Bai Giang an Toan Bao Mat Thong Tin
141
Click here to load reader
-
Upload
hari-nguyen -
Category
Documents
-
view
99 -
download
30
description
Giáo trình An toàn bảo mật thông tin Đại học Hàng Hải Việt NamTác giả: Tiến sĩ Nguyễn Hữu Tuân
Transcript of Bai Giang an Toan Bao Mat Thong Tin
-
TRNG I HC HNG HI KHOA CNG NGH THNG TIN
GIO TRNH AN TON BO MT THNG TIN
Thc s Nguyn Hu Tun
Hi Phng 2007
-
Mc lc
MC LC LI NI U ......................................................................................................................... 1 CHNG I: GII THIU ...................................................................................................... 2
1. An ton bo mt thng tin v mt m hc .................................................................... 2 2. Khi nim h thng v ti sn ca h thng ................................................................. 2 3. Cc mi e do i vi mt h thng v cc bin php ngn chn............................. 2 4. Mc tiu v nguyn tc chung ca an ton bo mt thng tin ..................................... 3 5. Mt m hc (cryptology) ................................................................................................ 4 6. Khi nim h m mt (CryptoSystem) .......................................................................... 4 7. M hnh truyn tin c bn ca mt m hc v lut Kirchoff ......................................... 5 8. S lc v lch s mt m hc ..................................................................................... 6 9. Phn loi cc thut ton mt m hc ............................................................................ 8 10. Mt s ng dng ca mt m hc............................................................................... 8
CHNG II: C S TON HC....................................................................................... 10 1. L thuyt thng tin........................................................................................................ 10
1.1. Entropy .................................................................................................................. 10 1.2. Tc ca ngn ng. (Rate of Language) .......................................................... 11 1.3. Tnh an ton ca h thng m ho ...................................................................... 11 1.4. K thut ln xn v rm r (Confusion and Diffusion) ...................................... 12
2. L thuyt phc tp .................................................................................................. 13 2.1. an ton tnh ton ............................................................................................. 14 2.2. an ton khng iu kin .................................................................................. 14 3.3. H mt tch............................................................................................................ 16
3. L thuyt ton hc........................................................................................................ 17 3.1. Modulo s hc....................................................................................................... 17 3.2. S nguyn t ......................................................................................................... 17 3.3. c s chung ln nht ......................................................................................... 17 3.4. Vnh ZN (vnh ng d module N) ...................................................................... 18 3.5. Phn t nghch o .............................................................................................. 18 3.6. Hm phi le .......................................................................................................... 19 3.7. Thng d bc hai.................................................................................................. 19 3.8. Thut ton ly tha nhanh ................................................................................... 20 3.9. Thut ton clit m rng ..................................................................................... 21 3.10. Phng trnh ng d bc nht 1 n................................................................. 22 3.11. nh l phn d Trung Hoa. ............................................................................... 22
4. Cc thut ton kim tra s nguyn t.......................................................................... 23 4.1. Mt s k hiu ton hc ........................................................................................ 23 4.2. Thut ton Soloway-Strassen .............................................................................. 25 4.3. Thut ton Rabin-Miller ........................................................................................ 26 4.4. Thut ton Lehmann............................................................................................. 26
5. Bi tp .......................................................................................................................... 26 CHNG III: CC H M KHA B MT ......................................................................... 28
1. Cc h m c in ....................................................................................................... 28 1.1. H m ho thay th (substitution cipher) ............................................................. 28 1.2. H m Caesar ....................................................................................................... 28 1.3. H m Affine ......................................................................................................... 29 1.4. H m Vigenere .................................................................................................... 30 1.5. H m Hill.............................................................................................................. 30 1.6. H m i ch (transposition cipher).................................................................... 32
2. Cc h m khi ............................................................................................................ 34 2.1. Mt m khi........................................................................................................... 34 2.2. Chun m ho d liu DES (Data Encryption Standard) .................................... 35 2.3. Cc yu im ca DES......................................................................................... 51
i
-
Mc lc
2.4. Triple DES (3DES)................................................................................................ 53 2.5. Chun m ha cao cp AES ................................................................................ 54 2.6. Cc c ch, hnh thc s dng ca m ha khi (Mode of Operation) .............. 68
3. Bi tp .......................................................................................................................... 72 CHNG IV: CC H M MT KHA CNG KHAI ........................................................ 77
1. Khi nim h m mt kha cng khai ......................................................................... 77 2. Nguyn tc cu to ca cc h m mt kha cng khai ............................................ 78 3. Mt s h m kha cng khai...................................................................................... 78
3.1. H m knapsack ................................................................................................... 78 3.2. H m RSA ........................................................................................................... 79 3.3. H m El Gamal.................................................................................................... 83 3.4. Cc h m mt da trn cc ng cong Elliptic ............................................... 85
4. Bi tp .......................................................................................................................... 96 CHNG V: CH K IN T V HM BM .............................................................. 101
1. Ch k in t ........................................................................................................... 101 1.1. Khi nim v ch k in t ............................................................................... 101 1.2. H ch k RSA ................................................................................................... 102 1.3. H ch k ElGammal.......................................................................................... 103 1.4. Chun ch k in t (Digital Signature Standard) ........................................... 106
1.5. M hnh ng dng ca ch k in t ................................................................... 108 2. Hm Bm (Hash Function) ........................................................................................ 109
2.1. Khi nim ............................................................................................................ 109 2.2. c tnh ca hm Bm ....................................................................................... 109 2.3. Birthday attack .................................................................................................... 110 2.4. Mt s hm Bm ni ting .................................................................................. 111 2.5. Mt s ng dng ca hm Bm ......................................................................... 118
3. Bi tp ........................................................................................................................ 119 CHNG VI: QUN L KHA......................................................................................... 120
1. Qun l kho trong cc mng truyn tin.................................................................... 120 2. Mt s h phn phi kho ......................................................................................... 120
2.1. S phn phi kho Blom ............................................................................... 120 2.2. H phn phi kho Kerberos .............................................................................. 122 2.3. H phn phi kha Diffe-Hellman ...................................................................... 123
3. Trao i kho v tho thun kho ............................................................................. 124 3.1. Giao thc trao i kho Diffie-Hellman .............................................................. 124 3.2. Giao thc trao i kho Diffie-Hellman c chng ch xc nhn ........................ 125 3.3. Giao thc trao i kho Matsumoto-Takashima-Imai........................................ 126 3.4. Giao thc Girault trao i kho khng chng ch .............................................. 127
4.Bi tp ......................................................................................................................... 128 CHNG VII: GIAO THC MT M ............................................................................... 130
1. Giao thc ................................................................................................................... 130 2. Mc ch ca cc giao thc....................................................................................... 130 3. Cc bn tham gia vo giao thc (the players in protocol) ........................................ 131 4. Cc dng giao thc.................................................................................................... 132
4.1. Giao thc c trng ti ......................................................................................... 132 4.2. Giao thc c ngi phn x .............................................................................. 133 4.3. Giao thc t phn x ......................................................................................... 134
5. Cc dng tn cng i vi giao thc ........................................................................ 134 TI LIU THAM KHO ...................................................................................................... 136
ii
-
Danh mc hnh v
DANH MC HNH V Hnh 1.1: M hnh c bn ca truyn tin bo mt................................................................. 5 Hnh 3.1: Chun m ha d liu DES ................................................................................. 36 Hnh 3.2: S m ho DES .............................................................................................. 38 Hnh 3.3: S mt vng DES ........................................................................................... 39 Hnh 3.4: S to kho con ca DES ............................................................................. 41 Hnh 3.5: S hm f.......................................................................................................... 43 Hnh 3.6: S hm m rng (E) ....................................................................................... 44 Hnh 3.7: Triple DES ............................................................................................................ 53 Hnh 3.8: Cc trng thi ca AES........................................................................................ 56 Hnh 3.9: Thut ton m ha v gii m ca AES .............................................................. 59 Hnh 3.10: Hm ShifftRows() ............................................................................................... 62 Hnh 3.11: Hm MixColumns ca AES ............................................................................... 63 Hnh 3.12: Hm AddRoundKey ca AES ............................................................................ 63 Hnh 3.13: Hm InvShiftRows() ca AES ............................................................................ 66 Hnh 3.14: C ch ECB ....................................................................................................... 69 Hnh 3.15: Ch CBC ....................................................................................................... 70 Hnh 3.16: Ch CFB ....................................................................................................... 71 Hnh 4.1: M hnh s dng 1 ca cc h m kha cng khai PKC .................................... 78 Hnh 4.2: M hnh s dng 2 ca cc h m kha cng khai PKC .................................... 78 Hnh 4.3: M hnh ng dng lai ghp RSA vi cc h m khi.......................................... 83 Hnh 4.4: Cc ng cong Elliptic trn trng s thc ...................................................... 87 Hnh 4.5: Hnh biu din E24(g4, 1) ...................................................................................... 92 Hnh 4.6: Phng php trao i kha Diffie-Hellman da trn ECC ................................. 94 Hnh 5.1: M hnh ng dng ca ch k in t .............................................................. 108 Hnh 5.2: S ch k s dng hm Bm....................................................................... 109 Hnh 5.3: S vng lp chnh ca MD5 ......................................................................... 112 Hnh 5.4: S mt vng lp MD5 ................................................................................... 113 Hnh 5.5: S mt vng lp ca SHA ............................................................................ 117
iii
-
Danh mc bng
DANH MC BNG Bng 2.1: Bng bc ca cc phn t trn Z*21 .................................................................... 19 Bng 2.2: Bng ly tha trn Z13 ......................................................................................... 20 Bng 3.1: Bng nh s cc ch ci ting Anh .................................................................. 29 Bng 3.2: M ho thay i v tr ct ..................................................................................... 32 Bng 3.3: M ha theo mu hnh hc ................................................................................. 33 Bng 3.4: V d m ha theo mu hnh hc ........................................................................ 33 Bng 3.5: M ha hon v theo chu k ................................................................................ 34 Bng 3.6: Bng hon v IP ................................................................................................... 39 Bng 3.7: Bng hon v ngc IP -1 ..................................................................................... 39 Bng 3.8: Bng PC-1 ........................................................................................................... 41 Bng 3.9: Bng dch bit ti cc vng lp ca DES.............................................................. 42 Bng 3.10: Bng PC-2 ......................................................................................................... 42 Bng 3.11: Bng m t hm m rng E.............................................................................. 44 Bng 3.12: Hp S1 ............................................................................................................... 45 Bng 3.13: Hp S2 ............................................................................................................... 45 Bng 3.14: Hp S3 ............................................................................................................... 45 Bng 3.15: Hp S4 ............................................................................................................... 46 Bng 3.16: Hp S5 ............................................................................................................... 46 Bng 3.17: Hp S6 ............................................................................................................... 46 Bng 3.18: Hp S7 ............................................................................................................... 46 Bng 3.19: Hp S8 ............................................................................................................... 46 Bng 3.20: Bng hon v P .................................................................................................. 47 Bng 3.21: V d v cc bc thc hin ca DES ............................................................. 50 Bng 3.22: Cc kha yu ca DES ..................................................................................... 51 Bng 3.23: Cc kha na yu ca DES ............................................................................. 52 Bng 3.24: Qui c mt s t vit tt v thut ng ca AES ............................................ 54 Bng 3.25: Bng biu din cc xu 4 bit ............................................................................. 56 Bng 3.26: Bng di kha ca AES ............................................................................... 57 Bng 3.27: Bng th S-Box ca AES .................................................................................. 61 Bng 3.28: Bng th cho hm InvSubBytes() ..................................................................... 66 Bng 4.1: Tc ca thut ton Brent-Pollard ................................................................... 81 Bng 4.2: Biu din ca tp E23(1, 1) ................................................................................ 90 Bng 4.3: Bng so snh cc h m ECC vi h m RSA .................................................. 96
iv
-
Li ni u
LI NI U
T trc cng nguyn con ngi phi quan tm ti vic lm th no m bo an ton b mt cho cc ti liu, vn bn quan trng, c bit l trong lnh vc qun s, ngoi giao. Ngy nay vi s xut hin ca my tnh, cc ti liu vn bn giy t v cc thng tin quan trng u c s ha v x l trn my tnh, c truyn i trong mt mi trng m mc nh l khng an ton. Do yu cu v vic c mt c ch, gii php bo v s an ton v b mt ca cc thng tin nhy cm, quan trng ngy cng tr nn cp thit. Mt m hc chnh l ngnh khoa hc m bo cho mc ch ny. Kh c th thy mt ng dng Tin hc c ch no li khng s dng cc thut ton m ha thng tin. Ti liu ny da trn nhng kinh nghim v nghin cu m tc gi c rt, thu thp trong qu trnh ging dy mn hc An ton v Bo mt Thng tin ti khoa Cng ngh Thng tin, i hc Hng hi Vit nam. Vi by chng c chia thnh cc ch khc nhau t c s ton hc ca mt m hc cho ti cc h m, cc giao thc mt m, hy vng s cung cp cho cc em sinh vin, cc bn c gi mt ti liu b ch. Mc d rt c gng song vn khng trnh khi mt s thiu st, hy vng s c cc bn b ng nghip, cc em sinh vin, cc bn c gi gp chn thnh ti c th hon thin hn na cun sch ny.
