Book MaHoaVaUngDung Update2

8/8/2019 Book MaHoaVaUngDung Update2

1/289

1

Li gii thiu

Mt m(Cryptography) l ngnh khoa hc l ngnh nghin cu cc k thut ton hc

nhm cung cp cc dch v bo v thng tin [44]. y l ngnh khoa hc quan trng,

c nhiu ng dng trong i sng x hi.

Khoa hc mt m ra i t hng nghn nm. Tuy nhin, trong sut nhiu th k, cc

kt qu ca lnh vc ny hu nh khng c ng dng trong cc lnh vc dn sthng thng ca i sng x hi m ch yu c s dng trong lnh vc qun s,

chnh tr, ngoi giao... Ngy nay, cc ng dng m ha v bo mt thng tin ang c

s dng ngy cng ph bin trong cc lnh vc khc nhau trn th gii, t cc lnh vc

an ninh, qun s, quc phng, cho n cc lnh vc dn s nh thng mi in t,

ngn hng

Vi s pht trin ngy cng nhanh chng ca Internet v cc ng dng giao dch int trn mng, nhu cu bo v thng tin trong cc h thng v ng dng in t ngy

cng c quan tm v c ngha ht sc quan trng. Cc kt qu ca khoa hc mt

m ngy cng c trin khai trong nhiu lnh vc khc nhau ca i sng x hi,

trong phi kn rt nhiu nhng ng dng a dng trong lnh vc dn s, thng

mi...Cc ng dng m ha thng tin c nhn, trao i thng tin kinh doanh, thc hin

cc giao dch in t qua mng... trnn gn gi v quen thuc vi mi ngi.Cng vi s pht trin ca khoa hc my tnh v Internet, cc nghin cu v ng dng

ca mt m hc ngy cng trnn a dng hn, mra nhiu hng nghin cu chuyn

su vo tng lnh vc ng dng c th vi nhng c trng ring. ng dng ca khoa

hc mt m khng chn thun l m ha v gii m thng tin m cn bao gm nhiu

vn khc nhau cn c nghin cu v gii quyt, v d nh chng thc ngun gc


2/289

2

ni dung thng tin (k thut ch k in t), chng nhn tnh xc thc v ngi shu

m kha (chng nhn kha cng cng), cc quy trnh gip trao i thng tin v thc

hin giao dch in t an ton trn mng...

Cc ng dng ca mt m hc v khoa hc bo v thng tin rt a dng v phong ph;

ty vo tnh c th ca mi h thng bo v thng tin m ng dng s c cc tnh

nng vi c trng ring. Trong , chng ta c th k ra mt s tnh nng chnh ca

h thng bo v thng tin:

Tnh bo mt thng tin: h thng m bo thng tin c gi b mt. Thng

tin c th b pht hin, v d nh trong qu trnh truyn nhn, nhng ngi tncng khng th hiu c ni dung thng tin bnh cp ny.

Tnh ton vn thng tin: h thng bo m tnh ton vn thng tin trong lin

lc hoc gip pht hin rng thng tin b sa i.

Xc thc cc i tc trong lin lc v xc thc ni dung thng tin trong lin

lc.

Chng li s thoi thc trch nhim: h thng m bo mt i tc bt k

trong h thng khng th t chi trch nhim v hnh ng m mnh thc

hin

Nhng kt qu nghin cu v mt m cng c a vo trong cc h thng phc

tp hn, kt hp vi nhng k thut khc p ng yu cu a dng ca cc h thng

ng dng khc nhau trong thc t, v d nh h thng b phiu bu c qua mng, h

thng o to t xa, h thng qun l an ninh ca cc n v vi hng tip cn sinh

trc hc, h thng cung cp dch va phng tin trn mng vi yu cu cung cp

dch v v bo v bn quyn shu tr tui vi thng tin s...


3/289

3

Khi bin son tp sch ny, nhm tc gi chng ti mong mun gii thiu vi qu c

gi nhng kin thc tng quan v m ha v ng dng, ng thi trnh by v phn

tch mt s phng php m ha v quy trnh bo v thng tin an ton v hiu qu

trong thc t.

Bn cnh cc phng php m ha kinh in ni ting c s dng rng ri trong

nhiu thp nin qua nh DES, RSA, MD5, chng ti cng gii thiu vi bn c

cc phng php mi, c an ton cao nh chun m ha AES, phng php ECC,

chun hm bm mt m SHA224/256/384/512 Cc m hnh v quy trnh chng

nhn kha cng cng cng c trnh by trong tp sch ny.

Ni dung ca sch gm 10 chng. Sau phn gii thiu tng quan v mt m hc v

khi nim v h thng m ha chng 1, t chng 2 n chng 5, chng ta si

su vo tm hiu h thng m ha quy c, t cc khi nim cbn, cc phng php

n gin, n cc phng php mi nh Rijndael v cc thut ton ng c vin AES.

Ni dung ca chng 6 gii thiu h thng m ha kha cng cng v phng php

RSA. Chng 7 s trnh by v khi nim ch k in t cng vi mt s phng

php ph bin nh RSA, DSS, ElGamal. Cc kt qu nghin cu ng dng l thuyt

ng cong elliptic trn trng hu hn vo mt m hc c trnh by trong chng

8. Chng 9 gii thiu v cc hm bm mt m hin ang c s dng ph bin nh

MD5, SHS cng vi cc phng php mi c cng b trong thi gian gn y nh

SHA-256/384/512. Trong chng 10, chng ta s tm hiu v h thng chng nhn

kha cng cng, t cc m hnh n quy trnh trong thc t ca h thng chng nhn

kha cng cng, cng vi mt v d v vic kt hp h thng m ha quy c, h

thng m ha kha cng cng v chng nhn kha cng cng xy dng h thng

thin t an ton.


4/289

4

Vi b cc v ni dung nu trn, chng ti hi vng cc kin thc trnh by trong tp

sch ny s l ngun tham kho hu ch cho qu c gi quan tm n lnh vc m ha

v ng dng.

Mc d c gng hon thnh sch vi tt c s n lc nhng chc chn chng ti vn

cn nhng thiu st nht nh. Knh mong s cm thng v s gp ca qu c gi.

NHM TC GI: TS. Dng Anh c - ThS. Trn Minh Trit

cng vi sng gp ca cc sinh vin Khoa Cng ngh Thng tin, Trng i hcKhoa hc T nhin, i hc Quc gia thnh ph H Ch Minh.

Vn c Phng Hng Phan Th Minh c

Nguyn Minh Huy Lng VMinh

Nguyn Ngc Tng

Thnh ph H Ch Minh, thng 01 nm 2005


5/289

5

Mc lc

Chng 1 Tng quan 15

1.1 Mt m hc 151.2 H thng m ha (cryptosystem) 161.3 H thng m ha quy c (m ha i xng) 181.4 H thng m ha kha cng cng (m ha bt i xng) 191.5

Kt hp m ha quy c v m ha kha cng cng 19

Chng 2 Mt s phng php m ha quy c 20

2.1 H thng m ha quy c 202.2 Phng php m ha dch chuyn 212.3 Phng php m ha thay th 222.4 Phng php Affine 232.5 Phng php Vigenere 282.6 Phng php Hill 292.7 Phng php m ha hon v 302.8 Phng php m ha bng php nhn 31

2.8.1 Phng php m ha bng php nhn 312.8.2 X l s hc 32

2.9 Phng php DES (Data Encryption Standard) 332.9.1 Phng php DES 33

2.9.2 Nhn xt 362.10Phng php chun m ha nng cao AES 37

Chng 3 Phng php m ha Rijndael 39

3.1 Gii thiu 393.2 Tham s, k hiu, thut ng v hm 403.3 Mt s khi nim ton hc 42


6/289

6

3.3.1 Php cng 433.3.2 Php nhn 433.3.3 a thc vi h s trn GF(28) 46

3.4 Phng php Rijndael 493.4.1 Quy trnh m ha 503.4.2 Kin trc ca thut ton Rijndael 523.4.3 Php bin i SubBytes 533.4.4 Php bin i ShiftRows 553.4.5 Php bin i MixColumns 563.4.6 Thao tc AddRoundKey 58

3.5 Pht sinh kha ca mi chu k 593.5.1 Xy dng bng kha mrng 59

3.5.2 Xc nh kha ca chu k 613.6 Quy trnh gii m 62

3.6.1 Php bin i InvShiftRows 633.6.2 Php bin i InvSubBytes 643.6.3 Php bin i InvMixColumns 663.6.4 Quy trnh gii m tng ng 67

3.7 Cc vn ci t thut ton 693.7.1 Nhn xt 72

3.8 Kt qu th nghim 733.9 Kt lun 743.9.1 Kh nng an ton 743.9.2 nh gi 75

Chng 4 Phng php Rijndael m rng 77

4.1Nhu cu mrng phng php m ha Rijndael 774.2 Phin bn mrng 256/384/512-bit 78

4.2.1 Quy trnh m ha 794.2.2 Pht sinh kha ca mi chu k 864.2.3 Quy trnh gii m 884.2.4 Quy trnh gii m tng ng 93

4.3 Phin bn mrng 512/768/1024-bit 944.4 Phn tch mt m vi phn v phn tch mt m tuyn tnh 95

4.4.1 Phn tch mt m vi phn 954.4.2 Phn tch mt m tuyn tnh 96


7/289

7

4.4.3 Branch Number 984.4.4 S lan truyn mu 994.4.5 Trng s vt vi phn v vt tuyn tnh 107

4.5 Kho st tnh an ton i vi cc phng php tn cng khc 1084.5.1 Tnh i xng v cc kha yu ca DES 1084.5.2 Phng php tn cng Square 1094.5.3 Phng php ni suy 1094.5.4 Cc kha yu trong IDEA 1104.5.5 Phng php tn cng kha lin quan 110

4.6 Kt qu th nghim 1114.7 Kt lun 113

Chng 5 Cc thut ton ng c vin AES 1155.1 Phng php m ha MARS 115

5.1.1 Quy trnh m ha 1165.1.2 Sbox 1175.1.3 Khi to v phn b kha 1185.1.4 Quy trnh m ha 1235.1.5 Quy trnh gii m 135

5.2 Phng php m ha RC6 137

5.2.1 Khi to v phn b kha 1385.2.2 Quy trnh m ha 1395.2.3 Quy trnh gii m 143

5.3 Phng php m ha Serpent 1445.3.1 Thut ton SERPENT 1445.3.2 Khi to v phn b kha 1445.3.3 Sbox 1475.3.4 Quy trnh m ha 1485.3.5 Quy trnh gii m 153

5.4 Phng php m ha TwoFish 1545.4.1 Khi to v phn b kha 1545.4.2 Quy trnh m ha 1635.4.3 Quy trnh gii m 169

5.5 Kt lun 169


8/289

8

Chng 6 Mt s h thng m ha kha cng cng 172

6.1 H thng m ha kha cng cng 172

6.2 Phng php RSA 1746.2.1 Phng php RSA 1746.2.2 Mt s phng php tn cng gii thut RSA 1756.2.3 S che du thng tin trong h thng RSA 1826.2.4 Vn s nguyn t 1836.2.5 Thut ton Miller-Rabin 1846.2.6 X l s hc 186

6.3 M ha quy c v m ha kha cng cng 186

Chng 7 Ch k in t 191

7.1 Gii thiu 1917.2 Phng php ch k in t RSA 1927.3 Phng php ch k in t ElGamal 193

7.3.1 Bi ton logarit ri rc 1937.3.2 Phng php ElGamal 194

7.4 Phng php Digital Signature Standard 194

Chng 8 Phng php ECC 1978.1 L thuyt ng cong elliptic 197

8.1.1 Cng thc Weierstrasse v ng cong elliptic 1988.1.2 ng cong elliptic trn trng R2 1998.1.3 ng cong elliptic trn trng hu hn 2048.1.4 Bi ton logarit ri rc trn ng cong elliptic 2128.1.5 p dng l thuyt ng cong elliptic vo m ha 213

8.2 M ha d liu 213

8.2.1 Thao tc m ha 2148.2.2 Kt hp ECES vi thut ton Rijndael v cc thut ton mrng 2158.2.3 Thao tc gii m 215

8.3 Trao i kha theo phng php Diffie - Hellman s dng l thuyt ngcong elliptic (ECDH) 216

8.3.1 M hnh trao i kha Diffie-Hellman 2168.3.2 M hnh trao i kha Elliptic Curve Diffie - Hellman 217

8.4 Kt lun 218


9/289

9

Chng 9 Hm bm mt m 222

9.1 Gii thiu 2229.1.1 t vn 2229.1.2 Hm bm mt m 2239.1.3 Cu trc ca hm bm 2259.1.4 Tnh an ton ca hm bm i vi hin tng ng 2269.1.5 Tnh mt chiu 226

9.2 Hm bm MD5 2279.2.1 Gii thiu MD5 2279.2.2 Nhn xt 231

9.3 Phng php Secure Hash Standard (SHS) 232

9.3.1 Nhn xt 2359.4 H thng chun hm bm mt m SHA 2369.4.1 tng ca cc thut ton hm bm SHA 2369.4.2 Khung thut ton chung ca cc hm bm SHA 2379.4.3 Nhn xt 240

