LI NI U Trao i thng tin lun l nhu cu cn thit ca con ngi, c bit l trong cuc sng hin i ngy nay khi m mng my tnh v Internet pht trin mt cch mnh m v gi vai tr quan trng trong mi lnh vc ca i sng x hi nh: chnh tr, qun s, hc tp, mua sm, kinh doanh, Tt c nhng thng tin lin quan n nhng cng vic ny u c my vi tnh qun l v truyn i trn h thng mng. i vi nhng thng tin bnh thng th khng ai ch n, nhng i vi nhng thng tin mang tnh cht sng cn i vi mt c nhn hay mt t chc th vn bo mt thng tin l rt quan trng v c t ln hng u. Chnh v vy nn rt nhiu t chc, c nhn nghin cu, tm kim v a ra rt nhiu gii php bo mt thng tin. Trong m ha kha cng khai ang t ra rt thch hp rt trong truyn thng tin d liu v c tnh bo mt kh cao. Bo co ny do nhm bin son da trn nhng kin thc lnh hi c t thy gio Th.S. Nguyn Chin Trinh, v thng qua s tm hiu, nghin cu tch cc ca cc thnh vin trong nhm. Bo co ca nhm i su vo trnh by m ha kha cng khai RSA v giao thc tha thun kha Diffie - Hellman vi ni dung gm 4 chng c chia thnh cc ch khc nhau, t vic gii thiu s b, trnh by khi nim, cch thit lp, s v cc v d minh ha c th v giao thc tha thun kha. Mc d nhm rt c gng song vn khng trnh khi mt s thiu st mong thy c v bn b ng gp kin nhm hon thin hn bo co ny.Thay mt nhm em xin chn thnh cm n !

PHN CNG CNG CNG VIC

STTM Sinh VinTn Sinh VinNi dungTrang-trangNhn xt

11021010262Phan Lc DngTm hiu v chung v m ha + m ha kha cng khai ( CI + CII )6 - 12Tch cc nghin cu hon thnh tt nhim v

21021010251Lu Don BcTm hiu thut ton m ha kha cng khai RSA (CIII)13-24Tch cc nghin cu hon thnh tt nhim v

30821010195Nguyn Xun HipTm hiu giao thc tha thun kha Diffie - Hellman25-34Tch cc nghin cu hon thnh tt nhim v

MC LCLI NI U1PHN CNG CNG VIC2MC LC3DANH MC HNH V4CHNG 1: TM HIU CHUNG V M HA61.1. Khi nim.........61.2. Cc yu cu i vi m ha61.3. Phn loi m ha71.4. Ti sao cn phi phn loi m ha ?7CHNG 2: M HA KHA CNG KHAI92.1. Gii thiu92.2.Ti sao m ha kha cng khai ra i102.3. Nguyn tc cu to ca h m ha cng khai102.4. Cc c im ca h m ha cng khai112.5. Phn bit m ha cng khai vi m ha i xng112.6. ng dng ca h m ha cng khai12CHNG 3: THUT TON M HA KHA CNG KHAI RSA133.1. Gii thiu v RSA133.2. M t hot ng ca RSA143.2.1. Qu trnh to kha cho h mt RSA153.2.2. Qu trnh m ha163.2.3. Qu trnh gii m163.2.4. V d163.2.5. Chuyn i vn bn r183.2.6.To ch k vo vn bn193.3. Cc vn ca RSA203.4. ng dng thc t ca RSA213.2.1. Ch k in t ( Digital Signature )213.2.2. SSL21CHNG 4: GIAO THC THA THUN KHA DIFFIE - HELLMAN244.1. Gii thiu chng244.2. Giao thc tha thun kha Difie - Hellman264.2.1. Khi nim tha thun kha264.2.2. Giao thc tha thun kha Diffie - Hellman284.2.3. Cc c im c trng ca giao thc tha thun kha Diffie - Hellman29TI LIU THAM KHO33

DANH MC HNH VHnh 2.1. Cch thc m ha cng khai9Hnh 3.1: Cc tc gi Ronal Rivest, Adi Shamir v Leonard Adleman ti Hc Vin Cng Ngh Masachusetts (MIT) vo nm 1977.13Hnh 3.2: S biu din thut ton m RSA15Hnh 3.3: M hnh chung ca ch k in t21Hnh 4.1: Gio s Martin Hellman (gia) cng ng nghip l Whitfield Defie (phi) khm ph ra mt m kha cng khai Difie - Hellman24Hnh 4.2: S giao thc tha thun kha Difie - Hellman28

