:

:
:
:
alidahab52@yahoo.com:
:
( ) Cryptography (
0444 ( (
)
(
( ( ( )
. ( (
( .

0694 ( (
) (Digital ( (. (
( IBM ( ( (

 )Data Encryption Standard DES ( ( (

( ( ( (
.

0694 ( (
(
) Diffe & Hellman
) Public Key Cryptography ( (
)Security
) Intractability Discrete
) Logarithm Problem (
( . 0694
( ) )Adleman, Shamir, Rivest
( ( ( Digital
) Signature ( ) RSA .
RSA
( ) Factoring (
.) Prime Integers (
( .
( ) ( (

. ( (
.)Insecure 0691
) RSA (
) EI-Gamal ( ( (
. )Public-Key Scheme
( (
( . ) digital signature
( RSA ( EI-
).) Gamal
( (
( ( ( ( .
) Standards (
. (
) Security Products ( ( (
.

 :9 -0 (
) :) Cryptography

Information Security and

)Information
(

) )Understood Quantity
( .
( state and
.)requirements (
. :0.0

:

( () . ( . .security

(
.) measurements (
( . .
(
) Eavesdropping (
. )External Security ) ) Internal
(


access control mechanism ( (
( ) )Identification )
(
(

(
) Backup ) .( ( (
( . ( (
( . ( ( ( (
(
)).

 ( ( (
( ( ( . (
.
)Primitive ( ( ))Encryption
)) Messages

( .
)
(
. ( ) ) Encryption
) .
(
( (
(

) privacy

( ( . ( (
.
( Decryption ( (

( ) Cryptosystems
) Reverse ( ) Encryption
.) Secure Communication ( (

4

( ( .

) ) Authentication

. ( ( .( (

( . ( (

) timestamp (
. ( (
( ( (.
Invertible
(
) ) Transformations ) General System (
)Cryptosystem ( .)System
(
) Parameter
) Enciphering Key .) Key (
) Cryptosystem (
.
(
(

) .

 ( ( (
) )Procedural Techniques (
. ( (
( (
( .) Not Authorized



.
(
( (

.

( ( .



( .
(
( ( .
(


.
) Digital Signatures
( (
.
(
( ) Identification .) Witness
) Handwritten (
( .) Identification (
.) Identity(
) Unique (
) Authorization .) Validation (
( ;
) Signer .(
( ) Electronic Replication (


.) Triviality

( ( ( )Identification
.
)
( (
. ( ( (
( .)Validation ( (
(
) )Signer ( .
( (
.

 :6-0( : ( :) Cryptography
(
( (
)Confidentiality Data
)Integrity )Entity Authentication
.) Data Origin Authentication (


.
( ( ) Cipher System
( ( ( .
(
( ) (
)Cryptographer ( .) Interceptor
( ) maximize ( (
(
( ( .
( ( ( (
( . (
(
( (
) Francois Vite 1540-1603 . ) John Willias 1616-1703
William F.
( ( (
) Friedman 1920 ( . ) Lester S.Hill 1929 (
( ( Hans
) Rohrbach 1903-1993 Alan Mathison Turing 1912-
) 1954 ( ) A.Adrin Albert 1905-1972 Marshall Hall
) b.1910 .
( ( (
) Number Theory( )Group Theory
Complexity
) Combinatory Logic(
) Theory( .) Information Theory (
.
(
(
(

. ( (
7

 (.

( ( ( ( .) Criminology
( ( ( (
( .
( ( (
(
( )Code Books (
( . ( ( (

( ( ( (
(
.( (
(

( .
: 04-0 (

:)Cryptographic Objectives

( :) Privacy or Confidentiality (
-0
.
-2 : ) Data Integrity (
( ( ( ( .
-3 ( : ) entity authentication
( (Credit
)Card
:) Message Authentication
-0 (
( .