Xin gi li cm n chn thnh ti cc bn b ng nghip, nhng ngi thn lun ng vin, gp cho ti trong qu trnh bin son. Xin gi li cm n ti Thc s Nguyn nh Dng, ngi c v cho nhng nhn xt, gp qu bu cho phn vit v h m kha cng khai da trn cc ng cong Elliptic. Xin gi li cm n su sc ti Thc s Phm Tun t, ngi hiu nh mt cch k cng v cho rt nhiu nhn xt c gi tr cho bn tho ca cun sch ny. Cui cng xin gi li cm n ti Ban ch nhim khoa Cng ngh Thng tin, c bit l Tin s L Quc nh ch nhim khoa, lun to iu kin tt nht, gip cun sch ny c th hon thnh.
Hi phng, thng 12 nm 2007 Tc gi
Nguyn Hu Tun
1
-
Chng I: Gii thiu
CHNG I: GII THIU
1. An ton bo mt thng tin v mt m hc
Tri qua nhiu th k hng lot cc giao thc (protocol) v cc c ch (mechanism) c to ra p ng nhu cu an ton bo mt thng tin khi m n c truyn ti trn cc phng tin vt l (giy, sch, bo ). Thng th cc mc tiu ca an ton bo mt thng tin khng th t c nu ch n thun da vo cc thut ton ton hc v cc giao thc, m t c iu ny i hi cn c cc k thut mang tnh th tc v s tn trng cc iu lut. Chng hn s b mt ca cc bc th tay l do s phn pht cc l th c ng du bi mt dch v th tn c chp nhn. Tnh an ton v mt vt l ca cc l th l hn ch (n c th b xem trm) nn m bo s b mt ca bc th php lut a ra qui nh: vic xem th m khng c s ng ca ch nhn hoc nhng ngi c thm quyn l phm php v s b trng pht. i khi mc ch ca an ton bo mt thng tin li t c nh chnh phng tin vt l mang chng, chng hn nh tin giy i hi phi c in bng loi mc v giy tt khng b lm gi.
V mt tng vic lu gi thng tin l khng c nhiu thay i ng k qua thi gian. Ngy xa thng tin thng c lu v vn chuyn trn giy t, trong khi gi y chng c lu di dng s ha v c vn chuyn bng cc h thng vin thng hoc cc h thng khng dy. Tuy nhin s thay i ng k n y chnh l kh nng sao chp v thay i thng tin. Ngi ta c th to ra hng ngn mu tin ging nhau v khng th phn bit c n vi bn gc. Vi cc ti liu lu tr v vn chuyn trn giy iu ny kh khn hn nhiu. V iu cn thit i vi mt x hi m thng tin hu ht c lu tr v vn chuyn trn cc phng tin in t chnh l cc phng tin m bo an ton bo mt thng tin c lp vi cc phng tin lu tr v vn chuyn vt l ca n. Phng tin chnh l mt m hc, mt ngnh khoa hc c lch s lu i da trn nn tng cc thut ton ton hc, s hc, xc sut v cc mn khoa hc khc.
2. Khi nim h thng v ti sn ca h thng
Khi nim h thng: H thng l mt tp hp cc my tnh gm cc thnh phn phn cng, phn mm v d liu lm vic c tch lu qua thi gian.
Ti sn ca h thng bao gm:
Phn cng
Phn mm
D liu
Cc truyn thng gia cc my tnh ca h thng
Mi trng lm vic
Con ngi
3. Cc mi e do i vi mt h thng v cc bin php ngn chn C 3 hnh thc ch yu e da i vi h thng:
2
-
Chng I: Gii thiu
Ph hoi: k th ph hng thit b phn cng hoc phn mm hot ng trn h thng.
Sa i: Ti sn ca h thng b sa i tri php. iu ny thng lm cho h thng khng lm ng chc nng ca n. Chng hn nh thay i mt khu, quyn ngi dng trong h thng lm h khng th truy cp vo h thng lm vic.
Can thip: Ti sn b truy cp bi nhng ngi khng c thm quyn. Cc truyn thng thc hin trn h thng b ngn chn, sa i.
Cc e da i vi mt h thng thng tin c th n t nhiu ngun v c thc hin bi cc i tng khc nhau. Chng ta c th chia thnh 3 loi i tng nh sau: cc i tng t ngay bn trong h thng (insider), y l nhng ngi c quyn truy cp hp php i vi h thng, nhng i tng bn ngoi h thng (hacker, cracker), thng cc i tng ny tn cng qua nhng ng kt ni vi h thng nh Internet chng hn, v th ba l cc phn mm (chng hn nh spyware, adware ) chy trn h thng.
Cc bin php ngn chn:
Thng c 3 bin php ngn chn:
iu khin thng qua phn mm: da vo cc c ch an ton bo mt ca h thng nn (h iu hnh), cc thut ton mt m hc
iu khin thng qua phn cng: cc c ch bo mt, cc thut ton mt m hc c cng ha s dng
iu khin thng qua cc chnh sch ca t chc: ban hnh cc qui nh ca t chc nhm m bo tnh an ton bo mt ca h thng.
Trong mn hc ny chng ta tp trung xem xt cc thut ton mt m hc nh l mt phng tin c bn, ch yu m bo an ton cho h thng.
4. Mc tiu v nguyn tc chung ca an ton bo mt thng tin
Ba mc tiu ca an ton bo mt thng tin:
Tnh b mt: Ti sn ca h thng ch c truy cp bi nhng ngi c thm quyn. Cc loi truy cp gm c: c (reading), xem (viewing), in n (printing), s dng chng trnh, hoc hiu bit v s tn ti ca mt i tng trong t chc.Tnh b mt c th c bo v nh vic kim sot truy cp (theo nhiu kiu khc nhau) hoc nh cc thut ton m ha d liu. Kim sot truy cp ch c th c thc hin vi cc h thng phn cng vt l. Cn i vi cc d liu cng cng th thng phng php hiu qu l cc phng php ca mt m hc.
Tnh ton vn d liu: ti sn ca h thng ch c thay i bi nhng ngi c thm quyn.
Tnh sn dng: ti sn lun sn sng c s dng bi nhng ngi c thm quyn.
Hai nguyn tc ca an ton bo mt thng tin:
3
-
Chng I: Gii thiu
Vic thm nh v bo mt phi l kh v cn tnh ti tt c cc tnh hung, kh nng tn cng c th c thc hin.
Ti sn c bo v cho ti khi ht ga tr s dng hoc ht ngha b mt.
5. Mt m hc (cryptology)
Mt m hc bao gm hai lnh vc: m ha (cryptography) v thm m (cryptanalysis-codebreaking) trong :
M ha: nghin cu cc thut ton v phng thc m bo tnh b mt v xc thc ca thng tin (thng l di dng cc vn bn lu tr trn my tnh). Cc sn phm ca lnh vc ny l cc h m mt, cc hm bm, cc h ch k in t, cc c ch phn phi, qun l kha v cc giao thc mt m.
Thm m: Nghin cu cc phng php ph m hoc to m gi. Sn phm ca lnh vc ny l cc phng php thm m, cc phng php gi mo ch k, cc phng php tn cng cc hm bm v cc giao thc mt m.
Trong gii hn ca mn hc ny chng ta ch yu tp trung vo tm hiu cc vn m ha vi cc h m mt, cc hm bm, cc h ch k in t, cc giao thc mt m.
M ha (cryptography) l mt ngnh khoa hc ca cc phng php truyn tin bo mt. Trong ting Hy Lp, Crypto (krypte) c ngha l che du hay o ln, cn Graphy (grafik) c ngha l t. [3]
Ngi ta quan nim rng: nhng t, nhng k t ca bn vn bn gc c th hiu c s cu thnh nn bn r (P-Plaintext), thng th y l cc on vn bn trong mt ngn ng no ; cn nhng t, nhng k t dng b mt khng th hiu c th c gi l bn m (C-Ciphertext).
C 2 phng thc m ho c bn: thay th v hon v:
Phng thc m ho thay th l phng thc m ho m tng k t gc hay mt nhm k t gc ca bn r c thay th bi cc t, cc k hiu khc hay kt hp vi nhau cho ph hp vi mt phng thc nht nh v kho.
Phng thc m ho hon v l phng thc m ho m cc t m ca bn r c sp xp li theo mt phng thc nht nh.
Cc h m mt thng s dng kt hp c hai k thut ny.
6. Khi nim h m mt (CryptoSystem) Mt h m mt l b 5 (P, C, K, E, D) tho mn cc iu kin sau:
1) P l khng gian bn r: l tp hu hn cc bn r c th c.
2) C l khng gian bn m: l tp hu hn cc bn m c th c.
3) K l kkhng gian kho: l tp hu hn cc kho c th c.
4) i vi mi k K, c mt quy tc m ho ek E v mt quy tc gii m tng ng dk D. Vi mi ek: P C v dk: C P l nhng hm m dk(ek(x)) = x cho mi bn r x P. Hm gii m dk chnh l nh x ngc ca hm m ha ek [5]
4
-
Chng I: Gii thiu
Thng th khng gian cc bn r v khng gian cc bn m l cc vn bn c to thnh t mt b ch ci A no . c th l b ch ci ting Anh, b m ASCII, b m Unicode hoc n gin nht l cc bit 0 v 1.
Tnh cht 4 l tnh cht quan trng nht ca m ho. Ni dung ca n ni rng nu m ho bng ek v bn m nhn c sau c gii m bng hm dk th kt qu nhn c phi l bn r ban u x. R rng trong trng hp ny, hm ek(x) phi l mt n nh, nu khng th ta s khng gii m c. V nu tn ti x1 v x2 sao cho y = ek(x1) = ek(x2) th khi nhn c bn m y ta khng bit n c m t x1 hay x2.
Trong mt h mt bt k ta lun c |C| |P| v mi quy tc m ho l mt n nh. Khi |C| = |P| th mi hm m ho l mt hon v.
7. M hnh truyn tin c bn ca mt m hc v lut Kirchoff
M hnh truyn tin thng thng: Trong m hnh truyn tin thng thng thng tin c truyn (vn chuyn) t ngi gi n ngi nhn c thc hin nh mt knh vt l (chng hn nh vic gi th) c coi l an ton.
M hnh truyn tin c bn ca mt m hc:
Hnh 1.1: M hnh c bn ca truyn tin bo mt
y l m hnh c bn ca truyn tin bo mt. Khc vi truyn tin thng thng, c cc yu t mi c thm vo nh khi nim k ch (E-Enemy), cc kho m ho v gii m K m bo tnh bo mt ca thng tin cn truyn i.
Trong m hnh ny ngi gi S (Sender) mun gi mt thng ip X (Message l mt bn r) ti ngi nhn R (Receiver) qua mt knh truyn khng an ton (Insecured Channel), k ch E (Enemy) c th nghe trm, hay sa i thng tin X. V vy, S s dng php bin i, tc m ho (E-Encryption) ln thng tin X dng c c (Plaintext) to ra mt on vn bn c m ho Y (C-Ciphertext) khng th hiu c theo mt quy lut thng thng s dng mt thng tin b mt c gi l kho K1 (Key), kho K1 chnh l thng s iu khin cho php bin i t bn r X sang bn m Y (ch cc bn tham gia truyn tin S v R mi c th bit kha ny). Gii m (D-Decryption) l qu trnh ngc li cho php ngi nhn thu c thng tin X ban u t on m ho Y s dng kha gii m K2 (ch l kha gii m v kha m ha c th khc nhau hoc l mt ty thuc vo h m s dng).
Cc php bin i c s dng trong m hnh truyn tin trn thuc v mt h m mt (Cryptosytem) no .
X Y Y X Sender Encryp
t
Insecured Channel Decryp
t Receiver
K1 K2
Enemy
5
-
Chng I: Gii thiu
Qu trnh m ha v gii m yu cu cc qu trnh bin i d liu t dng nguyn thu thnh in put cho vic m ha v chuyn output ca qu trnh gii m thnh bn r. Cc qu trnh ny l cc qu trnh bin i khng kha v c gi l cc qu trnh encode v decode.
Theo lut Kirchoff (1835 - 1903) (mt nguyn tc c bn trong m ho) th: ton b c ch m/gii m tr kho l khng b mt i vi k ch [5]. R rng khi i phng khng bit c h m mt ang s dng thut ton m ha g th vic thm m s rt kh khn. Nhng chng ta khng th tin vo an ton ca h m mt ch da vo mt gi thit khng chc chn l i phng khng bit thut ton ang s dng. V vy, khi trnh by mt h mt bt k, chng ta u gi thit h mt c trnh by di lut Kirchoff.
ngha ca lut Kirchoff: s an ton ca cc h m mt khng phi da vo s phc tp ca thut ton m ha s dng.
8. S lc v lch s mt m hc Mt m hc l mt ngnh khoa hc c mt lch s khong 4000 nm. Cc c vt
ca ngnh kho c hc thu c cho thy iu ny. Nhng ngi Ai cp c i s dng cc ch tng hnh nh l mt dng m ha n gin nht trn cc bia m ca h. Cc ti liu vit tay khc cng cho thy cc phng php m ha n gin u tin m loi ngi s dng l ca ngi Ba T c v ngi Do Thi c.
