AN TON V BO

MT THNG TIN

GVTH: ThS. Lu Quang Phng

Ni dung
Chng 1: Tng quan v an ton v bo mt thng tin.
Chng 2: Cc phng php m ha c in
Chng 3: Chun m d liu DES
Chng 4: Mt m cng khai
Chng 5: Cc s ch k s
Chng 6: Hm bm
Chng 1: Tng quan v an
ton v bo mt thng tin.
1. Ti sao phi bo v thng tin

Thng tin l mt b phn quan trng v l ti sn thuc

quyn s hu ca cc t chc

S thit hi v lm dng thng tin khng ch nh hng

n ngi s dng hoc cc ng dng m n cn gy ra
cc hu qu tai hi cho ton b t chc

Thm vo s ra i ca Internet gip cho vic truy

cp thng tin ngy cng tr nn d dng hn
2. Khi ni m h thng v ti sn
cua h thng
Khi nim h thng :H thng l mt tp hp cc my tinh bao gm
cc thnh phn, phn cng, phn mm v d liu lm vic c tich
luy qua thi gian.
Ti sn cua h thng bao gm:
Phn cng

Phn mm

D liu

Cc truyn thng gia cc my tinh ca h thng

Mi trng lm vic

Con ngi
 3. Cc mi e do i vi m t h
thng v cc bi n php ngn ch n

C 3 hinh thc chu yu e doa i vi h thng:

Ph hoi: ke th ph hng thit bi phn cng hoc phn mm

hot ng trn h thng.

Sa i: Ti sn ca h thng bi sa i tri phep. iu ny
thng lm cho h thng khng lm ng chc nng ca n.
Chng hn nh thay i mt khu, quyn ngi dng trong h
thng lm h khng th truy cp vo h thng lm vic.
Can thip: Ti sn bi truy cp bi nhng ngi khng c thm

quyn. Cc truyn thng thc hin trn h thng bi ngn chn,

sa i.
 3. Cc mi e do i vi m t h
thng v cc bi n php ngn ch n
Cc e doa i vi mt h thng thng tin c th n t ba
loi i tng nh sau:
Cc i tng t ngay bn trong h thng (insider), y l
nhng ngi c quyn truy cp hp php i vi h thng.
Nhng i tng bn ngoi h thng (hacker, cracker), thng
cc i tng ny tn cng qua nhng ng kt ni vi h
thng nh Internet chng hn.
Cc phn mm (chng hn nh spyware, adware ) chy trn
h thng.
 3. Cc mi e do i vi m t h
thng v cc bi n php ngn ch n
Nguy c
Kim sot truy
Lp ng dng nhp
Ph hy
Chng thc
Lp ng dng

Lp dch v Chng chi b Sa i

Bo mt s liu
Ct b
Lp h tng An ton lung tin
Bc, tit l
Nguyn vn s liu
Mc ngi s dng
Kh dng Gin on

Mc kim sot
Ring t
Tn cng
Mc qun l
3. Cc mi e do i vi m t h
thng v cc bi n php ngn
ch n

Cc bin php ngn chn:
iu khin thng qua phn mm: da vo cc c ch an ton
bo mt ca h thng nn (h iu hnh), cc thut ton mt
m hc
iu khin thng qua phn cng: cc c ch bo mt, cc
thut ton mt m hc c cng ha s dng
iu khin thng qua cc chinh sch cua t chc: ban hnh
cc qui inh ca t chc nhm m bo tinh an ton bo mt
ca h thng.
4. Mc tiu chung cua an ton bo
m t thng tin
Ba mc tiu chinh ca an ton bo mt thng tin:

T
nh
t
m

to
b

nv
nh

Bo mt

n
T

thng tin

Tnh sn sng
4. Mc tiu chung cua an ton bo
m t thng tin
Tinh bi mt (Confidentiality): - m bo rng thng tin khng bi
truy cp bt hp php
Thut ng privacy thng c s dng khi d liu c bo
v c lin quan ti cc thng tin mang tinh c nhn.
Tinh ton vn (Integrity): - m bo rng thng tin khng bi sa
i bt hp php.
Tinh sn dng (availability): - Ti sn lun sn sng c s
dng bi nhng ngi c thm quyn.
4. Mc tiu chung cua an ton bo
m t thng tin

Thm vo s chnh xc ca thng tin cn c nh gi bi:

Tinh xc thc (Authentication): - m bo rng d liu nhn

c chc chn l d liu gc ban u
Tinh khng th chi b (Non-repudation): - m bo rng
ngi gi hay ngi nhn d liu khng th chi b trch
nhim sau khi gi v nhn thng tin.
 5. Cc chin lc an ton h
thng
Gii hn quyn hn ti thiu (Last Privilege):theo nguyn tc ny bt
k mt i tng no cng ch c nhng quyn hn nht inh i vi
ti nguyn mng.
Bo v theo chiu su (Defence In Depth):Khng nn da vo mt
ch an ton no d cho chng rt mnh, m nn to nhiu c ch
an ton tng h ln nhau.
Nt tht (Choke Point): To ra mt ca khu hp, v ch cho phep
thng tin i vo h thng ca mnh bng con ng duy nht chinh l
ca khu ny.
 5. Cc chin lc an ton h
thng
im ni yu nht (Weakest Link):Chin lc ny da trn nguyn
tc: Mt dy xich ch chc ti mt duy nht, mt bc tng ch cng
ti im yu nht.
Tinh ton cc: Cc h thng an ton i hi phi c tinh ton cc ca
cc h thng cc b.
Tinh a dng bo v: Cn phi s dng nhiu bin php bo v khc
nhau cho h thng khc nhau, nu khng c ke tn cng vo c
mt h thng th chng cng d dng tn cng vo cc h thng khc.
 6. Cc mc bo v trn mng

