Professional Documents
Culture Documents
:
:
:
alidahab52@yahoo.com:
:
( ) Cryptography (
0444 ( (
)
(
( ( ( )
. ( (
( .
0694 ( (
) (Digital ( (. (
( IBM ( ( (
0694 ( (
(
) Diffe & Hellman
) Public Key Cryptography ( (
)Security
) Intractability Discrete
) Logarithm Problem (
( . 0694
( ) )Adleman, Shamir, Rivest
( ( ( Digital
) Signature ( ) RSA .
RSA
( ) Factoring (
.) Prime Integers (
( .
( ) ( (
. ( (
.)Insecure 0691
) RSA (
) EI-Gamal ( ( (
. )Public-Key Scheme
( (
( . ) digital signature
( RSA ( EI-
).) Gamal
( (
( ( ( ( .
) Standards (
. (
) Security Products ( ( (
.
:9 -0 (
) :) Cryptography
)Information
(
) )Understood Quantity
( .
( state and
.)requirements (
. :0.0
:
( () . ( . .security
(
.) measurements (
( . .
(
) Eavesdropping (
. )External Security ) ) Internal
(
access control mechanism ( (
( ) )Identification )
(
(
(
) Backup ) .( ( (
( . ( (
( . ( ( ( (
(
)).
( ( (
( ( ( . (
.
)Primitive ( ( ))Encryption
)) Messages
( .
)
(
. ( ) ) Encryption
) .
(
( (
(
) privacy
( ( . ( (
.
( Decryption ( (
( ) Cryptosystems
) Reverse ( ) Encryption
.) Secure Communication ( (
4
( ( .
) ) Authentication
. ( ( .( (
( . ( (
) timestamp (
. ( (
( ( (.
Invertible
(
) ) Transformations ) General System (
)Cryptosystem ( .)System
(
) Parameter
) Enciphering Key .) Key (
) Cryptosystem (
.
(
(
) .
( ( (
) )Procedural Techniques (
. ( (
( (
( .) Not Authorized
.
(
( (
.
( ( .
( .
(
( ( .
(
.
) Digital Signatures
( (
.
(
( ) Identification .) Witness
) Handwritten (
( .) Identification (
.) Identity(
) Unique (
) Authorization .) Validation (
( ;
) Signer .(
( ) Electronic Replication (
.) Triviality
( ( ( )Identification
.
)
( (
. ( ( (
( .)Validation ( (
(
) )Signer ( .
( (
.
:6-0( : ( :) Cryptography
(
( (
)Confidentiality Data
)Integrity )Entity Authentication
.) Data Origin Authentication (
.
( ( ) Cipher System
( ( ( .
(
( ) (
)Cryptographer ( .) Interceptor
( ) maximize ( (
(
( ( .
( ( ( (
( . (
(
( (
) Francois Vite 1540-1603 . ) John Willias 1616-1703
William F.
( ( (
) Friedman 1920 ( . ) Lester S.Hill 1929 (
( ( Hans
) Rohrbach 1903-1993 Alan Mathison Turing 1912-
) 1954 ( ) A.Adrin Albert 1905-1972 Marshall Hall
) b.1910 .
( ( (
) Number Theory( )Group Theory
Complexity
) Combinatory Logic(
) Theory( .) Information Theory (
.
(
(
(
. ( (
7
(.
( ( ( ( .) Criminology
( ( ( (
( .
( ( (
(
( )Code Books (
( . ( ( (
( ( ( (
(
.( (
(
( .
: 04-0 (
:)Cryptographic Objectives
( :) Privacy or Confidentiality (
-0
.
-2 : ) Data Integrity (
( ( ( ( .
-3 ( : ) entity authentication
( (Credit
)Card
:) Message Authentication
-0 (
( .
-1 ) :) Signature( ( .
-9 : ) Authorization ( (
.
-9 : ) Validation (
.
-9 ( : ) Access Control(
. ) Privileged
-6 : ) Certification
.
04 : Timestamping .
-00 ) :) Witness(
.
-02 - ) Receipt ( .
- 03 - Confirmation ( .
- 00 - Ownership (
( .
- 01
.
: ) Anonymity (
- 09 : ) Non-Repudiation
.
- 09
: ) Revocation .
( () ( . .
( :
: ) Confidentiality
-0
( (
.( ( ) Secrecy
.) Privacy
(
-2 ) Data Integrity
( ( )Unauthorized
( ( .
( ) Insertion
)Deletion .)Substitution (
9
(
( .
-3 : )Authentication
( ) Identification (
) Two Parties ( (
( ( .
:
(
-
-
. ) Entity Authentication
(
.) Integrity
Data
; (
(.
: ) Non- Repudiation
:0
) Entity ( ( .
) Dispute ( (
( . (
( ( ( . (
( .
(
.
0.0 ( :
( ( (
( . ( re-encipher
) ( (
( ( .
11
( ) Primitives
) (
( :
) Evaluated
(
-0 : ) Level of Security
. ) Quantity (
( ( ) .
(
(
.) Work Factor
-2 : )Functionality )Primitives
.
(
. (
(.
: 0.0 (
Arbitrary Length
Hash functions
One-Way Permutation
Unkeyed
primitive
Random Sequences
Block
Ciphers
Symmetric-Key ciphers
Stream
Stream
Arbitrary Length
)Hash functions(MACs
Signatures
SymmetnicKey
Pseudorandom
Primitives
Sequences
Identification Primitives
Public-Key
Ciphers
Signatures
Identification Primitives
11
Public-Key
Primitives
Security
Primitives
Concepts
and
Basic
(
(
.
(
) Hardware (
(.
:0
-st0 ( ( Alphabet of
)Definition } A={0,1 (
) . Binary Alphabet ( (
.
:M ( .)Message Space M
( ( M
(
) Plaintext Message
)Plaintext M
.) Computer Codes
12
:C ( ( ) Ciphertext Space
( (
) Form . )M ( C (
.) Ciphertext
:02- 0 (
:) Transformations
: K ( ) Key Space (
k . ) Key
( e ) e k k ( M C Ee
( . Ee
( .) Bijection ( d
) d k k ( Dd . ( C M (
) Dd:c ( ) (
m
. ) Decryption Transformation Ee m
) m M ( ( m Dd .
( ) c C c ( . c
( ) Ee: e K
( (
e
) Dd: d K (
k d k Dd=E-1e ( :
Dd=(Ee(m))=m
( . m M ( ( . ) Cipher
e d ( )e ,d
e d .
( ( :
.M
-0
-2 (
. C
-3
.K
13
-0 (
. Ee: c K
-1 ( . Dd. :d K
( E
( Ek(
K (
( ( ) ( ( .
( ( ) Cipher
( ( ( .
( (
.) Restricted Algorithm
( (
(
( ( . (
) Key . k
( . ) .) Key Space
)
. .
(
:0 ( (
:2
:3
.DE
: 03-0 ( :
(
(
( :
:0 ) Reliability
14
:2
) Secrecy
:3(
) Rapidity
:0(
) Flexibility
:1 . ) Economy
(
. ( ( (
(
( ( (
.
( ( . ( ( ( (
( .
( (
( ( ( .
( ( .
: 00- 0 (
-:)Cryptanalysis
(
) .
) (
( ( .
( ( (
( )Defeat ( ( (
( . ( (
(
( . ( (
. ( (
. ( (
( (
. ) Compromise
15
(
.