Tuy vy c th chia lch s mt m hc thnh hai thi k nh sau:
Thi k tin khoa hc: T trc cng nguyn cho ti nm 1949. Trong giai on ny mt m hc c coi l mt ngh thut nhiu hn l mt mn khoa hc mc d c ng dng trong thc t.
Lch s ca mt m hc c nh du vo nm 1949 khi Claude Shannon a ra l thuyt thng tin. Sau thi k ny mt lot cc nghin cu quan trng ca nghnh mt m hc c thc hin chng hn nh cc nghin cu v m khi, s ra i ca cc h m mt kha cng khai v ch k in t.
Qua nhiu th k pht trin ca mt m hc ch yu c phc v cho cc mc ch qun s (gin ip, ngoi giao, chin tranh). Mt v d in hnh l 2000 nm trc y hong La m Julius Caesar tng s dng mt thut ton thay th n gin m ngy nay c mang tn ng trong cuc chin tranh Gallic.
Tc phm A manuscript on Deciphering Cryptography Messages ca Abu al-Kindi c vit vo th k th 9 c tm thy ti Istabul vo nm 1987 cho thy nhng nh khoa hc rp l nhng ngi u tin pht trin cc phng php thm m da vo phn tch tn s xut hin ca cc k t i vi cc h m thay th n m (mt phng php c s dng rng ri trong thi k Trung c do n gin v kh hiu qu).
chu u thi k Trung c l mt khong thi gian u m v tm ti ca lch s nn khng c nhiu pht trin mnh v vn ha ni chung v mt m hc ni ring. Mt vi s kin c ghi li bi cc v linh mc nhng ch c Roger Bacon l ngi thc s vit v mt m hc trong tc phm Secret Work of Art and the Nullity of Magic vo gia nhng nm 1200. Vo thi Trung c mt trong nhng ci tn ni ting nht l Chaucer, ngi a ra cc cng trnh nghin cu nghim tc u tin v mt m hc trong cc
6
-
Chng I: Gii thiu
tc phm ca mnh chng hn nh Treatise on the Astrolabe. Trong thi k Trung c phng Ty cun sch ca Blaise De Vegenere (ngi pht minh ra thut ton m ha thay th a m tit) c xem nh l mt tng kt cc kin thc v mt m hc cho ti thi im by gi, bao gm c thut ton thay th a m tit v mt vi s kha t ng.
Blaise De Vegenere cng l tc gi ca h m mang tn ng, h m ny tng c xem l an ton tuyt i v c s dng trong mt thi gian di, tuy nhin Charles Babbages thc hin thm m thnh cng vo nm 1854 nhng iu ny c gi b mt. Mt thut ton thm m c pht hin c lp bi mt nh khoa hc ngi Ph (thuc nc c ngy nay) c tn l Friedrich Kasiski. Tuy vy do vic thiu cc thit b ci tin nn cc bin th ca thut ton m ha ny vn cn c s dng trong nhng nm u ca th k 20 m tiu biu nht l vic thm m thnh cng my in tn Zimmermann ca qun c (mt trong cc s kin tiu biu ca mt m hc) trong th chin th nht v kt qu l s tham gia ca M vo cuc chin.
Vi s xut hin ca cc h thng my tnh c nhn v mng my tnh cc thng tin vn bn ngy cng c lu tr v x l nhiu hn trn cc my tnh do ny sinh yu cu v an ton bo mt i vi cc thng tin c lu tr, x l v truyn gia cc my tnh.
Vo u nhng nm 1970 l s pht trin ca cc thut ton m ha khi u tin: Lucipher v DES. DES sau c mt s pht trin ng dng rc r cho ti u nhng nm 90.
Vo cui nhng nm 1970 chng kin s pht trin ca cc thut ton m ha kha cng khai sau khi Whitfield Diffie v Martin Hellman cng b bi bo New Directions in Cryptography lm nn tng cho s ra i ca cc h m kha cng khai v cc h ch k in t.
Do nhc im ca cc h m mt kha cng khai l chm nn cc h m khi vn tip tc c pht trin vi cc h m khi mi ra i thay th cho DES vo cui th k 20 nh IDEA, AES hoc 3DES (mt ci tin ca DES).
Gn y nht l cc s kin lin quan ti cc hm bm MD5 (mt hm bm thuc h MD do Ron Rivest pht trin) v SHA1. Mt nhm cc nh khoa hc ngi Trung Quc (Xiaoyun Wang, Yiqun Lisa Yin, Hongbo Yu) pht trin cc phng php cho php pht hin ra cc ng ca cc hm bm c s dng rng ri nht trong s cc hm bm ny. y l mt s kin ln i vi ngnh mt m hc do s ng dng rng ri v c th xem l cn quan trng hn bn thn cc h m mt ca cc hm bm. Do s kin ny cc hng vit phn mm ln (nh Microsoft) v cc nh mt m hc khuyn co cc lp trnh vin s dng cc hm bm mnh hn (nh SHA-256, SHA-512) trong cc ng dng.
Bruce Schneier (mt trong nhng nh mt m hc hng u, tc gi ca h m Blowfish) tng ni rng cc hnh thc tn cng i vi cc h m mt ni ring v tn cng i vi cc h thng my tnh ni chung s ngy cng tr nn hon thin hn Attacks always get better; they never get worse. v lch s pht trin ca mt m hc chnh l lch s pht trin ca cc hnh thc tn cng i vi cc h m mt ang c s dng.
7
-
Chng I: Gii thiu
9. Phn loi cc thut ton mt m hc C nhiu cch khc nhau chng ta c th phn loi cc thut ton mt m hc
s c hc trong chng trnh. y chng ta s phn loi cc thut ton mt m hc da vo hai loi tiu ch.
Tiu ch th nht l da vo cc dch v an ton bo mt m cc thut ton cung cp, da vo s lng kha s dng (0, 1, 2) chng ta c cc thut ton m ha sau:
1. Cc thut ton m ha kha b mt tng ng vi cc h m mt kha b mt hay kha i xng SKC (Symmetric Key Cryptosytems), do vai tr ca ngi nhn v ngi gi l nh nhau, c hai u c th m ha v gii m thng ip, nh Caesar, DES, AES Kha s dng cho cc thut ton ny l 1 kha cho c vic m ha v gii m.
2. Cc thut ton m ha kha cng khai tng ng vi cc h m kha cng khai PKC (Public Key Cryptosystems). i khi cc h m ny cn c gi l cc h m kha bt i xng (Asymmetric Key Cryptosytems). Kha s dng cho cc thut ton ny l 2 kha, mt cho vic m ha v mt cho vic gii m, kha m ha c cng khai ha.
3. Cc thut ton to ch k in t (Digital Signature Algorithms). Cc thut ton to ch k in t to thnh cc h ch k in t. Thng thng mi h ch k in t c cng c s l thuyt vi mt h m mt kha cng khai nhng vi cch p dng khc nhau. Trong chng trnh hc chng ta s hc mt s h ch k in t ph bin l RSA, ElGammma
4. Cc hm bm (Hash functions). Cc hm bm l cc thut ton m ha khng kha hoc c kha v thng c s dng trong cc h ch k in t hoc cc h m kha cng khai.
Tiu ch th hai phn loi cc thut ton m ha da trn cch thc x l input ca thut ton (tc l bn r), da trn tiu ch ny chng ta c hai loi thut ton m ha sau:
1. Cc thut ton m ha khi (chng hn nh DES, AES ) x l bn r di cc n v c bn l cc khi c kch thc ging nhau.
2. Cc thut ton m ha dng (RC4 ) coi bn r l mt lung bit, byte lin tc.
10. Mt s ng dng ca mt m hc
Ngy nay kh c th tm thy cc ng dng trn my tnh li khng s dng ti cc thut ton v cc giao thc mt m hc. T cc ng dng cho cc my tnh c nhn (Desktop Applications) cho ti cc chng trnh h thng nh cc h iu hnh (Operating Systems) hoc cc ng dng mng nh Yahoo Messenger hoc cc h c s d liu u c s dng cc thut ton m ha mt khu ngi dng bng mt h m hoc mt hm bm no . c bit vi s pht trin mnh m ca thng mi in t cc m hnh ch k in t ngy cng ng vai tr tch cc cho mt mi trng an ton cho ngi dng. Tuy vy chng ta vn c th chia cc lnh vc ng dng ca mt m hc thnh cc lnh vc nh nh sau:
8
-
Chng I: Gii thiu
Bo mt (Confidentiality): che du ni dung ca cc thng ip c trao i trong mt phin truyn thng hoc giao dch hoc cc thng ip trn mt h thng my tnh (cc file, cc d liu trong mt c s d liu ).
Xc thc ha (Authentication): m bo ngun gc ca mt thng ip, ngi dng.
Ton vn (Integrity): m bo ch c cc t chc c xc thc ha mi c th thay i cc ti sn ca h thng cng nh cc thng tin trn ng truyn.
Dch v khng th chi t (Non-Repudiation): Cc bn c xc thc khng th ph nhn vic tham gia vo mt giao dch hp l.
Ngoi ra cn cc dch v quan trng khc chng hn nh ch k in t, dch v chng thc danh tnh (Identification) cho php thay th hnh thc xc thc ha ngi dng da trn cc mt khu bng cc k thut mnh hn hoc dch v thng mi in t cho php tin hnh cc giao dch an ton trn cc knh truyn thng khng an ton nh Internet.
9
-
Chng II: C s ton hc
CHNG II: C S TON HC
hiu c nhng thut ton s dng trong cc h m mt, trong cc h ch k in t cng nh cc giao thc mt m, chng ta phi c nhng kin thc nn tng c bn v ton hc, l thuyt thng tin c s dng trong mt m hc. Chng ny trnh by nhng khi nim c bn v l thuyt thng tin nh Entropy, tc ca ngn ng (Rate of Language), phc tp ca thut ton, an ton ca thut ton, v mt s kin thc ton hc: ng d s hc (modulo), s nguyn t, nh l phn d trung hoa, nh l Fermat . . . v cc thut ton kim tra s nguyn t. Nhng vn chnh s c trnh by trong chng ny gm :
L thuyt thng tin
L thuyt phc tp
L thuyt s hc.
1. L thuyt thng tin
Nhng khi nim m u ca l thuyt thng tin c a ra ln u tin vo nm 1948 bi Claude Elmwood Shannon (mt nh khoa hc c coi l cha ca l thuyt thng tin). Trong phn ny chng ta ch cp ti mt s ch quan trng ca l thuyt thng tin. 1.1. Entropy
L thuyt thng tin nh ngha khi lng thng tin trong mt thng bo l s bt nh nht cn thit m ho tt c nhng ngha c th ca thng bo .
V d, trng ngay_thang trong mt c s d liu cha khng qu 3 bt thng tin, bi v thng tin ngy c th m ho vi 3 bt d liu:
000 = Sunday
001 = Monday
010 = Tuesday
011 = Wednesday
100 = Thursday
101 = Friday
110 = Saturday
111 is unused
Nu thng tin ny c biu din bi chui k t ASCII tng ng, n s chim nhiu khng gian nh hn, nhng cng khng cha nhiu thng tin hn. Tng t nh trng gioi_tinh ca mt c s d liu ch cha 1 bt thng tin, n c th lu tr nh mt trong hai xu k t ASCII : Nam, N.
Khi lng thng tin trong mt thng bo M o bi Entropy ca thng bo , k hiu l H(M). Entropy ca thng bo gioi_tinh l 1 bt, k hiu H(gioi_tinh) = 1, Entropy ca thng bo s ngy trong tun l nh hn 3 bits.
10
-
Chng II: C s ton hc
Trong trng hp tng qut, Entropy ca mt thng bo l log2n, vi n l s kh nng c th ( ngha) ca thng bo.
1.2. Tc ca ngn ng. (Rate of Language)
i vi mt ngn ng, tc thc t (actual rate) ca ngn ng l:
r = H(M)/N
trong trng hp ny N l di ca thng bo v M l mt thng ip c di N. Tc ca ting Anh bnh thng l 0.28 do mi ch ci ting Anh c 1.3 bit ngha.
Tc tuyt i (absolute rate) ca mt ngn ng l s bits ln nht cn thit m ha cc k t ca ngn ng . Nu c L k t trong mt ngn ng, th tc tuyt i l :
R = log2L
y l s Entropy ln nht ca mi k t n l. i vi ting Anh gm 26 ch ci, tc tuyt i l log226 = 4.7bits/ch ci. S khng c iu g l ngc nhin i vi tt c mi ngi rng thc t tc ca ting Anh nh hn nhiu so vi tc tuyt i, v chng ta vn thy rng i vi mt thng bo bng ting Anh c th loi b mt s ch ci nhng ngi c vn c th hiu c. Hin tng ny c gi l d tha ca ngn ng (Redundancy) t nhin.