9.5 Kin trc hm bm Davies-Mayer v ng dng ca thut ton Rijndael v ccphin bn mrng vo hm bm 241

9.5.1 Kin trc hm bm Davies-Mayer 2419.5.2 Hm AES-Hash 2429.5.3 Hm bm Davies-Mayer v AES-Hash 244

9.6 Xy dng cc hm bm s dng cc thut ton mrng da trn thut tonRijndael 245

Chng 10 Chng nhn kha cng cng 246

10.1Gii thiu 24610.2Cc loi giy chng nhn kha cng cng 250

10.2.1 Chng nhn X.509 25010.2.2 Chng nhn cht lng 25210.2.3 Chng nhn PGP 25310.2.4 Chng nhn thuc tnh 253

10.3S chng nhn v kim tra ch k 25410.4Cc thnh phn ca mt csh tng kha cng cng 257

10.4.1 T chc chng nhn Certificate Authority (CA) 25710.4.2 T chc ng k chng nhn Registration Authority (RA) 258


10/289

10

10.4.3 Kho lu tr chng nhn Certificate Repository (CR) 25910.5Chu trnh qun l giy chng nhn 259

10.5.1 Khi to 259

10.5.2 Yu cu v giy chng nhn 25910.5.3 To li chng nhn 26210.5.4 Hy b chng nhn 26210.5.5 Lu tr v khi phc kha 264

10.6Cc m hnh CA 26410.6.1 M hnh t p trung 10.6.2 M hnh phn c p 10.6.3 M hnh Web of Trust 266

10.7ng dng H thng bo v thin t 26810.7.1 t vn 26810.7.2 Quy trnh m ha thin t 26910.7.3 Quy trnh gii m thin t 27010.7.4 Nhn xt nh gi 271

Ph lc A S-box ca thut ton MARS 272

Ph lc B Cc hon v s dng trong thut ton Serpent 275

Ph lc C S-box s dng trong thut ton Serpent 276

Ph lc D S-box ca thut ton Rijndael 277

Ph lc E Hng s v gi tr khi to ca SHA 279

E.1 Hng s s dng trong SHA 279E.1.1 Hng s ca SHA-1 279E.1.2 Hng s ca SHA-224 v SHA-256 279

E.1.3 Hng s ca SHA-384 v SHA-512 280E.2 Gi tr khi to trong SHA 281

Ti liu tham kho 284


11/289

11

Danh sch hnh

Hnh 2.1. M hnh h thng m ha quy c 21

Hnh 2.2. Biu din dy 64 bitx thnh 2 thnh phnL vR 34

Hnh 2.3. Quy trnh pht sinh dy i iL R t dy 1 1i iL R v kha iK 35

Hnh 3.1. Biu din dng ma trn ca trng thi (Nb = 6) v m kha (Nk= 4) 49

Hnh 3.2. Mt chu k m ha ca phng php Rijndael (viNb = 4) 52

Hnh 3.3. Thao tc SubBytes tc ng trn tng byte ca trng thi 54

Hnh 3.4. Thao tc ShiftRows tc ng trn tng dng ca trng thi 55

Hnh 3.5. Thao tc MixColumns tc ng ln mi ct ca trng thi 57

Hnh 3.6. Thao tc AddRoundKey tc ng ln mi ct ca trng thi 59

Hnh 3.7. Bng m kha mrng v cch xc nh m kha ca chu k (Nb = 6

vNk= 4) 61Hnh 3.8. Thao tc InvShiftRows tc ng ln tng dng ca trng thi hin

hnh 63

Hnh 4.1. Kin trc mt chu k bin i ca thut ton Rijndael m rng

256/384/512-bit viNb = 4 80

Hnh 4.2. Bng m kha m rng v cch xc nh m kha ca chu k (vi

Nb = 6 vNk= 4) 88Hnh 4.3. S lan truyn mu hot ng qua tng php bin i trong thut ton

mrng 256/384/512-bit ca phng php Rijndael viNb = 6 100

Hnh 4.4. S lan truyn mu hot ng (thut ton mrng 256/384/512-bit) 102

Hnh 4.5. Minh ha nh l 4.1 vi Q = 2 (thut ton mrng 256/384/512-bit) 103


12/289

12

Hnh 4.6. Minh ha nh l 4.2 vi ( ) 11 =aWc (th-ton mrng 256/384/512bit) 105

Hnh 4.7. Minh ha nh l 4.3 (thut ton mrng 256/384/512-bit) 107

Hnh 5.1. Quy trnh m ha MARS 116Hnh 5.2. Cu trc giai on Trn ti 125

Hnh 5.3. H thng Feistel loi 3 127

Hnh 5.4. HmE 128

Hnh 5.5. Cu trc giai on Trn li 130

Hnh 5.6. Cu trc m ha RC6 140

Hnh 5.7. Chu k th i ca quy trnh m ha RC6 141

Hnh 5.8. M hnh pht sinh kha 146

Hnh 5.9. Cu trc m ha 149

Hnh 5.10. Chu k thi (i = 0, , 30) ca quy trnh m ha Serpent 150

Hnh 5.11. Cu trc gii m 153

Hnh 5.12. Hm h 157Hnh 5.13. M hnh pht sinh cc Sbox ph thuc kha 159

Hnh 5.14. M hnh pht sinh subkeyKj 160

Hnh 5.15. Php hon v q 162

Hnh 5.16. Cu trc m ha 164

Hnh 5.17. HmF(kha 128 bit) 166

Hnh 5.18. So snh quy trnh m ha (a) v gii m (b) 169

Hnh 6.1. M hnh h thng m ha vi kha cng cng 174

Hnh 6.2. Quy trnh trao i kha b mt s dng kha cng cng 187

Hnh 6.3. th so snh chi ph cng ph kha b mt v kha cng cng 189

Hnh 8.1. Mt v d vng cong elliptic 199


13/289

13

Hnh 8.2. im v cc 200

Hnh 8.3. Php cng trn ng cong elliptic 201

Hnh 8.4. Php nhn i trn ng cong elliptic 203Hnh 8.5: So snh mc bo mt gia ECC vi RSA / DSA 220

Hnh 9.1. Khung thut ton chung cho cc hm bm SHA 238

Hnh 10.1. Vn ch shu kha cng cng 247

Hnh 10.2. Cc thnh phn ca mt chng nhn kha cng cng 248

Hnh 10.3. M hnh Certification Authority n gin 249

Hnh 10.4. Phin bn 3 ca chun chng nhn X.509 251

Hnh 10.5. Phin bn 2 ca cu trc chng nhn thuc tnh 254

Hnh 10.6. Qu trnh k chng nhn 255

Hnh 10.7. Qu trnh kim tra chng nhn 256

Hnh 10.8. M hnh PKI cbn 257

Hnh 10.9. Mu yu cu chng nhn theo chun PKCS#10 260Hnh 10.10. nh dng thng ip yu cu chng nhn theo RFC 2511 261

Hnh 10.11. Phin bn 2 ca nh dng danh sch chng nhn b hy 263

Hnh 10.12. M hnh CA t p trung

Hnh 10.13. M hnh CA phn c p

Hnh 10.14. M hnh Web of trust 267

Hnh 10.15. Quy trnh m ha thin t 269

Hnh 10.16. Quy trnh gii m thin t 270


14/289

14

Danh sch bng

Bng 3.1. Gi tr di s shift(r,Nb) 55

Bng 3.2. Tc x l ca phng php Rijndael 73

Bng 4.1. nh hng ca cc php bin i ln mu hot ng 101

Bng 4.2. Tc x l phin bn 256/384/512-bit trn my Pentium IV 2.4GHz 111

Bng 4.3. Tc x l phin bn 512/768/1024-bit trn my Pentium IV 2.4

GHz 112Bng 4.4. Bng so snh tc x l ca phin bn 256/384/512-bit 112

Bng 4.5. Bng so snh tc x l ca phin bn 512/768/1024-bit 112

Bng 6.1. So snh an ton gia kha b mt v kha cng cng 188

Bng 8.1. So snh s lng cc thao tc i vi cc php ton trn ng cong

elliptic trong h ta Affine v h ta chiu 211

Bng 8.2. So snh kch thc kha gia m ha quy c v m ha kha cng

cng vi cng mc bo mt 218

Bng 8.3. So snh kch thc kha RSA v ECC vi cng mc an ton 219

Bng 9.1. Chu k bin i trong MD5 230

Bng 9.2. Cc tnh cht ca cc thut ton bm an ton 241

Bng D.1. Bng thay th S-box cho gi tr {xy} dng thp lc phn. 277Bng D.2. Bng thay th nghch o cho gi tr {xy} dng thp lc phn. 278


15/289

Tng quan

15

Chng 1Tng quan

Ni dung ca chng 1 gii thiu tng quan cc khi nim cbn vmtm hc v h thng m ha, ng thi gii thiu slc vh thng m ha quy

c v h thng m ha kha cng cng.

1.1 Mt m hc

Mt m hc l ngnh khoa hc ng dng ton hc vo vic bin i thng tin

thnh mt dng khc vi mc ch che du ni dung, ngha thng tin cn m

ha. y l mt ngnh quan trng v c nhiu ng dng trong i sng x hi.

Ngy nay, cc ng dng m ha v bo mt thng tin ang c s dng ngy

cng ph bin hn trong cc lnh vc khc nhau trn th gii, t cc lnh vc an

ninh, qun s, quc phng, cho n cc lnh vc dn s nh thng mi int, ngn hng

Cng vi s pht trin ca khoa hc my tnh v Internet, cc nghin cu v ng

dng ca khoa hc mt m ngy cng trnn a dng hn, mra nhiu hng

nghin cu chuyn su vo tng lnh vc ng dng c th vi nhng c trng


16/289

Chng 1

16

ring. ng dng ca khoa hc mt m khng chn thun l m ha v gii m

thng tin m cn bao gm nhiu vn khc nhau cn c nghin cu v gii

quyt: chng thc ngun gc ni dung thng tin (k thut ch k in t), chng

nhn tnh xc thc v ngi shu m kha (chng nhn kha cng cng), cc

quy trnh gip trao i thng tin v thc hin giao dch in t an ton trn

mng... Nhng kt qu nghin cu v mt m cng c a vo trong cc h

thng phc tp hn, kt hp vi nhng k thut khc p ng yu cu a dng

ca cc h thng ng dng khc nhau trong thc t, v d nh h thng b phiu

bu c qua mng, h thng o to t xa, h thng qun l an ninh ca cc n v

vi hng tip cn sinh trc hc, h thng cung cp dch v multimedia trn

mng vi yu cu cung cp dch v v bo v bn quyn shu tr tui vi

thng tin s...

1.2 H thng m ha (cryptosystem)

nh ngha 1.1:H thng m ha (cryptosystem) l mt b nm (P, C, K, E, D)

tha mn cc iu kin sau:

1. Tp ngun P l tp hu hn tt c cc mu tin ngun cn m ha c thc

2. Tp ch C l tp hu hn tt c cc mu tin c thc sau khi m ha

3. Tp kha K l tp hu hn cc kha c thc sdng

4. E v D ln lt l tp lut m ha v gii m. Vi mi kha k K , tn ti

lut m ha ke E v lut gii m kd D tng ng. Lut m ha

:ke P C v lut gii m :ke C P l hai nh x tha mn

( ( )) ,k kd e x x x P =


17/289

Tng quan

17

Tnh cht 4 l tnh cht chnh v quan trng ca mt h thng m ha. Tnh cht

ny bo m mt mu tin x P c m ha bng lut m ha ke E c th

c gii m chnh xc bng lut kd D .

nh ngha 1.2: mZ c nh ngha l tp hp { }0,1,..., 1m , c trang b

php cng (k hiu +) v php nhn (k hiu l ). Php cng v php nhn

trong mZ c thc hin tng t nh trong Z , ngoi tr kt qu tnh theo

modulom.

V d: Gi s ta cn tnh gi tr 11 13 trong 16Z . Trong Z , ta c

kt qu ca php nhn 11 13 143 = . Do 143 15 (mod 16) nn

11 13 15 = trong 16Z .

Mt s tnh cht ca mZ

1. Php cng ng trong mZ , , ma b Z , ma b+ Z

2. Tnh giao hon ca php cng trong mZ , , ma b Z , a b b a+ = +

3. Tnh kt hp ca php cng trong mZ , , , ma b c Z , ( ) ( )a b c a b c+ + = + +

4. mZ c phn t trung ha l 0, , ma b Z , 0 0a a a+ = + =

5. Mi phn ta trong mZ u c phn ti l m a

6. Php nhn ng trong mZ , , ma b Z , ma b Z

7. Tnh giao hon ca php nhn trong mZ , , ma b Z , a b b a =

8. Tnh kt hp ca php nhn trong mZ , , , ma b c Z , ( ) ( )a b c a b c =


18/289

Chng 1

18

9. mZ c phn tn v l 1, , ma b Z , 1 1a a a = =

10. Tnh phn phi ca php nhn i vi php cng, , , ma b c Z ,

( )a b c a c b c+ = +

mZ c cc tnh cht 1, 3 5 nn to thnh mt nhm. Do mZ c tnh cht 2 nn

to thnh nhm Abel. mZ c cc tnh cht (1) (10) nn to thnh mt vnh.