CHNG I. TM HIU CHUNG V M HA

1. 1. Khi nimNi n m ha tc l ni n vic che du thng tin bng cch s dng thut ton. Che du y khng phi l lm cho thng tin bin mt m l cch thc chuyn t dngc th c hiu cthnh dngc nhng khng th hiu c. Mt thut ton l mt tp hp ca cc cu lnh m theo chng trnh s bit phi lm th no xo trn hay phc hi li d liu.Chng hn ti c mt thut ton rt n gin m ha thng ip cn gi i nh sau :Bc 1 : Thay th ton b ch ci e thnh ch s 3.Bc 2 : Thay th ton b ch ci a thnh ch s 4.Bc 3 : o ngc thng ip.Trn y ch l mt v d rt n gin m phng cch thc lm vic ca m ha ( Cryptography ) . Trong thc t y l mt qu trnh cc k phc tp v rt kh din t.1.2. Cc yu cu i vi m ha.Confidentiality (Tnh b mt) :m bo cho d liu c truyn i mt cch an ton v khng th b l thng tin nu nh c ai c tnh mun c c ni dung ca d liu gc ban u. Ch nhng ngi c ch nh mi c kh nng c c ni dung thng tin ban u.Authentication (Tnh xc thc) :Gip cho ngi nhn d liu xc nh c chn chn d liu m h nhn l d liu gc ban u.K gi mo khng th c kh nng gi dng nh l mt ngi khc hay ni cch khc l khng th mo danh gi d liu. Ngi nhn c kh nng kim tra ngun gc thng tin m h nhn c.Integrity (Tnh ton vn):Gip cho ngi nhn d liu kim tra c rng d liu khng b thay i trong qu trnh truyn i. K gi mo khng th c kh nng thay th d liu ban u bng d liu gi mo.Non-repudation (Tnh khng th chi b):Ngi gi hay ngi nhn khng th chi b sau khi gi hoc nhn thng tin.1.3. Phn loi m ha.Phn loi theo cc phng php: M ha c in (Classical cryptography) M ha i xng (Symmetric cryptography). M ha bt i xng (Asymmetric cryptography). Hm bm mt chiu (Hash function)Phn lai theo s lng kha: M ha kha b mt (Private-key Cryptography) M ha kha cng khai (Public-key Cryptography1.4. Ti sao cn phi m ha ?Ngy nay, khi mng Internet kt ni cc my tnh khp ni trn th gii li vi nhau, th vn bo v my tnh khi s thm nhp ph hoi t bn ngoi l mt iu cn thit. Thng qua mng Internet, cc hacker c th truy cp vo cc my tnh trong mt t chc (dng telnet chng hn), ly trm cc d liu quan trng nh mt khu, th tn dng, ti liu Hoc n gin ch l ph hoi, gy trc trc h thng m t chc phi tn nhiu chi ph khi phc li tnh trng hot ng bnh thng. y l mt phng php h tr rt tt trong vic chng li nhng truy cp bt hp php ti cc thng tin c truyn i trn mng, p dng m ha s khin cho ni dung thng tin c truyn i di dng khng th c c i vi bt k ai c tnh mun ly thng tin .Tt nhin khng phi ai cng phi dng m ha. Nhu cu v s dng m ha xut hin khi cc bn giao tip mun bo v cc ti liu quan trng hay truyn chng mt cch an ton. Cc ti liu quan trng c th l: ti liu qun s, ti chnh, kinh doanh hoc n gin l mt thng tin no m mang tnh ring t.Nh cc bn cng bit, Internet hnh thnh v ra i t yu cu ca chnh ph M nhm phc v cho mc ch qun s. Khi chng ta tham gia trao i thng tin, chat, gi mail v..v.. Internet l mt mi trng khng an ton, y ri ro v nguy him, khng c g m bo rng thng tin m chng ta truyn i khng b c trm trn ng truyn. T m ha c p dng nh mt bin php nhm gip chng ta t bo v chnh mnh cng nh nhng thng tin m chng ta gi i.

CHNG II. M HA KHA CNG KHAI2.1. Gii thiuM ha kha cng khai (Public Key Cryptography) c thit k sao cho kha s dng trong qu trnh m ha khc bit vi kha c s dng trong qu trnh gii m. Hn th na, kha dng trong qu trnh gii m khng th c tnh ton hay suy lun t kha dng m ha v ngc li, tc l hai kha ny c quan h vi nhau v mt ton hc nhng khng th suy din c ra nhau. Thut ton ny c gi lPublic-Keybi v kha dng cho vic m ha c cng khai cho tt c mi ngi.Mt ngi han ton xa l c th dng kha ny m

Hnh 2.1: Cch thc m ha cng khaiha d liu nhng ch duy nht ngi m c kha gii m tng ng mi c th c c d liu m thi.