Khng ch i vi ting Anh m vi hu ht cc ngn ng t nhin, do cu trc ca ngn ng, do vic s dng ngn ng dn ti c mt s ch ci c s dng vi tn sut khng ng u hoc ch c th xut hin vi mt cu trc no lm cho chng ta vn c th on c ngha ca cc thng bo nu loi b cc ch ci ny.
d tha (Redundancy) ca mt ngn ng k hiu l D v D = R r. i vi ting Anh:
D = 1 - .28 = .72 letters/letter
D = 4.7 1.3 = 3.4 bits/letter
Nh vy mi ch ci c 1.3 bit ngha v 3.4 bit d tha (xp x 72%). 1.3. Tnh an ton ca h thng m ho
Shannon nh ngha rt r rng, t m cc m hnh ton hc nh gi an ton ca cc h m mt s dng. Mc ch ca ngi thm m l pht hin ra kho s dng ca h m (K-Key), bn r (P-PlainText), hoc c hai. Hn na h c th hi lng vi mt vi thng tin c kh nng v bn r P chng hn nh l m thanh dng s, hoc l mt vn bn ting c, hoc l mt bng tnh d liu, v. v . . .
Trong hu ht cc ln thm m, ngi thm m thng c gng thu thp mt s thng tin c kh nng v bn r P trc khi bt u. H c th bit ngn ng c s dng m ho. Ngn ng ny chc chn c s d tha kt hp vi chnh ngn ng . Nu n l mt thng bo gi ti Bob, n c th bt u vi "Dear Bob". on vn bn
H(M) = log2n
11
-
Chng II: C s ton hc
"Dear Bob" s l mt kh nng c th hn l mt chui khng mang ngha g chng hn "tm*h&rf". Mc ch ca vic thm m l sa nhng tp hp kh nng c th c ca bn m (C-CipherText) vi mi kh nng c th ca bn r.
Shannon pht trin l thuyt cho rng, h thng m ho ch an ton tuyt i nu nu s kho c th s dng t nht phi bng s thng bo c th. Hiu theo mt ngha khc, kho ti thiu ca h m phi di bng thng bo ca h m .
Ngoi tr cc h m an ton tuyt i, cc bn m thng cha mt s thng tin ng vi bn r, iu ny l khng th trnh c. Mt thut ton mt m tt gi cho thng tin b tit l mc nh nht v mt ngi thm m gii s khai thc tt nhng thng tin ny pht hin ra bn r.
Ngi thm m s dng s d tha t nhin ca ngn ng lm gim s kh nng c th c ca bn r. Nhiu thng tin d tha ca ngn ng, s d dng hn cho qu trnh thm m. Chnh v l do ny m nhiu m hnh m ha s dng thut ton nn bn r gim kch thc vn bn trc khi m ho chng. V qu trnh nn lm gim s d tha ca thng bo. Entropy ca mt h m mt l kch thc ca khng gian kho (Keyspace).
H(K) = log2(number of keys )
Shannon cng a ra mt khi nim gi l Unicity Distance (k hiu l U) nh gi an ton ca mt h m mt. i vi mt h m mt U ca n l:
U = H(K)/D
y l s nh nht cc bn m cn thit c th tin hnh thm m theo cch th tt c cc kha c th (brute-force attack) thnh cng. Chng hn i vi h m thay th n m (nh Caesar) trn bng ch ci ting Anh ta s c:
H(K)= log226! = 87. D = 3.4 suy ra U = 25.5.
iu ny c ngha l nu chng ta c khong 25 ch ci bn m chng ta ch c th th khp vi mt bn r.
Khi nim Unicity Distance l mt khi nim mang tnh xc sut n cho chng ta bit s lng t nht cc bn m cn c c th xc nh duy nht 1 bn m ch khng phi l s bn m tin hnh thm m (chc chn thnh cng). Nu chng ta c s bn m t hn s U th khng th ni l d on (php th) ca chng ta l ng. Da vo cng thc ny chng ta thy nu nh d tha ca ngn ng cng gn 0 th cng kh thm m mc d c th l mt h m rt n gin. Cng da vo cng thc ny suy ra tng tnh an ton ca h m c th tng khng gian kha ca n. 1.4. K thut ln xn v rm r (Confusion and Diffusion)
Theo Shannon, c hai k thut c bn che du s d tha thng tin trong thng bo gc, l: s ln xn v s rm r.
K thut ln xn (Confusion): che du mi quan h gia bn r v bn gc. K thut ny lm tht bi cc c gng nghin cu bn m tm kim thng tin d tha v thng k mu. Phng php d nht thc hin iu ny l thng qua k thut thay th. Mt h m ho thay th n gin, chng hn h m dch vng Caesar, da trn nn
12
-
Chng II: C s ton hc
tng ca s thay th cc ch ci ca bn r, ngha l ch ci ny c thay th bng ch ci khc
K thut rm r (Diffusion): lm mt i s d tha ca bn r bng cch tng s ph bn m vo bn r (v kha). Cng vic tm kim s d tha ca ngi thm m s rt mt thi gian v phc tp. Cch n gin nht to ra s rm r l thng qua vic i ch (hay cn gi l k thut hon v).
Thng thng cc h m hin i thng kt hp c hai k thut thay th v hon v to ra cc thut ton m ha c an ton cao hn.
2. L thuyt phc tp
L thuyt phc tp cung cp mt phng php phn tch phc tp tnh ton ca thut ton v cc k thut m ho khc nhau. N so snh cc thut ton m ho, k thut v pht hin ra an ton ca cc thut ton . L thuyt thng tin cho chng ta bit rng mt thut ton m ho c th b bi l. Cn l thuyt phc tp cho bit kh nng b thm m ca mt h m mt.
phc tp thi gian ca thut ton l mt hm ca kch thc d liu input ca thut ton . Thut ton c phc tp thi gian f(n) i vi mi n v kch thc input n, ngha l s bc thc hin ca thut ton ln hn f(n) bc.
phc tp thi gian thut ton ph thuc vo m hnh ca cc thut ton, s cc bc nh hn nu cc hot ng c tp trung trong mt bc (chng hn nh cc vng lp, cc li gi hm ).
Cc lp ca thut ton, vi phc tp thi gian l mt hm m i vi kch thc input c coi l "khng c kh nng thc hin". Cc thut ton c phc tp ging nhau c phn loi vo trong cc lp tng ng. V d tt c cc thut ton c phc tp l n3 c phn vo trong lp n3 v k hiu bi O(n3). C hai lp tng qut s c l lp P (Polynomial) v lp NP (NonPolynomial).
Cc thut ton thuc lp P c phc tp l hm a thc ca kch thc input. Nu mi bc tip theo ca thut ton l duy nht th thut ton gi l n nh. Tt c thut ton thuc lp P n nh c thi gian gii hn l P_time, iu ny cho bit chng s thc hin trong thi gian a thc, tng ng vi phc tp a thc ca kch thc input.
Thut ton m bc tip theo vic tnh ton phi la chn gii php t nhng gii hn gi tr ca hot ng gi l khng n nh. L thuyt phc tp s dng cc my c bit m t c im bng cch a ra kt lun bi cc chun. My Turing l mt my c bit, my hot ng trong thi gian ri rc, ti mt thi im n nm trong khong trng thi y s ca tt c cc trng thi c th l hu hn. Chng ta c th nh ngha hm phc tp thi gian kt hp vi my Turing A.
fA(n) = max{m/A kt thc sau m bc vi u vo w = n3 }
y chng ta gi s rng A l trng thi kt thc i vi tt c cc u vo, vn s tr nn kh khn hn nu cc trng thi khng nm trong P . My Turing khng n nh hot ng vi thut ton NP. My Turing khng n nh c th c mt vi trng
13
-
Chng II: C s ton hc
thi chnh xc. S(w) l trng thi o s thnh cng ngn nht ca thut ton, (Ngha l s tnh ton dn n trng thi cui cng)
Hm s phc tp thi gian ca my Turing khng n nh A c nh ngha :
fA(n)=max{1,m/s(w) c m bc i vi w/w=n}
mi bc my Turing khng n nh b tr nhiu bn sao ca chnh n nh c mt vi gii php v tnh ton c lp vi mi li gii.
Cc thut ton thuc lp NP l khng n nh v c th tnh ton trn my Turing khng n nh trong thi gian P.
Tuy nhin khng phi thut ton m ha cng c phc tp ln th h m mt s dng thut ton s cng an ton theo nh pht biu ca lut Kierchoff.
Vy c th nh gi an ton ca mt h m mt nh th no? Vn ny c Claude Shannon tr li vi cc khi nim v an ton ca cc h m mt trong mt bi bo c tiu L thuyt thng tin ca cc h thng bo mt (1949). 2.1. an ton tnh ton
nh ngha:
Mt h mt c gi l an ton v mt tnh ton nu c mt thut ton tt nht ph n th cn t nht N php ton, vi N l mt s rt ln no . [10]
Tuy nhin trong thc t, khng c mt h mt no chng t l an ton theo nh ngha trn. V vy, trn thc t, ngi ta gi h mt l an ton tnh ton nu c mt thut ton ph n nhng i hi thi gian ln n mc khng chp nhn c (thut ton c phc tp hm m hoc thuc lp cc bi ton c phc tp NP).
Mt cch tip cn khc v an ton tnh ton l quy n v mt bi ton c nghin cu k v c coi l kh. V d nh bi ton phn tch ra tha s nguyn t ca mt s n cho trc c coi l bi ton kh vi n ln, v vy ta c th coi mt h mt da trn bi ton phn tch ra tha s nguyn t l an ton (tt nhin y ch l an ton da vo chng minh mt bi ton khc ch khng phi chng minh hon chnh v an ton ca h mt). 2.2. an ton khng iu kin
nh ngha 1:
Mt h mt c coi l an ton khng iu kin khi n khng th b ph ngay c vi kh nng tnh ton khng hn ch. [10]
R rng l an ton khng iu kin khng th nghin cu theo quan im phc tp tnh ton v thi gian tnh ton l khng hn ch. V vy, y l thuyt xc sut s c cp nghin cu v an ton khng iu kin.
nh ngha 2:
Gi s bin X v Y l cc bin ngu nhin. K hiu xc sut X nhn gi tr x l p(x) v Y nhn gi tr y l p(y). Xc sut ng thi p(x, y) l xc sut ng thi X nhn gi tr x v Y nhn gi tr y. Xc sut c iu kin p(x/y) l xc sut X nhn gi tr
14
-
Chng II: C s ton hc
x vi iu kin Y nhn gi tr y. Cc bin X v Y c gi l c lp nu p(x, y) = p(x)p(y) vi mi gi tr c th c ca X v Y.
nh l Bayes:
Nu p(y) 0 th ta c:
( ) ( / )( / )( )
p x p y xp x yp y
=
H qu:
X, Y l bin c lp khi v ch khi p(x/y) = p(x) vi mi x, y. [5]
y, ta gi thit rng mt kho c th ch c dng cho mt bn m. K hiu xc sut tin nghim bn r xut hin l pp(x). Cng gi thit rng kho K c chn theo mt phn b xc sut no (thng thng kho K c chn ngu nhin nn cc kho s ng kh nng). K hiu xc sut kho K c chn l pk(K).
Gi thit rng kho K v bn r x l cc bin c lp. Hai phn b xc sut trn P v K s to ra mt phn b xc sut trn C . K hiu C(K) l tp cc bn m c th nu K l kho.
C (K) = { eK(x): xP }
Khi vi mi yC, ta c:
C, ( )
( ) ( ). ( ( ))K p KK y C K
p y p K p d y
=
V xc sut c iu kin pC(y/x) l xc sut y l bn m vi iu kin bn r l x c tnh theo cng thc sau:
=
=)(,
)()/(ydxK
KCK
Kpxyp
By gi ta c th tnh xc sut c iu kin pP(x/y) l xc sut x l bn r khi bn m l y theo nh l Bayes:
, ( )C
, ( )
( ) ( )( ) ( / )( / )
( ) ( ) ( ( ))K
P KK x d yP
PC K P K
K y C K
p x p Kp x p y xp x y
p y p K p d y=
= =
Lc ny, ta c th nh ngha khi nim v mt hon thin. Ni mt cch khng hnh thc, mt hon thin ngha l i phng vi bn m trong tay cng khng th thu nhn c thng tin g v bn r. Tuy nhin ta s nu nh ngha chnh xc v mt hon thin nh sau:
nh ngha:
Mt h mt hon thin nu pP(x/y) = pP(x) vi mi xP v mi yC. Tc l xc sut hu nghim thu c bn r l x vi iu kin thu c bn m l y ng nht vi xc sut tin nghim bn r l x. [5]
15
-
Chng II: C s ton hc
Hay ni cch khc, mt hon thin cng tng ng vi pC(y/x)= pC(y)).
nh l Shannon:
Gi s (P, C, K, E, D) l mt h mt, khi h mt t c mt hon thin khi v ch khi |K| |C|. Trong trng hp |K| = |C| = |P|, h mt t mt hon thin khi v ch khi mi kho K c dng vi xc sut bng nhau, bng 1/|K| v vi mi xP, mi yC c mt kho K duy nht sao cho eK(x) = y. [5]
Nh vy ta thy t hon thin i hi kho phi rt di, do vy rt kh khn trong vic chuyn giao kho gia hai bn truyn tin. V vy trong thc t, chng ta khng th c an ton khng iu kin m chng ta ch cn an ton thc t, tc l ph thuc vo thng tin v thi gian cn bo mt bng cch s dng cc h mt khc nhau vi bo mt khc nhau. 3.3. H mt tch
Mt tng khc c Shannon a ra l tng to ra cc h mt mi da trn cc h mt c bng cch to tch ca chng. y l mt tng quan trng trong vic thit k cc h mt hin i ngy nay.
n gin, y chng ta ch xt cc h mt trong C = P, cc h mt loi ny gi l t ng cu. Gi s S1 = (P, C, K1, E1, D1) v S2 = (P, C, K2, E2, D2) l cc h mt t ng cu c cng khng gian bn r v bn m. Khi h mt tch c nh ngha l h mt S = (P, C, K1K2 ,E ,D). Kho ca h mt tch K = (K1, K2) trong K1 K1, K2 K2. Cc hm m ho v gii m c xc nh nh sau:
))(()(1221 ),(
xeexe KKKK =
))(()(2121 ),(
xedxd KKKK =
Nu chng ta ly tch ca S vi chnh n, ta c h mt (SS) (k hiu S2). Nu ly tch n ln th kt qu l Sn. Ta gi Sn l mt h mt lp. Nu S2 = S th ta gi h mt l lu ng. Nu S l lu ng th khng nn ly tch lp v bo mt khng tng ln m khng gian kho li ln hn. ng nhin nu S khng lu ng th ta c th lp li S nhiu ln tng bo mt. y ny sinh mt vn l lm th no c mt h mt khng lu ng?