( ) Cryptography
(
( ) Secure
. )Cryptanalysis ( (
)Compromised ( (
( (
( . ( (
( ( ( ( .
( ) Cryptanalyst (
. (
. ) Redundancy
(
( . (
.
( .
.
: ( (
.
( ( ( System
) Identification Problem (
( . ( (
( .
( ( .
( ) Cryptanalysis
( ( . (
.
16
) Cryptology
. ) Cryptanalysis
( ) Cryptography (
( ) William F. Friendman (
(
. (
. ( (
( .
( ( ( ( (
) Cryptology ( ( (
( (
( ( .
.
( ( (
( (
.
( ( .
(
( ( .
( ( ( ( (
( ( (
( ( .
(
( ( ( (
( ( .
( ( ( . (
( (
( e ( . d
) (
( .
(
d ( ( C .
. 2. 0
17
:2 .0 ( ( .
Key generator
K
Decryptor
K
C=e(M,K
)
Encryptor
Ene
my
(
. (
(
. ( ( ( (
.
( . (
.
( .
:
) 0 (
Dk (C) = P
) Lars Knudsen
: ) Total Break ( k
18
:) Global Deduction (
) 2
A ) Dk (C ( .K
) 3 :) Instance (Local ) Deduction (
( ( .
) 0 : ) Information Deduction (
.
.
( ( ) Unconditional Secure
(
( ( . (
( .
) ) One Time Pad ( (
( ( ( (
(
Brute
.
. ) Force Attack
( ( (
( . ( ) Computationally Secure
) ( (
. ( ( .
) 0
.
: ) Data Complexity
: ) Processing Complexity
) 2
. ) Work Factor
) 3 : ) Storage Requirements (
.
: 09-0(
(
( (
) One Time Pad 0609 Major Joseph
19
Pad
) Pad (
(
( (
( ( ( . (
) Module 26 29 ( (
) . ) One Time Pad
( .
( ( (
( .
:0-0
ONETIMEPAD :
TBFRGFARFM :
( IPKLPSFHGQ :
:
O + T mod 26 = I
N + B mod 26 = P
E + F mod 26 = K
( ) Eavesdropper One
) Time Pad ( (
) Perfectly Secure (
.
( (
)
( .
21
: 09-0 :
:0( :) Information Theory (
Claud
( 0609
. IEEE
) Elmwood Shannon
:2 ( : ) Entropy And Uncertainty(
( ) Amount of Information
( ( ) Encode
.
M ( (
).H(M
0606 (
( ( ( ( .
( .
(
(
( . (
(
( .
( Bits log2n n
. (
) Uncertainty (
( ( ( .
:3
: ) Rate Of Language
r= H ( M ) / N
1.0
N .
bits /letter 1.5 bits / letter ( . N
( .
) Absolute Rate
L(
( ( .
:
21
R=log2 L
( ( .
log2 26 . 4.7 bits /letters
) Redundancy
( D( :
D= R-r
( symmetric systems
U=H(K)/D
.
) Insecurity
0.2 .
:1( : )Complexity Theory( ( (
( .
( .( (
22
(
( .
( ) One-Time Pad
: 0.0 (
.
Unicity distance ( in
)characters
5.9
40
8.2
56
9.4
64
11.8
80
18.8
128
37.6
256
:9 : ) Complexity of Algorithms
.
( T : ) Time Complexity S
Space Time ( ) . T S
( n n . ) Input
( : ) Bandwidth
) .
0-2 ( :
( Flat
) Distribution (
23
( . ( (
( . (
)Diffusion ( )Dependencies
(
)
( ) Substring
( . )Unicity Distance
( ) Confusion
) Functional Dependencies ( (
.
) Noisy Channel (
( (
( . ( (
.( ( (
) )Cryptographers (
(
. ) Opponent
( ( Coding/Decoding
) ) ( . )Game Theory
(
( . (
( ( ) Unauthorized (
.
) Opponent
:0 . M
:2 ( M M
( . M
:3 ) Interloper( (
.
24
Privacy
) Problem ( ( .
( ( (
(
.
) Authentication Problem Dispute
. )Problem
( ( (
. ) evaluate ( (
( ) Uncertainty ) Opponent
.(
( . (
k p .
p (Spreadsheet
().
( (
p (
.
) Shannon
:
) Security
Perfect
) Opponent( E ()
( ) Arbitrary( (
(
(
( .
) PC(M M
( ) .C=E(M ( :
)PC(M)= P(M
) P(M
. M
25
) PM(C ( C M
. ) PM(C ) P(K (
M . C
)PM = p(K
Ek(m)=C
K ( . EK(M)=C
( ( C
)PM(C)=P(C
( C ( (
. M
) Cardinality
(
. ( )) Uncertainty
( .
( )Ciphers (
(
. )Ideally Secret (
( ( ) Unbreakable
.
. . ) One-Time Pad
) Bits ( (
.
( (
)Transmission
.
(
( C ( M = Dk
). (C
26
(
( (
Cryptanalytically
) ) Equivalent ( (
. ( R S
) f ). R=f(S
( ( .
(
( ( (
( ( . (
(
.
.
( ( .
( (
) Unconditionally Secure
( (
.) Computing Power
(
.)Statistical Uncertainty ) HC(K (
( ( ( (
( .
( ( (
( .
(
(
( )
( ( ( .
27
( (
(
.( (
) Work Factor
( (
.
/
(
) ( ( . ( (
( ) (
( ) ( ( .(
(
(
( ( (
. ) Cryptosecure
)Certification (
, (Ad hoc Heuristic(
(
.( (
( ( ( ( (
( .
)Certification( ( ( (
(
. ( (
(
) )Complexity Theory ( ( ( (
( ( .
( (
.
(
(
( ( (
.
( . (
( (
(
( ( (
( ( . ) Keysymmetric
( ). ) Involuntary
28
( )Criteria
) )Attacks ( (
. )Prospective Cryptosystems (
)Ciphertext Only Attack
( ( (
)Ciphers .
( ( (
( . )Insecure ( Known-
Plaintext ( (
)Compromised (
(
( .
. ) Secure 0699
(
NBS ( ) ) DES
( ) . (
( ( ( ( (
(.
(
( (
(
) Chosen-Plaintext Attack
. (
(
.
) Compromization (
.
( .
( ( (
( : ) Kerckhoffs Principle E
( ( . E
(
( C (
M E(M)=C
( ( .
( ( (
) work factor(
( )Cipher ( (
29
) Unicity Distance
. )Invert
( ( (
. ( (
( )Safe ( (
. )Crtptosecure
( (
( :
( ( ) Computationally Secure
E
. )Computationally Infeasible or Intractability
)NP (
Deterministic
(
)Algorithm Exponential
. )Complexity NP (
( ( ( .
(
( (
) Resources
( ( ( (
.
( 214 .. 294
( 221 . 231
) Compromization (
)Computationally Secure ( (
. )Equivocation
. ) Lakshivarahan 029
( ) Decryption . 2128=1034
3.15* 107 . ( (
( ) 01-1
3.15*1016 )Unique Key
(
31
3.17*1021 .
( (
)Undiminished .
)Equivocation
) (
( (
0699 (
(
) (
( ( Provable Secure
) Cryptosystem P = NP
)Secure ( P = NP
( ( (
( ( .
)Inversion
)Imperfect ( (
(
) Compromization ( .
( ( ( ) (
( ( )
) . (
( Frequency of
)Replacement ( (
( ( .
