loib cc bit kim tra v hon v cc bitcn li ca K tng ng vi hon v c nh PC-1. Ta vitPC1(K) = C0D0, vi C0 bao gm 28 bt u tin ca PC-1(k)

v D0 l 28 bit cn li.

Kha K


117/123

Cc hon v c nh PC-1 v PC-2:

Gii m


118/123

Vicgii m dng cng mtthut ton nhvic m ho. gii m d liuc m ho, qu trnh gingnh m ho

c lp li nhng cc cha kho ph c dng theo th t

ngc li t K16n K1, ngha l trong bc 2 ca qu trnh mhod liuu vo trn Ri-1sc XOR vi K17-ich khngphivi Ki.

c im ca m DES


119/123

Tnh cht b ca m DES:DES c tnh cht b:

trong :l phn b ca A theo tng bt (1 thay bng

0 v ngc li).EKl bn m ha ca E vi kha K. P v C l vn

bn r (trc khi m ha) v vn bn m (sau khi mha).

Do tnh b, ta c th gim phc tp ca tn cngduyt ton b xung 2 ln (tng ng vi 1 bt) viiu kin l ta c th la chn bn r.

c im ca m DES


120/123

Cc kha yu trong m Des:Ngoi ra DES cn c 4 kha yu (weak keys). Khi s dng kha

yu th m ha (E) v gii m (D) s cho ra cng kt qu:

EK(EK(P)) = Por equivalently, EK= DK

Bn cnh , cn c 6 cp kha na yu (semi-weak keys). Mha vi mt kha trong cp, K1, tng ng vi gii m vi khacn li, K2:

EK1(EK2(P))=P or equivalently EK1=DK2

Tuy nhin c th d dng trnh c nhng kha ny khi thc

hin thut ton, c th bng cch th hoc chn kha mt cchngu nhin. Khi kh nng chn phi kha yu l rt nh.

c im ca m DES


121/123

Triple DES:Triple-DES chnh l DES vi hai cha kho 56 bit. Cho mtbn

tin cn m ho, cha kho u tin c dng m ho DESbn tin .

Kt qu thu c li c cho qua qu trnh gii m DESnhngvi cha kho l cha kho th hai.

Bn tin sau qua c binibngthut ton DES hai lnnhvylic m ho DES mtlnnavi cha kho u tin ra cbn tin m ho cui cng.

Qu trnh m ho DES ba bc ny cgi l Triple-DES.

Kim Tra


122/123

Mn: ATBMTT Lp: KHMT1K3 Thi gian: 120

Cho bn r mang ni dung:x=0123D56789ABCDE8.Cho kho K=183457799B3CDFF2

Trong h c s 16, Thc hin m ha vn bn r trn theothut ton DES


123/123

Xin chn thnh cm n!

An Toan Bao Mat Thong Tin

Documents

Transcript of An Toan Bao Mat Thong Tin