Ta bit rng nu S1 v S2 l lu ng v giao hon th S1S2 cng lu ng, n gin v:
(S1S2)(S1S2) = S1(S2S1)S2
= S1(S1S2)S2
= (S1S1)(S2S2)
= (S1S2)
Vy nu mun (S1S2) khng lu ng th cn phi c S1 v S2 khng giao hon. iu ny c th d dng thc hin bng cch ly tch ca mt h mt theo kiu thay th v mt h mt theo kiu hon v. y l k thut c dng thit k cc h m hin i nh m DES.
16
-
Chng II: C s ton hc
3. L thuyt ton hc 3.1. Modulo s hc
V c bn a b(mod n) nu a = b+kn trong k l mt s nguyn. Nu a v b dng v a nh hn n, chng ta c th gi a l phn d ca b khi chia cho n. Ni chung a v b u l phn d khi chia cho n. Ngi ta cn g b l thng d ca a theo modulo n, v a l ng d ca b theo modulo n.
Modulo s hc cng ging nh s hc bnh thng, bao gm cc php giao hon, kt hp v phn phi. Mt khc gim mi gi tr trung gian trong sut qu trnh tnh ton.
(a+b) mod n = ((a mod n) + (b mod n)) mod n
(a- b) mod n = ((a mod n) - (b mod n)) mod n
(ab) mod n = ((a mod n) (b mod n)) mod n
(a(b + c)) mod n = (((a b) mod n) + ((a c) mod n)) mod n
Cc php tnh trong cc h m mt hu ht u thc hin i vi mt modulo N no . 3.2. S nguyn t
S nguyn t l mt s ln hn 1, nhng ch chia ht cho 1 v chnh n, ngoi ra khng cn s no n c th chia ht na. S 2 l mt s nguyn t u tin v l s nguyn t chn duy nht. Do vy 7, 17, 53, 73, 2521, 2365347734339 cng l s nguyn t. S lng s nguyn t l v tn. H mt m thng s dng s nguyn t ln c 512 bits v thm ch ln hn nh vy. 3.3. c s chung ln nht
Hai s a v n c gi l hai s nguyn t cng nhau nu chng khng c tha s chung no khc 1, hay ni mt cch khc, nu c s chung ln nht ca a v n l bng 1. Chng ta c th vit nh sau :
GCD(a,n)=1, (GCD-Greatest Common Divisor)
S 15 v 28 l hai s nguyn t cng nhau, nhng 15 v 27 th khng phi l hai s nguyn t cng nhau do c c s chung l 1 v 3, d dng thy 13 v 500 cng l mt cp s nguyn t cng nhau. Mt s nguyn t s l nguyn t cng nhau vi tt c cc s nguyn khc tr cc bi s ca n.
Mt cch d nht tnh ton ra c s chung ln nht ca hai s l nh vo thut ton Euclid. Knuth m t thut ton v mt vi m hnh ca thut ton c sa i.
Di y l on m ngun trong ngn ng C:
/* Thut ton tm c s chung ln nht ca x v y, gi s x,y>0 */
int gcd(int x, int y)
{
int g;
if(x
-
Chng II: C s ton hc
x=-x;
if(y0){
g=x;
x=y%x;
y=g;
}
return g;
} 3.4. Vnh ZN (vnh ng d module N)
Tp cc s nguyn ZN = {0, 1, , N-1} trong N l mt s t nhin dng vi hai php ton cng (+) v nhn (.) c nh ngha nh sau to thnh mt vnh ng d modulo N (hay cn gi l tp thng d y theo modulo N):
Php cng:
a, b ZN: a+b = (a+b) mod N.
Php nhn:
a, b ZN: a . b = (a * b) mod N.
Theo tnh cht ca modulo s hc chng ta d dng nhn thy ZN l mt vnh giao hon v kt hp. Hu ht cc tnh ton trong cc h m mt u c thc hin trn mt vnh ZN no .
Trn vnh ZN s 0 l phn t trung ha v a + 0 = 0 + a = a, a ZN, s 1 c gi l phn t n v v a . 1 = 1 . a = a a ZN. 3.5. Phn t nghch o
Trn trng s thc R, s nghch o ca 5 l 1/5, bi v 5 1/5=1. Cn trn mt vnh s nguyn ZN ngi ta a ra khi nim v s nghch o ca mt s nh sau:
Gi s a ZN v tn ti b ZN sao cho a.b = (a*b) mod N = 1. Khi b c gi l phn t nghch o ca a trn ZN v k hiu l a-1 = b.
Vic tm phn t nghch o ca mt s a ZN cho trc thc cht tng ng vi vic tm hai s b v k sao cho: a.b = k.N + 1 trong b, k ZN. Hay vit gn li l:
a-1 b (mod N )
nh l v s tn ti ca phn t nghch o: Nu GCD(a, N) = 1 th tn ti duy nht 1 s b ZN l phn t nghch o ca a, ngha l tha mn a.b = (a*b) mod N = 1.
18
-
Chng II: C s ton hc
3.6. Hm phi le
Vi mi s nguyn N, gi tr ca hm phi le ca N l tng s tt c cc s nguyn ZN v nguyn t cng nhau vi N. Chng hn nu P l mt s nguyn th gi tr hm phi le ca P: (P) = P 1 hoc nu N = p*q trong p v q l hai s nguyn t th (N) = (p-1)*(q-1).
Trong trng hp tng qut nu dng phn tch ra tha s nguyn t ca N l:
1 21 2 ... kkN p p p
= trong pi l cc s nguyn t cn i l cc s nguyn dng th gi tr ca hm
phi le c tnh nh sau:
1 2 11 11 1 2 2( ) ( 1) ( 1) ...( 1) kk kN p p p p p p
=
Lin quan ti khi nim v hm phi le chng ta c nh l le pht biu nh sau:
a Z*N = ZN {0} v GCD(a, N) = 1 ta c ( ) 1(mod )Na N . C ngha l
( )Na chnh l gi tr nghch o ca a trn ZN. Mt trng hp ring ca nh l le chnh l nh l Fermat nh: Nu P l mt s
nguyn t th a Z*P ta c 1 1(mod )Pa P . y l mt trong nhng nh l p nht
ca s hc.
Vi mi s nguyn N vnh Z*N gm cc phn t thuc ZN v nguyn t cng nhau vi N, hay ni cch khc: Z*N = {x: xZN, (x, N) = 1} = {x: xZN, ( ) 1Nx = }.
Vi mi phn t a ZN, bc t ca a (k hiu l ord(a)) l s nh nht sao cho: at = 1. Theo nh l le ta suy ra (N) chia ht cho t.
C th vi N = 21 ta c bng sau:
aZ*21 1 2 4 5 8 10 11 13 16 17 19 20
Ord(a) 1 6 3 6 2 6 6 2 3 6 6 2
Bng 2.1: Bng bc ca cc phn t trn Z*21
Nu bc ca a Z*N bng (N) th a c gi l phn t sinh hay phn t nguyn thy ca tp Z*N. V nu tp Z*N ch c mt phn t sinh th n c gi l mt cyclic. 3.7. Thng d bc hai
Gi s a Z*N, khi a c gi l thng d bc 2 theo modulo N nu tn ti x Z*N sao cho x2 = a (mod N). Tp cc phn t thng d theo modulo N c k hiu l QN, tp cc phn t khng thng d theo modulo N c gi l bt thng d theo modulo N
v k hiu l NQ .
19
-
Chng II: C s ton hc
nh l: nu p l mt s nguyn t l v l mt phn t sinh ca Z*N, khi a l mt thng d bc 2 theo modulo N khi v ch khi a = i mod p, trong i l s nguyn l.
T nh l ny suy ra ( 1) / 2 NNQ p Q= = .
V d vi p = 13, = 6 Z13 ta c bng sau:
i 0 1 2 3 4 5 6 7 8 9 10 11
i mod 13 1 6 10 8 9 2 12 7 3 5 4 11
Bng 2.2: Bng ly tha trn Z13
Do Q13 = {1, 3, 4, 9, 10, 12} v 13Q = {2, 5, 6, 7, 8, 11}.
Vi a QN. Nu x Z*N tha mn x2 = a (mod N) th a c gi l cn bc hai ca x theo modulo N. 3.8. Thut ton ly tha nhanh
c th tm phn t nghch o ca mt s nguyn a trn mt vnh ZN cho trc chng ta c th s dng nh l le tnh gi tr ly tha ca a vi s m l gi tr hm phi le ca N. Tuy nhin c th nhanh chng tnh c gi tr ly tha ny chng ta cn c mt thut ton hiu qu v mt trong cc thut ton (cn nhiu thut ton khc phc tp hn) l thut ton ly tha nhanh. Thut ton ny do Chivers a ra vo nm 1984. Cc bc ca thut ton nh sau:
Input: a, m, N.
Output: am mod N.
Begin
Phn tch m thnh dng nh phn m = bkbk-1b0.
j = 0, kq = a;
while (k>=j)
{
if (bj==1)
kq = (kq * a) mod N;
a = (a * a) mod N;
j = j + 1;
}
return kq;
end
Mt ci t khc bng ngn ng C nh sau:
long modexp(long a, long x, long n)
{
20
-
Chng II: C s ton hc
long r = 1;
while (x > 0){
if (x % 2 == 1) /* is x odd? */
r = (r * a) % n;
a = (a*a) % n;
x /= 2;
}
return r;
}
Thut ton ny chy khng qu log2(m+1) bc. 3.9. Thut ton clit m rng
Trong phn 3.3 chng ta bit thut ton clit c dng tm c s chung ln nht ca hai s nguyn v trong phn 3.7 chng ta bit cch tm mt phn t nghch o ca mt s bng cch s dng thut ton ly tha nhanh tuy nhin vn c mt thut ton hiu qu khc tm phn t nghch o gi l thut tan clit m rng (do da trn thut ton clit). Cc bc ca thut ton nh sau:
input: a, N vi GCD(a, N) = 1
output: a-1
begin
g0=n, g1 = a, u0 = 1, u1 = 0, v0 = 0, v1 = 1, i = 1;
while (gi 0 )
{
y = gi-1 div gi;
gi+1 = gi-1 y*gi;
ui+1 = ui-1 y*ui;
vi+1 = vi-1 v*ui;
i = i + 1;
}
x = vi-1;
if(x>0) then
return x;
else
return (N+x);
end;
21
-
Chng II: C s ton hc
3.10. Phng trnh ng d bc nht 1 n
Phng trnh ng d bc nht 1 n l phng trnh c dng:
ax b (mod N) trong a, b ZN l cc h s cn x l n s.
Nu nh GCD(a, N) = 1 chng ta c th tm a-1 sau nhn vo 2 v ca phng trnh v tm ra nghim mt cch d dng tuy nhin nu g = GCD(a, N) l mt gi tr khc 1 th sao? Khi bi ton c th v nghim hoc c nhiu nghim. Chng ta xt nh l sau:
Gi s g = GCD(a, N) v nu b chia ht cho g th phng trnh ng d bc nht 1 n:
ax b (mod N)
s c g nghim c dng
x ((b/g)x0 + t(n/g)) (mod N) trong t = 0, , g-1,
v x0 l nghim ca phng trnh (a/g)x 1 (mod N/g). 3.11. nh l phn d Trung Hoa.
nh l phn d Trung Hoa l mt nh l quan trng ca s hc c cc nh ton hc Trung Quc khm ph ra vo th k th nht. nh l pht biu nh sau:
Nu d1, d2, , dk l cc s nguyn i mt nguyn t cng nhau v N = d1d2dk th h phng trnh ng d:
x xi (mod di), i=1, 2, , k
s c mt nghim thuc vo ZN. Nghim ca h c tnh theo cng thc sau:
1( / ) (mod )
k
i i ii
x N d y x N=
= trong yi l cc nghim ca cc phng trnh ng d (N/di) yi 1(mod di).