1.3 H thng m ha quy c (m ha i xng)

Trong h thng m ha quy c, qu trnh m ha v gii m mt thng ip s

dng cng mt m kha gi l kha b mt (secret key) hay kha i xng

(symmetric key). Do , vn bo mt thng tin m ha hon ton ph thuc

vo vic gi b mt ni dung ca m kha c s dng.

Vi tc v kh nng x l ngy cng c nng cao ca cc b vi x l hin

nay, phng php m ha chun (Data Encryption Standard DES) trnn

khng an ton trong bo mt thng tin. Do , Vin Tiu chun v Cng ngh

Quc gia Hoa K (National Institute of Standards and Technology NIST)

quyt nh chn mt chun m ha mi vi an ton cao nhm phc v nhu cu

bo mt thng tin lin lc ca chnh ph Hoa K cng nh trong cc ng dngdn s. Thut ton Rijndael do Vincent Rijmen v Joan Daeman c chnh

thc chn tr thnh chun m ha nng cao (Advanced Encryption Standard

AES) t 02 thng 10 nm 2000.


19/289

Tng quan

19

1.4 H thng m ha kha cng cng (m ha bt i xng)

Nu nh vn kh khn t ra i vi cc phng php m ha quy c chnh

l bi ton trao i m kha th ngc li, cc phng php m ha kha cng

cng gip cho vic trao i m kha trnn d dng hn. Ni dung ca kha

cng cng(public key) khng cn phi gi b mt nhi vi kha b mt trong

cc phng php m ha quy c. S dng kha cng cng, chng ta c th thit

lp mt quy trnh an ton truy i kha b mt c s dng trong h thng

m ha quy c.

Trong nhng nm gn y, cc phng php m ha kha cng cng, c bit l

phng php RSA [45], c s dng ngy cng nhiu trong cc ng dng m

ha trn th gii v c th xem nhy l phng php chun c s dng ph

bin nht trn Internet, ng dng trong vic bo mt thng tin lin lc cng nh

trong lnh vc thng mi in t.

1.5 Kt hp m ha quy c v m ha kha cng cng

Cc phng php m ha quy c c u im x l rt nhanh v kh nng bo

mt cao so vi cc phng php m ha kha cng cng nhng li gp phi vn

kh khn trong vic trao i m kha. Ngc li, cc phng php m ha

kha cng cng tuy x l thng tin chm hn nhng li cho php ngi s dng

trao i m kha d dng hn. Do , trong cc ng dng thc t, chng ta cn

phi hp c u im ca mi phng php m ha xy dng h thng m

ha v bo mt thng tin hiu qu v an ton.


20/289

Chng 2

20

Chng 2Mt s phng php m ha quy c

Trong chng 1, chng ta tm hiu tng quan vmt m hc v hthng m ha. Ni dung ca chng 2 sgii thiu chi tit hn vh thng m

ha quy c (hay cn gi l h thng m ha i xng). Mt sphng php

m ha quy c kinh in nh phng php dch chuyn, phng php thay

th cng vi cc phng php m ha theo khi c sdng phbin trongnhng th p nin gn y nh DES, Tripple DES, AES cng c gii thiu

trong chng ny.

2.1 H thng m ha quy c

H thng m ha quy c l h thng m ha trong quy trnh m ha v giim u s dng chung mt kho - kha b mt. Vic bo mt thng tin ph thuc

vo vic bo mt kha.

Trong h thng m ha quy c, thng ip ngun c m ha vi m kha k

c thng nht trc gia ngi gi A v ngi nhn B. Ngi A s s dng


21/289

Mt s phng php m ha quy c

21

m kha k m ha thng ip x thnh thng ip y v gi y cho ngi B;

ngi B s s dng m kha k gii m thng ipy ny. Vn an ton bo

mt thng tin c m ha ph thuc vo vic gi b mt ni dung m kha k.

Nu ngi C bit c m kha kth C c th mkha thng ip c m

ha m ngi A gi cho ngi B.

Kha b mt

Thng i p M ha Thngi p Gii m Thng ipngun m ha gii m

Hnh 2.1. M hnh h thng m ha quy c

2.2 Phng php m ha dch chuyn

Phng php m ha dch chuyn l mt trong nhng phng php lu i nht

c s dng m ha. Thng ip c m ha bng cch dch chuyn xoay

vng tng k ti kv tr trong bng ch ci.

Trong trng hp c bit 3k= , phng php m ha bng dch chuyn c

gi l phng php m ha Caesar.


22/289

Chng 2

22

Thut ton 2.1.Phng php m ha dch chuyn

Cho nP C K = = = Z

Vi mi kha k K , nh ngha:( ) ( ) modke x x k n= + v ( ) ( ) modkd y y k n= vi , nx y Z

{ },kE e k K = v { },kD d k K =

M ha dch chuyn l mt phng php m ha n gin, thao tc x l m ha

v gii m c thc hin nhanh chng. Tuy nhin, trn thc t, phng php

ny c th d dng b ph vbng cch th mi kh nng kha k K .iu ny

hon ton c th thc hin c do khng gian khaKch c n phn t chn

la.

V d: m ha mt thng ip c biu din bng cc ch ci t A

n Z (26 ch ci), ta s dng 26P C K = = =Z

. Khi , thng ip cm ha s khng an ton v c th d dng b gii m bng cch th ln

lt 26 gi tr kha k K . Tnh trung bnh, thng ip c m ha

c th b gii m sau khong / 2n ln th kha k K .

2.3 Phng php m ha thay th

Phng php m ha thay th (Substitution Cipher) l mt trong nhng phng

php m ha ni ting v c s dng t hng trm nm nay. Phng php

ny thc hin vic m ha thng ip bng cch hon v cc phn t trong bng

ch ci hay tng qut hn l hon v cc phn t trong tp ngunP.


23/289


23

Thut ton 2.2.Phng php m ha bng thay th

ChoP= C= Zn

Kl tp hp tt c cc hon v ca n phn t 0,1,..., 1n . Nh vy, mi kha

K l mt hon v ca n phn t 0,1,..., 1n .

Vi mi kha K , nh ngha:

( ) ( )

e x x= v -1( ) ( )

d y y= vi , nx y Z

{ } ,e K= v { } ,D D K =

y l mt phng php n gin, thao tc m ha v gii m c thc hin

nhanh chng. Phng php ny khc phc im hn ch ca phng php m

ha bng dch chuyn l c khng gian khaKnh nn d dng b gii m bng

cch th nghim ln lt n gi tr kha k K . Trong phng php m ha thay

th c khng gian kha Krt ln vi n! phn t nn khng th b gii m bng

cch vt cn mi trng hp kha k. Tuy nhin, trn thc t thng ip cm ha bng phng php ny vn c th b gii m nu nh c th thit lp

c bng tn s xut hin ca cc k t trong thng ip hay nm c mt s

t, ng trong thng ip ngun ban u!

2.4 Phng php Affine

Nu nh phng php m ha bng dch chuyn l mt trng hp c bit ca

phng php m ha bng thay th, trong ch s dng n gi tr kha ktrong s

n! phn t, th phng php Affine li l mt trng hp c bit khc ca m

ha bng thay th.


24/289

Chng 2

24

Thut ton 2.3.Phng php Affine

ChoP= C= Zn

( ) ( ){ }, : gcd , 1n nK a b a n= =Z Z

Vi mi kha ( , )k a b K = , nh ngha:

( ) ( ) modke x ax b n= + v1( ) ( ( )) modkd x a y b n

= vi , nx y Z

{ },ke k K= v { },kD D k K =

c th gii m chnh xc thng tin c m ha bng hm ke E th ke

phi l mt song nh. Nh vy, vi mi gi tr ny Z , phng trnh

(mod )ax b y n+ phi c nghim duy nht nx Z .

Phng trnh (mod )ax b y n+ tng ng vi ( )(mod )ax y b n . Vy, ta

ch cn kho st phng trnh ( )(mod )ax y b n .

nh l 2.1: Phng trnh (mod )ax b y n+ c nghim duy nht nx Z vi

mi gi tr nb Z khi v chkhi a v n nguyn tcng nhau.

Vy, iu kin a v n nguyn t cng nhau bo m thng tin c m ha bnghm ke c thc gii m v gii m mt cch chnh xc.

Gi ( )n l s lng phn t thuc nZ v nguyn t cng nhau vi n.


25/289


25

nh l 2.2:Nu =

=m

i

ei

ipn1

vipi l cc snguyn tkhc nhau v ie+ Z ,

1 i m th ( ) ( )=

=

m

ieiei ii ppn

11 .

Trong phng php m ha Affine, ta c n kh nng chn gi trb, ( )n kh

nng chn gi tra. Vy, khng gian khaKc tt c ( )n n phn t.

Vn t ra cho phng php m ha Affine l c th gii m c thng tin c m ha cn phi tnh gi tr phn t nghch o 1 na

Z . Thut ton

Euclide mrng c th gii quyt trn vn vn ny [45].

Trc tin, cn kho st thut ton Euclide (dng cbn) s dng trong vic

tm c s chung ln nht ca hai s nguyn dng 0r v 1r vi 0 1r r> . Thut

ton Euclide bao gm mt dy cc php chia:

0 1 1 2r q r r = + , 2 10 r r< <

1 2 2 3r q r r = + , 3 20 r r< <

2 1 1m m m mr q r r = + , 10 m mr r < <

1m m mr q r = (2.1)

D dng nhn thy rng: 0 1 1 2 1gcd( , ) gcd( , ) ... gcd( , )m m mr r r r r r r = = = = . Nh

vy, c s chung ln nht ca 0r v 1r l mr .


26/289

Chng 2

26

Xy dng dy s 0 1, ,..., mt t t theo cng thc truy hi sau:

0 0t =

1 1t =

2 1 1 0( ) modj j j jt t q t r = vi 2j (2.2)

nh l 2.3: Vi mij, 0 j m , ta c 1 0(mod )j jr t r r , vi jq v r c

xc nh theo thut ton Euclide v t c xc nh theo cng thc truy hi nu

trn.

nh l 2.4: Nu 0r v 1r nguyn tcng nhau (vi 0 1r r> ) th mt l phn t

nghch o ca 1r trong 0rZ .

10 1 1 0gcd( , ) 1 modmr r t r r

= = (2.3)

Trong thut ton Euclide, dy s{ }t c thc tnh ng thi vi dy s { }q

v{ }r . Thut ton Euclide mrng di y c s dng xc nh phn t

nghch o (nu c) ca mt s nguyn dng a (modulo n). Trong thut ton

khng cn s dng n cu trc d liu mng lu gi tr ca dy s { }t ,{ }q

hay{ }r v ti mi thi im, ta ch cn quan tm n gi tr ca hai phn t cui

cng ca mi dy ti thi im ang xt.


27/289


27

Thut ton 2.4. Thut ton Euclide mrng

xc nh phn tnghch o ca a (modulo n)

0n n=

0a a=

0 0t =

1t=

0

0

nq

a

=

0 0r n qa=

while 0r> do0temp t qt =

if 0temp then

modtemp temp n=

end ifif 0temp < then

(( ) mod )temp n temp n=

end if0t t=

t temp=

0 0n a=

0a r=

0

0

nq

a

=

0 0r n qa=

end whileif 0 1a then

a khng c phn t nghch o modulo n

else1 moda t n =

end if


28/289

Chng 2

28

2.5 Phng php Vigenere

Trong phng php m ha bng thay th cng nh cc trng hp c bit ca

phng php ny (m ha bng dch chuyn, m ha Affine,), ng vi mt

kha kc chn, mi phn t x P c nh x vo duy nht mt phn t

y C . Ni cch khc, ng vi mi kha k K , mt song nh c thit lp t

Pvo C.

Khc vi hng tip cn ny, phng php Vigenere s dng mt t kha c di m. C th xem nh phng php m ha Vigenere Cipher bao gm m php

m ha bng dch chuyn c p dng lun phin nhau theo chu k.

Khng gian khaKca phng php Vigenere Cipher c s phn t l mn , ln

hn hn phng php s lng phn t ca khng gian kha K trong phng

php m ha bng dch chuyn. Do , vic tm ra m kha k gii m thngip c m ha s kh khn hn i vi phng php m ha bng dch

chuyn.

Thut ton 2.5.Phng php m ha Vigenere

Chn s nguyn dng m. nh ngha ( )mnP C K = = = Z

{ }0 1 1( , ,..., ) ( )rr nK k k k = Z

Vi mi kha 0 1 1( , ,..., )rk k k k K = , nh ngha:

1 2 1 1 2 2( , ,..., ) (( ) mod , ( ) mod ,..., ( ) mod )k m m me x x x x k n x k n x k n= + + +

1 2 1 1 2 2( , ,..., ) (( ) mod ,( ) mod ,..., ( ) mod )k m m md y y y y k n y k n y k n=

vi , ( )mnx y Z .


29/289


29

2.6 Phng php Hill

Phng php Hill c Lester S. Hill cng b nm 1929: Cho s nguyn dng

m, nh ngha ( )mnP C= = Z . Mi phn tx P l mt bm thnh phn, mi

thnh phn thuc nZ . tng chnh ca phng php ny l s dng m t hp

tuyn tnh ca m thnh phn trong mi phn t x P pht sinh ra m thnh

phn to thnh phn ty C .