2.2. Ti sao m ha cng khai ra iM ha i xng d rng pht trin t c in n hin i, vn tn ti hai im yu sau: Vn trao i kha gia ngi gi v ngi nhn: Cn phi c mt knh an ton trao i kha sao cho kha phi c gi b mt ch c ngi gi v ngi nhn bit. iu ny t ra khng hp l khi m ngy nay, khi lng thng tin lun chuyn trn khp th gii l rt ln. Vic thit lp mt knh an ton nh vy s tn km v mt chi ph v chm tr v mt thi gian. Tnh b mt ca kha: khng c c s quy trch nhim nu kha b tit l. Vo nm 1976 Whitfield Diffie v Martin Hellman tm ra mt phng php m ha khc m c th gii quyt c hai vn trn, l m ha kha cng khai (public key cryptography) hay cn gi l m ha cng khai (asymetric cryptography). y c th xem l mt bc t ph quan trng nht trong lnh vc m ha.2.3. Nguyn tc cu to ca h m ha cng khai.M ha kha cng khai ra i gii quyt c vn m m ha ring thiu xt. Trong h thng m ha ny th mi mt ngi s dng khi tham gia vo u c cp 2 kha : Mt kha dng cho vic m ha d liu (Public key) V mt kha dng cho vic gii m d liu (Private key), Trong Public keyc a ra cho tt c mi ngi cng bit, cnPrivate keyphi c gi kn mt cch tuyt i.Gi s hai pha mun truyn tin cho nhau th qu trnh truyn s dng m ha kha cng khai c thc hin nh sau :- Sender yu cu cung cp hoc t tm kho cng khai ca Receiver trn mt Server chu trch nhim qun l kho cng khai.- Sau hai pha thng nht thut ton dng m ha d liu, Sender s dng kha cng khai ca Receiver cng vi thut ton thng nht m ha thng tin b mt.- Thng tin sau khi m ha c gi ti Receiver, lc ny chnh Sender cng khng th no gii m c thng tin m anh ta m ha (khc vi m ha kha ring).- Khi nhn c thng tin m ha, Receiver s s dng kha b mt ca mnh gii m v ly ra thng tin ban u.C nhiu phng php m ha thuc loi m ha kha cng khai. l cc phng php Knapsack, RSA, Elgaman, v phng php ng cong elliptic ECC. Mi phng php c cch thc ng dng hm mt chiu khc nhau.2.4. Cc c im ca h m ha cng khaiThng thng, cc k thut mt m ha kha cng khai i hi khi lng tnh ton nhiu hn cc k thutm ha kha i xngnhng nhng li im m chng mang li khin cho chng c p dng trong nhiu ng dng. Vy l vi s ra i ca M ha kha cng khai th kha c qun l mt cch linh hot v hiu qu hn. Ngi s dng ch cn bo v kha Private key.H thng ny an ton hn nhiu so vi m ha kha ring, ngi m ha khng th gii m c d liu m ha bng kha cng khai ca ngi khc. Tuy nhin nhc im ca m ha kha cng khai nm tc thc hin, n chm hn m ha kha ring c ~1000 ln2.5. Phn bit m ha cng khai vi m ha i xngiu kin cn ca nhng gii thut ny l:1. Khi mt ngi no c c mt hay nhiu chui bt c m ha, ngi cng khng c cch no gii m c mu tin ban u, tr khi ngi bit c secret key dng cho m ha.2. Secret key phi trao i mt cch an ton gia hai party tham gia vo qu trnh m ha.M ha bt i xng l nhng gii thut m ha s dng 2 kha : public key v private-key. Hai kha ny c mt mi lin h ton hc vi nhau. M ha bng kha ny th ch c th gii m bng kha kia. C hai ng dng ca loi m ha ny : M ha bt i xng v ch k in t ( digital signature ).Trong ng dng m ha bt i xng ( v d gii thut RSA )mi bn A, B s c mt public key (PU) private key (PR) ring mnh. A to ra PUA v PRA.B to ra PUB v PRB. PUA s c A gi cho B v khi B mun truyn d liu cho A th B s m ha bng PUA. A s gii m bng PRA. Ngc li nu A mun truyn cho B th A s m ha bng PUB v B gii m bng PRB. PRA v PRB khng bao gi c truyn i v ch c gi ring cho mi bn .Trong ng dng ch k in t th A s m ha mu tin bng PRA. Bi v ch c A l bit c PRA nn khi mt party no nhn c mu tin ny , party c th bit c mu tin xut pht t A ch khng phi mt ai khc. ng nhin gii m , party cn c PUA.2.6. ng dng ca h m ha cng khaiM haEmail hocxc thcngi gi Email (OpenPGPorS/MIME).M ha hoc nhn thc vn bn (Cc tiu chunCh k XML*hocm ha XML*khi vn bn c th hin di dngXML).Xc thc ngi dng ng dng (ng nhp bng ththng minh, nhn thc ngi dng trongSSL).Ccgiao thctruyn thng an ton dng k thutBootstrapping(IKE,SSL): trao i kha bng kha bt i xng, cn m ha bng kha i xng.

CHNG III. THUT TON M HA KHA CNG KHAI RSA3.1. Gii thiu v RSA.Tiu chun Rivest-Shamir-Adleman (RSA) - Gii thut m ha kha cng khai RSA l mt tiu chun c cc tc gi Ronal Rivest, Adi Shamir v Leonard Adleman pht trin ti Hc Vin Cng ngh Masachusetts (MIT) vo nm 1977, tn tiu chun c ly t 3 ch ci u ca tn 3 tc gi, hin tiu chun c cc t chc Vin Tiu chun Quc gia Hoa K (American National Standards Institute ANSI), Vin K ngh in v in t (Institute of Electrical and Electronics Engineers IEEE) v Phng th nghim RSA cng nhn (RSA Laboratories l mt b phn ca Tp on EMC). y l thut ton u tin ph hp vi vic to ra ch k in t ng thi vi vic m ha. N nh du mt s tin b vt bc ca lnh vc mt m hc trong vic s dng kha cng cng. RSA ang c s dng ph bin trong thng mi in t v c cho l m bo an ton vi iu kin di kha ln.

Hnh 3.1. Cc tc gi Ronal Rivest, Adi Shamir v Leonard Adleman ti Hc Vin Cng ngh Masachusetts (MIT) vo nm 1977Trc vi nm, Clifford Cox, mt chuyn gia m ha ngi Anh pht trin ring mt bin th ca RSA. Tuy nhin, Chnh ph Anh xem y l vn mt v khng cng b. Khi Rivest, Shamir v Adleman cng b RSA trong n phm Scientific American thng 9/1977, C quan An ninh quc gia Hoa K (NSA) khng ng v vic ph bin rng ri RSA v ra lnh cm, tuy nhin lnh cm ny khng c c s php l. Thut ton RSA c MIT ng k bng sng ch ti Hoa K vo nm 1983 (S ng k 4,405,829). Bng sng ch ny ht hn vo ngy 21 thng 9 nm 2000. Tuy nhin, do thut ton c cng b trc khi c ng k bo h nn s bo h hu nh khng c gi tr bn ngoi Hoa K. Ngoi ra, nu nh cng trnh ca Clifford Cocks c cng b trc th bng sng ch RSA khng th c ng k.Nm 1978, cc tc gi cng b thut ton trn Tp ch ca Hip hi K thut Tnh ton Hoa K (Communications of the Association for Computing Machinery ACM). Hin nay, c th tham kho c t ca RSA trn trang thng tin ca Tp on EMC. 3.2. M t hot ng ca RSA. nh l c s:

nh l nh ca Fermat: Vi p l mt s nguyn t khc 2 th chia mt s a ly tha p cho p s c s d chnh bng a:

M rng ta c:

Vi l s nguyn t cng nhau vi m v nh hn m- Thut ton RSA c 2 kha: Kha cng khai (Public Key) Kha b mt (Private Key)- Mi kha l nhng s c nh s dng trong qu trnh m ha v gii m.- Kha cng khai c cng b rng ri cho mi ngi v c dng m ha.- Kha b mt c c nhn gi kn v dng gii mV d:Bod mun gi cho Alice mt thng tin mt M m Bod mun duy nht Alice c th c c. Bod Alice ( M ha M bng Public Key ca A c C) (Gii m C bng Private Key ca A c M )Hnh 3.2: S biu din thut ton m RSA3.2.1. Qu trnh to kha cho h mt RSA.Gi s Alice v Bob cn trao i thng tin b mt thng qua mt knh khng an ton (v d nh Internet). Vi thut ton RSA, Alice u tin cn to ra cho mnh cp kha gm kha cng khai v kha b mt theo 5 bc sau:1. Chn 2 s nguyn t ln khc nhau p, q tha mn iu kin 2. Tnh tch ca n 3. Tnh gi tr hm Phi Euler ca n: .4.

Chn s nguyn d, sao cho v gcd(d,)=1. 5. Tnh gi tr e tha mn iu kin:.

Kha cng khai bao gm: n v e. Kha mt: d cn p,q v thng l xa sau khi tnh ton kha.

3.2.2. Qu trnh m ha:Gi s Bob mun gi on thng tin M cho Alice. u tin Bob chuyn M thnh mt s m < n theo mt hm c th o ngc (t m c th xc nh li M) c tha thun trc. Qu trnh ny c m t phn Chuyn i vn bn r.Lc ny Bob c m v bit n cng nh e do Alice gi. Bob s tnh c l bn m ha ca m theo cng thc:

Hm trn c th tnh d dng s dng phng php tnh hm m (mun) bng phng php bnh phng. Cui cng Bob gi C cho Alice3.2.3. Qu trnh gii m: Alice nhn c t Bob v kha b mt d. Alice c th tm c m t c theo cng thc sau:

Bit m, Alice tm li M theo phng php tha thun trc. Qu trnh gii m hot ng v ta c:

Do ed 1 (mod p-1) v ed 1 (mod q-1), theo nh l Fermat nh nn:

v

Do p v q l hai s nguyn t cng nhau, p dng nh l phn d trung hoa, chng ta c:

Hay

3.2.4. V d:Sau y l mt v d vi nhng s c th. y chng ta s dng nhng s nh tin tnh ton cn trong thc t phi dng cc s c gi tr ln.Ly:p= 61 s nguyn t th nht (gi b mt hoc hy sau khi to kha)

q= 53 s nguyn t th hai (gi b mt hoc hy sau khi to kha)

n=pq= 3233 mun (cng b cng khai)