Di y l on m nh l phn d trung hoa trong ngn ng C :
int chinese_remainder(int r, int *m, int *u)
{
int i;
int modulus;
int n;
modulus = 1;
for ( i=0; i
-
Chng II: C s ton hc
{
n+=u[i]*modexp(modulus/m[i],totient(m[i]),m[i]);
n%=modulus;
}
return n;
}
4. Cc thut ton kim tra s nguyn t. Hm mt pha (one-way functions) l mt khi nim c bn ca m ho cng
khai. Vic nhn hai s nguyn t l mt v d v hm mt pha, nhn cc s nguyn t ln to thnh mt hp s l d, nhng cng vic ngc li phn tch mt s nguyn ln thnh dng tha s nguyn t li l mt bi ton kh (cha c mt thut ton tt).
Cc thut ton m ho kha cng khai u cn phi s dng cc s nguyn t. C mt s phng php sinh ra s nguyn t v hu ht chng u da trn cc thut ton kim tra tnh nguyn t ca mt s nguyn. Tuy nhin c mt s vn c t ra i vi s nguyn t nh sau
Trong mt h thng c th m bo hai ngi dng s c s dng hai s nguyn t khc nhau hay khng? Cu tr li l c th v c ti 10150 s nguyn t c di 512 bits hoc nh hn.
Kh nng hai ngi dng s la chn cng mt s nguyn t l bao nhiu. Vi s la chn t 10150 s nguyn t, iu k xy ra vi xc xut nh hn so vi s t bc chy ca my tnh.
Cc loi thut ton kim tra s nguyn t c chia lm hai loi: thut ton tt nh v thut ton xc sut. Cc thut ton tt nh cho chng ta bit chnh xc cu tr li mt s nguyn c phi l mt s nguyn t hay khng cn mt thut ton xc sut cho bit xc sut ca mt s nguyn l mt s nguyn t l bao nhiu. Trong phn ny s trnh by mt s thut ton kim tra s nguyn t ph bin. 4.1. Mt s k hiu ton hc
4.1.1. K hiu Lagrng (Legendre Symbol) K hiu L(a,p) c nh ngha vi a l mt s nguyn v p l mt s nguyn t ln
hn 2. N nhn ba gi tr 0, 1, -1 :
L(a,p) = 0 nu a chia ht cho p.
L(a,p) = 1 nu a QN (a l thng d bc 2 modulo p).
L(a,p) = -1 nu a NQ (a khng l thng d bc 2 modulo p).
Mt phng php d dng tnh ton ra L(a,p) l :
L(a,p) = a (p-1)/2 mod p
23
-
Chng II: C s ton hc
4.1.2. K hiu Jacobi (Jacobi Symbol) K hiu Jacobi c vit l J(a,n), n l s khi qut ho ca k hiu Lagrng, n
nh ngha cho bt k cp s nguyn a v n no. K hiu Jacobi l mt chc nng trn tp hp s thng d thp ca c s n v c th tnh ton theo cng thc sau:
Nu n l s nguyn t, th J(a,n) = 1 nu a l thng d bc hai modulo n .
Nu n l s nguyn t, th J(a,n) = -1 nu a khng l thng d bc hai modulo n .
Nu n khng phi l s nguyn t th Jacobi(a,n) s c tnh theo cng thc sau:
J(a,n)=J(h,p1) J(h,p2) . . . J(h,pm)
vi p1,p2. . .,pm l cc tha s ln nht ca n.
Thut ton ny tnh ra s Jacobi tun hon theo cng thc sau :
1. J(1,k) = 1
2. J(ab,k) = J(a,k) J(b,k)
3. J(2,k) =1 Nu (k2-1)/8 l chia ht v J(2,k) = -1 trong cc trng hp khc.
4. J(b,a) = J((b mod a),a)
5. Nu GCD(a,b)=1 :
a. J(a,b) J(b,a) = 1 nu (a-1)(b-1)/4 l chia ht.
b. J(a,b) J(b,a) = -1 nu (a-1)(b-1)/4 l cn d.
Sau y l thut ton trong ngn ng C :
int jacobi(int a,int b)
{
int a1,a2;
if(a>=b)
a%=b;
if(a==0)
return 0;
if(a==1)
return 1;
if(a==2)
if(((b*b-1)/8)%2==0)
return 1;
else
return -1;
24
-
Chng II: C s ton hc
if(a&b&1) (c a v b u l s d)
if(((a-1)*(b-1)/4)%2==0)
return +jacobi(b,a);
else
return -jacobi(b,a);
if(gcd(a,b)==1)
if(((a-1)*(b-1)/4)%2==0)
return +jacobi(b,a);
else
return -jacobi(b,a);
return jacobi(a1,b) * jacobi(a2,b);
}
Trn thc t c th tnh c k hiu Jacobi mt cch thun li hn nu da vo 1 trong cc tnh cht sau, gi s m, n l cc s nguyn l, a, b Z:
(i) J(a*b, n) = J(a, n) * J(b, n) do J(a2, n) = 1.
(ii) J(a, m*n) = J(a, m) * J(a, n).
(iii) nu a b (mod n) th J(a, n) = J(b, n).
(iv) J(1, n) = 1.
(v) J(-1, n) = (-1)(n-1)/2
(vi) J(m, n) = J(n, m) * (-1)(m-1)*(n-1)/4
4.2. Thut ton Soloway-Strassen
Soloway v Strassen pht trin thut ton c th kim tra s nguyn t. Thut ton ny s dng hm Jacobi.
Thut ton kim tra s p l s nguyn t:
1. Chn ngu nhin mt s a nh hn p.
2. Nu c s chung ln nht gcd(a,p) 1 th p l hp s.
3. Tnh j = a(p-1)/2 mod p.
4. Tnh s Jacobi J(a,p).
5. Nu j J(a,p), th p khng phi l s nguyn t.
6. Nu j = J(a,p) th ni p c th l s nguyn t vi chc chn 50%.
Lp li cc bc ny n ln, mi ln vi mt gi tr ngu nhin khc nhau ca a. Phn d ca hp s vi n php th l khng qu 2n.
Thc t khi thc hin chng trnh, thut ton chy vi tc kh nhanh.
25
-
Chng II: C s ton hc
4.3. Thut ton Rabin-Miller
Thut ton ny c pht trin bi Rabin, da trn mt phn tng ca Miller. Thc t nhng phin bn ca thut ton c gii thiu ti NIST. (National Institute of Standards and Technology).
u tin l chn ngu nhin mt s p kim tra. Vit p di dng p = 1+2bm trong m l mt s l.
Sau y l thut ton :
1. Chn mt s ngu nhin a, v gi s a nh hn p.
2. t j=0 v z=am mod p.
3. Nu z=1, hoc z=p-1 th p qua bc kim tra v c th l s nguyn t.
4. Nu j > 0 v z=1 th p khng phi l s nguyn t.
5. t j = j+1. Nu j < b v z p-1 th t z=z2 mod p v tr li bc 4.
6. Nu j = b v z p-1, th p khng phi l s nguyn t. 4.4. Thut ton Lehmann.
Mt phng php n gin hn kim tra s nguyn t c pht trin c lp bi Lehmann. Sau y l thut ton vi s bc lp l 100.
1. Chn ngu nhin mt s n kim tra.
2. Chc chn rng n khng chia ht cho cc s nguyn t nh nh 2,3,5,7 v 11.
3. Chn ngu nhin 100 s a1, a2, . . . , a100 gia 1 v n-1.
4. Tnh ai(n-1)/2 (mod n) cho tt c ai = a1. . . a100 . Dng li nu bn tm thy ai sao cho php kim tra l sai.
5. Nu ai(n-1)/2 = 1 (mod n) vi mi i, th n c th l hp s.
Nu ai(n-1)/2 1 hoc -1 (mod n) vi i bt k, th n l hp s.
Nu ai(n-1)/2 = 1 hoc -1 (mod n) vi mi i 1, th n l s nguyn t.
5. Bi tp Bi tp 2.1: hy tnh 1753 mod 29, hi cn dng t nht l bao nhiu php nhn
tm ra kt qu.
Bi tp 2.2: Tnh 876611 mod 899.
S dng mt trong cc ngn ng lp trnh C, C++, Java hoc C# lm cc bi tp sau:
Bi tp 2.3: Vit chng trnh ci t thut ton tm phn t nghch o.
Bi tp 2.4: Vit chng trnh ci t thut ton ly tha nhanh.
Bi tp 2.5: Vit chng trnh gii h phng trnh ng d bc nht hai n.
Bi tp 2.6: Vit chng trnh ci t thut ton kim tra s nguyn t vi input l mt s nguyn nh hn 2000000000.
26
-
Chng II: C s ton hc
Bi tp 2.7: Vit chng trnh ci t th vin s nguyn ln vi cc thao tc tnh ton c bn: nhn, chia, cng tr, ly modulo.
Bi tp 2.8: S dng th vin s ln ( bi tp 2.5 hoc mt th vin m ngun m) ci t cc thut ton kim tra s nguyn t c trnh by trong phn 4 ca chng 2.
27
-
Chng III: Cc h m kha b mt
CHNG III: CC H M KHA B MT
1. Cc h m c in 1.1. H m ho thay th (substitution cipher)
H m ho thay th l h m ho trong mi k t ca bn r c thay th bng k t khc trong bn m (c th l mt ch ci, mt s hoc mt k hiu).
C 4 k thut thay th sau y:
1. Thay th n (A simple substitution cipher): l h trong mt k t ca bn r c thay bng mt k t tng ng trong bn m. Mt nh x 1-1 t bn r ti bn m c s dng m ho ton b thng ip.
2. Thay th ng m (A homophonic substitution cipher): ging nh h thng m ho thay th n, ngoi tr mt k t ca bn r c th c nh x ti mt trong s mt vi k t ca bn m: s nh x 1-n (one-to-many). V d, A c th tng ng vi 5, 13, 25, hoc 56, B c th tng ng vi 7, 19, 31, hoc 42, v.v.
3. Thay th a mu t (A polyalphbetic substitution cipher): c to nn t nhiu thut ton m ho thay th n. nh x 1-1 nh trong trng hp thay th n, nhng c th thay i trong phm vi mt thng ip. V d, c th c nm thut ton m ho n khc nhau c s dng; c bit thut ton m ho n c s dng thay i theo v tr ca mi k t trong bn r.
4. Thay th a s (A polygram substitution cipher): l thut ton trong cc khi k t c m ho theo nhm. y l thut ton tng qut nht, cho php thay th cc nhm k t ca vn bn gc. V d, ABA c th tng ng vi RTQ, ABB c th tng ng vi SLL, v.v.
1.2. H m Caesar
H m Caesar l mt h m ho thay th n m lm vic trn bng ch ci ting Anh 26 k t (A, B, ... , Z). y l h m c in v n gin nht tng c dng trong thc t bi hong La m Caesar nn c t theo tn ca v hong ny.
Khng gian cc bn r P l cc thng ip c to t bng ch ci A ( tin trnh by chng ta xem y l mt bng ch ci tng qut). Tng t khng gian cc bn m C P. Gi s s phn t ca bng ch ci |A| = N.
m ha ngi ta nh s cc ch ci t 0 ti N-1. Khng gian kha K = ZN. Vi mi kha K K hm m ha v gii m mt k t c s th t l i s c thc hin nh sau:
M ha: EK(i) = (i + k) mod N.
Gii m: DK(i) = (i k) mod N.
H m Caesar vi bng ch ci ting Anh s c N = 26 ch ci, bng ch ci c nh s nh sau:
28
-
Chng III: Cc h m kha b mt
A B C D ... L M N ... W X Y Z
0 1 2 3 ... 11 12 13 ... 22 23 23 25
Bng 3.1: Bng nh s cc ch ci ting Anh Cc php tnh ton s hc c thc hin trn vnh Z26, s kha c th s dng
l 26 nhng trn thc t ch c 25 kha c ch.
V d: vi k=3 (trng hp c hong Caesar s dng), k t A c
thay bng D, B c thay bng E, ... , W c thay bng Z, ... , X c thay bng A, Y
c thay bng B, v Z c thay bng C.
Bng ch ci gc:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Bng ch ci dng m ho:
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Do chng hn xu ANGLES s c m ha thnh DQJOHV.
H m Caesar s dng phng php thay th n m nn c hin tng gi l
ph thuc tn sut xut hin ca ngn ng t nhin. Trong ngn ng t nhin mt s ch
ci xut hin nhiu hn so vi cc ch ci khc (chng hn trong ting Anh cc ch ci
xut hin nhiu l e, t, i, h ) nn cc ch ci dng thay th cho chng cng xut hin
nhiu. iu ny c th dn ti h qu l ngi thm m c th s dng phng php th
thay th cc k t xut hin nhiu trong bn m bng cc k t xut hin nhiu trn cc
vn bn thc t.
Trn thc t h m Caesar c s kha t nn hon ton c th thm m bng
cch th tt c cc kha c th (kiu tn cng Brute force).
