Bài giảng Mật mã học: Tổng quan về mật mã học cung cấp cho người học các kiến thức: Introduction, information security and cryptography, cryptographic goals, one-way functions, basic terminology and concepts,... Mời các bạn cùng tham khảo.
Trang 1Tổng quan về mật mã học
Huỳnh Trọng Thưa htthua@ptithcm.edu.vn
Trang 2• Cryptography was used as a
tool to protect national
secrets and strategies.
• 1960s (computers and
communications systems) ->
means to protect information
and to provide security
services.
Trang 4Information security and
Trang 5Information security and
Trang 6Information security and
cryptography (cont.)
• Cryptography is the study of mathematical
techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin
authentication.
• Cryptography is not the only means of
providing information security, but rather one set of techniques.
Trang 8A taxonomy of
cryptographic
primitives
Trang 101-1 functions
• A function is 1 − 1 (injection - đơn ánh) if each
element in Y is the image of at most one
element in X
• A function is onto (toàn ánh) if each element
in Y is the image of at least one element in X,
i.e Im(f)=Y
• If a function f: X → Y is 1−1 and Im(f)=Y, then f
is called a bijection (song ánh).
Trang 11Inverse function
• f:XY and g:YX; g(y)=x where f(x)=y
• g obtained from f, called the inverse function of f, g = f −1
• Ex: Let X = {a, b, c, d, e}, and Y = {1, 2, 3, 4, 5}
Trang 12One-way functions
• A function f from a set X to a set Y is called a
one-way function if f(x) is “easy” to compute
for all x ∈ X but for “essentially all” elements y
∈ Im(f) it is “computationally infeasible” to
find any x ∈ X such that f(x)= y.
– Ex: X = {1, 2, 3, , 16}, f(x)= rx for all x ∈ X where rx
is the remainder when 3x is divided by 17
Trang 13(Hoán vị)
• Let S be a finite set of elements.
– A permutation p on S is a bijection from S to itself (i.e., p: S→S)
• Ex: S = {1, 2, 3, 4, 5} A permutation p: S→S is defined as follows:
p(1) = 3,p(2) = 5,p(3) = 4,p(4) = 2,p(5) = 1.
Trang 15Basic terminology and concepts
• M denotes a set called the message space
– An element of M is called a plaintext message
– Ex: M may consist of binary strings, English text, computer code, etc.
• C denotes a set called the ciphertext space
– C consists of strings of symbols from an alphabet of
definition, which may differ from the alphabet of definition for M.
– An element of C is called a ciphertext.
Trang 16Encrypt and decrypt transformations
• For each d ∈ K, D d denotes a bijection from C to M
(i.e., Dd : C→M) D d is called a decryption function or decryption transformation
Trang 17Encrypt and decrypt transformations
(cont.)
• Ee : e ∈ K ; Dd : d ∈ K
– for each e ∈ K there is a unique key d ∈ K such that Dd = Ee-1 ;
– that is, Dd(Ee(m)) = m for all m ∈ M
• The keys e and d in the preceding definition are referred to as a
key pair and some times denoted by (e, d).
• To construct an encryption scheme requires one to select
– a message space M,
– a ciphertext space C,
Trang 18Ex of encryption scheme
• Let M = {m1,m2,m3} and C = {c1,c2,c3}
– There are precisely 3! = 6 bijections from M to C.
– The key space K = {1, 2, 3, 4, 5, 6} has six elements in it,
each specifying one of the transformations.
Trang 19Communication participants
Trang 20• A channel is a means of conveying information from
one entity to another
• An unsecured channel is one from which parties
other than those for which the information is
intended can reorder, delete, insert, or read
• A secured channel is one from which an adversary
does not have the ability to reorder, delete, insert, or read
Trang 21• A fundamental premise in cryptography is that the sets M, C,K, {Ee : e ∈ K}, {Dd : d ∈ K} are
public knowledge.
• When two parties wish to communicate
securely using an encryption scheme, the only thing that they keep secret is the particular
key pair (e, d) which they are using, and which
Trang 22Security (cont.)
• An encryption scheme is said to be breakable
if a third party, without prior knowledge of the key pair (e, d), can systematically recover
plaintext from corresponding ciphertext
within some appropriate time frame.