( (
)Procedures ( (
( .
( (
)True Key ( )Pseudo Key
)Infeasibility
(
.
( .
31
: 2-2 :
( ( ( : (
(
) . (
( (
. (
. ( (
) One-Time Pad (
.
(
( (
( .
( (
. ( ( ( .
(
( ) Compression (
( ( .
( (
:
K (
H ( K ) = log2 K
( 90 ( 90
( 19 ( 19 .
( ( ( .
: 3- 2 (
:) Random Cipher
( . ) Equivocation
(
( ( (
) .
32
(
.
( ) .
( .
. (
. (
) Uncertainty
( ) .
(
(
.
( .
( ( ( .
. (
( ( . Periodic
. (
) Sequence
. (
) Unpredictability
( (
( . ( (
( ( ( .
( (
( ( ( (
.
( . ) Pseudo - Random Sequence
( C (
(
.
(
( ( (
. ( (
.
33
:0-2
:) Achieving Confidentiality
( ( (
( ( ) e ,d
( m M ( c
( ( ) ) . c=Ee(m
( c
Dd ( c) = m( . m
: (
( ( . (
( ( ( (
( .
( (
(
( ( (
( .
( ( ( (
( . 0- 2 (
( .
: 1-2( :) Communication Participants
0.2 :
:0 ) Entity ( ) Party
.
:2( ) Sender ( (
( ( ( ) .
) Alice (.
:3 )Receiver ( (
( ( ) Intended .
) Bob( .
:0 :) Adversary (
( ( (
) Defeat ( .
34
( )Adversary
)Enemy )Attacker )Opponent
) Trapper ( ) (Eavesdropper Intruder
).
: 0-2
( ( .
Adversary
Decryption
Dd(c) = m
m
Unsecured
channel
Encyption
Ee(m)=c
m
Plaintext
destination
Source
Bob
Alice
: 9-2 :)Channels :
( (
( ( -:
-0 : )Physical Secure Channel (
.
-2 ( ( ) Unsecured Channel
(
( ( .
35
)Secured Channel
( ( .
( )Physical Secure Channel
)Secured Channel (
( .
: 9-2
:) Security
)Premise ( :
} M,C,K,{Ee:eEK},{Dd:dEk( .
.)e,d
(
.
( (
( :0- 2
( ( ( )Breakable (
)Party ( )e , d (
)Plaintext (
)Ciphertext .
( ( ( (
( ( ( (
( .)Public
)Exhaustive Search
)Key Space ( (
(
()
.
)Kerckhoff's Desiderata
(
( ( .
:
:0 ( ( ( )Breakable
( .
36
( (
:2
( )
(
:3
(.
: 0 ( )Cryptogram
( .)Telegraph
: 1 (
)Portable .
(
: 9 (
.
(
.
0993
(
( )2
( )Security (
( .
( :
:0 (
( ( C ) Intercepted
( DK
M(.
:2
M
( (
( ( .C
(
( :
( )Criteria ( 0604
:0 (
:2 .
:3 ( ( .) Ciphering, Deciphering
:0
37
)0 .
( (
) . (
. ( ) 3 ( (
.
( . ( (
( . ( ) Nulls (
( ) ( (
. ( (
.
(
) (
. ( (
( ( .
( (
( ) Monoalphabetic ( ( .
( . (
( One-Time
) Pad ( (
. ) Perfect Secrecy
)1 (
(
(
.
(
( (
. ) 0 ( .
( ( .
( ) Error Propagation
(.
.
(
38
. (
.
( ( .
( ( ) Encipherment (
. ) Secret (
(
(
. ( ( (
) Procedures
.
(
. ( ( (
( .
(
.
( (
( ( . (
( (
.
( ) Cryptography
( . ( (
.
: 6-2( :) Worst Case Condition
( ( (
( ( .
( ( .
( (
( :
( : ( ( ( .
( : (
( .
( : ( (
( .
39
( (
.
( ( ( ( (
( . (
(
( (
( ( .
.
( ( )
( (
( .
:04-2 :) Information Security in General
( ( (
( ( ( . )Privacy
( (
)Authentication
.)Data integrity
41
)Defeat
-3 )Passive Adversary
( Unsecured
(
. ) Channel
-0 )Active Adversary
( ( ( .
:00-2 (:
( . ( (
( . (
( ( (
( (
( .
( ( . (
(
. ( .
( ( (
Default
( (
) Settings ( (
( ( . ( ( (
. ( ( (.
( (
( . ( (
(
( ( ( (
( ( (
( ( . ( 9632
41
Defense Information
) Systems Agency 88%
. ( (
( (
) Configuration Management (
Auditing
( ) Firewalls
).
( ( .
(
( (
. (
( (
( .
( . (
( (
. (
( Black
) Networks .
( (
( ( ) Confidentiality
) Anonymity (
) Authentication (
( .
:0-00-2 ( The Drift Toward
:) Crypto Anarchy
( ( ) Crypto
. ( (
( ( ( . ( (
.
( ).
42
( ( .
. ( Clipper
0660 ( Escrowed Encryption
) ) Standard (EES
.
( ( Escrow
) ( (
( .
( (
. (
) Bankers Trust (
43
( ( (
( .
( ) Hardware Encryption( ( (
( .
:3-00-2 :)Alternatives to Key Escrow
( .
( ( ) Weak Encryption
(
Escrow
. ( (
) ( (
( ( ( .
( (
. ( )
( ( (
).
) Real- Time Decryption
( ( ) Link Encryption
( ( .
.
( (
( (
( ( .
( (
: 0-3 ( :) Cryptography
( ( (
( :
:0 ( )Crypt analysis (
( ( ( .
:2 ( )Cryptanalyst (
(.
44
(
:3 ( )Cryptology
)Cryptography ( .)Cryptanalysis Cryptology
krypts lgos ( .
(
:0 ( )Cryptosystem (
( ( (
.
(
:0 ( .) Symmetric Key
:2
.) Public Key
45
( : 0 -3
( ( (
} {Ee:eK } {Dd : d K K (
( )Symmetric - key )e,d
d( e d e .
( ( )Symmetric e =d
( ( ( ( )Single-Key
)One-Key )Private Key (
) .)C conventional Encryption
( (
( (
( ( .
( Private Key Methods
) ( ( . 0614 (
( ( .
( ( ( (
.
.
:
:0 ( ( ( ( ( (
. ( ( .
:2
( (
. .
:3 ( ( (
( .
( ( (
( .
( ( )0-
= 0444 ( . 999000
: 0 -3
47
A={A,B,C,.,X,Y,Z} :( C,M
1( . A e . A
( 1(
1( .
(
.= e-1
. e (
( e (
( (
A B C D E F G H I J K L M N O P Q R S T U VW X Y Z
DEFGHIJKLMNOPQRSTUVWXYZABC
:
m =THISC IPHER ISCER TAINL YNOTS ECURE
( )C=Ee (m
( ( :
48
( ( ( Product
: 1 -3( (
:) Transposition Ciphers
and
Substitution Ciphers
(
( . ( (
( ( ( ( .
) .
(
( .
49
: 0 -1-3 :
( (
) ( ( .
: 0-3
.