Thut ton 2.6.Phng php m ha Hill

Chn s nguyn dng m. nh ngha:

( )mnP C= = Z vKl tp hp cc ma trn m m kh nghch

Vi mi kha K

kkk

kk

kkk

k

mmmm

m

m

=

,2,1,

,21,2

,12,11,1

, nh ngha:

( ) ( )

==

mmmm

m

m

mk

kkk

kk

kkk

xxxxkxe

,2,1,

,21,2

,12,11,1

21 ,...,,

vi 1 2( , ,..., )mx x x x P =

v 1( )kd y yk = vi y C .

Mi php ton s hc u c thc hin trn nZ .


30/289

Chng 2

30

2.7 Phng php m ha hon v

Nhng phng php m ha nu trn u da trn tng chung: thay th mi

k t trong thng ip ngun bng mt k t khc to thnh thng ip

c m ha. tng chnh ca phng php m ha hon v (Permutation

Cipher) l vn gi nguyn cc k t trong thng ip ngun m ch thay i v tr

cc k t; ni cch khc thng ip ngun c m ha bng cch sp xp li cc

k t trong .

Thut ton 2.7. Phng php m ha bng hon v

Chn s nguyn dng m. nh ngha:

( )mnP C= = Z vKl tp hp cc hon v ca m phn t { }1,2,...,m

Vi mi kha K , nh ngha:

( ) ( ) ( ) ( )( ) 1 2 1 2 , ,..., , ,...,m me x x x x x x= v

( )( ) ( ) ( )( )1 1 1 1 2 1 2 , ,..., , ,...,m md y y y y y y =

vi 1 hon v ngc ca

Phng php m ha bng hon v chnh l mt trng hp c bit ca phng

php Hill. Vi mi hon v ca tp h p {1, 2, ..., m} , ta xc nh ma trn

,( )i jk k = theo cng thc sau:

( ),

1,

0,i j

i jk

==

neu

trong trng hp ngc lai(2.4)


31/289


31

Ma trn k l ma trn m mi dng v mi ct c ng mt phn t mang gi tr

1, cc phn t cn li trong ma trn u bng 0. Ma trn ny c th thu c bng

cch hon v cc hng hay cc ct ca ma trn n v m nn k l ma trn khnghch. R rng, m ha bng phng php Hill vi ma trn k hon ton tng

ng vi m ha bng phng php hon v vi hon v.

2.8 Phng php m ha bng php nhn

2.8.1 Phng php m ha bng php nhnThut ton 2.8.Phng php m ha bng php nhn

Cho ( )mnP C= = Z , { : gcd( , ) 1}nK k k n= =Z

Vi mi kha nk Z , nh ngha:

( ) modk xe x k n= v1

( ) modkd y k y n

= vi , nx y Z

Phng php m ha bng php nhn (Multiplicative Cipher) l mt phng

php m ha n gin. Khng gian kha Kc tt c ( )n phn t. Tuy nhin,

vic chn kha 1k K= s khng c ngha trong vic m ha thng nn s

lng phn t tht sc s dng trongKl ( ) 1n .

Vn c t ra y l an ton ca phng php ny ph thuc vo s

lng phn t trong tp khaK. Nu gi tr ( ) 1n khng ln th thng tin

c m ha c th b gii m bng cch th ton b cc kha k K . nng


32/289

Chng 2

32

cao an ton ca phng php ny, gi trnc s dng phi c ( )n ln

hay chnh gi trn phi ln. Khi , mt vn mi c t ra l lm th no

thc hin c mt cch nhanh chng cc php ton trn s nguyn ln.

2.8.2 Xl shcTrong phng php m ha ny, nhu cu tnh gi tr ca biu thc

( ) modz a b n= c t ra trong c thao tc m ha v gii m. Nu thc hin

vic tnh gi tr theo cch thng thng th r rng l khng hiu qu do thi gianx l qu ln.

S dng thut ton php nhn n , ta c thc s dng tnh gi tr biu

thc ( ) moda b n= mt cch nhanh chng v hiu qu.

Thut ton 2.9. Thut ton php nhnntnh gi tr ( ) modz a b n=

0z =

moda a n=

modb b n=

Biu din b di dng nh phn 1 2 2 1, ,..., ,l lb b b b , {0,1}ib , 0 i l <

for i = 0 to 1l

if 1ib = then( ) modz a n= +

endif

(2 ) moda a n=

endfor

( ) modz z a n= +


33/289


33

2.9 Phng php DES (Data Encryption Standard)

2.9.1 Phng php DESKhong nhng nm 1970, tin sHorst Feistel t nn mng u tin cho

chun m ha d liu DES vi phng php m ha Feistel Cipher. Vo nm

1976 Cquan Bo mt Quc gia Hoa K (NSA) cng nhn DES da trn

phng php Feistel l chun m ha d liu [25]. Kch thc kha ca DES ban

u l 128 bit nhng ti bn cng b FIPS kch thc kha c rt xung cn

56 bit.

Trong phng php DES, kch thc khi l 64 bit. DES thc hin m ha d

liu qua 16 vng lp m ha, mi vng s dng mt kha chu k 48 bit c to

ra t kha ban u c di 56 bit. DES s dng 8 bng hng s S-box thao

tc.

Qu trnh m ha ca DES c thc tm tt nh sau: Biu din thng ip

ngun x P bng dy 64bit. Kha kc 56 bit. Thc hin m ha theo ba giai

on:

1. To dy 64 bit 0x bng cch hon vx theo hon v IP (Initial Permutation).

Biu din 0 0 0( )x IP x L R= = , L0 gm 32 bit bn tri ca x0, R0 gm 32 bit

bn phi cax0.


34/289

Chng 2

34

L0 R0

x0

Hnh 2.2.Biu din dy 64 bit x thnh 2 thnh phn L v R

2. Thc hin 16 vng lp t 64 bit thu c v 56 bit ca kho k(ch s dng

48 bit ca kho k trong mi vng lp). 64 bit kt qu thu c qua mi vng

lp s l u vo cho vng lp sau. Cc cp t 32 bitLi,Ri (vi 1 16i )

c xc nh theo quy tc sau:

1i iL R =

1 1( , )i i i iL f R K = (2.5)

vi biu din php ton XOR trn hai dy bit,K1,K2, ...,K16 l cc dy 48

bit pht sinh t khaKcho trc (Trn thc t, mi khaKic pht sinhbng cch hon v cc bit trong khaKcho trc).

3. p dng hon v ngc 1P i vi dy bit 16 16L , thu c ty gm

64 bit. Nh vy, 1 16 16( )y IP R L= .

Hmfc s dng bc 2 l hm c gm hai tham s: Tham s th nhtA lmt dy 32 bit, tham s th haiJl mt dy 48 bit. Kt qu ca hmf l mt dy

32 bit. Cc bc x l ca hm ( , )A J nh sau:

Tham s th nhtA (32 bit) c mrng thnh dy 48 bit bng hm mrngE.

Kt qu ca hm ( )E A l mt dy 48 bit c pht sinh tA bng cch hon v


35/289


35

theo mt th t nht nh 32 bit caA, trong c 16 bit caAc lp li hai

ln trong ( )E A .

Li-1 Ri-1

f Ki

Li Ri

Hnh 2.3. Quy trnh pht sinh dy i iL R tdy 1 1i iL R v kha iK

Thc hin php ton XOR cho hai dy 48 bit ( )A vJ, ta thu c mt dy

48 bitB. Biu dinB thnh tng nhm 6 bit nh sau: 1 2 3 4 5 6 7 8B B B B B B B B= .

S dng tm ma trn 1 2 8, ,...,S S S , mi ma trn Si c kch thc 4 16 v mi

dng ca ma trn nhn 16 gi tr t 0 n 15. Xt dy gm 6 bit

1 2 3 4 5 6jB b b b b b b= , ( )jS B c xc nh bng gi tr ca phn t ti dng rct c

ca Sj, trong , ch s dng rc biu din nh phn l 1 6b b , ch s ct c c biu

din nh phn l 2 3 4 5b b b b . Bng cch ny, ta xc nh c cc dy 4 bit

( )j jC S B= , 1 8 .


36/289

Chng 2

36

Tp h p cc dy 4 bit Cj li, ta c c dy 32 bit

1 2 3 4 5 6 7 8C C C C C C C C C = . Dy 32 bit thu c bng cch hon vCtheo mt quy

lutPnht nh chnh l kt qu ca hm ( , )F A J .

Qu trnh gii m chnh l thc hin theo th to ngc cc thao tc ca qu

trnh m ha.

2.9.2 Nhn xtDo tc tnh ton ca my tnh ngy cng tng cao v DES c s quan

tm ch ca cc nh khoa hc ln nhng ngi ph m (cryptanalyst) nn DES

nhanh chng trnn khng an ton. Nm 1997, mt d n tin hnh b kha

DES cha n 3 ngy vi chi ph thp hn 250.000 dollars. V vo nm 1999,

mt mng my tnh gm 100.000 my c th gii m mt th tn m ha DES

cha y 24 gi.

Trong qu trnh tm kim cc thut ton mi an ton hn DES, Tripple DES ra

i nh mt bin th ca DES. Tripple DES thc hin ba ln thut ton DES vi

3 kho khc nhau v vi trnh t khc nhau. Trnh t thc hin ph bin l EDE

(Encrypt Decrypt Encrypt), thc hin xen k m ha vi gii m (lu l

kha trong tng giai on thc hin khc nhau).


37/289


37

2.10 Phng php chun m ha nng cao AES

tm kim mt phng php m ha quy c mi vi an ton cao hn DES,

NIST cng b mt chun m ha mi, thay th cho chun DES. Thut ton i

din cho chun m ha nng cao AES (Advanced Encryption Standard) s l

thut ton m ha kha quy c, s dng min ph trn ton th gii. Chun AES

bao gm cc yu cu sau [23]:

o Thut ton m ha theo khi 128 bit.

o Chiu di kha 128 bit, 192 bit v 256 bit.

o Khng c kha yu.

o Hiu qu trn h thng Intel Pentium Pro v trn cc nn phn cng v phn

mm khc.

o Thit k d dng (h trchiu di kha linh hot, c th trin khai ng dng

rng ri trn cc nn v cc ng dng khc nhau).

o Thit kn gin: phn tch nh gi v ci t d dng.

o Chp nhn bt k chiu di kha ln n 256 bit.

o M ha d liu thp hn 500 chu k ng h cho mi khi trn Intel

Pentium, Pentium Pro v Pentium II i vi phin bn ti u ca thut ton.

o C kh nng thit lp kha 128 bit (cho tc m ha ti u) nh hn thi

gian i hi m ha cc khi 32 bit trn Pentium, Pentium Pro v Pentium

II.

o Khng cha bt k php ton no lm n gim kh nng trn cc b vi x l

8 bit, 16 bit, 32 bit v 64 bit.

o Khng bao hm bt k phn t no lm n gim kh nng ca phn cng.

o Thi gian m ha d liu rt thp di 10/1000 giy trn b vi x l 8 bit.

o C th thc hin trn b vi x l 8 bit vi 64 byte b nhRAM.


38/289

Chng 2

38

Sau khi thc hin hai ln tuyn chn, c nm thut ton c vo vng chung

kt, gm c: MARS, RC6, SERPENT, TWOFISH v RIJNDAEL. Cc thut ton

ny u t cc yu cu ca AES nn c gi chung l cc thut ton ng vin

AES. Cc thut ton ng vin AES c an ton cao, chi ph thc hin thp. Chi

tit v cc thut ton ny c trnh by trong Chng 3 - Phng php m ha

Rijndael v Chng 5 - Cc thut ton ng c vin AES.


39/289

Phng php m ha Rijndael

39

Chng 3Phng php m ha Rijndael

Ni dung ca chng 3 trnh by chi tit vphng php m ha Rijndaelca hai tc gi Vincent Rijmen v Joan Daeman. y l gii thutc Vin

Tiu chun v Cng ngh Hoa K (NIST) chnh thc chn lm chun m ha

nng cao (AES) tngy 02 thng 10 nm 2000.

3.1 Gii thiu

Vi tc v kh nng x l ngy cng c nng cao ca cc b vi x l hin

nay, phng php m ha chun (Data Encryption Standard DES) tr nn

khng an ton trong bo mt thng tin. Do , Vin Tiu chun v Cng ngh

Hoa K (National Institute of Standards and Technology NIST) quyt nh

chn mt chun m ha mi vi an ton cao nhm phc v nhu cu bo mt

thng tin lin lc ca Chnh ph Hoa K cng nh trong cc ng dng dn s.

Thut ton Rijndael do Vincent Rijmen v Joan Daeman c chnh thc chn

trthnh chun m ha nng cao AES (Advanced Encryption Standard) t ngy

02 thng 10 nm 2000.


40/289

Chng 3

40

Phng php m ha Rijndael l phng php m ha theo khi (block cipher)

c kch thc khi v m kha thay i linh hot vi cc gi tr 128, 192 hay 256

bit. Phng php ny thch hp ng dng trn nhiu h thng khc nhau t cc

th thng minh cho n cc my tnh c nhn.

3.2 Tham s, k hiu, thut ng v hm

AddRoundKey Php bin i s dng trong m ha v gii m, thc hin

vic cng m kha ca chu k vo trng thi hin hnh.

di ca m kha ca chu k bng vi kch thc ca trng

thi.

SubBytes Php bin i s dng trong m ha, thc hnh vic thay

th phi tuyn tng byte trong trng thi hin hnh thng qua

bng thay th (S-box).