e= 17 s m cng khai

d= 2753 s m b mt

Kha cng khai l cp (e,n). Kha b mt ld. Hm m ha l:encrypt(m) =memodn=m17mod 3233vimlvn bn r. Hm gii m l:decrypt(c) =cdmodn=c2753mod 3233viclvn bn m. m ha vn bn c gi tr 123, ta thc hin php tnh:encrypt(123) = 12317mod 3233 = 855 gii m vn bn c gi tr 855, ta thc hin php tnh:decrypt(855) = 8552753mod 3233 = 123C hai php tnh trn u c th c thc hin hiu qu nh gii thut bnh phng v nhn3.2.5. Chuyn i vn bn rTrc khi thc hin m ha, ta phi thc hin vic chuyn i vn bn r ( chuyn i t M sang m) sao cho khng c gi tr no ca M to ra vn bn m khng an ton.Nu khng c qu trnh ny, RSA s gp phi mt s vn sau: Nu m = 0 hoc m = 1 s to ra cc bn m c gi tr l 0 v 1 tng ng Khi m ha vi s m nh (chng hn e =3) v m cng c gi tr nh, gi tr me cng nhn gi tr nh (so vi n). Nh vy php mun khng c tc dng v c th d dng tm c m bng cch khai cn bc e ca c ( b qua mun). RSA l phng php m ha xc nh ( khng c thnh phn ngu nhin) nn k tn cng c th thc hin tn cng la chn bn r bng cch to ra mt bng tra gia bn r v bn m. Khi gp mt bn m, k tn cng s dng bng tra tm ra bn r tng ng.Trn thc t, ta thng gp 2 vn u khi gi cc bn tin ASCII ngn vi m l nhm vi k t ASCII. Mt on tin ch c 1 k t NUL s c gn gi tr m = 0 v cho ra bn m l 0 bt k gi tr ca e v N. Tng t, mt k t ASCII khc, SOH, c gi tr 1 s lun cho ra bn m l 1. Vi cc h thng dng gi tr e nh th tt c k t ASCII u cho kt qu m ha khng an ton v gi tr ln nht ca m ch l 255 v 2553 nh hn gi tr n chp nhn c. Nhng bn m ny s d dng b ph m. trnh gp phi nhng vn trn, RSA trn thc t thng bao gm mt hnh thc chuyn i ngu nhin ha m trc khi m ha. Qu trnh chuyn i ny phi m bo rng m khng ri vo cc gi tr khng an ton. Sau khi chuyn i, mi bn r khi m ha s cho ra mt trong s kh nng trong tp hp bn m. iu ny lm gim tnh kh thi ca phng php tn cng la chn bn r (mt bn r s c th tng ng vi nhiu bn m ty thuc vo cch chuyn i).Mt s tiu chun, chng hn nh PKCS, c thit k chuyn i bn r trc khi m ha bng RSA. Cc phng php chuyn i ny b xung thm bit vo M. Cc phng php chuyn i cn c thit k cn thn trnh nhng dng tn cng phc tp tn dng kh nng bit trc c cu trc ca bn r. Phin bn ban u ca PKCS dng mt phng php c ng (ad-hoc) m v sau c bit l khng an ton trc tn cng la chn bn r thch ng (adaptive chon ciphertext attack). Cc phng php chuyn i hin i s dng cc k thut nh chuyn i m ha bt di xng ti u nh (Optimal Asymmetric Encryption Padding OAEP) chng li tn cng dng ny. Tiu chun PKCS cn c b xung cc tnh nng khc m bo an ton cho ch k RSA (Probabilistic Signature Scheme for RSA-RSA-PSS).3.2.6. To ch k vo vn bn.Thut ton RSA cn c dng to ch k s cho vn bn.Gi s Alice mun gi cho Bob mt vn bn c ch k ca mnh. lm vic ny, Alice to ra mt gi tr bm (hask value) ca vn bn cn k v tnh gi tr m d mod n ca n (ging nh khi Alice thc hin gii m). Gi tr cui cng chnh l ch k in t ca vn bn ang xt.Khi Bob nhn c vn bn cng vi ch k in t, anh ta tnh gi tr m e mod n ca ch k ng thi vi vic tnh gi tr bm ca vn bn. Nu 2 gi tr ny nh nhau th Bob bit rng ngi to ra ch k bit kha b mt ca Alice v vn bn khng b thay i sau khi k. Cn ch rng cc phng php chuyn i bn r ( nh RSA-PSS) gi vai tr quan trng i vi qu trnh m ha cng nh ch k in t v khng c dng chung cho ng thi cho c hai mc ch trn.3.3. Cc vn ca RSA.Sau y ta s xem xt mt s cc tn cng phng php RSA. Vt cn kha: cch tn cng ny th tt c cc kha d c th c tm ra bn gii m c ngha, tng t nh cch th kha K ca m ha i xng. Vi N ln, vic tn cng l bt kh thi. Phn tch N thnh tha s nguyn t N = pq: Chng ta ni rng vic phn tch phi l bt kh thi th mi l hm mt chiu, l nguyn tc hot ng ca RSA. Tuy nhin, nhiu thut ton phn tch mi c xut, cng vi tc x l ca my tnh ngy cng nhanh, lm cho vic phn tch N khng cn qu kh khn nh trc y. Nm 1977, cc tc gi ca RSA treo gii thng cho ai ph c RSA c kch thc ca N vo khong 428 bt, tc 129 ch s. Cc tc gi ny c on phi mt 40 nghn triu triu nm mi c th gii c. Tuy nhin vo nm 1994, cu ny c gii ch trong vng 8 thng. Bng sau lit k kch thc N ca cc RSA ph m c cho n hin nay.S ch s ca NS bitNm ph mThut ton

1003221991Quadratic sieve

1103651992Quadratic sieve

1203981993Quadratic sieve

1294281994Quadratic sieve

1304311996GNFS

1404651999GNFS

1555121999GNFS

1605302003Lattice sieve

1745762003Lattice sieve

2006332005Lattice sieve

D nhin l vic ph m trn ch c thc hin trong phng th nghim. Tuy nhin ngi ta cho rng kch thc ca N phi khong 1024 bt (309 ch s) th mi bo m an ton tht s. o thi gian: y l mt phng php ph m khng da vo mt ton hc ca thut ton RSA, m da vo mt hiu ng l sinh ra bi qu trnh gii m RSA. Hiu ng l l thi gian thc hin gii m. Gi s ngi ph m c th o c thi gii m dng thut ton bnh phng lin tip. Trong thut ton bnh phng lin tip, nu mt bt ca d l 1 th xy ra hai php modulo, nu bt l 0 th ch c mt php modulo, do thi gian thc hin gii m l khc nhau. Bng mt s php th chosen-plaintext, ngi ph m c th bit c cc bt ca d l 0 hay 1 v t bit c d.3.4. ng dng thc t ca RSA.Tiu chun RSA c ng dng rng ri trong nhiu lnh vc nh ch k s, thng mi in t, bo mt, xc thc TrongThng t s 01/2011/TT-BTTTTngy 04/01/2011 ca B trng B Thng tin v Truyn thng Cng b Danh mc tiu chun k thut v ng dng cng ngh thng tin trong c quan nh nc quy nhKhuyn ngh p dngtiu chun RSA, l mt trong nhng gii thut m ha v c xp vo nhmTiu chun v an ton thng tin.3.4.1. Ch k in t (Digital Signature).Ch k in t l ch k c to lp di dng t, ch s, k hiu, m thanh hoc cc hnh thc khc bng phng tin in t, gn lin hoc kt hp mt cch logic vi thng ip d liu. Ch k in t c gi tr xc nhn ngi k thng ip d liu v xc nhn s chp thun ca ngi i vi ni dung thng ip d liu c k.Ch k in t l thng tin i km theo d liu (vn bn, hnh nh , video .) nhm mc ch xc nh ngi ch ca d liu .Ch k in t c to ra bng cch p dng thut ton bm mt chiu trn vn bn gc to ra bn phn tch vn bn (mesage digest) hay cn gi l fingerprint, sau m ha bng private key to ra ch k s nh km vi vn bn gc c tnh li fingerprint so snh vi fingerprint c cng c phc hi t vic gii m ch k s.M hnh chung ca ch k in t:

Hnh 3.3: M hnh chung ca ch k in tc im ca ch k in t rt a dng, c th l mt tn hoc hnh nh c nhn km theo d liu in t, mt m kha b mt, hay mt d liu sinh trc hc ( chng hn nh hnh nh mt, du vn tay, hnh nh mng mt ) c kh nng xc thc ngi gi. an ton ca tng dng l khc nhau.Quy trnh thc hin ch k in t:Cc bc m ha:1. Dng gii thut bm thay i thng ip cn truyn i, kt qu l ta c mt message digest, dng gii thut md5 (message digest 5) ta c digest c chiu di 128 bit, dng gii thut sha ( secure hash algorithm ) ta c chiu di 160 bit.2. S dng kha private key ca ngi gi m ha mesage digest thu c bc 1. Thng thng bc ny ta dng gii thut rsa. Kt qu thu c gi l digital signature ca mesage ban u.3. Gp digital signature vo message ban u, cng vic ny gi l k nhn vo message. Sau khi k nhn vo message, mi s thay i trn message s b pht hin trong giai on kim tra. Ngoi ra, vic k nhn ny m bo ngi nhn tin tng message ny xut pht t ngi gi ch khng phi l ai khc.Cc bc kim tra:1. Dng public key ca ngi gi (kha ny c thng bo n mi ngi) gii m ch k s ca message.2. Dng gii thut (md5 hoc sha) hm bm message nh km.3. So snh kt qu thu c bc 1 v 2. Nu trng nhau, ta kt lun message ny khng b thay i trong qu trnh truyn v message ny l ca ngi gi.Mi c nhn khi tham gia vo h thng ch k in t cn phi c cung cp mt b kha (Public key, Private key) dng nh danh c nhn bi mt t chc c quan c thm quyn v c cng nhn trong phm vi s dng.3.4.2. SSL (Secure Socket Layer)SSL l giao thc a mc ch c thit k nhm m ha ton b thng tin n/ i gia hai chng trnh ng dng mt cng nh trc (socket 443). Giao thc SSL c hnh thnh v pht trin u tin nm 1994 bi nhm nghin cu Netscape v ngay nay tr thnh chun bo mt thc hnh trn mng Internet.Phin bn hin nay l SSL 3.0 v ang tip tc c b xung hon thin.

CHNG VI: GIAO THC THA THUN KHA DIFFIE HELLMAN4.1. Gii thiu.