Adversary
SECURE CHANEEL
e
Key
source
e
Decryption
c
Encryption
De ( c ) = m
UNSECURED
CHANNEL
Ee(m) = c
m
Plaintext
Bobdestination
source
Alice
51
) . t
)Permutation . A
) e k e
( Ee :
(m)=(e(m1)e(m2)..e(mt)=)c1c2.ct =c
m=(m1m2.mt) M:
( ( c
:
c=)c1c2.ct d
d=e-1 Dd. :
Dd(c) =(d (c1)d(c2)d(ct)=(m1m2.mt)=m.
Ee ( ( Mono-
. ) Alphabetic Substitution Cipher ( ! q
( .) Cipher
( ( -
- ( ( .
(
( .
(
) Permutation ( (
29(
. (
( ( A UXEB..
( A( B U( X . (
( ( . ( (
( . ) Monoalphabetic Cipher
( ( ( (
) Diagram ( qu
51
(
. ) Polyalphabetic
( ( (
( ( ( (
( ( . ( (
( ( ( ( .
( ( .
( ( ( Simple Substitution
. ) Ciphers
(
( (
( . (
( 26! = 4*1026
( ( ( ( ( Letter
) Frequencies ( . ( E
( ( ( . ( (
( ( E
( .
(
: 3-1-3 ( :
(
( :
:( Monoalphbetic Cipher
:0( (
( ( (
(.
: 2( : )Homophonic Substitution Ciphers
( ( ( (
( ( .
( A 19 1 03 21
B 02 9 06 30 .
: )A Polygram Substitution Ciphers
:3(
( ( ( . ABA
RTQ ABB SLL .
52
:0( ( : ( A polyalphabetic ciphers
( (
( ( Mapping
) . ( ( (
) Alberti . 0099
( ( ( ( .
ROT 13 ( ( UNIX
( . ( A ( N
B ( O . ( 03 . (
( ROT 13 P = ROT 13 ( :
) ) ROT 13 ( P
( ( ( (
. (
(
21( ( (
. ( .
( ) Homophonic
. 0040 ( ( ( (
.
( ( ( .
( (
.
( (
( ) ) Polygram (
. ( ) ) Playfair 0910
( . ( ( (
. ( ( ( . ) Hill
( ( ) Huffman Coding (
( ( ) Polygram ( .
( ( ) Polyalphabetic
) Lean Battista . 0199 (
.( (
( (
)
(
53
( .( (
( 0199( ) ) Beaufort( (
(.
(
( (
( ( ( .
( . ( (
( ( .
( ) ( .
24( ( 24( . (
) Period( . ( ( (
( ( (
( ( . ( (
( .
( ) Running - Key Cipher
( ) Book Cipher ( (
( .( ( ( ) Period
( .
: 0-1-3( :) Additive Ciphers :
( ( ( ( Caesar
. ) Cipher ( ( a w 3
( ( ( x,y,z( A,B,C
. ( ( :
plaintext: a b c d e f g h I j k l m n o p q r s t u v w x
yz
ciphertext:D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
54
: 2 .3
Plaintext : Caesar
Solider
Great
was
VROGLHM
JUHDW
: 1-1-3 :N-GRAM
(
(
) Diagrams ) Triagrams .
(
292
26 x 26 ( (
( .
d M . d
1,2,.,d .
: 3 -3
d=5 ) = ( 4 1 3 2 5
M = JOHN IS A GOOD SKIER
C=ONHJ SA I ODOG KEISR
JOHN ONHJ
( 1
55
( . ( METTLE
. METL ( ( .
: 0 -3
MY LITTLEFINGER ( . d
( ( . MYLITEFNGR
( M d :
plaintext : a b c d e f g h I j k l m n o p q r s t u v w x y z
ciphertext : M Y L I T E F N G R
( ( (
( A n .B O C P
( Z . C :
plaintext : a b c d e f g h I j k l m n o p q r s t u v w
x y z
ciphertext :W X Z M Y L I T E F N G R A B C D H J K O P Q S U V
( (
. ( (
. ( (
(
( (
29(
( ( (
. ) Monoalphabetic ! 26 ( ( 4x1026
( (
(
( ( ( .
( ( (
( . ( (
(
( .
: 1 - 3
56
( m . m=m1m2m3.
( (
( ! 26 . k
( t m M (
). c=t( m
(
. :
plaintext : a
)ciphertext: t(a) t( b) t ( c) t( d
( : 2 -3(
:) Ciphers
Homophonic Substitution
( ( a
t
) . H(a ( ( c
a A ) C H(a
(
). H(a
.: 9-3
( :
}A={a,b
}H(a)={00,10
}H(b)={01,11
( ab
:
0400,0440,4400,4440
( :
} { 0000, 0010, 1000, 1010
aa
ab
57
ba
bb
( .
) 4-bitstring ( Coodomain
( .
( ( .
) Simple Substitution ( ( (
( . ( ) Homophonic
( ) Occurrence( ( (
. )Data Expansion (
) Decryption ( .
( ( (
( 1 (
. M
( 2
( C(
. 2 1
: 9-1-3( ( Polyalphabetic Substitution
:)Ciphers
( (
( A :
( t
( (
:0 K
) t Permutations) t (
( .
(P1,P2, ..P t pi
-2 ( ( )m=(m1m2..mt
) e = (p1,p2,.pt ( (
))Ee (m)=(p1(m1)p2(m2)..pt(mt
-3 ( ) (Decryption Key
) ,pt
58
e=(p1,p2
)d = (p1-1,p2-1,.,pt-1
: 9-3( ( ):(Vigenere cipher
( )..,X,Y,Z
) (p1,p2,p3 :
A=(A,B,C,
t=3 = e
p1 ( ( ( 3
.
p2 ( 9 .
p3 ( 04 .
m = THI SCI PHE RIS CER TAI NLY NOT SEC URE
:
c = Ee(m) = WOS VJS SOO UPC FLB WHS QSI QVD VLM XYO
( ( ( (
( ( . ( E (
( . L O ( (
( .
:9 -3
( ( ( ( ( .
( ( .
) Keyword t: M
. C t t1t2t3t4.
M C m=m1m2m3m4. = )t(m
t(m1)t(m2)t(m3)t(m4).
may t1,t2,t3 M C (
12,0,24 t
. t1t2t3t1t2t3t1.
: 9- 1- 3( :) The Autokey C ipher
59
(
( . ( (
( . ) Running Cryptogram
: 6-3
( COMET SEND SUPPLIES
( . 29
SEN DSUPPLIES
M:
C O M E T S E N D SU P
K :
________________________
USZHLMTCOAYH
Cryptogram
( ( :
S E NDSUP PLI E S
M:
COMETUSZHLOH
K :
________________________
US Z HLOHOSTSZ
61
Cryptogram
: 9- 1- 3( ( ( :
(
( ) (
( .
(
.
(
( ( ( .
. ) Guess
( (
. ( (
( ( .
( ( . (
( (
( (
.
( (
( (
( ( ( (
(
(
. ( )
(
( ( (
. (
( ( .
: 6 -1-3( ( :
(
( ) Translation Table (
( ( ( ( (
. ( ( ) Dynamic (
( ( ( .
61
( ( ( ) Combiner
XOR ( ( . (
( (
( .
( . ) Dynamic
(
( (
.
(
( ( .
( ( XOR ( (
.
( ( ( ( .( (
(
. ) mod 2 addition 2( (
XOR (
( (
( . ( ( (
2 ( (
.
(
Cryptographic Combining
( (
) Functions ( XOR ( (
( ( (
. ( ( ( .