InvSubBytes Php bin i s dng trong gii m. y l php bin i

ngc ca php bin i SubBytes.

MixColumns Php bin i s dng trong m ha, thc hin thao tc trn

thng tin ca tng ct trong trng thi hin hnh. Mi ctc x l c lp.

InvMixColumns Php bin i s dng trong gii m. y l php bin i

ngc ca php bin i MixColumns.


41/289


41

ShiftRows Php bin i s dng trong m ha, thc hin vic dch

chuyn xoay vng tng dng ca trng thi hin hnh vi di

s tng ng khc nhau

InvShiftRows Php bin i s dng trong gii m. y l php bin i

ngc ca php bin i ShiftRows.

Nw S lng byte trong mt n v d liu t. Trong thut

ton Rijndael, thut ton mrng 256/384/512 bit v thutton mrng 512/768/1024 bit, gi trNw ln lt l 4, 8 v

16

K Kha chnh.

Nb S lng ct (s lng cc t 8Nw bit) trong trng thi.Gi trNb = 4, 6, hay 8. Chun AES gii hn li gi tr ca

Nb = 4.

Nk S lng cc t (8Nw bit) trong kha chnh.

Gi trNk= 4, 6, hay 8.

Nr S lng chu k, ph thuc vo gi trNkandNbtheo cng

thc:Nr= max (Nb,Nk)+6.


42/289

Chng 3

42

RotWord Hm c s dng trong qu trnh mrng m kha, thc

hin thao tc dch chuyn xoay vng Nw byte thnh phn

ca mt t.

SubWord Hm c s dng trong qu trnh mrng m kha. Nhn

vo mt t (Nw byte), p dng php thay th da vo S-box

i vi tng byte thnh phn v tr v t gm Nw byte

thnh phn c thay th.

XOR Php ton Exclusive-OR.

Php ton Exclusive-OR.

Php nhn hai a thc (mi a thc c bc


43/289


43

nhau: dng nh phn ({b7b6b5b4b3b2b1b0}), dng thp lc phn ({h1h0}) hay dng

a thc c cc h s nh phn =

7

0i

iixb

3.3.1 Php cngPhp cng hai phn t trn GF(28) c thc hin bng cch cng (thc cht l

php ton XOR, k hiu ) cc h s ca cc n thc ng dng ca hai a thc

tng ng vi hai ton hng ang xt. Nh vy, php cng v php tr hai phnt bt k trn GF(28) l hon ton tng ng nhau.

Nu biu din li cc phn t thuc GF(28) di hnh thc nh phn th php cng

gia {a7a6a5a4a3a2a1a0} vi {b7b6b5b4b3b2b1b0} l {c7c6c5c4c3c2c1c0} vi

i i jc a b= , 0i 7.

3.3.2 Php nhnKhi xt trong biu din a thc, php nhn trn GF(28) (k hiu ) tng ng vi

php nhn thng thng ca hai a thc em chia ly d (modulo) cho mt a

thc ti gin (irreducible polynomial) bc 8. a thc c gi l ti gin khi v

ch khi a thc ny ch chia ht cho 1 v chnh mnh. Trong thut ton Rijndael,

a thc ti ginc chn l

8 4 3( ) 1m x x x x x= + + + + (3.1)

hay 1{1b} trong biu din dng thp lc phn.


44/289

Chng 3

44

Kt qu nhn c l mt a thc bc nh hn 8 nn c thc biu din di

dng 1 byte. Php nhn trn GF(28) khng thc biu din bng mt php ton

n gin mc byte.

Php nhn c nh ngha trn y c tnh kt hp, tnh phn phi i vi php

cng v c phn tn v l {01}.Vi mi a thc b(x) c h s nh phn vi

bc nh hn 8 tn ti phn t nghch o ca b(x), k hiu b-1(x) (c thc hin

bng cch s dng thut ton Euclide mrng [45]).

Nhn xt: Tp hp 256 gi tr t 0 n 255 c trang b php ton cng (c

nh ngha l php ton XOR) v php nhn nh ngha nh trn to thnh trng

hu hn GF(28).

3.3.2.1 Php nhn vi xPhp nhn (thng thng) a thc

( ) =

=+++++++=7

001

22

33

44

55

66

77

i

iixbbxbxbxbxbxbxbxbxb (3.2)

vi a thcx cho kt qu l a thc

xbxbxbxbxbxbxbxb 02

1

3

2

4

3

5

4

6

5

7

6

8

7 +++++++ (3.3)

Kt qu ( )x b x c xc nh bng cch modulo kt qu ny cho a thc m(x).

1. Trng hp 07 =b

( )xbx = xbxbxbxbxbxbxb 02

13

24

35

46

57

6 ++++++ (3.4)


45/289


45

2. Trng hp 17 =b

( )xbx =

( )( )xmxbxbxbxbxbxbxbxb mod

0

2

1

3

2

4

3

5

4

6

5

7

6

8

7

+++++++

= ( ) ( )xmxbxbxbxbxbxbxbxb +++++++ 021324354657687 (3.5)

Nh vy, php nhn vi a thc x (hay phn t{00000010} GF(28)) c th

c thc hin mc byte bng mt php shift tri v sau thc hin tip

php ton XOR vi gi tr {1b}nu 17 =b .Thao tc ny c k hiu l

xtime(). Php nhn vi cc ly tha cax c thc thc hin bng cch pdng nhiu ln thao tc xtime(). Kt qu ca php nhn vi mt gi tr bt k

c xc nh bng cch cng ( ) cc kt qu trung gian ny li vi nhau.

Khi , vic thc hin php nhn gia hai phn ta, b bt k thuc GF(28) c th

c tin hnh theo cc bc sau:

1. Phn tch mt phn t (gi s l a) ra thnh tng ca cc ly tha ca 2.

2. Tnh tng cc kt qu trung gian ca php nhn gia phn t cn li (l b)

vi cc thnh phn l ly tha ca 2 c phn tch ta.

V d:

{57}{13} = {fe}v

{57}{02} = xtime({57}) = {ae}

{57}{04} = xtime({ae}) = {47}

{57}{08} = xtime({47}) = {8e}

{57}{10} = xtime({8e}) = {07},


46/289

Chng 3

46

Nh vy:

{57}{13} = {57} ({01}{02}{10})= {57}{ae}{07}

= {fe}

3.3.3 a thc vi hstrn GF(28)Xt a thc a(x) v b(x) bc 4 vi cc h s thuc GF(28):

=

=3

0

)(i

iixaxa v ( )

=

=3

0i

iixbxb (3.6)

Hai a thc ny c th c biu din li di dng t gm 4 byte

[a0 , a1 , a2 , a3 ] v [b0 , b1 , b2 , b3 ]. Php cng a thc c thc hin bng cch

cng (chnh l php ton XOR trn byte) cc h s ca cc n thc ng dng

vi nhau:

=

=+3

0

)()()(i

iii xbaxbxa (3.7)

Php nhn gia a(x) vi b(x) c thc hin thng qua hai bc. Trc tin, thc

hin php nhn thng thng ( ) ( ) ( )xbxaxc = .

01

2

2

3

3

4

4

5

5

6

6)( cxcxcxcxcxcxcxc ++++++= (3.8)

vi

000 bac = 3122134 bababac =

10011 babac = 32235 babac =

2011022 bababac = 336 bac = (3.9)

302112033 babababac = .


47/289


47

R rng l c(x) khng thc biu din bng mt t gm 4 byte. a thc c(x)

c thc a v mt a thc c bc nh hn 4 bng cch ly c(x) modulo cho

mt a thc bc 4. Trong thut ton Rijndael, a thc bc 4 c chn l

4( ) 1M x x= + .

Do ( ) 4mod4 1mod jj xxx =+ nn kt qud(x) = a(x) b(x) c xc nh bng

( ) 012

23

3 dxdxdxdxd +++= (3.10)

vi

312213000 babababad =



302112033 babababad = (3.11)

Trong trng hp a thc a(x) cnh, php nhn d(x) = a(x) b(x) c thc

biu din di dng ma trn nh sau

=

3

2

1

0

0123

3012

2301

1230

3

2

1

0

b

b

b

b

aaaa

aaaa

aaaa

aaaa

d

d

d

d

(3.12)

Do 4 1x + khng phi l mt a thc ti gin trn GF(28) nn php nhn vi mt

a thc a(x) cnh c chn bt k khng m bo tnh kh nghch. V vy,

trong phng php Rijndael chn a thc a(x) c phn t nghch o

(modulo M(x))

a(x) = {03}x3 + {01}x2 + {01}x + {02} (3.13)

a-1(x) = {0b}x3 + {0d}x2 + {09}x + {0e} (3.14)


48/289

Chng 3

48

3.3.3.1 Php nhn vi x

Xt a thc

( ) 012

23

3 bxbxbxbxb +++= (3.15)

Kt qu ca php nhn c(x) = b(x) xc xc nh bng

( ) 302

13

2 bxbxbxbxc +++= (3.16)

Php nhn vix tng ng vi php nhn dng ma trn nh trnh by

phn trn vi cc gi tra0 = a2 = a3 = {00} v a1 = {01}.

=

3

2

1

0

3

2

1

0

00010000

00000100

00000001

01000000

b

b

b

b

c

c

c

c

(3.17)

Nh vy, php nhn vi x hay cc ly tha ca x s tng ng vi php dch

chuyn xoay vng cc byte thnh phn trong mt t.

Trong thut ton Rijndael cn s dng n a thc x

3

(a0 = a1 = a2 ={00}

va3 = {01})trong hm RotWord nhm xoay vng 4 byte thnh phn ca mt t

c a vo. Nh vy, nu a vo t gm 4 byte [b0, b1, b2, b3] th kt qu

nhn c l t gm 4 byte [b1, b2, b3, b0].


49/289


49

3.4 Phng php Rijndael

Phng php m ha Rijndael bao gm nhiu bc bin i c thc hin tun

t, kt quu ra ca bc bin i trc l u vo ca bc bin i tip theo.

Kt qu trung gian gia cc bc bin i c gi l trng thi (state).

Mt trng thi c thc biu din di dng mt ma trn gm 4 dng v Nb

ct viNb bng vi di ca khi chia cho 32. M kha chnh (Cipher Key)

cng c biu din di dng mt ma trn gm 4 dng v Nkct viNkbng

vi di ca kha chia cho 32. Trong mt s tnh hung, ma trn biu din mt

trng thi hay m kha c thc kho st nh mng mt chiu cha cc phn

t c di 4 byte, mi phn t tng ng vi mt ct ca ma trn.

S lng chu k, k hiu l Nr, ph thuc vo gi tr ca Nb vNktheo cng

thc: max{ , } 6Nr Nb Nk = +

a0,0 a0,1 a0,2 a0,3 a0,4 a0,5

a1,0 a1,1 a1,2 a1,3 a1,4 a1,5

a2,0 a2,1 a2,2 a2,3 a2,4 a2,5

a3,0 a3,1 a3,2 a3,3 a3,4 a3,5

k0,0 k0,1 k0,2 k0,3

k1,0 k1,1 k1,2 k1,3

k2,0 k2,1 k2,2 k2,3

k3,0 k3,1 k3,2 k3,3

Hnh 3.1.Biu din dng ma trn ca trng thi (Nb = 6) v m kha (Nk = 4)


50/289

Chng 3

50

3.4.1 Quy trnh m haQuy trnh m ha Rijndael s dng bn php bin i chnh:

1. AddRoundKey: cng () m kha ca chu k vo trng thi hin hnh.

di ca m kha ca chu k bng vi kch thc ca trng thi.

2. SubBytes: thay th phi tuyn mi byte trong trng thi hin hnh thng qua


3. MixColumns: trn thng tin ca tng ct trong trng thi hin hnh. Mi ct

c x l c lp.

4. ShiftRows: dch chuyn xoay vng tng dng ca trng thi hin hnh vi

di s khc nhau.

Mi php bin i thao tc trn trng thi hin hnh S. Kt quSca mi phpbin i s trthnh u vo ca php bin i k tip trong quy trnh m ha.

Trc tin, ton b d liu u vo c chp vo mng trng thi hin hnh.

Sau khi thc hin thao tc cng m kha u tin, mng trng thi sc tri

quaNr= 10, 12 hay 14 chu k bin i (ty thuc vo di ca m kha chnh

cng nh di ca khi c x l). 1Nr chu ku tin l cc chu k bini bnh thng v hon ton tng t nhau, ring chu k bin i cui cng c

s khc bit so vi 1Nr chu k trc . Cui cng, ni dung ca mng trng

thi sc chp li vo mng cha d liu u ra.

Quy trnh m ha Rijndael c tm tt li nh sau:


51/289


51

1. Thc hin thao tc AddRoundKey u tin trc khi thc hin cc chu k

m ha.

2. Nr 1 chu k m ha bnh thng: mi chu k bao gm bn bc bin ilin tip nhau: SubBytes, ShiftRows, MixColumns, v AddRoundKey.

3. Thc hin chu k m ha cui cng: trong chu k ny thao tc MixColumns

c b qua.

Trong thut ton di y, mng w[] cha bng m kha mrng; mng in[]

v out[] ln lt cha d liu vo v kt qu ra ca thut ton m ha.