Quyn truy nhp: L lp bo v trong cng nhm kim sot cc ti

nguyn ca mng v quyn hn trn ti nguyn .
ng k tn /mt khu: Thc ra y cng l kim sot quyn truy
nhp, nhng khng phi truy nhp mc thng tin m mc h
thng.
M ho d liu: D liu bi bin i t dng nhn thc c sang
dng khng nhn thc c theo mt thut ton no v s c
bin i ngc li trm nhn (gii m).
Bo v vt l: Ngn cn cc truy nhp vt l vo h thng.
 6. Cc mc bo v trn mng

Tng la: Ngn chn thm nhp tri php v loc b cc gi tin khng
mun gi hoc nhn vi cc l do no bo v mt my tinh hoc c mng
ni b (intranet).
 6. Cc mc bo v trn mng

Qun tr mng: Cng tc qun tri mng my tinh phi c thc hin
mt cch khoa hc m bo cc yu cu sau :
Ton b h thng hot ng bnh thng trong gi lm vic.
C h thng d phng khi c s c v phn cng hoc phn
mm xy ra.
Backup d liu quan trng theo inh k.
Bo dng mng theo inh k.
Bo mt d liu, phn quyn truy cp, t chc nhm lm vic
trn mng.
7. Cc phng php bo mt

Cc phng php quan trong

Vit mt m: m bo tinh bi mt ca thng tin truyn thng

Xc thc quyn: c s dng xc minh, nhn dng quyn hn

ca cc thnh vin tham gia.
8. An ton thng tin bng mt m

Mt m l mt ngnh khoa hc chuyn nghin cu cc phng

php truyn tin bi mt. Mt m bao gm : Lp m v ph m.

Lp m bao gm hai qu trinh: m ha v gii m.Cc sn

phm ca linh vc ny l cc h m mt , cc hm bm, cc h
ch k in t, cc c ch phn phi, qun l kha v cc giao
thc mt m.

Ph m: Nghin cu cc phng php ph m hoc to m gi.

Sn phm ca linh vc ny l cc phng php ph m , cc
phng php gi mo ch k, cc phng php tn cng cc
hm bm v cc giao thc mt m
8. An ton thng tin bng mt m

Cch hiu truyn thng: gi b mt ni dung trao i

GI v NHN trao i vi nhau trong khi TRUNG
GIAN tm cch nghe ln

GI NHN

TRUNG GIAN
8. An ton thng tin bng mt m
Mt trong nhng ngh thut bo v thng tin l bin i n thnh
mt inh dng mi kh c.

Vit mt m c lin quan n vic m ho cc thng bo trc khi gi

chng i v tin hnh gii m chng lc nhn c
8. An ton thng tin bng mt m
C 2 phng thc m ho c bn: thay th v hon v:

Phng thc m ho thay th: l phng thc m ho m tng

k t gc hay mt nhm k t gc ca bn r c thay th bi cc
t, cc k hiu khc hay kt hp vi nhau cho ph hp vi mt
phng thc nht inh v kho.

Phng thc m ho hon v: l phng thc m ho m cc t

m ca bn r c sp xp li theo mt phng thc nht inh.
 9. H mt m

Vai tr cua h mt m:
H mt m phi che du c ni dung ca vn bn r

(PlainText).
To cc yu t xc thc thng tin, m bo thng tin lu hnh

trong h thng n ngi nhn hp php l xc thc

(Authenticity).
T chc cc s ch k in t, m bo khng c hin tng

gi mo, mo danh gi thng tin trn mng.

 9. H mt m

Khi nim c bn
Bn r X c gi l l bn tin gc. Bn r c th c chia nh
c kich thc ph hp.
Bn m Y l bn tin gc c m ho. y ta thng xet
phng php m ha m khng lm thay i kich thc ca bn
r, tc l chng c cng di.
M l thut ton E chuyn bn r thnh bn m. Thng thng
chng ta cn thut ton m ha mnh, cho d ke th bit c
thut ton, nhng khng bit thng tin v kha cng khng tm
c bn r.
 9. H mt m

Khi nim c bn
Kho K l thng tin tham s dng m ho, ch c ngi gi
v ngui nhn bit. Kha l c lp vi bn r v c di ph
hp vi yu cu bo mt.
M ho l qu trnh chuyn bn r thnh bn m, thng thng
bao gm vic p dng thut ton m ha v mt s qu trnh x
l thng tin km theo.
Gii m chuyn bn m thnh bn r, y l qu trnh ngc li
ca m ha.
 9. H mt m
Cc thnh phn cua mt h mt m :

Mt h m mt l b 5 (P, C, K, E, D) tho mn cc iu kin sau:

- P l khng gian bn r: l tp hu hn cc bn r c th c.
- C l khng gian bn m: l tp hu hn cc bn m c th c.
- K l kkhng gian kho: l tp hu hn cc kho c th c.
i vi mi k K c mt quy tc m eK: P C v mt quy tc
gii m tng ng dK D.
Vi mi eK: P C v dK: C P l nhng hm m
dK (eK(x))=x vi mi bn r x P.