62
: 9 -3(
:) Transposition Ciphers
(Permutation(
( ( :
t K ( )(Permutations
}. {1,2,..,t e e K (
( :
))Ee(m)=(me(1)me(2).me(t
m=(m1m2..mt) m
( ) (Decrypt (
( d= e-1
( ( C
) c=(c1c2ct
)). Dd(cd(1)cd(2)..cd(t
( )Transposition (
)Block ( .
( ( (
( . (
) Simple Columnar Transposition Cipher
( ( )
( ( :
:04-3
plaintext : COMPUTER GRAPHICS MAY BE
SLOW BUT AT
LEAST IT`S EXPENSIVE
COMPUTERGB
APHICSMAYB
ESLOWBUTAT
63
LEASTITSEX
PENSIVE
CAELP OPSEE MHLAN PLOSS UCWTI TSBTV
EMUTE RATSG YAERB TX
Ciphertext
( ( .
: 6-3 XOR:
XOR :
0 0 0
0 1 1
1 0 1
11 0
XOR
aa 0
abb a
( ( ( .
( ( MS DOS
( ( XOR
( ( ( :
p k c
c k p
( (
( ( .
( ( ( ( ( Diagrams
) ( ) Triagrams
.
( ( (
64
: 9-3(
( :) Composition of Ciphers
( ( ( ( ) ( Product Cipher (
( ) .( ) (Composition(
( .
(
(
(
( . ( (
0606 ( (
:
:0 . ) The weighted Sums
:2( . ) Product
: 0 -9-3 :
S1 S2 (
) 0 < P < 1 pS1 + ( 1-p ) S2
( :
S1 p S2 . p-1
( ( .
:00 -3
( T R (
. S
(
. ( )
( . (
) . (
(
( .
( . ) Variant
( (
65
T R ( ( M p
q p+q=1
R T ( ( S
R T S= pR+qT . M (
( S R T
(
R . ) p
( . R r1,r2,r3,..rm
p1,p2,p2,.pm T t1,t2,,tn
q1,q2,..,qn S :
r1,r2,r3,..rm t1,t2,,tn p1,p2,p2,.,pm,
q1,q2,..,qn .
:2-9-3(
:) Composition of Functions
( :0 -3
S,T,U
f:sT
g:Tm
) ( Finite
( Composition g p( dof
(
S U
)gf
( )) (gof)(x)=g(f(x x . x S
.
( ( (
: 3-9-3( :) Compositions & Involutions
) Involution
EK ( EK(x)=x
x ) Ek (Domain of Ek ( Ek oEk
). (Identity Function
: 0-3
66
( ) ( Two Involutions ( .
(
( (
) . (Decryption :
Ek1.,Ek2,,EKt ) (Inverse
EK=EK1EK2EKt :
E-1K=E-1K1E-1K2E-1Kt
( ( ) (Composition (
67
: 2 .3(
U
g .f
g o f
U
T
S
t
b
f
g
gof
: 9-3( (
:)Product Cipher
( Simple
Substitutions and
) Transposition ( (
( ( .
t 2
( ( ) Product Cipher (
: 3 .3(
g o f
g f ( .
gof
g
68
Binary
) . m=(m1m2m6 ( :
E(1) k ( m) = m k
k K
:) Practical Security
69
.
( (
( .
( ( Theoretically
. ) Secure
(
( (
(
( ( ) Theoretically Insecure (
. ( (
. ( One-
) Time Pad ( ( ( (
.
( ( (
. ) Ideal System
( ( ) Monoalphabetic Ciphers
(
(
. ( ( .
(
( ( .
( (
(
( ( ( ( (
.
:3-3 ( :Confusion and Diffusion
) Obscuring
) Redundancies (
( .
) (Substitution ) Round (
(Confusion ( ) (Transposition
. ) Diffusion
71
(
. (
( (
( . ( (
( ( (
( .
( ( )
( ( .
( ( . (
( .
( ) Transposition
.) Permutation(
( ( . (
( ( (
.
( ( (.
) Rounds
(
( ( . ( (
( .
( .
( (
( . ( ( (
m=m1m2m3..msms+1,..m2s,m2s+1 S
)
. K S
f1,f2,.,fs ( ( . c1c2..cs
s(
(
( s (
. (
.
:0 -3
( ( ( (
( ( ( . (
(
( ( ( (
71
. ( .
(
( . (
(
( ( .
( .
( (
. ) Diffusion ( ( 29
) modulo 26 .
m=m1m2. s m
y1y2. :
. n =1,2,3,
M ( ( y
( . M ( (
s 1
)(mod 260
n 1
i 0
yn
( ( ( ( .
(
(
. ( .
( ( . (
(
. ( (
( . ) Error Propagation
( (
( ( (
( . ) Confusion and Diffusion (
( (
( ( . ( (
( .
. ( ( (
(
72
(
( .
( . 0-3
) Stream Generator
)) Running-Key Generator( :
73
K1 , K2 , K3 , .. , Ki
) Key Stream XOR
P1 , P2 , P3 , , Pi (
( :
Ci = Pi + Ki
( (
( :
XOR
Pi = Ci + Ki
:
P i + Ki + K i = P i
.
( :1 -3
(
K
( e1e2e3ei k .) Keystream
( :9 -3
A ( ) (Alphabet q(
Ee ( ( 0 . e k
( m1m2m3. e1e2e3..
. k ( (
( c1c2c3. ) . ci=Eei(mi di ei
Ddi(Ci)=mi ( ) (Decrypt ( .
( (
( .
0-3
Keystream
Keystrean
Generator
Generator
74
: 3-3( .
] [
) Initial ) Seed
) Seed ( .
.
( ( ( (
. ) one-time pad ( (
. ( XOR
75
( .
( . ( (
) Perfect Secrecy ( ( ( .
( ( ( ( (
( ( )
( . ( ( (
( ( ( . ( (
.( ( ( RC4
.
: 1 -3
( (
. (
.
( ( . (
( .
(
( ( ( (
One-Time Pad ( ( .( (
( ( (
. ( (
( (
0624
(
( ( .
. (
(
.(
(
( . (
.
( ( ) Stream Cipher
. 1 -3
(
( .
) Sequence Generator
. ) Keystream Generator
76
1-3
KEY
INFINTE SEQUENCE
ALGORITHM
CIPHERTEXT
MIXER
PLAINTEXT DATA
( ) Confusion ) Diffusion
( ( Error
. ) Propagating ( ( (
( ( .
: 0 -6-3(
: Ciphers
( bit
( .
Self-Synchronizing Stream
(
. ) Ciphertext Autokey CTAK (
. 0609
: 2 -6-3(
: Synchronous Ciphers
( ) Key Stream
. (
. ) Key Auto - Key KAK (
( . (
( (
77
. (
.
( ( (
( . (
( .
( ( ) Long Period (
( . ( ) Period
( (
(
( (
(
. ( (
) Insertions ) Deletions (
) ( .
: 3-6-3 :) Insertion Attack
( ( .) Insertion Attack
(
(
( :
Original plaintext :
p4 .
p3
p2
p1
k4 .
k3
k2
Original keystrean : k1
c4 ..
c3
c2
Original ciphertext : c1
( p
( ( ) Insert
p1 (
( . (
:
Original
New plaintext :
keystream :
k1
p4
p3
k5
p2
k4
p
k3
p1
k2
c5
c4
c3
c2
Updated ciphertext : c1
( ( p
( ( :
78
k2= c2 p
k3=c3 p3
k4=c4 p3
p2 = c2 k2
p3=c3 k3
p4 =c4 k4
(
( (
. ( (
( .