Cipher( byte in[4 * Nb],

byte out[4 * Nb],

word w[Nb * (Nr + 1)])

begin

byte state[4,Nb]

state = in

AddRoundKey(state, w) // Xem phn 3.4.6for round = 1 to Nr 1

SubBytes(state) // Xem phn 3.4.2

ShiftRows(state) // Xem phn 3.4.4

MixColumns(state) // Xem phn 3.4.5

AddRoundKey(state, w + round * Nb)

end for

SubBytes(state)

ShiftRows(state)

AddRoundKey(state, w + Nr * Nb)

out = state

end


52/289

Chng 3

52

3.4.2 Kin trc ca thut ton RijndaelThut ton Rijndael c xy dng theo kin trc SPN s dng 16 s-box (kch

thc 8 8) thay th. Trong ton b quy trnh m ha, thut ton s dng

chung bng thay th s-box cnh. Php bin i tuyn tnh bao gm 2 bc:

hon v byte v p dng song song bn khi bin i tuyn tnh (32 bit) c kh

nng khuch tn cao. Hnh 3.2 th hin mt chu k m ha ca phng php

Rijndael.

Trn thc t, trong mi chu k m ha, kha ca chu kc cng (XOR) sau

thao tc bin i tuyn tnh. Do chng ta c thc hin thao tc cng kha trc

khi thc hin chu ku tin nn c th xem thut ton Rijndael tha cu trc

SPN [29].

Hnh 3.2. Mt chu k m ha ca phng php Rijndael (vi Nb = 4)


53/289


53

3.4.3 Php bin i SubBytesThao tc bin i SubBytesl php thay th cc byte phi tuyn v tc ng mtcch c lp ln tng byte trong trng thi hin hnh. Bng thay th (S-box) c

tnh kh nghch v qu trnh thay th 1 bytex da vo S-box bao gm hai bc:

1. Xc nh phn t nghch ox-1 GF(28). Quy c {00}-1 = {00}.

2. p dng php bin i affine (trn GF(2)) i vix-1 (gi sx-1 c biu din

nh phn l { }01234567 xxxxxxxx ):

+

=

0

1

1

0

0

0

1

1

11111000

01111100

00111110

00011111

10001111

11000111

11100011

11110001

7

65

4

3

2

1

0

7

65

4

3

2

1

0

x

x

x

x

x

x

x

x

y

y

y

y

y

y

y

y

(3.18)

hay

iiiiiii cxxxxxy = ++++ 8mod)7(8mod)6(8mod)5(8mod)4( (3.19)

vi cil bit thi ca {63}, 0 i 7.


54/289

Chng 3

54

Hnh 3.3. Thao tc SubBytestc ng trn tng byte ca trng thi

Bng D.1 th hin bng thay th S-box c s dng trong php bin iSubBytes dng thp lc phn.

V d: nu gi tr{xy} cn thay th l {53} th gi tr thay th

S-box ({xy}) c xc nh bng cch ly gi tr ti dng 5 ct 3 ca

Bng D.1. Nh vy, S-box ({xy}) = {ed}.

Php bin i SubBytes c th hin di dng m gi:

SubBytes(byte state[4,Nb])

begin

for r = 0 to 3

for c = 0 to Nb - 1

state[r,c] = Sbox[state[r,c]]

end for

end for

end


55/289


55

3.4.4 Php bin i ShiftRows

Hnh 3.4. Thao tc ShiftRows tc ng trn tng dng ca trng thi

Trong thao tc bin i ShiftRows, mi dng ca trng thi hin hnh c dch

chuyn xoay vng i mt s v tr.

Byte ,r cS ti dng rct c s dch chuyn n ct (c -shift(r,Nb)) modNb hay:

( )( ) NbNbrshiftcrcr ss mod,,', += vi 0< r


56/289

Chng 3

56

Php bin i ShiftRows c th hin di dng m gi:

ShiftRows(byte state[4,Nb])

begin

byte t[Nb]

for r = 1 to 3

for c = 0 to Nb - 1

t[c] = state[r, (c + h[r,Nb]) mod Nb]

end for

for c = 0 to Nb 1

state[r,c] = t[c]

end for

end for

end

3.4.5 Php bin i MixColumnsTrong thao tc bin i MixColumns, mi ct ca trng thi hin hnh c biu

din di dng a thcs(x) c cc h s trn GF(28). Thc hin php nhn

( ) ( ) ( )xsxaxs =' (3.21)

vi

a(x) = {03}x3 + {01}x2 + {01}x + {02} (3.22)

Thao tc ny c th hin dng ma trn nh sau:

=

c

c

c

c

c

c

c

c

s

s

s

s

s

s

s

s

,3

,2

,1

,0

',3

',2

',1

',0

02010103

03020101

01030201

01010302

(3.23)


57/289


57

Hnh 3.5. Thao tc MixColumns tc ng ln mi ct ca trng thi

Trong on m chng trnh di y, hm FFmul(x,y) thc hin php nhn

(trn trng GF(28)) hai phn tx vy vi nhau

MixColumns(byte state[4,Nb])

begin

byte t[4]

for c = 0 to Nb 1

for r = 0 to 3

t[r] = state[r,c]

end for

for r = 0 to 3

state[r,c] =

FFmul(0x02, t[r]) xor

FFmul(0x03, t[(r + 1) mod 4]) xor

t[(r + 2) mod 4] xor

t[(r + 3) mod 4]

end for

end for

end


58/289

Chng 3

58

3.4.6 Thao tc AddRoundKeyPhng php Rijndael bao gm nhiu chu k m ha lin tip nhau, mi chu k

c mt m kha ring (Round Key) c cng kch thc vi khi d liu angc x l v c pht sinh t m kha chnh (Cipher Key) cho trc ban u.

M kha ca chu k cng c biu din bng mt ma trn gm 4 dng v Nb

ct. Mi ct ca trng thi hin hnh c XOR vi ct tng ng ca m kha

ca chu kang xt:

][],,,[]',',','[ ,3,2,1,0,3,2,1,0 cNbroundcccccccc wssssssss += , (3.24)

vi 0 c


59/289


59

Hnh 3.6. Thao tc AddRoundKey tc ng ln mi ct ca trng thi

3.5 Pht sinh kha ca mi chu k

Cc kha ca mi chu k (RoundKey) c pht sinh t kha chnh. Quy trnh

pht sinh kha cho mi chu k gm 2 giai on::

1. Mrng kha chnh thnh bng kha mrng,

2. Chn kha cho mi chu k t bng kha mrng.

3.5.1 Xy dng bng kha mrng

Bng kha mrng l mng 1 chiu cha cc t (c di 4 byte), c k hiul w[Nb*(Nr+ 1)]. Hm pht sinh bng kha mrng ph thuc vo gi trNk,

tc l ph thuc vo di ca m kha chnh.


60/289

Chng 3

60

Hm SubWord(W) thc hin vic thay th (s dng S-box) tng byte thnh phn

ca t 4 byte c a vo v tr kt qu v l mt t bao gm 4 byte kt qu sau

khi thc hic vic thay th.

Hm RotWord(W) thc hin vic dch chuyn xoay vng 4 byte thnh phn (a, b,

c, d) ca tc a vo. Kt qu tr v ca hm RotWord l mt t gm 4 byte

thnh phn l (b, c, d, a).

KeyExpansion(byte key[4 * Nk], word w[Nb * (Nr + 1)], Nk)

begin

i=0

while (i < Nk)

w[i] = word[key[4*i],key[4*i+1],

key[4*i+2],key[4*i+3]]

i = i + 1

end while

i = Nk

while (i < Nb * (Nr + 1))

word temp = w[i - 1]

if (i mod Nk = 0) then

temp = SubWord(RotWord(temp)) xor Rcon[i / Nk]

else

if (Nk = 8) and (i mod Nk = 4) then

temp = SubWord(temp)

end if

w[i] = w[i - Nk] xor temp

i = i + 1

end while

end


61/289


61

Cc hng s ca mi chu k hon ton c lp vi gi trNkv c xc nh

bng Rcon[i] = (RC[i], {00}, {00}, {00}) vi RC[i] GF(28) v tha:

RC[1]=1 ({01})

RC[i] =x ({02})(RC[i-1]) =x(i1) (3.25)

3.5.2 Xc nh kha ca chu kKha ca chu k thic xc nh bao gm cc t (4 byte) c ch s t *Nb i

n * ( 1) 1Nb i + ca bng m kha mrng. Nh vy, m kha ca chu k th

i bao gm cc phn t [ * ]w Nb i , [ * 1]w Nb i + ,, [ *( 1) 1]w Nb i + .

w0 w1 w2 w3 w4 w5 w6 w7 w8 w9 w10 w11 w12 w13 w14 w15 w16 w17 ...

Ma khoa chu ky 0 Ma khoa chu ky 1 Ma khoa chu ky 2 ...

Hnh 3.7.Bng m kha mrng v cch xc nh m kha ca chu k(Nb = 6 v Nk = 4)

Vic pht sinh m kha cho cc chu k c thc thc hin m khng nht thit

phi s dng n mng [ *( 1)]w Nb Nr + . Trong trng hp dung lng b nh

hn ch nhcc th thng minh, cc m kha cho tng chu k c thc xc

nh khi cn thit ngay trong qu trnh x l m ch cn s dng

max( , )*4Nk Nb byte trong b nh.

Bng kha m rng lun c tng pht sinh t kha chnh m khng cn

phi c xc nh trc tip t ngi dng hay chng trnh ng dng. Vic


62/289

Chng 3

62

chn la kha chnh (Cipher Key) l hon ton t do v khng c mt iu kin

rng buc hay hn ch no.

3.6 Quy trnh gii m

Quy trnh gii m c thc hin qua cc giai on sau:


gii m.

2. 1Nr chu k gii m bnh thng: mi chu k bao gm bn bc bin i

lin ti p nhau: InvShiftRows, InvSubBytes, AddRoundKey,InvMixColumns.

3. Thc hin chu k gii m cui cng. Trong chu k ny, thao tc

InvMixColumns c b qua.

Di y l m gi ca quy trnh gii m:

InvCipher( byte in[4 * Nb],

byte out[4 * Nb],


begin

byte state[4,Nb]

state = in

AddRoundKey(state, w + Nr * Nb) // Xem phn 3.4.6

for round = Nr - 1 downto 1

InvShiftRows(state) // Xem phn 3.6.1

InvSubBytes(state) // Xem phn 3.6.2


InvMixColumns(state) // Xem phn 3.6.3

end for


63/289


63

InvShiftRows(state)

InvSubBytes(state)

AddRoundKey(state, w)

out = state

end

3.6.1 Php bin i InvShiftRows

Hnh 3.8. Thao tc InvShiftRows tc ng ln tng dng ca

trng thi hin hnh

InvShiftRows chnh l php bin i ngc ca php bin i ShiftRows. Dng

u tin ca trng thi s vn c gi nguyn trong khc ba dng cui ca trng

thi s c dch chuyn xoay vng theo chiu ngc vi php bin i

ShiftRows vi cc di sNbshift(r,Nb) khc nhau. Cc byte cui dng c

a vng ln u dng trong khi cc byte cn li c khuynh hng di chuyn v

cui dng.

crNbNbrshiftcr ss ,'

mod)),((, =+ vi 0< r


64/289

Chng 3

64

Gi tr ca di sshift(r,Nb) ph thuc vo ch s dng rv kch thc Nb ca

khi v c th hin trong Bng 3.1.

InvShiftRows(byte state[4,Nb])

begin

byte t[Nb]

for r = 1 to 3

for c = 0 to Nb - 1

t[(c + h[r,Nb]) mod Nb] = state[r,c]

end forfor c = 0 to Nb 1

state[r,c] = t[c]

end for

end for

end

3.6.2 Php bin i InvSubBytesPhp bin i ngc ca thao tc SubBytes, k hiu l InvSubBytes, s dng

bng thay th nghch o ca S-box trn GF(28), k hiu l S-box-1. Qu trnh

thay th 1 bytey da vo S-box-1 bao gm hai bc sau:

1. p dng php bin i affine (trn GF(2)) sau i vi y (c biu din nhphn l { }01234567 yyyyyyyy ):


65/289


66/289

Chng 3

66

Bng D.2 th hin bng thay th nghch o c s dng trong php bin i

InvSubBytes

3.6.3 Php bin i InvMixColumnsInvMixColumns l bin i ngc ca php bin i MixColumns. Mi ct ca

trng thi hin hnh c xem nha thcs(x) bc 4 c cc h s thuc GF(28)

v c nhn vi a thc a-1(x) l nghch o ca a thc a(x) (modulo M(x))

c s dng trong php bin i MixColumns.

a-1(x) = {0b}x3 + {0d}x2 + {09}x + {0e} (3.29)

Php nhn )()()( 1 xsxaxs = c thc biu din di dng ma trn:

=

c

c

c

c

c

c

c

c

ss

s

s

ss

s

s

,3

,2

,1

,0

',3

',2

',1

',0

0e090d0b0b0e090d

0d0b0e09

090d0b0e

vi 0 c


67/289


67

block[r,c] =

FFmul(0x0e, t[r]) xor

FFmul(0x0b, t[(r + 1) mod 4]) xor

FFmul(0x0d, t[(r + 2) mod 4]) xor

FFmul(0x09, t[(r + 3) mod 4])

end for

end for

end

3.6.4 Quy trnh gii m tngngNhn xt:

1. Php bin i InvSubBytes thao tc trn gi tr ca tng byte ring bit ca

trng thi hin hnh, trong khi php bin i InvShiftRowsch thc hin

thao tc di chuyn cc byte m khng lm thay i gi tr ca chng. Do ,

th t ca hai php bin i ny trong quy trnh m ha c thc o

ngc.