Hnh 4.1. Gio s Martin Hellman (gia) cng ng nghip l Whitfield Diffie (phi) khm ph ra mt m kha cng khai Diffie-Hellman.Nm 1976, mt s t ph thay i nn tng c bn trong cch lm vic ca cc h thng mt m ha. chnh l vic cng b ca bi vit phng hng mi trong mt m hc (New Directions in Cryptography) ca Whitfield Diffie v Martin Hellman. Bi vit gii thiu mt phng php hon ton mi v cch thc phn phi cc kha mt m. L h thng u tin s dng "public-key" hoc cc kha mt m "khng i xng", v n c gi l trao i kha Diffie-Hellman (Diffie-Hellman key exchange). Bi vit cn kch thch s pht trin gn nht tc thi ca mt lp cc thut ton mt m ha mi, cc thut ton cha kha bt i xng (asymmetric key algorithms).Trao i kha Diffie-Hellman b co buc rng n uc pht minh ra mt cch c lp mt vi nm trc trong Tr s Truyn Thng Chnh ph Anh (GCHQ) bi Malcolm J .Williamson). Vo nm 2002, Hellman a ra thut ton c gi chung l trao i kha DiffieHellmanMerkle cng nhn s ng gp ca c Ralph Merkle, ngi pht minh ra thut ton m ha cng khai.Trc thi k ny, hu ht cc thut ton mt m ha hin i u l nhng thut ton kh i xng (symmetric key gorithms), trong c ngi gi v ngi nhn phi dng chung mt kha, tc kha dng trong thut ton mt m, v c hai ngi u phi gi b mt v kha ny. Tt c cc my in c dng trong th chin II, k c m Caesar v m Atbash, v v bn cht m ni, k c hu ht cc h thng m c dng trong sut qu trnh lch s na u thuc v loi ny. ng nhin, kha ca mt m chnh l sch m (codebook), v l ci cng phi c phn phi v gi gn mt cch b mt tng t.Do nhu cu an ninh, kha cho mi mt h thng nh vy nht thit phi c trao i gia cc bn giao thng lin lc bng mt phng thc an ton no y, trc khi h s dng h thng (thut ng thng c dng l 'thng qua mt knh an ton'), v d nh bng vic s dng mt ngi a th ng tin cy vi mt cp ti liu c kha vo c tay bng mt cp kha tay, hoc bng cuc gp g mt i mt, hay bng mt con chim b cu a th trung thnh Vn ny cha bao gi c xem l d thc hin, v n nhanh chng tr nn mt vic gn nh khng th qun l c khi s lng ngi tham gia tng ln, hay khi ngi ta khng cn cc knh an ton trao i kha na, hoc lc h phi lin tc thay i cc cha kha-mt thi quen nn thc hin trong khi lm vic vi mt m. C th l mi mt cp truyn thng cn phi c mt kha ring nu, theo nh thit k ca h thng mt m, khng mt ngi th ba no, k c khi ngi y l mt ngi dng, c php gii m cc thng ip. Mt h thng thuc loi ny c gi l mt h thng dng cha kha mt, hoc mt h thng mt m ha dng kha i xng. H thng trao i kha Diffie-Hellman (cng nhng phin bn c nng cp k tip hay cc bin th ca n) to iu kin cho cc hot ng ny trong cc h thng tr nn d dng hn rt nhiu, ng thi cng an ton hn, hn tt c nhng g c th lm trc y.Mc d, bn thn thut ton l mt giao thc chn kha nc danh (khng cn thng qua xc thc) nhng n cung cp ra mt c s cho cc giao thc xc thc khc nhau kh hon ho. Phng thc tip ni ngay sau Diffie Hellman l RSA, mt th hin ca m kha cng khai s dng thut ton bt i xng.4.2. Giao thc tha thun kha Diffie Hellman4.2.1. Khi nim tha thun kha.Tho thun kho: vic trao i kho gia cc ch th trong mt cng ng no c th c thit lp mt cch t do gia bt c hai ngi no khi c nhu cu trao i thng tin.4.2.2. Giao thc tha thun kha Diffie - Hellman. - Trao i kha Diffie Hellman l thit lp mt kha chia s b mt c s dng cho thng tin lin lc b mt bng cch trao i d liu thng qua mng cng cng. y m mt trong s nhiu phng thc dng trao i kha trong ngnh mt m hc. - Phng php ny khng cn c s can thip ca mt TA ( c quan y thc) lm nhim v iu hnh hoc phn phi kha. - Phng php ny cho php nhng ngi s dng c th cng nhau to ra mt kha b mt thng qua mt knh truyn thng khng m bo v bo mt. Kha b mt ny s c dng ngi s dng tr o i thng tin vi nhau.4.2.2.1. Cch thit lp giao thc tha thun kha Diffie - Hellman. Tnh hung: + Alice v Bob mun chia s thng tin bo mt cho nhau nhng phng tin truyn thng duy nht ca h l khng an ton. Tt c cc thng tin m h trao i c quan st bi Eve k th ca h. + Lm th no Alice v Bob chia s thng tin bo mt cho nhau m khng lm cho Eve bit c? + Thot nhn ta thy Alice v Bob phi i mt vi mt nhim v khng th. Gii quyt tnh hung trn:+ Alice v Bob ng dng chung v mt nhm cyclic hu hn G v mt yu t to ra g trong G. (iu ny thng c thc hin rt lu trc khi phn cn li ca giao thc, g c gi nh l c bit n bi tt c cc k tn cng) + Khi Alice v Bob mun truyn thng tin bo mt cho nhau c th cng thc hin theo giao thc sau trao i:

1. Alice chon ngu nhin s aA (0 aA p-2) b mt, tnhv gi bA cho Bob

2. Tng t, Bob chn ngu nhin s aB (0 aB p-2) b mt, tnh v gi bB cho Alice.

3. Alice tnh c kha:

4. Bob tnh c kha: + By gi Alice v Bob c cng kha chung l:

+ M t giao thc Diffie Hellman bng bng sau:

Ch l ch c aA, aB v KA, KB l c gi b mt. Tt c cc gi tr cn li nh p, g, bA, bB, u cng khai. Mt khi Alice v Bob tnh c kha b mt dng chung, h c th dng n lm kha m ha ch h bit gi cc thng ip qua cng knh giao tip m. ng nhin, m bo an ton, cc gi tr aA, aB v p cn c ly ln, g khng cn ly gi tr qu ln. Thc t th g thng ly gi tr 2 hoc 5.

4.2.2.2. S giao thc tha thun kha Diffie - Hellman.

Hnh 4.2: S giao thc tha thun kha Diffie HellmanS di y minh ha phn no tng chung. u tin, Alice v Bob thng nht v mu sn chung (mu vng), Alice v Bob trao i mu sc c trn ca h. Cui cng, iu ny to ra mt mu b mt ging ht nhau m k khc khng c kh nng to c ra ging vy. K t y, Alice v Bob s trao i bng cch m ha v gii m s dng kha b mt (th hin bng mu sn b mt cui cng). 4.2.2.3. V d bng s minh ha. 1. Alice v Bob thng nht vi nhau chn s nguyn t p = 37 v g = 5. 2. Alice chn mt gi tr ngu nhin bt k aA = 7 v b mt aA. Alice tnh bA = 57 mod 37 = 18. Sau Alice gi bA = 18 cho Bob. 3. Bob chn mt gi tr ngu nhin bt k aB = 5 v b mt aB Bob tnh bB = 55 mod 37 = 17. Sau Bob gi bB = 17 cho Alice. 4. Bob nhn c bA = 18 v tnh kha chung: KB = 184 mod 37=15, v b mt KB 5. Alice nhn c bB =17 v tnh kha chung: KA = 177 mod 37=15, v b mt KA4.2.3. Cc c im c trng ca giao thc tho thun kha Diffie - Hellman.4.2.3.1. Giao thc l an ton i vi vic tn cng th ng.Giao thc l an ton i vi vic t n c ng th ng, ngha l mt ngi th b d bit bA v bB s kh m bit c KA,B.