1.3. H m Affine
Khng gian cc bn r v bn m ca h m l cc xu c hnh thnh t mt bng ch ci A, gi s |A| = N. Khi khng gian kha ca h m c xc nh nh sau:
K = { (a, b): a, b ZN, (a, N) = 1}
m ha ngi ta nh s cc ch ci ca bng ch ci t 0 ti N 1 v tin hnh m ha, gii m tng k t (thay th) theo cc cng thc sau:
M ha:
EK(x) = (a*x + b) mod N. K t bn r c s th t l x s c chuyn thnh k t c s th t l (a*x+b) mod N trong bng ch ci.
gii m ta cn tm a-1 (do (a, N) = 1 nn lun tm c) v tin hnh cng thc gii m sau:
29
-
Chng III: Cc h m kha b mt
DK(y) = a*(y - b) mod N. K t bn m c s th t l y s c thay th bng k t c s th t l a*(y - b) mod N trong bng ch ci.
C th thy rng i vi mt h m Affine th s kha c th s dng s l:
|K| = (N) * N. V d vi N = 26 tng ng vi bng ch ci ting Anh chng ta s c (26) * 26 = 12 * 26 = 312 kha. Con s ny l tng i nh. 1.4. H m Vigenere
H m ny c t theo tn ca mt nh mt m hc ngi Php Blaise de Vigenre (1523-1596).
i vi h m ny khng gian cc bn m v bn r cng l cc thng ip c to thnh t mt bng ch ci A nh trong h m Caesar, cc ch ci c anh s t 0 ti N-1 trong N l s phn t ca bng ch ci.
Khng gian kha K c xc nh nh sau:
Vi mi s nguyn dng M, kha c di M l mt xu k t c di M, K = k1k2kM.
m ha mt bn r P ngi ta chia P thnh cc on di M v chuyn thnh s th t tng ng ca chng trong bng ch ci, chng hn X = x1x2xM. Khi vic m ha v gii m c thc hin nh sau:
EK(X) = (x1 + k1, x2 + k2, , xM + kM) mod N
DK(Y) = (y1 - k1, y2 - k2, , yM - kM) mod N vi N l s phn t ca bng ch ci v Y = y1y2yM l bn m.
V d: xt A l bng ch ci ting Anh, ta c N = 26 gi s kha c di 6 v K = CIPHER, bn r P = THIS CRYPTOSYSTEM IS NOT SECURE. Ta c K = 2 8 15 7 4 17, P = 19 7 8 18 2 17 | 24 15 19 14 18 23 | 18 19 4 12 8 18 | 13 14 19 18 4 2 | 20 17 4. Qu trnh m ha thc hin nh sau:
P = 19 7 8 18 2 17 | 24 15 19 14 18 23 | 18 19 4 12 8 18 | 13 14 19 18 4 2 | 20 17 4
K = 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15 7 4 17 | 2 8 15
C = 21 15 23 25 6 8 | 0 23 8 21 22 14 | 20 1 19 19 12 9 | 15 22 8 25 8 19 | 22 25 19
Vy bn m l C = VPXZGI AXIVWO UBTTMJ PWIZIT WZT.
V thc cht h m ny l kt hp ca nhiu m Caesar, trong h m Caesar chng ta thay th tng k t n l th trong h m Vigenere ny thay th tng b M k t lin tip. Vi mi M chng ta c s kha c th s dng l NM, c th l vi bng ch ci ting Anh s c 26M kha c th s dng. 1.5. H m Hill
H m ho ny da trn l thuyt v i s tuyn tnh do Lester S.Hill a ra nm 1929.
C khng gian bn r v bn m u l cc xu c thnh lp t mt bng ch ci A nh trong h m Vigenere.
30
-
Chng III: Cc h m kha b mt
Vi mi s nguyn M kha ca h m l mt ma trn K vung kch thc MxM gm cc phn t l c c s nguyn thuc ZN trong N l s phn t ca bng ch ci. iu kin ma trn K c th s dng lm kha ca h m l K phi l mt ma trn khng suy bin trn ZN hay ni cch khc l tn ti ma trn nghch o ca ma trn K trn ZN.
Cc k t ca bng ch ci cng c nh s t 0 ti N-1.
m ha mt bn r ngi ta cng chia bn r thnh cc xu c di M, chuyn cc xu ny thnh s th t ca cc ch ci trong bng ch ci di dng mt vect hng M chiu v tin hnh m ha, gii m theo cng thc sau:
M ha:
C = P * K.
Gii m:
P = C * K-1.
V d: cho h m Hill c M = 2 (kha l cc ma trn vung cp 2) v bng ch ci l bng ch ci ting Anh, tc l N = 26. Cho kha
K =
5 23 3
Hy m ha xu P = HELP v gii m ngc li bn m thu c.
m ha chng ta chia xu bn r thnh hai vecto hng 2 chiu HE (7 4) v LP (11 15) v tin hnh m ha ln lt.
Vi P1 = (7 4) ta c C1 = P1 * K = ( )7 4
5 23 3
= ( )3 15 = ( )D P
Vi P2 = (11 15) ta c C2 = P2 * K = ( )11 15
5 23 3
= ( )11 4 = ( )L E
Vy bn m thu c l C = DPLE.
gii m ta tnh kha gii m l ma trn nghch o ca ma trn kha trn Z26 theo cng thc sau:
Vi K = 11 12
21 22
k kk k
v det(K) = (k11*k22 k21*k12) mod N l mt phn t c phn t
nghch o trn ZN (k hiu l det(K)-1) th kha gii m s l
K-1 = det(K)-1*22 12
21 11
k -k-k k
31
-
Chng III: Cc h m kha b mt
p dng vo trng hp trn ta c det(K) = (15 - 6) mod 26 = 9. GCD(9, 26) =1 nn
p dng thut ton clit m rng tm c det(K)-1 = 3. Vy K-1 = 3 * 5 2324 3
=
9 20
17 15.
Qu trnh gii m tin hnh ging nh qu trnh m ha vi kha m ha thay bng kha gii m.
Gii m C = DP = ( 3 15 ), P = C * K-1 = (3 15) *
9 20
17 15= ( )3 15 = HE.
Tng t gii m xu C = LE kt qu s c bn r P = LP.
Ch l trong v d trn chng ta s dng kha K c kch thc nh nn d dng tm c kha gii m cn trong trng hp tng qut iu ny l khng d dng. 1.6. H m i ch (transposition cipher)
Mt h m ho i ch l h m ho trong cc k t ca bn r vn c gi nguyn, nhng th t ca chng c i ch cho nhau.
V d mt h m ho i ch ct n gin, bn r c vit theo hng ngang trn trang giy vi di c nh, v bn m c c theo hng dc.
Bn r: COMPUTER GRAPHICS MAY BE SLOW BUT AT LEAST ITS EXPENSIVE COMPUTERGR APHICSMAYB ESLOWBUTAT LEASTITSEX PENSIVE
Bn m: CAELPOPSEEMHLANPIOSSUCWTITSBIUEMUTERATSGYAERBTX
Bng 3.2: M ho thay i v tr ct
Phng php ny c cc k thut sau:
1. o ngc ton b bn r: ngha l bn r c vit theo th t ngc li to ra bn m. y l phng php m ho n gin nht v vy khng m bo an ton.
V d: bn r TRANSPOSITION CIPHER c m ho thnh REHPICNOITISOPSNART.
2. M ho theo mu hnh hc: bn r c sp xp li theo mt mu hnh hc no , thng l mt mng hoc mt ma trn hai chiu.
V d: bn r LIECHTENSTEINER c vit thnh ma trn 35 theo hng nh sau:
Ct 1 2 3 4 5
Bn r L I E C H
32
-
Chng III: Cc h m kha b mt
T E N S T
E I N E R
Bng 3.3: M ha theo mu hnh hc
Nu ly cc k t ra theo s th t ct 2, 4, 1, 3, 5 th s c bn m IEICSELTEENNHTR.
i ch ct: u tin i ch cc k t trong bn r thnh dng hnh ch nht theo ct, sau cc ct c sp xp li v cc ch ci c ly ra theo hng ngang
V d: bn r gc l NGAY MAI BAT DAU CHIEN DICH XYZ c vit di dng ma trn 55 theo ct nh sau:
Ct 1 2 3 4 5
Bn r N A D I C
G I A E H
A B U N X
Y A C D Y
M T H I Z
Bng 3.4: V d m ha theo mu hnh hc
V c 5 ct nn chng c th c sp li theo 5!=120 cch khc nhau. tng an ton c th chn mt trong cc cch sp xp li .
Nu ta chuyn v cc ct theo th t 3, 5, 2, 4, 1 ri ly cc k t ra theo hng ngang ta s c bn m l DCAINAHIEGUXBNACYADY HZTIM. Lu rng cc k t cch c b i.
Hn ch ca phng php ny l ton b cc ma trn k t phi c sinh m ho v gii m.
3. Hon v cc k t ca bn r theo chu k c nh d: Nu hm f l mt hon v ca mt khi gm d k t th kho m ho c biu din bi K(d,f).
Do vy, bn r:
M = m1m2...mdmd+1...m2d
Vi mi l cc k t , v bn r s c m ho thnh
Ek(M) = mf (1)mf (2)...mf (d)mf (d)+1...md+f (d)
Trong mf (1)mf (2)...mf (d) l mt hon v ca m1m2...md.
V d: gi s d=5 v f hon v dy i=12345 thnh f(i)=35142
V tr u V tr hon v T M ho
1 3 G O
2 5 R P
33
-
Chng III: Cc h m kha b mt
3 1 O G
4 4 U U
5 2 P R
Bng 3.5: M ha hon v theo chu k
Theo bng trn, k t u trong khi 5 k t c chuyn ti v tr th 3, k t th hai c chuyn ti v tr th 5, ... Chng hn t gc GROUP c m ho thnh OPGUR. Bng cch , bn r I LOVE BEETHOVENS MUSIC s c chuyn thnh OEIVLEHBTEESONVSCMIU.
H m ADFGV ca c, c s dng trong sut chin tranh th gii ln th I, l mt h m ho i ch (c s dng phng php thay th n gin). N c coi l mt thut ton m ho phc tp vo thi y nhng n b ph bi Georges Painvin, mt nh thm m ngi Php. Trn thc t c rt nhiu h thng m ho s dng phng php i ch, nhng chng rt rc ri v thng i hi khng gian nh ln.
2. Cc h m khi
Trong phn ny chng ta s hc v cc h m khi in hnh l chun m ha d liu DES (Data Encryption Standard), mt trong s cc h m khi c s dng rng ri nht v l nn tng cho rt nhiu cc h m khi khc.
Chun m ha d liu DES l mt chun m ho c cng b bi U ban Tiu chun quc gia Hoa K vo 15/02/1977. H m ny c xy dng da trn mt h m khi ph bin c tn l LUCIFER v c pht trin bi IBM.
DES c nhiu u im (nhanh, thut ton cng khai, d ci t) v tng c s dng trn thc t trong mt thi gian rt di (cho n trc u nhng nm 90) tuy nhin theo thi gian nng lc ca cc my tnh pht trin cng vi cc k thut thm m mi c a ra cho thy nhu cu v mt h m khi mnh hn v chun m ha cao cp AES ra i. Chun ny ra i da trn mt cuc thi v thit k mt h m khi an ton hn (vo nm 1997) thay th cho DES ca y ban Tiu chun quc gia ca Hoa K (NIST). C rt nhiu h m c gi n lm ng c vin cho AES nhng cui cng h m Rijndael ca hai tc gi ngi B l tin s Joan Daemen v tin s Vincent Rijmen (vo nm 2001). 2.1. Mt m khi
Cc h m c in m chng ta xem xt phn u chng ny u c c im chung l tng k t ca bn r c m ho tch bit. iu ny lm cho vic ph m tr nn d dng hn. Chnh v vy, trn thc t ngi ta hay dng mt kiu mt m khc, trong tng khi k t ca bn r c m ho cng mt lc nh l mt n v m ho ng nht. Trong kiu m ho ny, cc tham s quan trng l kch thc ( di) ca mi khi v kch thc kho.
iu kin m ho khi an ton:
Kch thc khi phi ln chng li phng n tn cng bng phng php thng k. Tuy nhin iu ny s dn n thi gian m ho s tng ln.
34
-
Chng III: Cc h m kha b mt
Khng gian kho, tc chiu di kho phi ln chng li phng n tn cng bng vt cn. Tuy nhin kho phi ngn vic to kho, phn phi v lu tr kho c d dng.
Khi thit k mt h m khi, phi m bo hai yu cu sau:
S hn lon (confusion): s ph thuc gia bn r v bn m phi thc s phc tp gy kh khn i vi vic tm quy lut thm m. Mi quan h ny tt nht l phi tuyn.
S khuch tn (diffusion): Mi bit ca bn r v kha phi nh hng ln cng nhiu bit ca bn m cng tt.
Trong khi s hn lon (confusion) c to ra bng k thut thay th th s khuch tn (diffusion) c to ra bng cc k thut hon v. Cc h m khi m chng ta xem xt trong phn ny u tha mn cc yu cu .