Hm gii m dk chinh l nh x ngc ca hm m ha ek

 9. H mt m

Bn m
Bn r M ho Gii m Bn r

Kho

Qu trnh m ha v gii m thng tin

 10. Phn loi h mt m

H mt i xng (hay cn gi l mt m kha bi mt): l nhng h

mt dng chung mt kho c trong qu trnh m ho d liu v gii m
d liu. Do kho phi c gi bi mt tuyt i. Mt s thut ton
ni ting trong m ho i xng l: DES, Triple DES(3DES), RC4,
AES

H mt m bt i xng (hay cn gi l mt m kha cng khai): Cc

h mt ny dng mt kho m ho sau dng mt kho khc
gii m, nghia l kho m ho v gii m l khc nhau. Cc kho
ny to nn tng cp chuyn i ngc nhau v khng c kho no
c th suy c t kho kia. Kho dng m ho c th cng khai
nhng kho dng gii m phi gi bi mt. Do trong thut ton
ny c 2 loi kho: Kho m ho c gi l kha cng khai-Public
Key, kho gii m c gi l kha bi mt - Private Key. Mt s
thut ton m ho cng khai ni ting: Diffle-Hellman, RSA,
 10. Cc phng php m ho

C ba phng php chinh cho vic m ho v gii m

S dng kho i xng

S dng kho bt i xng

S dng hm bm mt chiu
 10.1 M ho i xng

input : vn bn thun tu Vn bn mt m output : vn bn thun tu

An intro to AxCvGsmWe#4^, An intro to
PKI and few sdgfMwir3:dkJeTs PKI and few
deploy hints Y8R\s@!q3% deploy hints

DE DE
S S
M ho Gii m

Hai kho ging

nhau
 10.1 M ho i xng
Cc kho ging nhau c s dng cho vic m ho v gii m
Thut ton m ho s dng kho i xng thng c bit n l
DES (Data Encryption Standard)
Cc thut ton m ho i xng khc c bit n nh:
-Triple DES, DESX, GDES, RDES - 168 bit key
-RC2, RC4, RC5 - variable length up to 2048 bits
-IDEA - basis of PGP - 128 bit key
 10.2 M ho bt i xng
input : vn bn thun tu Vn bn mt m output : vn bn thun tu
An intro to Py75c%bn&*)9| An intro to
PKI and few fDe^bDzjF@g5= PKI and few
deploy hints &nmdFgegMs deploy hints

RSA RSA

M ho Gii m

Hai kho khc nhau

 10.2 M ho bt i xng
Cc kho dng cho m ho v gii m khc nhau nhng cng
mt mu v l cp i duy nht(kho private/public)

Kho private ch c bit n bi ngi gi

Kho public c bit n bi nhiu ngi hn n c s

dng bi nhng nhm ngi ng tin cy c xc thc

Thut ton m ho s dng kho bt i xng thng c bit

n l RSA (Rivest,Shamir and Adleman 1978)
 10.3 Hm bm

Mt hm bm H nhn c mt thng bo m vi mt di bt k
t u vo v a ra mt xu bit h c di c inh u ra h =
H(m).
Hm bm l mt hm mt chiu, iu c nghia l ta khng th
tinh ton c u vo m nu bit u ra h.
Thut ton s dng hm bm thng c bit n l MD5
 10.4 To ra ch k s
Thng bo hoc File Thng bo sau khi lut ho Ch k s
This is the (Typically 128 bits)
document
created by
Gianni Py75c%bn 3kJfgf*$&
RSA
SHA, MD5

Pht sinh M ho
hm bm bt i xng

priv
Signatory's
private key
Signed
Document
 11. Xc thc quyn

Xc minh quyn hn ca cc thnh vin tham gia truyn thng

Phng php ph bin:

S dng Password : xc thc ngi s dng

 11. Xc thc quyn

S dng Kerberos: phng thc m ho v xc thc trong AD ca cng

ngh Window
S dng Secure Remote Password (SRP): l mt giao thc xc thc
i vi cc truy cp t xa
S dng Hardware Token
S dng SSL/TLS Certificate Based Client Authentication: s dng
SSL/TLS m ho, xc thc trong VPN, Web
S dng X.509 Public Key
S dng PGP Public Key
S dng SPKI Public Key
S dng XKMS Public Key.
S dng XML Digital Signature
 12.Tiu chun nh gi h mt
m
an ton: Mt h mt c a vo s dng iu u tin phi
c an ton cao.
Chng phi c phng php bo v m ch da trn s bi mt
ca cc kho, cn thut ton th cng khai. Ti mt thi im,
an ton ca mt thut ton ph thuc:
Nu chi phi hay phi tn cn thit ph v mt thut ton ln
hn gi tri ca thng tin m ha thut ton th thut ton
tm thi c coi l an ton.
Nu thi gian cn thit dng ph v mt thut ton l qu
lu th thut ton tm thi c coi l an ton.
Nu lng d liu cn thit ph v mt thut ton qu ln
so vi lng d liu c m ho th thut ton tm
thi c coi l an ton
Bn m C khng c c cc c im gy ch , nghi ng.
 12.Tiu chun nh gi h mt
m
Tc m v gii m: Khi nh gi h mt m chng ta phi
ch n tc m v gii m. H mt tt th thi gian m v
gii m nhanh.
Phn phi kha: Mt h mt m ph thuc vo kha, kha ny
c truyn cng khai hay truyn kha bi mt. Phn phi kha
bi mt th chi phi s cao hn so vi cc h mt c kha cng
khai. V vy y cng l mt tiu chi khi la chn h mt m.
13. M hinh truyn tin c bn cua
m t m hoc v lu t Kirchoff
13. M hinh truyn tin c bn cua
m t m hoc v lu t Kirchoff
Theo lut Kirchoff (1835 - 1903) (mt nguyn tc c bn trong
m ho) th: ton b c ch ma/gii ma tr kho l khng bi mt
i vi k ch.
Y nghia cua lut Kirchoff: s an ton ca cc h m mt khng
phi da vo s phc tp ca thut ton m ha s dng.
 14. Cc loi tn cng

Cc kiu tn cng khc nhau

E bit c Y (ciphertext only attack).

Eavesdropper: ke nghe trm (Eve)

E bit mt s cp plaintext-ciphertext X-Y (known plaintext

attack).
E bit c cryptogram cho mt s tin X do bn thn son ra

(chosen plaintext attack).

15. Mt s ng dng cua m ha
trong security
Mt s ng dng ca m ho trong i sng hng ngy ni chung v
trong linh vc bo mt ni ring. l:
Securing Email

Authentication System

Secure E-commerce

Virtual Private Network

Wireless Encryption
Chng 2: Cc phng
php m ha c in
 1. Modulo s hoc

- Ta c a b(mod n) nu a = kn + btrong k l mt s nguyn.

- Nu a v b dng v a nh hn n, chng ta c th gi a l phn
d ca b khi chia cho n.
- Ngi ta cn gi b l thng d ca a theo modulo n, v a l ng
d ca b theo modulo n
 1. Modulo s hoc

Vi d:
Ta c: 42=4.9+6 vy 42 6 (mod 9)
Ta c cu hi; -42 ? (mod9), ta thy -42= -4.9-6
-42 -6 (mod 9) nhng -6 -6+9 3 (mod 9)
Vy nn -42 3 (mod 9)
 1. Modulo s hoc
- Modulo s hc cng ging nh s hc bnh thng, bao gm
cc phep giao hon, kt hp v phn phi. Mt khc gim mi gi
tri trung gian trong sut qu trnh tinh ton.
(a+b) mod n = ((a mod n) + (b mod n)) mod n
(a- b) mod n = ((a mod n) - (b mod n)) mod n
(ab) mod n = ((a mod n) (b mod n)) mod n
(a (b + c)) mod n = (((a b) mod n) + ((a c) mod n)) mod n
- Cc phep tinh trong cc h m mt hu ht u thc hin i
vi mt modulo N no .
 2. Vnh ZN

- Tp cc s nguyn ZN = {0, 1, , N-1} trong N l mt s t nhin

dng vi hai phep ton cng (+) v nhn (.) c inh nghia nh sau

- Theo tinh cht ca modulo s hc chng ta d dng nh n thy ZN l

mt vnh giao hon v kt hp. Hu ht cc tinh ton trong cc h m
mt u c thc hin trn mt vnh ZN no .
 2. Vnh ZN

- Trn vnh ZN
s 0 l phn t trung ha v
s 1 c gi l phn t n vi v
- Vi d N=9
3. Phn t nghch o trn vnh
ZN
- Trn mt vnh s nguyn ZN ngi ta a ra khi nim v s
nghich o ca mt s nh sau:
(GCD-Greatest Common Divisor) c s chung ln nht
 4. Cc h mt m c in H
m dch vng ( shift cipher)
Shift Cipher:
Mt trong nhng phng php lu i nht c s dng
m ha
Thng ip c m ha bng cch dich chuyn xoay vng
tng k t i k vi tri trong bng ch ci
Trng hp vi k=3 gi l phng php ma ha Caesar.
 4. Cc h mt m c in H
m dch vng ( shift cipher)

Phng php n gin,

Thao tc x l m ha v gii m c thc hin nhanh chng
Khng gian kha K = {0, 1, 2, , n-1} = Zn
D bi ph v bng cch th mi kh nng kha k
 4. Cc h mt m c in H
m dch vng ( shift cipher)
Vi d:
M ha mt thng ip c biu din bng cc ch ci t
A n Z (26 ch ci), ta s dng Z26.
Thng ip c m ha s khng an ton v c th d
dng bi gii m bng cch th ln lt 26 gi tri kha k.
Tinh trung bnh, thng ip c m ha c th bi gii
m sau khong 26/2 = 13 ln th kha
 4. Cc h mt m c in H
m dch vng ( shift cipher)