Xt v d: 1. Alice v Bob thng nht vi nhau chn s nguyn t p = 17 v g = 2. 2. Alice chn mt gi tr ngu nhin bt k aA = 6 v b mt aA. Alice tnh bA = 26 mod 17 = 13. Sau A ice gi bA = 13 cho Bob. 3. Bob chn mt gi tr ngu nhin bt k aB = 9 v b mt aB Bob tnh bB = 29 mod 17 = 2. Sau Bob gi bB = 2 cho Alice. 4. Bob nhn c bA = 13 v tnh kha chung: KB = 139 mod 17=13, v b mt KB 5. Alice nhn c bB = 2 v tnh kha chung: KA = 26 mod 17=13, v b mt KA Eve l mt k nghe trm c ta theo di nhng g Alice v Bob gi cho nhau nhng khng th thay i ni dung cc cuc lin lc. Eve mun ti thit li nhng thng tin bo mt m Alice v Bob chia s cho nhau. Eve s phi i mt vi mt nhim v thc s kh khn. Di y l cc biu gip xc nh ai bit c gi tr no. (Eve l mt k nghe trm.)

Ta thy Eve ri vo tnh th tin thoi lng nam. C y bit c gi tr ca bA, bB v vy c y bit c , . C y cng bit nhng gi tr ca g v p, nhng li khng bit c cc gi tr ca aA, aB v KA,B y chnh l bi ton Diffie - Hellman m khi bit bA, bB tm KA,B, bi ton ny tng ng vi bi ton ph m ElGammal. By gi ta i chng minh iu ny. - Php mt m ElGammal vi kho K = (p, g, a, ), trong = ga mod p cho t t mt bn r x v mt s ngu nhin k Zp-1 lp c mt m eK(x, k) = (y1, y2) vi y1 = gk mod p, y2 = xk mod p. V php gii m c cho bi y1 = gk mod p. Gi s ta c thut ton A gii bi ton Diffie-Hellman. Ta s dng A ph m ElGammal nh sau: Cho mt m (y1, y2). Trc tin, dng A cho y1 = gk mod p v = ga mod p ta c A(y1,B) = gka = k mod p. Sau , ta thu c bn r x t k v y2 nh sau: x = y2(k)-1 mod p.

Ngc li, gi s c mt thut ton khc l B dng ph m EllGamml , tc l .p dng B cho = bA, y1 = bB, y2=1, ta c mod p tc gii c bi ton Diffie Hellman.Trn thc t cc gi tr ca p, aA, aB l rt ln. Nu p l s nguyn t c t nht 300 ch s, aA v aB c t nht 100 ch s th thm ch ngay c thut ton tt nht c bit n hin nay cng khng th gii uc nu ch bit g, p, bA, bB k c khi s dng tt c kh nng tnh ton ca nhn loi. Bi ton ny cn c bit n vi tn gi bi ton logarit ri rc. Bi ton logarit ri rc vn cn ang gy rt nhiu tranh ci v cha c thut gii c th no.4.2.3.2. Giao thc l khng an ton i vi vic tn cng ch ng. Giao thc l khng an ton i vi vic tn cng ch ng bng cch nh tro gia ng. Ngha l mt ngi th ba Eve c th nh tro cc thng tin trao i gia Alice v Bob.

Chng hn, Eve thay m Alice nh gi cho Bob bi v thay m Bob nh gi cho Alice bi . Nh vy, sau khi thc hin giao thc trao i kho, Alice lp mt kho chung vi Eve m vn tng l vi Bob; ng thi Bob cng lp mt kho chung vi Eve m vn tng l vi Alice. Eve c th gii m mi thng bo m Alice tng nhm l mnh gi n Bob cng nh mi thng bo m Bob tng nhm l mnh gi n Alice. Mt cch khc phc kiu tn cng ny l lm sao Alice v Bob c kim th xc nhn tnh ng n ca cc kho cng khai bA v bB. Ngi ta a vo giao thc trao i kho Diffie-Hellman thm vai tr iu phi ca mt TA c mt h phn phi kho Diffie-Hellman nh mt cch khc phc nhc im ny. Trong h phn phi kho Diffie-Hellman, s can thip ca TA l rt yu, thc ra TA ch lm mi vic l cp chng ch xc nhn kho cng khai cho tng ngi dng ch khng i hi bit thm bt c mt b mt no ca ngi dng. Tuy nhin, nu cha tho mn vi vai tr hn ch ca TA th c th cho TA mt vai tr xc nhn yu hn, khng lin quan g n kho, chng hn nh xc nhn thut ton kim th ch k ca ngi dng, cn bn thn cc thng tin v kho (c b mt ln cng khai) th do cc ngi dng trao i trc tip vi nhau.

TI LIU THAM KHOTi liu ting Vit[1]. Bi ging An ninh mng vin thng. TS. Nguyn Phm Anh Dng Hc vin cng ngh BCVT.[2]. C s l thuyt mt m. PGS. TS. Nguyn Bnh, TS. Trn nh S. Hc vin k thut mt m. 2006[3]. Thut ton m ha v ng dng. TS. Dng Anh c, ThS. Trn Minh Trit. i hc Khoa hc t nhin i hc Quc gia TP. HCM. 2005[4]. Bi ging An ninh mng (Network security) . Hc vin k thut mt m. Phan nh Diu, Gio trnh l thuyt mt m v an ton thng tin, Nh xut bn i hc Quc gia H Ni, 1999. Ti liu Ting Anh[5]. RSA Cryptography Standard, October 27, 2012.a ch trn mng INTERNEThttp://aita.gov.vnhttp://tiasang.com.vn/http://antoanthongtin.vn/http://www.pcworld.com.vn/http://123doc.vn/http://www.wattpad.com/

12