Ngoi cc h m khi c trnh by trong phn ny cn rt nhiu cc h m khi khc pht trin qua thi gian (ti cc quc gia khc nhau v ng dng trong cc lnh vc khc nhau), c th k ra y mt s h m ni ting nh: Lucifer (1969), DES (1977), Madryga (1984), NewDES (1985), FEAL, REDOC, LOKI (1990), Khufu and Khafre (1990), RC2, RC4, IDEA (1990), MMB, CA-1.1, Shipjack, GOST, CAST, Blowfish, SAFER, 3-Way, Crab, SXAL8/MBAL, SAFER, RC5, RC6 ...
c im chung ca cc h m khi l qu trnh m ha lm vic vi cc khi d liu (thng dng xu bit) c kch thc khc nhau (ti thiu l 64 bit), kha ca h m cng l mt xu bit c di c nh (56 bit vi DES, cc h m khc l 128, 256, hoc thm ch 512 bit). Tt c cc h m ny u da trn l thuyt ca Shannon a ra nm 1949 v nu mang m ha hai bn r ging nhau s thu c cng mt bn m. Hot ng ca cc h m khi thng c thc hin qua mt s ln lp, mi ln s s dng mt kha con c sinh ra t kha chnh. 2.2. Chun m ho d liu DES (Data Encryption Standard)
Vo cui thp nin 60, h m Lucifer c a ra bi Horst Feistel. H m ny gn lin vi hng IBM ni ting. Sau U ban Tiu chun Hoa K dn xp vi IBM thut ton m ha ny thnh min ph v pht trin n thnh chun m ha d liu v cng b vo ngy 15/02/1977. 2.2.1. M t s m ho DES
M t tng quan:
DES l thut ton m ha vi input l khi 64 bit, output cng l khi 64 bit. Kha m ha c di 56 bit, thc ra chnh xc hn phi l 64 bit vi cc bit v tr chia ht cho 8 c th s dng l cc bit kim tra tnh chn l. S kha ca khng gian kha K l 256.
35
-
Chng III: Cc h m kha b mt
Hnh 3.1: Chun m ha d liu DES
Thut ton thc hin 16 vng. T kha input K, 16 kha con 48 bit Ki s c sinh ra, mi kha cho mt vng thc hin trong qu trnh m ha. Trong mi vng, 8 nh x thay th 6 bit thnh 4 bit Si (cn gi l hp Si) c chn la k cng v c nh, k hiu chung l S s c s dng. Bn r 64 bit s c s dng chia thnh hai na L0 v R0. Cc vng c chc nng ging nhau, nhn input l Li-1 v Ri-1 t vng trc v sinh ra output l cc xu 32 bit Li v Ri nh sau:
Li = Ri-1; (1)
Ri = Li-1 f(Ri-1, Ki) trong f(Ri-1, Ki) = P( S( E(Ri-1) Ki ) ); (2)
Trong :
l k hiu ca php tuyn loi tr (XOR) ca hai xu bit theo modulo 2.
Hm f l mt hm phi tuyn.
E l hon v m rng nh x Ri-1 t 32 bit thnh 48 bit (i khi tt c cc bit s c s dng hoc mt bit s c s dng hai ln).
P l hon v c nh khc ca 32 bit.
Mt hon v bit khi u (IP) c s dng cho vng u tin; sau vng cui cng na tri v phi s c i cho nhau v cui cng xu kt qu s c hon v bit ln cui bi hon v ngc ca IP (IP-1).
Qu trnh gii m din ra tng t nhng vi cc kho con ng dng vo cc vng trong theo th t ngc li.
C th hnh dung n gin l phn bn phi trong mi vng (sau khi m rng input 32 bit thnh 8 k t 6 bit xu 48 bit) s thc hin mt tnh ton thay th ph thuc kha trn mi mt k t trong xu 48 bit, v sau s dng mt php chuyn bit c nh phn b li cc bit ca cc k t kt qu hnh thnh nn output 32 bit.
Cc kho con Ki (cha 48 bit ca K) c tnh bng cch s dng cc bng PC1 v PC2 (Permutation Choice 1 v 2). Trc tin 8 bit (k8, k16,,k64) ca K b b i (p dng PC1). 56 bit cn li c hon v v gn cho hai bin 28 bit C v D, v sau trong 16 vng lp c C v D s c quay 1 hoc 2 bit, v cc kha con 48 bit Ki c chn t kt qu ca vic ghp hai xu vi nhau.
Nh vy, ta c th m t ton b thut ton sinh m DES di dng cng thc nh sau:
Y = IP-1 f16 T f15 T ... f2 T f1 IP(x)
Trong :
T m t php hon v ca cc khi LiRi (1 i 15).
fi m t vic dng hm f vi kho Ki (1 i 16).
Thut ton chi tit:
Input: bn r M = m1m2m64, kha 64 bit K = k1k2k64 (bao gm c 8 bit chn l, vic thm bit chn l sao cho cc on kha 8 bit c s bit 1 l l)
36
-
Chng III: Cc h m kha b mt
Output: bn m 64 bit C = c1c2c64
1. Sinh kha con. Tnh cc kha con theo thut ton sinh kha con bn di
2. (L0,R0) IP(m1m2m64) (S dng bng hon v IP hon v cc bit, kt qu nhn c chia thnh hai na l L0 = m58m50m8, R0 = m57m49m7.)
3. (16 vng) for i = 1 to 16
Tnh cc Li v Ri theo cc cng thc (1) v (2), vic tnh
f(Ri-1, Ki) = P( S( E(Ri-1) Ki ) ) c thc hin nh sau:
a) M rng Ri-1 = r1r2r32 t 32 bit thnh 48 bit bng cch s dng hon v m rng E.
T E(Ri-1). (V th T = r32r1r2r32r1)
b) T T Ki. Biu din T nh l cc xu gm 8 k t 6 bit T = (B1,,B8)
c) T (S1(B1), S2(B2),,S8(B8)). Trong Si(Bi) nh x b1b2b6 thnh cc xu 4 bit ca phn t thuc hng r v ct c ca cc bng Si (S box) trong r = 2 * b1 + b6 v c = b2b3b4b5 l mt s nh phn t 0 ti 15. Chng hn S1(011011) s cho r = 1 v c = 13 v kt qu l 5 biu din di dng nh phn l 0101.
d) T P(T) trong P l hon v c nh hon v 32 bit ca T = t1t2t32 sinh ra t16t7t25.
4. b1b2b64 (R16, L16) (i v tr cc khi cui cng L16, R16
5. C IP-1(b1b2b64) (Bin i s dng IP-1, C = b40b8b25)
S 16 vng lp ca DES:
37
-
Chng III: Cc h m kha b mt
Hnh 3.2: S m ho DES
K16 (48 bit)
K15 (48 bit)
Bn r (64 bit)
Bn m (64 bit)
IP
IP-1
L0(32 bit)
L1 = R0
R0(32 bit)
R1 = L0 f(R0, K1)
f
K1 (48 bit)
Li = Ri-1
L15 = R14
Ri = Li-1 f(Ri-1, Ki)
R15 = L14 f(R14, K15)
f
f
Ki (48 bit)
L16 = L15 f(R15, K16) R16 = L15
f
38
-
Chng III: Cc h m kha b mt
2.2.2. Hon v IP v hon v ngc IP-1 Bng hon v IP c a ra trong bng di y: 58 50 42 34 26 18 10 2 60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6 64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7
Bng 3.6: Bng hon v IP
Bng hon v ngc IP-1: 40 8 48 16 56 24 64 32 39 7 47 15 55 23 63 31
38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29
36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27
34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
Bng 3.7: Bng hon v ngc IP-1
Hai hon v IP v IP-1 khng c ngha g v mt mt m m hon ton nhm to iu kin cho vic chip ho thut ton DES.
S cu trc mt vng DES:
Hnh 3.3: S mt vng DES
Li-1 Ri-1
Hm m rng (E)
S-Box
P-Box
Ri Li
Trt t nn (PC-2)
Kho
Kho
Vng dch Vng dch
Hm f
Kho K
39
-
Chng III: Cc h m kha b mt
2.2.3. Thut ton sinh kha con Mi su vng lp ca DES chy cng thut ton nh nhau nhng vi 16 kho con
khc nhau. Cc kho con u c sinh ra t kho chnh ca DES bng mt thut ton sinh kho con. Kho chnh K (64 bit) i qua 16 bc bin i, ti mi bc bin i ny mt kho con c sinh ra vi di 48 bit.
C th m t thut ton sinh cc kha con chi tit nh sau:
Input: kha 64 bit K = k1k2...k64 (bao gm c 8 bit kim tra tnh chn l)
Output: 16 kha con 48 bit Ki, 1 i 16.
1) nh ngha vi, 1 i 16 nh sau: vi = 1 i vi i {1,2,9,16}; vi = 2 cho cc trng hp khc (y l cc gi tr dch tri cho cc quay vng 28 bit bn di).
2) T PC1(K); biu din T thnh cc na 28 bit (C0, D0) (S dng bng PC1 chn cc bit t K: C0 = k57k49...k36, D0 = k63k55...k4.)
3) For i from 1 to 16, tnh cc Ki nh sau: Ci (Ci-1 vi), Di (Di-1 vi), Ki PC2(Ci, Di). (S dng bng PC2 chn 48 bit t xu ghp b1b2...b56 ca Ci v Di: Ki = b14b17...b32. l k hiu dch vng tri.)
S sinh cc kha con ca DES:
40
-
Chng III: Cc h m kha b mt
Hnh 3.4: S to kho con ca DES
64 bit u vo s gim xung cn 56 bit bng cch b i 8 bit ( cc v tr chia ht cho 8), cc bit ny dng kim tra bit chn l. Sau 56 bit ny li c trch ly 48 bit sinh ra cho 16 vng kho ca DES.
Bng trt t kho (PC-1): 57 49 41 33 25 17 9 1 58 50 42 34 26 18
10 2 59 51 43 35 27 19 11 3 60 52 44 36
63 55 47 39 31 23 15 7 62 54 46 38 30 22
14 6 61 53 45 37 29 21 13 5 28 20 12 4
Bng 3.8: Bng PC-1
u tin 56 bit kha c chia ra thnh hai na 28 bit. Sau , hai na 28 bit ny c dch vng tri hoc 1 hoc 2 bit ph thuc vo s bit dch tng ng vi vng .
S bit dch ca cc vng (LS): Vng lp 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Kho chnh (64 bit)
C0 (28 bit) D0 (28 bit)
PC-1
C1 (28 bit) D1(28 bit)
LS LS
Ci (28 bit) Di (28 bit)
LS LS
C16 (28 bit) D16 (28 bit)
LS LS
PC-2 K1 (48 bit)
PC-2 Ki (48 bit)
PC-2 K16 (48 bit)
41
-
Chng III: Cc h m kha b mt
S bit dch 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
Bng 3.9: Bng dch bit ti cc vng lp ca DES
Sau khi dch vng, mt bng chn 48 bit c s dng. V cch hon v ny ca cc bit c chn nh mt t hp con ca cc bit nn c gi l hon v nn hay trt t nn.
Bng trt t nn(PC-2): 14 17 11 24 1 5 3 28 15 6 21 10
23 19 12 4 26 8 16 7 27 20 13 2
41 52 31 37 47 55 30 40 51 45 33 48
44 49 39 56 34 53 46 42 50 36 29 32
Bng 3.10: Bng PC-2
V d nh chng ta c th nhn thy bit v tr 33 ca kho s dch sang v tr 35 ra ngoi, cn bit v tr 18 ca kho s b b qua. Chnh vic dch vng ny, to nn mt tp hp con ca kho c s dng trong mi t hp kho. Mi bit c s dng khong 14 ln trong tng s 16 t hp kho, d khng phi tt c cc bt c s dng mt cch chnh xc cng mt lc trong mi ln s dng. 2.2.4. M t hm f
Hm f(Ri-1,Ki) l mt hm c hai bin vo: bin th nht Ri-1 l mt xu bit c di 32 bit, bin th hai kho Ki l mt xu bt c di 48 bit. u ra ca f l mt xu bit c di 32 bit. Hm f c th l hm bt k tuy nhin v ngun gc sc mnh ca DES nm trong hm f nn vic chn hm f phi cn thn trnh b ph m mt cch d dng. Thng thng hm f c chn thng l hm c tnh cht f = f-1, tc f(f(x)) = x.
Trong s m t m ho ca DES c cng b bi U ban Tiu chun Quc gia Hoa K (The Untied States Nation Bureau of Standard), hm f thc hin cc vic sau:
Bin th nht Ri-1 c m rng thnh mt xu bit c di 48 bit theo mt hm m rng c nh E. Thc cht hm m rng E(Ri-1) l mt hon v c lp trong lp li 16 bit ca Ri-1.
Tnh E(Ri-1)Ki v vit kt qu thnh 8 xu 6 bit B1B2B3B4B5B6B7B8.
a 8 khi Bi vo 8 bng S1, S2, ..., S8 (c gi l cc hp S-Box). Mi hp S-Box l mt bng 4*16 c nh c cc ct t 0 n 15 v cc hng t 0 n 3. Vi mi xu 6 bit Bi = b1b2b3b4b5b6, ta tnh c Si(Bi) nh sau: hai bit b1b6 xc nh hng r trong