Ta c s m nh sau:
Gi s P = C = K = Z26 vi 0 k 25
Ma ha: ek(x) = x +k mod 26
Gii m: dk(x) = y -k mod 26
(x,y Z26)
 4. Cc h mt m c in H
m dch vng ( shift cipher)
Vi d K=17. Cho bn m
X = x1; x2; : : : ; x6 = A T T A C K .
X = x1; x2; : : : ; x6 = 0; 19; 19; 0; 2; 10.
M ha
y1 = x1 + k mod 26 = 0 + 17 mod 26 = 17 = R.
y2 = y3 = 19 + 17 mod 26 = 10 = K.
y4 = 17 = R.
y5 = 2 + 17 mod 26 = 19 = T.
y6 = 10 + 17 mod 26 = 1 = B.
Gii m
Y = y1; y2; : : : ; y6 = R K K R T B .
5. Cc h mt m c in- H m ha
thay th(Substitution Cipher)

Substitution Cipher:
Phng php m ha ni ting

c s dng ph bin hng trm nm nay

Thc hin vic m ha thng ip bng cch hon vi cc phn t

trong bng ch ci hay tng qut hn l hon vi cc phn t
trong tp ngun P
5. Cc h mt m c in- H m ha
thay th(Substitution Cipher)
5. Cc h mt m c in- H m
ha thay th(Substitution Cipher)

n gin, thao tc m ha v gii m c thc hin nhanh

chng
Khng gian kha K gm n! phn t
Khc phc hn ch ca phng php Shift Cipher: vic tn cng
bng cch vet cn cc gi tri kha kK l khng kh thi

Tht s an ton???
5. Cc h mt m c in- H m ha
thay th(Substitution Cipher)

AO
AO VCO
VCO JO
JO IBU
IBU RIBU
RIBU

AO
AO VCO
VCO JO
JO IBU
IBU RIBU
RIBU
Tn cng
da trn tn
s xut hin
cua k t
?A
?A H?A
H?A ?A
?A ?NG
?NG ??NG
??NG
trong ngn
ng

MA
MA HOA
HOA VA
VA UNG
UNG DUNG
DUNG
5. Cc h mt m c in- H m ha
thay th(Substitution Cipher)

LL FDPH
FDPH LL VDZ
VDZ LL FRQTXHUHG
FRQTXHUHG

LL FDPH
FDPH LL VDZ
VDZ LL FRQTXHUHG
FRQTXHUHG

ii ?a?e
?a?e ii ?a?
?a? ii ?????e?e?
?????e?e?

ii came
came ii saw
saw ii conquered
conquered
5. Cc h mt m c in- H m ha
thay th(Substitution Cipher)

Chn mt hon vi p: Z26 Z26 lm kho.

VD:
M ho
ep(a)=X

Gii m
dp(A)=d

nguyenthanhnhut SOUDHSMGXSGSGUM
 an ton cua m thay th

Mt kho l mt hon vi ca 26 ch ci.

C 26! ( 4.1026) hon vi (kho)
Ph m:
Khng th duyt tng kho mt.

Cch khc?
5. Cc h mt m c in- H m
ha thay th(Substitution Cipher)

Phn tich tn s
K t: E > T > R > N > I > O > A > S
Nhm 2 k t (digraph): TH > HE > IN > ER > RE > ON >
AN > EN
Nhm 3 k t (Trigraph): THE > AND > TIO > ATI > FOR >
THA > TER > RES
6. Cc h mt m c in - H
m Affine

Substitution
Cipher

Shift Affine
Cipher Cipher
6. Cc h mt m c in - H
m Affine

gii m chinh xc thng tin ???

ek phi l song nh
y Z n , ! x Z n , ax b y mod n

a v n nguyn t cng nhau: gcd(a,n)=1

6. Cc h mt m c in - H m
Affine
Vi d: Gi s P = C = Z26.

a v 26 nguyn t cng nhau: gcd(a,n)=1

6. Cc h mt m c in - H m
Affine
M tuyn tinh l mt m thay th c dng
e(x) = ax + b (mod 26), trong a, b Z26.
Trng hp a = 1 l ma dch chuyn.
Gii m: Tm x?
y = ax + b (mod 26)
ax = y b (mod 26)
x = a-1(y b) (mod 26).
Vn : Tinh a-1.
c a-1, i hi (a,26)=1.
Tinh a-1: Thut ton Euclide m rng.
VD: bi tp

a = 5, b = 3: y = 5x + 3 (mod 26).
M ho: NGUYENTHANHNHUT ?
6. Cc h mt m c in - H m
Affine

Vi d
Kha
Plain(a): abcdefghijklmnopqrstuvwxyz
Cipher(b): DKVQFIBJWPESCXHTMYAUOLRGZN
M ha:
Plaintext: ifwewishtoreplaceletters

Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
6. Cc h mt m c in - H m
Affine

n kh nng chn gi tri b

(n) kh nng chn gi tri a
n (n) kh nng chn la kha k = (a, b)
7. Thut ton Euclide m rng
7. Thut ton Euclide m rng
Xy dng dy s:

Nhn xet:
8. Phng php Vigenere

Trong phng php m ha bng thay th: vi mt kha k c

chn, mi phn t x P c nh x vo duy nht mt phn t y
C.
Phng php Vigenere s dng kha c di m.
c t tn theo nh khoa hc Blaise de Vigenere (th k 16)
C th xem phng php m ha Vigenere bao gm m phep m
ha bng dich chuyn c p dng lun phin nhau theo chu k
Khng gian kha K ca phng php Vigenere c s phn t l
nm
Vi d: n=26, m=5 th khng gian kha ~1.1 x 107
8. Phng php Vigenere
8. Phng php Vigenere

Vi d: m = 6 v keyword l CIPHER
Suy ra, kha k = (2, 8, 15, 7, 4, 17)
Cho bn r: thiscryptosystemisnotsecure

Vy bn m l: vpxzgiaxivwoubttmjpwizitwzt
9. Phng php m ha Hill
Phng php Hill (1929)
Tc gi: Lester S. Hill
tng chinh:
S dng m t hp tuyn tinh ca m k t trong plaintext
to ra m k t trong ciphertext
Vi d:
9. Phng php m ha Hill
9. Phng php m ha Hill
9. Phng php m ha Hill
9. Phng php m ha Hill
9. Phng php m ha Hill
10. Cc h m dng

nh ngha
Mt ma dng l mt b (P,C,K,L,F,E,D) tho man dc cc iu
kin sau:
1. P l mt tp hu hn cc bn r c th.
2. C l tp hu hn cc bn ma c th.
3. K l tp hu hn cc kho c th ( khng gian kho)
4. L l tp hu hn cc b ch ca dng kho.
5. F = (f1 f2...) l b to dng kho. Vi i 1
fi : K P i -1 L
6. Vi mi z L c mt quy tc ma ez E v mt quy tc gii
ma tng ng dz D . ez : P C v dz : C P l cc
hm tho man dz(ez(x))= x vi mi bn r x P.
10. Cc h m dng

Cc m dng thng c m t trong cc b ch nhi phn tc l

P= C=L= Z2. Trong trng hp ny, cc phep ton m v gii m l
phep cng theo modulo 2.
10. Cc h m dng

Ch : Nu ta coi "0" biu thi gi tri "sai" v "1" biu thi gi tri "ng"
trong i s Boolean th phep cng theo moulo 2 s ng vi phep
hoc loi tr (XOR).
Bng chn l phep cng theo modul 2 ging nh bng chn l ca
phep ton XOR
10. Cc h m dng

Hm m ha v gii m c thc hin bi cng mt phep ton l

phep cng theo modulo 2(hay phep XOR)
V:

Trong vi zi=0 v zi=1 th

10. Cc h m dng

Vi d: m ha k t A bi Alice
K t A trong bng m ASCII c tng ng vi m
6510=10000012 c m ha bi h kha z1,,z7=0101101
Hm m ha:

Hm gii m:
11. M ha One-time Pad(OTP)

nh nghia 1 :Mt h mt c coi l an ton khng iu kin khi

n khng th b ph ngay c vi kh nng tinh ton khng hn ch.
OTP xut hin t u th k 20 v cn c tn gi khc l Vernam
Cipher, OTP c mnh danh l ci chen thnh ca ngnh m ha
d liu.
OTP l thut ton duy nht chng minh c v l thuyt l khng
th ph c ngay c vi ti nguyn v tn (tc l c th chng li
kiu tn cng brute-force).
c th t c mc bo mt ca OTP, tt c nhng iu
kin sau phi c tha mn:
di ca cha kha phi ng bng di vn bn cn m
ha.
Cha kha ch c dng mt ln.
Cha kha phi l mt s ngu nhin thc.
11. M ha One-time Pad(OTP)

nh nghia 2: Trong h m ha OTP ta c

|P|=|C|=|K| vi
11. M ha One-time Pad(OTP)

Mi nghe qua c v n gin nhng trong thc t nhng iu kin ny kh c

th tha mn c. Gi s Alice mun m ha ch 10MB d liu bng OTP,
c ta phi cn mt cha kha c di 10MB. to ra mt s ngu nhin
ln nh vy Alice cn mt b to s ngu nhin thc (TRNG - True Random
Number Generator). Cc thit b ny s dng ngun ngu nhin vt l nh s
phn r ht nhn hay bc x nn v tr. Hn na vic lu tr, chuyn giao v
bo v mt cha kha nh vy cng ht sc kh khn.

D dng hn, Alice cng c th dng mt b to s ngu nhin o (PRNG -

Pseudo Random Number Generator) nhng khi mc bo mt gim
xung gn bng zero hay cng lm ch tng ng vi mt thut ton dng
nh RC4 m thi.