: 0 -6-3( ( :) The Vernam Cipher
( ( .
( : 9 -3
( ( ( ( ( }. A={0,1
) ) Binary k1k2kt ( (
m1m2mt k,m
( c1c2ct :
ci mi ki ,1 i t
(
( ( ) One-Time-System ( One
. ) Time-Pad
( ( ( ( (
( ) Substitution . A
( E0 4 4 0 0( ( E1
( 4 0 0 . 4 4 E0
. E1
79
(
( . c1 c2 ct c1c2ct (
:
:
ci mi ki , ci mi ki
) (Redundancy ( .
ci ci mi mi.
( ) One-Time Pad( (
. ( ( c1c2..ct (
( (
( .
( (
.
.
((
( . )One-Time Pad
. ) Trusted Courier
: 04-3 :) The Key Space
( ( (
( .
( ( (
( ) .
( ) (Transposition Cipher
( ) (Encryption Functions
t !t
.
( ( .
( .
81
: 0 -3
( ( ( (
( (
( ( ( ) (Exhaustive Search
(
3
. 26!4*1026
) Polyalphabetic Substitution( (
3904( (
(26!) 7*1079.
( )Infeasible
( .
81
82
(
(
: 0-0 (
:) Digital Signatures
)BASICS ( (
(
(Authentication
Authorization ( )Non Repudiation
( ( ( () .
( ( ( )Entity (
.
(
( ( )Tag
.
(
( .
M :0
(:
S :2 (
.
M
SA :3
S A ( ) . SA
( ( . M
VA :0 MXS {True
) (m ,s m M s S
} . , False MXS
( )Cartesian Product M . S
VA )Verification Transformation A
VA( )Public (
.A
( :0-0
VA SA (
( .
83
: 0- 0( ( ):
) M = { m1 , m2, m3 } S= {s1, s2 , s3
( 1 .2
. VA
SA
84
A )s = S A (m
:2( ) . (m ,s s . m
: 2 -0-0( :)Verification Procedure
s m A
) Verifier :
:0 VA A
:2 ). u =VA (m ,s
:3
.u =false
:0-0 (
A u=true (
:)Concise Representation
SA VA
)Verification(
. SA )
(
( A KA ( A kA
( ) .(Secret ) (Verification
( A . lA
: 0- 0 ( .
)(m1,s1
)(m1,s2
True
False
)(m1,s3
s3
m1
)(m2,s1
s1
m2
)(m2,s2
s2
m3
85
)(m2,s3
SA
: 2-0
:) Handwritten Signatures
( ( . (
S (
( A . SA
A . SA
A . SA
( ( ( .
86
: 3-0-0 :
s :0(
VA(m.s)=true
)(Valid
( A m
:2 ( A
A mM s S VA(m
. ,s)=true ( A
( s . ( m
: 2-0 ( :) Authentication and Identification
.
.
( ) (Access Control
) (Entity Authentication (Message
) Authentication ) (Data Integrity
) (Non - Repudiation ) (Key Authentication
.( ) (Authentication(
.
0694 )Secrecy
)Authentication .
)Hash Function (
. (
) . (
(
) )Identity ( .
( (
( :
87
:0 ( ) active (
). Real Time
:2 ( ( ) ( Delay
( ( ( ) (Routed
.
( ( (
. ( ( (
( . (
( ( ) . (entity
) Authentication ( ) . (Identification
( ( (
( ( ) , (Response
(
.
( Data Origin
) . Authentication
: 0-2-0( :) Identification
( : 2- 0 (
: )Entity Authentication
Identification or
( ( ( (
( ) Active
. ( ( ( (
( )
( .
( .
88
: 2-0(
)Identification
( A ( B(
A, B( ( (
.)Voice Recognition (
( ( .
: 3-0(
:)Identification
A ( )Banking Machine
( )Personal Identification Number - PIN
)Magnetic Stripe Card A
( PIN (
. A
( .
2-0 ) Mutual Authentication
3- 0( Unilateral
( (
. ) Authentication
.
89
: 2 -2-0
( : 3- 0
Message Authentication
( ) Identity( .
( B
( B
) .
( .
( ( .
: 0-0
A B ( ( ( ) (E- Mail
( B (
A
( . (
. B ( ( B ( ) ( Verify
.B
( A
( ) (Data Integrity
( ( ( A(
.
: 3-0 ( :) Public Key Cryptoyraphy
( (
( .
} {Ee : eK ( } {Dd :d K
( ) (Decryption K
. ( ( ( ) (Ee , Dd
( Ee (
(
c C mM . Ee(m) =C
. )Ee(m)=c
c
m
e
( d . e d,e (
91
( . (
( ( (
(
( )
( ) (Symmetric-Key e d .
91
2-0 ( ( .
: 2-0 ( .
Passive
Adversary
e
Key
UNSECURED CHANNEL
Source
Decryption
Dd(c)=m
Encryption
UNSECURED CHANNEL
Ee(m) = c
m
Plaintext
m
Decryption
source
Alice
Bod
92
( ( Bob Bob
( ) . (decrypt
: 3-0
( (
. e d
: 0-0 (
(
(
) Private Key ( (
( ) (Secret Key ( ( .
( ( (
) Private (
(
( .
( ( (
(
( . ) Qualifying Assumptions (
( ( ) ) one-time pad
( .
: 0-3-0(
The Necessity of
93
A B ( d
( (
) ( ) (re encrypts
e B( ( . B (
) (Authenticate (
).
(
( (
A
B
.
( From
: 2 -3-0 (
:) Reversible Public Key Encryption
( (
.
( Ee (
M ( .C( M=C Dd (
( Ee Ee , Dd
( ( ) (Permutation :
Dd (Ee (m) )=Ee(Dd(m))=m
. m M ( (
) . (Reversible
94
(: 3- 0
Adversary
Key
Encryption
Source
d
Ee (c) = c
Decryption
Dd(c) = m
e
Encryption
m
Ee (c) = c
Plaintext
m
source
Plaintext
Keyd
Decryption
Source
d
Dd(c)=m
m
Decryption
destination
Dd(c)=m
m
destination
B
A
source
A
( (
( (: 3-3-0
:)Signature Scheme
. M
:0
. S C=M
:2
( e ,d )
95
:3
.
::0( SA Dd ( Mm
)s=Dd(m
:1( (Verification Function ) VA :
True, if Ee(s)=m ,
False , otherwise .
=) VA(m,s) = s
A
( . M
) (Subset M ( M ( M
. (
(
M 2 t t (
t
M
M
( ( t bits 101101
.) t=3 A
' M
' M (
) (Verifier ( VA :
true; if Ee(s) M' ,
= )VA (s
False , otherwise
A ( s
) m =Ee(s ) (recover .
( ( ( ( .
) (Special Structure
(
)
96
:0 -3-0 (
:) Practice
Digital Signatures in
( :
-0
) .
) (Signer (
( ) (Verify
-2
( Verification Function
) .
-3 ( (
( ) . ( Forgery
97
: 1 -3-0
:) Resolution of Disputes
( ( )
(
(
. A
B
. A (
( ) (Trusted Third Party TTP
) .(Judge TTP (
( .