• The number of keys (i.e., the size of the key
space) should be large enough to make this
approach computationally infeasible.
Trang 23• Cryptanalysis is the study of mathematical techniques for attempting to defeat cryptographic techniques,
and, more generally, information security services
• A cryptanalyst is someone who engages in
Trang 24Symmetric-key encryption
• Block ciphers
• Stream ciphers
Trang 25Overview of block ciphers and
stream ciphers
• Let {Ee : e ∈K} and {Dd : d ∈K}, K is the key space
– The encryption scheme is said to be symmetric-key if for each associated encryption/decryption key pair (e, d), it is computationally “easy” to determine d knowing only e,
and to determine e from d.
• Since e = d in most practical symmetric-key
encryption schemes, the term symmetric-key
becomes appropriate
Trang 26Ex of symmetric-key encryption
• Let A = {A,B,C, ,X,Y, Z} be the English alphabet
• Let M and C be the set of all strings of length five
over A
• The key e is chosen to be a permutation on A
Trang 27Ex (cont.)
Trang 28Block ciphers
• A block cipher is an encryption scheme which breaks up the plaintext messages to be
transmitted into strings (called blocks) of a
fixed length t over an alphabet A, and
encrypts one block at a time.
• Two important classes of block ciphers are
substitution ciphers and transposition ciphers.
Trang 29Simple substitution ciphers
• Let A be an alphabet of q symbols and M be the set of all strings of length t over A.
• K be the set of all permutations on the set A.
where m =(m1m2 ···mt) ∈ M
• To decrypt c =(c1c2 ··· ct), compute the inverse permutation d = e−1.
Trang 30Polyalphabetic substitution ciphers
(đa chữ cái)
i the key space K consists of all ordered sets of t
permutations (p1,p2, ,pt), where each
permutation pi is defined on the set A;
ii encryption of the message m =(m1m2 ···mt) under
the key e =(p1,p2, ,pt) is given by
Ee(m)=(p1(m1)p2(m2) ··· pt(mt)); and
iii the decryption key associated with e =(p1,p2, ,pt)
is d =(p1−1,p2−1, ,pt−1)
Trang 31Ex of Polyalphabetic (Vigenère cipher)
• Let A = {A,B,C, ,X,Y, Z} and t =3 Choose e =
(p1,p2,p3), where p1 maps each letter to the letter
three positions to its right in the alphabet, p2 to the one seven positions to its right, and p3 ten positions
to its right If
Trang 33Ex of transposition ciphers
e:
d = e−1 :
Plaintext m:
Trang 34Stream ciphers
• Let K be the key space,
– A sequence of symbols e1e2 ··· ei ∈ K, is called a keystream.
• Let Ee be a simple substitution cipher with block
length 1 where e ∈ K.
• Let m1m2 ··· be a plaintext string
• A stream cipher takes the plaintext string and
produces a ciphertext string c1c2 ··· where ci = Eei(mi)
– If di denotes the inverse of ei, then Ddi (ci)= mi decrypts the ciphertext string.
Trang 35The Vernam cipher
• The Vernam Cipher is a stream cipher defined on the alphabet A = {0, 1}
• A binary message m1m2 ···mt is operated on by a
binary key string k1k2 ··· kt of the same length to
produce a ciphertext string c1c2 ··· ct where
• If the key string is randomly chosen and never used again, the Vernam cipher is called a one-time pad
Trang 36Digital signatures
• M is the set of messages which can be signed.
• S is a set of elements called signatures, possibly binary strings
of a fixed length.
• SA is a transformation from the message set M to the
signature set S, and is called a signing transformation for
Trang 37Ex of digital signature scheme
• M= {m1,m2,m3} and S = {s1,s2,s3}.
Trang 38Digital signature mechanism
– Accept the signature as having been created by A if u =
true, and reject the signature if u = false.
Trang 39Public-key cryptography
Trang 40Public-key encryption scheme
Trang 41Hash functions
• A hash function is a computationally efficient
function mapping binary strings of arbitrary length to binary strings of some fixed length, called hash-
values
• It is computationally infeasible to find two distinct
inputs which hash to a common value
• It is computationally infeasible to find an input
(pre-image) x such that h(x)= y.