Do c nhng kh khn nh vy nn vic s dng OTP trong thc t l khng

kh thi.
12. L thuyt thng tin

Ky thut ln xn v rm r (Confusion and Diffusion)

Theo Shannon, c hai ky thut c bn che du s d tha
thng tin trong thng bo gc, l: s ln xn v s rm r.
12. L thuyt thng tin

Ky thut ln xn (Confusion): che du mi quan h gia bn

r v gc. Ky thut ny lm tht bi cc c gng nghin cu bn
m tm kim thng tin d tha v thng k mu. Phng
php d nht thc hin iu ny l thng qua ky thut thay
th. Mt h m ho thay th n gin, chng hn h m dich
vng Caesar, da trn nn tng ca s thay th cc ch ci ca
bn r, nghia l ch ci ny c thay th bng ch ci khc
12. L thuyt thng tin

Ky thut rm r (Diffusion): lm mt i s d tha ca bn

r bng cch tng s ph bn m vo bn r (v kha). Cng
vic tm kim s d tha ca ngi thm m s rt mt thi
gian v phc tp. Cch n gin nht to ra s rm r l thng
qua vic i ch (hay cn gi l ky thut hon v).
Thng thng cc h m hin i thng kt hp c hai ky
thut thay th v hon vi to ra cc thut ton m ha c
an ton cao hn.
13. L thuyt phc tp

Ly thuyt thng tin a cho chung ta bit rng mt thut ton ma

ho c th b bi l. Cn ly thuyt phc tp cho bit kh nng
b thm ma ca m t h ma mt.
an ton tinh ton :
nh nghia:
Mt h mt c gi l an ton v mt tinh ton nu c mt
thut ton tt nht ph n th cn it nht N php ton, vi N l
mt s rt ln no .
2.2. an ton khng iu ki n
nh nghia 1:
Mt h mt c coi l an ton khng iu kin khi n khng th
b ph ngay c vi kh nng tinh ton khng hn ch.
Chng 3: Chun m d liu DES
(Data Encryption Standard)
1.Gii thiu chung v DES

- Ngy 13/5/1973 y ban quc gia v tiu chun ca My cng b

yu cu v h mt m p dng cho ton quc. iu ny t
nn mng cho chun m ha d liu, hay l DES.
- Lc u Des c cng ty IBM pht trin t h m Lucifer, cng
b vo nm 1975.
- Sau Des c xem nh l chun m ha d liu cho cc
ng dng.
2. c im cua thut ton DES
DES l thut ton m ha khi, di mi khi l 64 bit .
Kha dng trong DES c di ton b l 64 bit. Tuy nhin ch
c 56 bit thc s c s dng; 8 bit cn li ch dng cho vic
kim tra.
Des xut ra bn m 64 bit.
Thut ton thc hin 16 vng
M ho v gii m c s dng cng mt kho.
DES c thit k chy trn phn cng.
3. M t thut ton
3. M t thut ton
3. M t thut ton

Thut ton c thc hin trong 3 giai on:

1. Cho bn r x (64bit) c hon vi khi to IP (Initial
Permutation) to nn xu bit x0.
x0=IP(x)=L0R0

L0 l 32 bit u tin ca x0.

R0 l 32 bit cui ca x0.
3. M t thut ton

B chuyn v IP

Hon vi khi u nhm i ch khi d liu vo , thay i vi tri ca cc

bit trong khi d liu vo. Vi d, hon vi khi u chuyn bit 1 thnh bit
58, bit 2 thnh bit 50, bit 3 thnh bit 42,...
58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7
3. M t thut ton

2. T L0 v R0 s lp 16 vng, ti mi vng tinh:

Li=Ri-1
Ri=Li-1f(Ri-1,Ki) vi i= 1, 2,,16
vi:
l phep XOR ca hai xu bit:
0 0=0 , 1 1=0
1 0=1, 0 1=1
f l hm m ta s m t sau.
Ki l cc xu c di 48 bit c tinh nh l cc hm
ca kha K.
K1 n K16 lp nn mt lich kha.
 3. M t thut ton
Hon v IP-1
3. Ti vng th 16, R16 i ch 40 8 48 1 5 2 6 3
cho L16. Sau ghep 2 na 6 6 4 4 2
R16, L16 cho i qua hon vi 39 7 47 1 5 2 6 3
nghich o ca hon vi IP s 5 5 3 3 1
tinh c bn m. Bn m 38 6 46 1 5 2 6 3
cng c di 64 bit. 4 4 2 2 0
37 5 45 1 5 2 6 2
3 3 1 1 9
36 4 44 1 5 2 6 2
2 2 0 0 8
35 3 43 11 5 1 5 2
1 9 9 7
34 2 42 1 5 1 5 2
0 0 8 8 6
33 1 41 9 4 1 5 2
9 7 7 5
3. M t thut ton

Hm f
S tinh hm f(Ri-1,Ki)
Hm f

Hm f ly i s u l xu nhp Ri-1 (32 bit) i s th hai l Ki

(48 bit) v to ra xu xut c di 32 bit. Cc bc sau c
thc hin.

1. i s u Ri-1 s c m rng thnh xu c di 48 bit

tng ng vi hm m rng E c inh. E(Ri) bao gm 32 bit
t Ri, c hon vi theo mt cch thc xc inh, vi 16 bit
c to ra 2 ln.
Hm f

32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1

Hm m rng E
Hm f

2. Tinh E(Ri-1) Ki kt qu c mt khi c di 48 bit.

Khi ny s c chia lm 8 khi B=B 1B2B3B4B5B6B7B8. Mi
khi ny c di l 6 bit.