( A m( B B
SA M ( . TTP
( TTP B VA(m ,SA ) = true (
. A ( B ( B
TTP VA . A ( A
TTP VA
( TTP A
SA ( . (
( ) ( Criteria ( :
98
: 9-3-0 ( :
SA ,VA :0 (
.
:2
) (Authentic
. VA
SA( ( (
:3
).
: 0-0 ( (
:) Key vs. Public-Key Cryptography
) Symmetric
( ( (
( Needman ) Schrooder
( .
( (
.
( (
( ( (
.( ( ( (
( ( ( ( . (
( ( (
( ( ( .
( ( (
( . (
:
:0 ( (:
: ( (
. ) Data Throughput
) Hardware (
(
.
:
( ( (.
99
: ( ( )Primitives
(
Hash
)Pseudorandom Number Generators
)Functions( .
: ( ( )Composed
( ( (
( (
( (
( .
: ( ( (
( ( . )DES
:2 ( :
: (
( ) .
: ( (
( ( ( .
: B , A ( (
( Communication
. )Session
: ( ( (
( ( (Verification
) Function ( ) . (TTP
:3 ( :
: : (
) (Authenticity ) .
:
TTP ( ( .
) ) ( Mode of Usage
: (
( ( ) (
) .
111
: ( ( ( .
( ( (
( .
: ( ) ( Large Network
( (
( .
( :
:0
) Throughput Rates ( (
:
( ( ( ( .
: ) (Key Sizes ( (
( ( (
( (
( .
( ) (Secure
:
( ( . (
(
( .
(
(
: ( (
( (
. 0694
: 0 -0-0
( (:
( (
. ( ( .
(
(
. A , B
( (
A , B
(
A , B ( ( .
(
(
( . A , B
111
) (
.
( (
:0( ( (
) Non Repudiation (Key
) . Management
-2( ( ( (
. ) Data Integrity
: 1-0 - (
( (
. (
0444(
) . 0699
112
: 1 -0 ( (
:) and Encryption
Compression, Encoding ,
:
:0 ( ) Redundancies
( .
:2
( ( .
:2 ( ) Time-Consuming
( ( .
( ( .
( (
.
( ) Encoding
) Error Detection and Recovery
( .
: 9-0
) :) Hash Functions
) (primitives( (
( (
) . One Way Hash Function
( :0-0
H (
) Mapping
) ( Hash Values
H (M) = h ( . M
n-bit n=128
) n=160
113
(Image ) n 2 -n 2-n ) . (
(
. ( h
y x
) ( Collision
) ) h(x) =h (y y
).
x h(x)=y
( :
:0 ) Input
:2( ) Output .
H(x) :3 . x
H(x) :0 .
:1
. ) collision-free
H
x
) hard to invert
. H(x) = h x
y x ) H(x) = H(y H
( . ) weakly collision-free
( H
x y ). H(x) = H(y
(
( . ) message digest ( (
( ) digital fingerprint .
( MD2 . MD5
( ( (
(
( (
( (
(
( . ( ) Digest
114
) Public
( ( Damgrd ) Merkle (
( (
. ) compression function ( ( (
. ( (
. (
Pad
.
( )
) multiple
( ( (
( . (
. (
) (Verifies
. (
(
(
) .
) (
)
( ) (Signer
) (Claim
( .
(
.
:
.
.
( (
(
115
.
( ( .
(
( ( ( (
( . ) Identification
(
( .
( ( ( )(MDCs
. )Modification Detection Codes
( (
(
) . (Message Authentication Codes (MACs
: 9-0
( :
(
( .( protocol
( ( (
)
. ( .
( .
.(
( (
( ( ( .
( ( (
. ( (
( .
( (
:0 (
.
:2 (
( (
( .
:3( (
) .
116
( :
:0
( .
( (
( ( ( ( (
.
117
:0-9-0(
( : 1 -0
(
( (
( (
. ( ( ) Cryptographic Protocol
( ( . (
( ( . (
( . (
(
( (
( ( (
( ( (
. ( (
( . ) Cheating
: 9-0 (
) :Mechanism
(Protocol vs.
( ( (
( (
) ( ( (
( ) Procedural Control ( .
( ( ( (
( ( . ( (
( ( .
( ( (
( ) .
: 2-9-0
:) RNG
) RNGs (
( . ( ) RNG
( ( ( ) Confusion
(
.(
118
( ] .[54 ,26 ( (
XOR ) ( .
( (
( ( .
119
: 1 -0( (A
) :Simple Key Agreement Protocol
( ) )Bob , Alice (
( ( ( ( ( (
( .
( :
:0 ) Bob( ( (
) (Alice( .
:2
( .
( Alice
( (
:3 ( Alice ( Bob
) ( ( .
:0 ( ) (decrypt
( ( ( ) .
:1 Bob ,Alice (
( ( ( ( .
(
( (
( ( .
) Privacy
( ( ( ( .
( (
) ( Impersonation Attack (
( .
) Eve Alice
) Bob (
( . ) Passive (
)3 ( .
( (
( . (
(
( ( ) .
111
)0
)2( . ( ( .
( ( : :
:0 (
.
. ( (
:2 ( ( )
( ( .
( ( ( ( ( .
:3 (
( .
n n ( n - 1 ) / 2 04
01 ( ( ( 044
0014 .
( ( .
(Privacy
(
) Communications ( (
(
( ( ) Performance
( ( ( .
: 3-9-0 (
)):
(
( ) Adversary
( ( (
) Manipulate( (
( ( (
.
: 9- 0
) :(Mechanism Failure
(
(
(
(
111
) (Special Form (
) (Monetary Amount
(
(XOR
( ( . (
( (
. ( ( ( (
; ( (
( ( (
( ) .
: 0-9-0 ( :
( (
( (
( (
( ( .
( (
( .
( ( .
( ( (
. ) Passive Attack
( ( (
( (
(
.
( ( (
) . ) Pretend (
( ( (
) Replay (
. ) Active Attacks
( .
.
(
( ( (
(
( .
112
.
(
( . (
( (
.
( (
.
(
( ( .
. ) Cheater ) Passive Cheater
( ( (
( . ) Active Cheater
( ( .
: 9- 0 ) :(Forward Search Attack
( ( ( (Electronic
) Bank Transaction 32
( ) ( Transactions ( ( .
)Privacy
( (
.
232 )
( ( . (
( ) .
232 ( (
.
( ) ( Compromised ( (
) (
. (
) Authentication( (
. ) Dictionary Attack
: 9-0 ( : ) Causes of Protocol Failure
( :
113
:0 ) Primitive ( )Amplifie
( .
:2 ( ) Guarantees
( .
:3
) Encryption .
: 6-0 (
: ) Protocol Design
( (
:
:0( ( ) (Assumptions
( .
:2 ( ( (
( .
: 9-0
:) Establishment ,Management,
(
( .
)Key Certification
( ( (
: ) Key Management
)Ongoing ( (
( .
114
) ( Key Agreement
( (
) . (Key Transport (
( .
(
( . ( (
( ( ( .
9 ( (
( ) ( ( )
:
) 15 ( 62
:
)n( n 1
2
( n2 )
01
0-0
( -0
. 1 ( (
( ( ) (
.
.
( . ( (
.
115
: 0-0
A2
9(
A1
A6
A3
A4
: 6-0
A5
(:
( ( (
) Entity
( .
( ) . ) TTP Ai
Ki TTP (
( . ( )
K ) ) Session Key
( ( A 5 A1
: 9-0
: 1-0 .