2. Vi php bin i tuyn tnhA bt k, ta c ( ) ( ) ( )x k A x A k + = + . T,

suy ra

InvMixColumns(state XOR Round Key)=

InvMixColumns(state) XOR InvMixColumns(Round Key)

Nh vy, th t ca php bin i InvMixColumns v AddRoundKey trong quy

trnh gii m c thc o ngc vi iu kin mi t (4 byte) trong bng m

kha mrng s dng trong gii m phi c bin i bi InvMixColumns. Do

trong chu k m ha cui cng khng thc hin thao tc MixColumns nn khng


68/289

Chng 3

68

cn thc hin thao tc InvMixColumns i vi m kha ca chu k gii m u

tin cng nh chu k gii m cui cng.

Vy, quy trnh gii m Rijndael c thc thc hin theo vi trnh t cc php

bin i ngc hon ton tngngvi quy trnh m ha.

EqInvCipher(byte in[4*Nb], byte out[4*Nb],

word dw[Nb*(Nr+1)])

begin

byte state[4,Nb]

state = in

AddRoundKey(state, dw + Nr * Nb)

for round = Nr - 1 downto 1

InvSubBytes(state)

InvShiftRows(state)

InvMixColumns(state)

AddRoundKey(state, dw + round * Nb)

end for

InvSubBytes(state)

InvShiftRows(state)

AddRoundKey(state, dw)

out = state

end

Trong quy trnh trn, bng m kha mrng dwc xy dng t bng m kha

wbng cch p dng php bin i InvMixColumns ln tng t (4 byte) trong w,

ngoi trNb tu tin v cui cng ca w.


69/289


69

for i = 0 to (Nr + 1) * Nb 1

dw[i] = w[i]

end for

for rnd = 1 to Nr 1

InvMixColumns(dw + rnd * Nb)

end for

3.7 Cc vn ci t thut ton

Gi a l trng thi khi bt u chu k m ha. Gi b, c, d, e ln lt l trng thikt qu u ra sau khi thc hin cc php bin i SubBytes, ShiftRows,

MixColumns v AddRoundKeytrong chu kang xt. Quy c: trong trng thi

s ( , , , ,a b c d e= ), ct thjc k hiusj, phn t ti dng i ctj k hiu lsi,j.

Sau bin i SubBytes:

=

][

][

][

][

,3

,2

,1

,0

,3

,2

,1

,0

j

j

j

j

j

j

j

j

aS

aS

aS

aS

b

b

b

b

(3.31)

Sau bin i ShiftRows: ( )( )( )( )

( )( )

=

+

+

+

NbNbshiftj

NbNbshiftj

NbNbshiftj

j

j

j

j

j

b

b

b

b

c

c

c

c

mod,3,3

mod,2,2

mod,1,1

,0

,3

,2

,1

,0

(3.32)

Sau bin i MixColumns:

=

j

j

j

j

j

j

j

j

c

c

c

c

d

d

d

d

,3

,2

,1

,0

,3

,2

,1

,0

02010103

03020101

01030201

01010302

(3.33)


70/289

Chng 3

70

Sau bin i AddRoundKey:

=

j

j

j

j

j

j

j

j

j

j

j

j

k

k

k

k

d

d

d

d

e

e

e

e

,3

,2

,1

,0

,3

,2

,1

,0

,3

,2

,1

,0

(3.34)

Kt h p cc kt qu trung gian ca mi php bin i trong cng chu k vinhau, ta c:

( )( )[ ]( )( )[ ]

( )( )[ ]

=

+

+

+

j

j

j

j

NbNbshiftj

NbNbshiftj

NbNbshiftj

j

j

j

j

j

k

k

k

k

aS

aS

aS

aS

e

e

e

e

,3

,2

,1

,0

mod,3,3

mod,2,2

mod,1,1

,0

,3

,2

,1

,0 ][

02010103

03020101

01030201

01010302

(3.35)

K hiu [ ] ( )( ) NbNbrshiftjrj mod,+= , biu thc (3.35) c th vit li nh sau:

[ ]

[ ]

[ ]

[ ]

0, 0

0, 0,

1, 11, 1,

2, 2,2, 2

3, 3,

3, 3

[ ]02 03 01 01

01 02 03 01

01 01 02 0303 01 01 02

j

j

jj

jj

j

j

S ae k

S ae k

e kS ae k

S a

=

(3.36)

Khai trin php nhn ma trn, ta c:

[ ] [ ] [ ] [ ]

0, 0,

1, 1,

0, 0 1, 1 2, 2 3, 32, 2,

3, 3,

02 03 01 01

01 02 03 01

01 01 02 03

03 01 01 02

j j

j j

j j j jj j

j j

e k

e kS a S a S a S a

e k

e k

=

(3.37)


71/289


71

nh ngha cc bng tra cu T0, T1, T2, T3 nh sau:

[ ]

[ ][ ]

[ ][ ]

=

03

02

0

aSaS

aS

aS

aT , [ ]

[ ][ ]

[ ][ ]

=

aa

a

a

a

SS

02S

03S

T1

,

[ ]

[ ][ ][ ]

[ ]

=

aS

aS

aS

aS

aT02

032 , [ ]

[ ][ ]

[ ][ ]

=

02

033

aS

aS

aS

aS

aT (3.38)

Khi , biu thc (3.38) c vit li nh sau:

[ ] jNbroundijiii

j waTe +=

= *][,

3

0

(3.39)

vi roundl s th t ca chu kang xt.

Nh vy, mi ct ej ca trng thi kt qu sau khi thc hin mt chu k m ha

c thc xc nh bng bn php ton XOR trn cc s nguyn 32 bit s dng

bn bng tra cu T0, T1, T2 v T3.

Cng thc (3.39) ch p dng c cho Nr-1 chu k u. Do chu k cui cng

khng thc hin php bin i MixColumns nn cn xy dng 4 bng tra cu

ring cho chu k ny:

[ ]

=

0

0

0

][

0

aS

aU , [ ]

=

0

0

][

0

1

aSaU , [ ]

=

0

][

0

0

2 aSaU , [ ]

=

][

0

0

0

3

aS

aU (3.40)


72/289

Chng 3

72

3.7.1 Nhn xtK thut s dng bng tra cu gip ci thin tc m ha v gii m mt cch

ng k. Ngoi ra, k thut ny cn gip chng li cc phng php ph m da

trn thi gian m ha do khi s dng bng tra cu, thi gian m ha d liu bt

ku nh nhau.

K thut ny c thc s dng trong quy trnh m ha v quy trnh gii m

tng ng do s tng ng gia cc bc thc hin ca hai quy trnh ny. Khi

, chng ta c th dng chung mt quy trnh cho vic m ha v gii m nhngs dng bng tra khc nhau.

Trn thc t, cc bng tra cu c thc lu tr sn hoc c xy dng trc

tip da trn bng thay th S-Box cng vi thng tin v cc khun dng tng

ng.

Trn cc b vi x l 32-bit, nhng thao tc bin i s dng trong quy trnh m

ha c thc ti u ha bng cch s dng bn bng tra cu, mi bng c 256

phn t vi kch thc mi phn t l 4 byte. Vi mi phn ta GF(28), t:

[ ]

[ ][ ][ ]

[ ]

=

03

02

0

aS

aS

aS

aS

aT , [ ]

[ ][ ]

[ ]

[ ]

=

a

a

a

a

a

S

S

02S

03S

T1 ,

[ ]

[ ][ ][ ]

[ ]

=

aS

aS

aS

aS

aT02

032 , [ ]

[ ][ ]

[ ][ ]

=

02

033

aS

aS

aS

aS

aT (3.41)


73/289


73

Nhn xt: Ti[a] = RotWord(Ti-1[a]) vi 1,2,3i = . K hiu RotWordi l hm x

l gm i ln thc hin hm RotWord, ta c:

[ ] [ ]( )aTaTi

i 0RotWord= (3.42)

Nh vy, thay v dng 4 kilobyte lu tr sn c bn bng, ch cn tn 1

kilobyte lu bng u tin, cc bng cn li c thc pht sinh li khi s

dng. Cc hn ch v b nhthng khng c t ra, tr mt s t trng hp

nhi vi cc applet hay servlet. Khi , thay v lu tr sn bng tra cu, ch

cn lu on m x l pht sinh li cc bng ny. Lc , cng thc (3.39) s tr

thnh:

[ ] [ ]( )][RotWord][ ,03

0,

3

0iji

i

ijijii

ijj aTkaTke

==

== (3.43)

3.8 Kt qu th nghim

Bng 3.2. Tc xl ca phng php Rijndael

Tc x l (Mbit/giy)Kch thc

(bit)Pentium200 MHz

Pentium II400 MHz

Pentium III733 MHz

Pentium IV2.4 GHz

Kha Khi C++ C C++ C C++ C C++ C128 128 69.4 70.5 138.0 141.5 252.9 259.2 863.0 884.7192 128 58.0 59.8 116.2 119.7 212.9 219.3 726.5 748.3256 128 50.1 51.3 101.2 101.5 185.5 186.1 633.5 634.9

Kt qu th nghim thut ton Rijndael c ghi nhn trn my Pentium 200

MHz (s dng hiu hnh Microsoft Windows 98), my Pentium II 400 MHz,

Pentium III 733 MHz (s dng h iu hnh Microsoft Windows 2000

Professional), Pentium IV 2,4GHz (s dng hiu hnh Microsoft Windows XP

Service Pack 2).


74/289

Chng 3

74

3.9 Kt lun

3.9.1 Kh nng an tonVic s dng cc hng s khc nhau ng vi mi chu k gip hn ch kh nng

tnh i xng trong thut ton. S khc nhau trong cu trc ca vic m ha v

gii m hn chc cc kha yu (weak key) nh trong phng php DES

(xem phn 4.5.1). Ngoi ra, thng thng nhng im yu lin quan n m kha

u xut pht t s ph thuc vo gi tr c th ca m kha ca cc thao tc phi

tuyn nh trong phng php IDEA (International Data Encryption Algorithm).

Trong cc phin bn mrng, cc kha c s dng thng qua thao tc XOR v

tt c nhng thao tc phi tuyn u c cnh sn trong S-box m khng ph

thuc vo gi tr c th ca m kha (xem phn 4.5.4). Tnh cht phi tuyn cng

kh nng khuch tn thng tin (diffusion) trong vic to bng m kha mrng

lm cho vic phn tch mt m da vo cc kha tng ng hay cc kha c

lin quan trnn khng kh thi (xem phn 4.5.5). i vi phng php vi phn

rt gn, vic phn tch ch yu khai thc c tnh tp trung thnh vng (cluster)

ca cc vt vi phn trong mt s phng php m ha. Trong trng hp thut

ton Rijndael vi s lng chu k ln hn 6, khng tn ti phng php cng

ph mt m no hiu qu hn phng php th v sai (xem phn 4.5.2). Tnh

cht phc tp ca biu thc S-box trn GF(28) cng vi hiu ng khuch tn gip

cho thut ton khng th b phn tch bng phng php ni suy (xem phn

4.5.3).


75/289


75

3.9.2 nh giPhng php Rijndael thch h p cho vic trin khai trn nhiu h thng khc

nhau, khng ch trn cc my tnh c nhn m in hnh l s dng cc chip

Pentium, m c trn cc h thng th thng minh. Trn cc my tnh c nhn,

thut ton AES thc hin vic x l rt nhanh so vi cc phng php m ha

khc. Trn cc h thng th thng minh, phng php ny cng pht huy u im

khng ch nhvo tc x l cao m cn nhvo m chng trnh ngn gn,

thao tc x l s dng t b nh. Ngoi ra, tt c cc bc x l ca vic m ha

v gii m u c thit k thch hp vi cch x l song song nn phng

php Rijndael cng chng t th mnh ca mnh trn cc h thng thit b mi.

Do c tnh ca vic x l thao tc trn tng byte d liu nn khng c s khc

bit no c t ra khi trin khai trn h thng big-endian hay little-endian.

Xuyn sut phng php AES, yu cu n gin trong vic thit k cng tnh

linh hot trong x l lun c t ra v c p ng. ln ca khi d

liu cng nh ca m kha chnh c th ty bin linh hot t 128 n 256-bit vi

iu kin l chia ht cho 32. S lng chu k c thc thay i ty thuc vo

yu cu ring c t ra cho tng ng dng v h thng c th.

Tuy nhin, vn tn ti mt s hn ch m hu ht lin quan n qu trnh gii m.

M chng trnh cng nh thi gian x l ca vic gii m tng i ln hn

vic m ha, mc d thi gian ny vn nhanh hn ng k so vi mt s phng

php khc. Khi ci t bng chng trnh, do qu trnh m ha v gii m khng

ging nhau nn khng th tn dng li ton bon chng trnh m ha cng

nh cc bng tra cu cho vic gii m. Khi ci t trn phn cng, vic gii m


76/289

Chng 3

76

ch s dng li mt phn cc mch in t s dng trong vic m ha v vi trnh

t s dng khc nhau.