3. Bc k tip l cho cc khi Bi i qua hp S i s bin mt

khi c di 6 bit thnh mt khi Ci c di 4 bit.
S-box

Mi hp S-box l mt bng gm 4 hng v 16 ct c nh s t

0. Nh vy mi hp S c hng 0,1,2,3. Ct 0,1,2,,15. Mi phn t
ca hp l mt s 4 bit. Su bit vo hp S s xc inh s hng v
s ct tm kt qu ra.

Mi khi Bi c 6 bit ki hiu l b1, b2, b3, b4, b5 v b6. Bit b1 v b6

c kt hp thnh mt s 2 bit, nhn gi tri t 0 n 3, tng ng
vi mt hng trong bng S. Bn bit gia, t b2 ti b5, c kt
hp thnh mt s 4 bit, nhn gi tri t 0 n 15, tng ng vi mt
ct trong bng S.
S-box
S-box
S-box
S-box
S-box

Vi d: Ta c B1=011000 th b1b6=00 (xc inh r=0), b2b3b4b5=1100

(xc inh c=12), t ta tm c phn t vi tri (0,12) -->
S1(B1)=0101 (tng ng vi s 5). b2b3b4b5=1100
b1b6=00
14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0

15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

Hp S1
- Mi xu xut 4 bit ca cc hp S c a vo cc Cj tng
ng: Cj = Sj(Bj) (1<=j<=8).
Hm f
4. Xu bit C = C1C2C3C4C5C6C7C8 c di 32 bit c hon
vi tng ng vi hon vi c inh P. Kt qu c P(C)=
f(Ri,Ki). 16 7 20 21

29 12 28 17
1 15 23 26
5 18 31 10
Hon v P
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
 Kha K

- K l mt xu c di 64 bit trong 56 bit dng lm kha v

8 bit dng kim tra s bng nhau (pht hin li).
- Cc bit cc vi tri 8, 16,, 64 c xc inh, sao cho mi
byte cha s le cc s 1, v vy tng li c th c pht
hin trong mi 8 bit.
- Cc bit kim tra s bng nhau l c b qua khi tinh lich
kha.
S tinh kha K1, K2, , K16
 Kha K
Qu trinh to cc kha con (subkeys) t kha K c m
t nh sau:
Cho kha K 64 bit, loi b cc bit kim tra v hon vi cc bit
cn li ca K tng ng vi hon vi c inh PC-1. Ta vit
PC1(K) = C0D0, vi C0 bao gm 28 bit u tin ca PC-1(k) v
D0 l 28 bit cn li.
Kha K
Cc hon v c nh PC-1 v PC-2:
 Gii m

Vic gii m dng cng mt thut ton nh vic m ho.

gii m d liu c m ho, qu trnh ging nh m ho
c lp li nhng cc cha kho ph c dng theo th t
ngc li t K16 n K1, nghia l trong bc 2 ca qu trnh ma
ho d liu u vo trn Ri-1 s c XOR vi K17-i ch khng
phi vi Ki.
c im cua m DES

Tinh cht b cua m DES:

DES c tinh cht b:

trong :
l phn b ca A theo tng bit (1 thay bng
0 v ngc li).
EK l bn m ha ca E vi kha K. P v C l vn
bn r (trc khi m ha) v vn bn m (sau khi m
ha).
Do tinh b, ta c th gim phc tp ca tn cng
duyt ton b xung 2 ln (tng ng vi 1 bit) vi
iu kin l ta c th la chn bn r.
 c im cua m DES

Cc kha yu trong m Des:

Ngoi ra DES cn c 4 kha yu (weak keys). Khi s dng kha
yu th m ha (E) v gii m (D) s cho ra cng kt qu:
EK(EK(P)) = P or equivalently, EK = DK
Bn cnh , cn c 6 cp kha na yu (semi-weak keys). M
ha vi mt kha trong cp, K1, tng ng vi gii m vi kha
cn li, K2:
EK1(EK2(P))=P or equivalently EK1=DK2
Tuy nhin c th d dng trnh c nhng kha ny khi thc
hin thut ton, c th bng cch th hoc chn kha mt cch
ngu nhin. Khi kh nng chn phi kha yu l rt nh.
c im cua m DES

Triple DES:
Triple-DES chinh l DES vi hai cha kho 56 bit. Cho mt bn
tin cn m ho, cha kho u tin c dng m ho DES
bn tin .
Kt qu thu c li c cho qua qu trnh gii m DES
nhng vi cha kho l cha kho th hai.
Bn tin sau qua c bin i bng thut ton DES hai ln
nh vy li c m ho DES mt ln na vi cha kho u tin
ra c bn tin m ho cui cng.
Qu trnh m ho DES ba bc ny c gi l Triple-DES.
 Kim Tra

Mn: ATBMTT Lp: KHMT1K3 Thi gian: 120

Cho bn r mang ni dung: x=0123D56789ABCDE8.

Cho kho K=183457799B3CDFF2
Trong h c s 16, Thc hin m ha vn bn r trn theo
thut ton DES
Xin chn thnh cm n!