A1
A2
Private Key d2
Private Key d1
Public file
116
A3
)C =cEE6 (m
e6
A6
Private Key d3
Private Key d6
: 9-0 (
117
. ) TTP
: 0-6-0 ( )
):
:0
:2 ( ( (Long
) Term Secret Key
:) Disadvantages
: 2-6-0 (
:0 .
:2
( ( .
:3 TTP ( .
:0 ( ( .
: 04-0 :
( .
.
( ( (
( ) (Central Repository
) ( Public File ( (
( ) Identity . A1 (
( A6 A1( e6 A6
( e6 (
( . A6 0-0 .
: 0-04-0 (
( ):
:0 (
:2
) Reside .
:3 n (
( .
. ) Passive Adversary
118
(
(
) . (
A6 . ex (
A6
( . (
( A6 (
. A6 A1 A6
( ( . C
(
( ) Certify .
ST VT ) Verification Algorithm
.
( (
( ) Identifier
. ) Authentic
) Certificate (
. ( :
:0
:2 ( .
( ( .
:3
. ) Locally
:
:0 ( (
( .
:2
: 2-01-4 :
( (
:
( : 9-0
119
: ( ( ) Unconditionally
( )
(
( . ) Identifiers
( : 6-0
: ) Functionally
( ) Honest
( .
(
) Certify
) .
: 3-04-0
:) Certificates
Public Key
( .
) Authenticity ( ( .
.
( ( ) Validity Period
( . ) Attributes
. B
) Authenticity A B
) Authentic Copy . TP
B ( ( B
. B :
:0 A (
A(
( ( .
. A
:2
121
:3
A (
( . ) Invalid
) Certificate A
A
(
. A
(
( .
121
122
(
: 0-1
:)Pseudo-Random Sequence Generation
Random And
(
( ) Compilers .
(
( ( (
(
. (
.
( .
. (
)Pseudo (
.
123
: 0-0-1 Pseudorandom
): )Numbers and Sequences
(
(
( . (
.
.
(
n
:0
( .
} ) {1,2,,n
) Sequences ) String
:2
(
n
( A
m
.
:3
n( .
( m
.
( .
(
( 23
( 23 . 1/ 49
( (
( ( 9 9
] . A={1,2,,49
( 17,45,1,7,23,35 (
1/ 49
17,45,1,7,23,35
1/49*1/49*1/49*1/49*1/49*1/49= 1/13841287201
13841287201 9
. A ( (
.
:0-1
) 1,0
(
)0 ( (
( ) Unbiased
0 )
( . )0 ) Coin
. (
( ( (
( ( ( ( .
: 2-1
) -:)Generator
Random Sequence
) Noise Diode
.( 0
. (
. ( ) .
) Reliability (
) output .
) Binary Sequences
( ( ( ( .
. (
( (
) Pseudorandom (
. ) Seed ( seed
) ( ( (
) .
( ( ( .
: 2-1 ) -:) Classes of Attacks
125
(
( )Primitives( .
( ( ( .
( ( ( .
(
:
: 0 ) Passive
( .
. ) Confidentiality
: 2 )Active
( ( ( .
)Authentication
. (
( ( .
: 0-2-1 ( (
) -:) Schemes
Attacks on Encryption
( . ) Attack (
( ( Dutchman A
) kerchoffs ( ( (
.( ( (
( .
) Recovery
(
( ( ( ) Deduce ( .
( ( (
( .
126
Pi+1
). Ci+1= EK ( Pi+1
127
( Pi+1
= Ci+1
(Adaptive
( .
(
( (
( . (
( (
( (
( .
:1 ( ) : (Chosen Ciphertext Attack
(
.
128
( ( ) .
(
( .
(
. (
( ( .
( Chosen
. ) Text Attack
:9 ( Adaptive Chosen-
: )Ciphertext Attack
(
.
:9
(
( . (
.
: 9 ( ( (
- : ) Cryptonalysis
Rubber Hose
( (
.
(
( .
(
( ( ) Source Code (
129
: 2 : ) Replay
)Sessions
.
131
: 3
: )Impersonation
( ( ( (
.
: 0 : ) Dictionary
( .( (
) Image
)Unkeyed Has Function ) Log On
( (
(
.
hash
( ( (matches
( .
:1 : )Forward Search
( (
.
:9 :) Interleaving Attack
(
.
131
: 3-1
)-:
( (
:
:0 ( (
: ) Unconditional Security
(
( ( ( ) Defeat ( .
( ( (
. ) Perfect Security
) Uncertainty ( (
( ( (
.
( ( ( ( ( ( (
.( one-time
) pad ( ( ( .
( ( ( ( ( (
(uncertainty( ( (
( . ( ( ( (
( c ( p (
. c
.
(
) Provable Security
) Computational Security
132
: 0-3-1 (
-:) Computational Security
( )Evaluate( ( (
.
: 2-3-1(
Perspective for
Wd
) ) Elementary Operations ) )Clock Cycles
d( k
) k ( k ( ( . (
d( k
Wd (
( ( Wd ( . ) k
( (
n ( ) . Wd ( n
Wd t t (
( ( ( . (
Wd(
( .
: 3-3-1( : ) Historical Work Factor Wd
e ( ( .
Wd ( .
wd wd .
: 0-3-1
) Key Space (
( .
133
0-1 . (
. ( (
. ) Prefix
) Powers
) teraflops ) Rated (
. 0402 teraflop
. : 0-1
Reference
Seconds in a year
Age of our solar system
Magnitude
3 107
6 109
(years)
Seconds since creation of
2 1017
solar system
Clock cycles per year,
1.6 1015
50MHz computer
Binary strings of length 64
Binary strings of length
128
2128 3.4
Binary strings of length
1038
256
Number of 75-digit prime
2256 1.2
1077
numbers
134
5.2 1072
8.37 1077
135
2-1 (Prefixes .
: 1-3-1 ( :)Symmetric Key Length
( (
.
( .
( ( (
. ) Brute Force Attack
: 2-1 Prefixes
. 04
10-1
Deci
1018
Exa
10-2
Centi
1015
Peta
10-3
Milli
1012
Tera
10-6
Micro
109
Giga
10-9
Nano
106
Mega
10-12
Pico
103
Kilo
10-15
10-18
Femt
o
102
Hecto
10
Da
Deca
Atto
( (
(
( . ( (
( : 90 .
( ( .
(
136
( ( . (
) Format ( : wordperfect
UNIX
( . ( (
.
( .
9 29 219 . 219
( %14
. 19 219
( ) Super Computer
2291 .
90 ( 191 444
290 . 029
21
04
0421 . ( 04 04 .
2409
04169 ( .
( ( 9
( ( :
( . (
) Perfect . (
( .
: 9 (
:) Estimates for Brute-Force Attack
( ( .
(
( :
( . (
. ( ) DES
19 219 .
90 290
( 029 .( (
. (
( (
Time and Cost
137
. (
( ( .
( (
(
.) DES 0499(
) DES ( .
.
) Chip
19
2 24 .
90 290 200
.
.
( . ( ( .
( .
( Cryptography Research,
) Advanced Wireless Technologies EFF
( . ) DES ( 19
.
) 72,057,594,037,927,936
( ( (
64
10,000 . (
( ) chip simulators ( ( Paul
) Joshua Jaffe (
) Kocher
( .
(
) Michael Winer
( . ) board 3-1
.
138