Phng php Rijndael vi mc an ton rt cao cng cc u im ng ch

khc chc chn s nhanh chng c p dng rng ri trong nhiu ng dng trn

cc h thng khc nhau.


77/289

Phng php Rijndael mrng

77

Chng 4Phng php Rijndael m rng

Trong chng 3, chng ta tm hiu vphng php m ha Rijndael.Ni dung ca chng 4 s trnh by mt sphin bn m rng ca chun m

ha Rijndael. Mt skt qu thnghim cng vi phn phn tch v chng minh

kh nng an ton ca phng php Rijndael v cc phin bn mrng ny cng

c trnh by trong chng 4.

4.1 Nhu cu m rng phng php m ha Rijndael

Vo th p nin 1970-1980, phng php DES vn c xem l rt an ton v

cha th cng ph bng cc cng ngh thi by gi. Tuy nhin, hin nay phng

php ny c th b ph vv trnn khng cn an ton bo v cc thng

tin quan trng. y chnh l mt trong nhng l do m NIST quyt nh chn

mt thut ton m ha mi thay th DES nhm phc v nhu cu bo mt

thng tin ca Chnh ph Hoa K cng nh trong mt sng dng dn s khc.

Phng php m ha Rijndael c nh gi c an ton rt cao v phng

php vt cn vn l cch hiu qu nht cng ph thut ton ny. Vi kh nng


78/289

Chng 4

78

hin nay ca cc h thng my tnh trn Th gii th gii php vt cn vn l

khng kh thi. Tuy nhin, vi s pht trin ngy cng nhanh ca cng ngh thng

tin, cc th h my tnh mi ra i vi nng lc v tc x l ngy cng cao,

thut ton Rijndael s c th b cng ph trong tng lai. Khi , nhng thng tin

quan trng vn c bo mt bng phng php Rijndael cn phi c m

ha li bng mt phng php m ha mi an ton hn. Vn ti t chc d

liu quan trng c tch ly sau nhiu thp nin l hon ton khng n gin.

iu ny dn n yu cu m rng nng cao an ton ca thut ton,

chng hn nh tng kch thc kha v kch thc khi c x l. Cc phin

bn mrng 256/384/512-bit v phin bn mrng 512/768/1024-bit ca thut

ton Rijndael c trnh by di y c chng ti xy dng trn cng cs

l thuyt ca thut ton nguyn thy v c kh nng x l cc kha v khi d

liu ln hn nhiu ln so vi phin bn gc.

4.2 Phin bn m rng 256/384/512-bit

Trong thut ton m rng 256/384/512-bit ca phng php Rijndael, mi t

gm cNw=8 byte. Mi trng thi c thc biu din di dng mt ma trn

gm 8 dng vNb ct viNb bng vi di ca khi chia cho 64. Kha chnh

cng c biu din di dng mt ma trn gm 8 dng v Nkct viNkbng

vi di ca kha chia cho 64. Ma trn biu din 1 trng thi hay kha c th

c kho st di dng mng 1 chiu cc t (Nw byte), mi phn t tng ng

vi 1 ct ca ma trn.

S lng chu k, k hiu lNr, c gi tr l

Nr= max{Nb,Nk}+ 6 (4.1)


79/289


79

4.2.1 Quy trnh m haTrong quy trnh m ha vn s dng 4 php bin i chnh nh trnh by trong

thut ton m ha Rijndael cbn:

1. AddRoundKey: cng ( ) m kha ca chu k vo trng thi hin hnh.

di ca m kha ca chu k bng vi kch thc ca trng thi.

2. SubBytes: thay th phi tuyn mi byte trong trng thi hin hnh thng qua


3. MixColumns: trn thng tin ca tng ct trong trng thi hin hnh. Mi ct

c x l c lp.

4. ShiftRows: dch chuyn xoay vng tng dng ca trng thi hin hnh vi

di s khc nhau.

Mi php bin i thao tc trn trng thi hin hnh S. Kt quSca mi php

bin i s trthnh u vo ca php bin i k tip trong quy trnh m ha.

Trc tin, ton b d liu u vo c chp vo mng trng thi hin hnh.

Sau khi thc hin thao tc cng m kha u tin, mng trng thi sc tri

quaNr= 10, 12 hay 14 chu k bin i (ty thuc vo di ca m kha chnhcng nh di ca khi c x l). 1Nr chu ku tin l cc chu k bin

i bnh thng v hon ton tng t nhau, ring chu k bin i cui cng c

s khc bit so vi 1Nr chu k trc . Cui cng, ni dung ca mng trng

thi sc chp li vo mng cha d liu u ra.


80/289

Chng 4

80

Hnh 4.1 th hin kin trc ca mt chu k bin i trong thut ton Rijndael m

rng 256/384/512-bit viNb = 4.

Quy trnh m ha Rijndael mrng c tm tt li nh sau:


m ha.

2. Nr1 chu k m ha bnh thng: mi chu k bao gm 4 bc bin i lin

tip nhau: SubBytes, ShiftRows, MixColumns, v AddRoundKey.

3. Thc hin chu k m ha cui cng: trong chu k ny thao tc MixColumns

c b qua.

Hnh 4.1.Kin trc mt chu k bin i ca

thut ton Rijndael mrng 256/384/512-bit vi Nb = 4

Trong thut ton di y, mng w[] cha bng m kha mrng; mng in[]

v out[] ln lt cha d liu vo v kt qu ra ca thut ton m ha.


81/289


81

Cipher(byte in[8 * Nb],

byte out[8 * Nb],


begin

byte state[8,Nb]

state = in

AddRoundKey(state, w) // Xem phn 4.2.1.4

for round = 1 to Nr 1

SubBytes(state) // Xem phn 4.2.1.1

ShiftRows(state) // Xem phn 4.2.1.2

MixColumns(state) // Xem phn 4.2.1.3


end for

SubBytes(state)

ShiftRows(state)

AddRoundKey(state, w + Nr * Nb)

out = stateend

4.2.1.1 Php bin i SubBytes

Thao tc bin i SubBytesl php thay th cc byte phi tuyn v tc ng mt

cch c lp ln tng byte trong trng thi hin hnh. Bng thay th (S-box) ctnh kh nghch v qu trnh thay th 1 bytex da vo S-box bao gm hai bc:

1. Xc nh phn t nghch ox1 GF(28). Quy c {00}1 = {00}


82/289

Chng 4

82

2. p dng php bin i affine (trn GF(2)) i vix1 (gi sx1 c biu din

nh phn l { }01234567 xxxxxxxx ):

iiiiiii cxxxxxy = ++++ 8mod)7(8mod)6(8mod)5(8mod)4( (4.2)

vi ci l bit thi ca {63}, 0 i 7.

Php bin i SubBytes c th hin di dng m gi:

SubBytes(byte state[8,Nb])

begin

for r = 0 to 7

for c = 0 to Nb - 1

state[r,c] = Sbox[state[r,c]]

end for

end for

end

Bng D.2 th hin bng thay th nghch o c s dng trong php bin i

SubBytes.

4.2.1.2 Php bin i ShiftRows

Trong thao tc bin i ShiftRows, mi dng ca trng thi hin hnh c dch

chuyn xoay vng vi di khc nhau. Byte Sr,c ti dng rct c s dch chuynn ct (c -shift(r,Nb)) modNb hay:

( )( ) NbNbrshiftcrcr ss mod,,', += vi 0< r


83/289


83

Php bin i ShiftRows c th hin di dng m gi:

ShiftRows(byte state[8,Nb])

begin

byte t[Nb]

for r = 1 to 7

for c = 0 to Nb - 1

t[c] = state[r, (c + shift[r,Nb]) mod Nb]

end for

for c = 0 to Nb 1

state[r,c] = t[c]

end for

end for

end

4.2.1.3 Php bin i MixColumns

Trong thao tc bin i MixColumns, mi ct ca trng thi hin hnh c biu

din di dng a thcs(x) c cc h s trn GF(28). Thc hin php nhn:

( ) ( ) ( )xsxaxs =' vi ( ) =

=7

0i

iixaxa , ia GF(2

8) (4.5)

t

=

01234567

70123456

67012345

56701234

45670123

34567012

23456701

12345670

aM (4.6)


84/289

Chng 4

84

Ta c:

=

c

c

c

c

c

c

c

c

a

c

c

c

c

c

c

c

c

s

s

s

ss

s

s

s

M

s

s

s

ss

s

s

s

,7

,6

,5

,4

,3

,2

,1

,0

,7

,6

,5

,4

,3

,2

,1

,0

'

'

'

''

'

'

'

, 0cNb (4.7)

Chng ta c nhiu kh nng chn la a thc a(x) khc nhau m vn m botnh hiu qu v an ton ca thut ton. m bo cc tnh cht an ton ca

mnh, cc h s ca ma trn ny phi tha cc tnh cht sau:

1. Kh nghch.

2. Tuyn tnh trn GF(2).

3. Cc phn t ma trn (cc h s) c gi tr cng nh cng tt.

4. Kh nng chng li cc tn cng ca thut ton (xem 4.4 - Phn tch mt m

vi phn v phn tch mt m tuyn tnh)

on m chng trnh di y th hin thao tc bin i MixColumns vi a

thc c trnh by trong cng thc (2.6). Trong on chng trnh ny, hm

FFmul(x,y) thc hin php nhn (trn trng GF(28)) hai phn tx vy vi

nhau.


85/289


86/289

Chng 4

86

Nhn xt: Thao tc bin i ngc ca AddRoundKey cng chnh l thao tc

AddRoundKey.

Trong on chng trnh di y, hm xbyte(r, w) thc hin vic ly byte

thrtrong tw.

AddRoundKey(byte state[8,Nb], word rk[])

// rk = w + round * Nb

begin

for c = 0 to Nb 1

forr = 0

to7

state[r,c] = state[r,c] xor xbyte(r, rk[c])

end for

end for

end

4.2.2 Pht sinh kha ca mi chu kQuy trnh pht sinh kha cho mi chu k bao gm hai giai on:

1. Mrng kha chnh thnh bng m kha mrng,

2. Chn kha cho mi chu k t bng m kha mrng.

4.2.2.1 Xy dng bng kha mrng

Bng kha mrng l mng 1 chiu cha cc t (c di 8 byte), c k hiu

l w[Nb*(Nr+ 1)]. Hm pht sinh bng kha mrng ph thuc vo gi trNk,

tc l ph thuc vo di ca m kha chnh.


87/289


87

Hm SubWord(W) thay th (s dng S-box) tng byte thnh phn ca mt t

(c di 8 byte).

Hm RotWord(W) thc hin vic dch chuyn xoay vng 8 byte thnh phn(b0, b1, b 2, b 3, b 4, b 5, b 6, b7) ca tc a vo. Kt qu tr v ca hm

RotWordl 1 t gm 8 byte thnh phn l (b1, b 2, b 3, b 4, b 5, b 6, b7, b0).

KeyExpansion(byte key[8 * Nk], word w[Nb * (Nr + 1)], Nk)

begin

i = 0

while (i < Nk)

w[i]=word[ key[8*i] , key[8*i+1],

key[8*i+2], key[8*i+3],

key[8*i+4], key[8*i+5],

key[8*i+6], key[8*i+7]]

i = i + 1

end while

i = Nk

while (i < Nb * (Nr + 1))

word temp = w[i - 1]

if (i mod Nk = 0) then

temp = SubWord(RotWord(temp)) xor Rcon[i / Nk]

else

if ((Nk = 8) and (i mod Nk = 4)) then

temp = SubWord(temp)

end if

end if

w[i] = w[i - Nk] xor temp

i = i + 1

end while

end

Cc hng s ca mi chu k hon ton c lp vi gi trNkv c xc nh

bng Rcon[i] = (xi1, 0, 0, 0, 0, 0, 0, 0), i 1


88/289

Chng 4

88

4.2.2.2 Xc nh kha ca chu k

M kha ca chu k th ic xc nh bao gm cc t (8 byte) c ch s t

*Nb i n *( 1) 1Nb i + ca bng m kha m rng. Nh vy, m kha ca

chu k thi bao gm cc phn t [ * ]w Nb i , [ * 1]w Nb i + , , [ *( 1) 1]w Nb i + .

w0 w1 w2 w3 w4 w5 w6 w7 w8 w9 w10 w11 w12 w13 w14 w15 w16 w17 ...

Ma khoa chu ky 0 Ma khoa chu ky 1 Ma khoa chu ky 2 ...

Hnh 4.2.Bng m kha mrng v cch xc nh m kha ca chu k

(vi Nb = 6 v Nk = 4)

4.2.3 Quy trnh gii m

Quy trnh gii m c thc hin qua cc giai on sau:


gii m.

2. Nr 1 chu k gii m bnh thng: mi chu k bao gm bn bc bin i

lin ti p nhau: InvShiftRows, InvSubBytes, AddRoundKey,

InvMixColumns.

3. Thc hin chu k gii m cui cng. Trong chu k ny, thao tc

InvMixColumnsc b qua.


89/289


89

InvCipher( byte in[8 * Nb],

byte out

Date post:	10-Apr-2018
Category:	Documents
Upload:	bienkhat
View:	216 times
Download:	0 times

Book MaHoaVaUngDung Update2

Documents