-1 ) :) Signature( ( .
-9 : ) Authorization ( (
.
-9 : ) Validation (
.
-9 ( : ) Access Control(
. ) Privileged

 -6 : ) Certification
.

04 : Timestamping .
-00 ) :) Witness(
.

-02 - ) Receipt ( .
- 03 - Confirmation ( .
- 00 - Ownership (
( .
- 01
.

: ) Anonymity (

- 09 : ) Non-Repudiation
.
- 09

: ) Revocation .

( () ( . .

( :

: ) Confidentiality
-0
( (

.( ( ) Secrecy
.) Privacy

(
-2 ) Data Integrity
( ( )Unauthorized
( ( .
( ) Insertion
)Deletion .)Substitution (
9

(
( .

-3 : )Authentication
( ) Identification (
) Two Parties ( (
( ( .



:
(
-
-

. ) Entity Authentication

.) Data Origin Authentication

(
.) Integrity

Data

; (

(.
: ) Non- Repudiation
:0
) Entity ( ( .
) Dispute ( (
( . (

( ( ( . (
( .
(
.

0.0 ( :
( ( (
( . ( re-encipher
) ( (
( ( .

11

 ( ) Primitives
) (
( :
) Evaluated
(
-0 : ) Level of Security
. ) Quantity (
( ( ) .
(
(
.) Work Factor
-2 : )Functionality )Primitives
.
(
. (

(.
: 0.0 (
Arbitrary Length
Hash functions
One-Way Permutation

Unkeyed
primitive

Random Sequences
Block
Ciphers

Symmetric-Key ciphers

Stream
Stream

Arbitrary Length
)Hash functions(MACs
Signatures

SymmetnicKey

Pseudorandom

Primitives

Sequences
Identification Primitives

Public-Key
Ciphers
Signatures
Identification Primitives

11

Public-Key
Primitives

Security
Primitives

 -3( :) Methods of Operation (

( .


) Mode .
:) Performance (
-0
) Mode of Operation
( ) Rated ) Bits
( .
-1 . ) Ease of Implementation (
) Primitive
Hardware
(

).
: 00-0
:) Terminology

Concepts

and

Basic

(
(

.

(
) Hardware (

(.

:0

( ) Encryption domain and codomains

-st0 ( ( Alphabet of
)Definition } A={0,1 (
) . Binary Alphabet ( (
.

:M ( .)Message Space M
( ( M
(

) Plaintext Message

)Plaintext M
.) Computer Codes
12

 :C ( ( ) Ciphertext Space
( (

) Form . )M ( C (
.) Ciphertext
:02- 0 (
:) Transformations
: K ( ) Key Space (
k . ) Key

Encryption and Decryption

( e ) e k k ( M C Ee
( . Ee
( .) Bijection ( d
) d k k ( Dd . ( C M (
) Dd:c ( ) (

m
. ) Decryption Transformation Ee m
) m M ( ( m Dd .
( ) c C c ( . c
( ) Ee: e K
( (
e
) Dd: d K (

k d k Dd=E-1e ( :
Dd=(Ee(m))=m
( . m M ( ( . ) Cipher
e d ( )e ,d
e d .
( ( :
.M

-0
-2 (

. C

-3

.K

13

 -0 (

. Ee: c K

-1 ( . Dd. :d K
( E
( Ek(
K (
( ( ) ( ( .
( ( ) Cipher
( ( ( .
( (

.) Restricted Algorithm

( (
(
( ( . (
) Key . k
( . ) .) Key Space
)
. .
(

:0 ( (
:2

:3
.DE

: 03-0 ( :
(
(
( :
:0 ) Reliability
14

 :2

) Secrecy

:3(

) Rapidity

:0(

) Flexibility

:1 . ) Economy
(
. ( ( (
(
( ( (
.
( ( . ( ( ( (
( .
( (
( ( ( .


( ( .
: 00- 0 (

-:)Cryptanalysis

(
) .

) (
( ( .
( ( (
( )Defeat ( ( (

( . ( (
(
( . ( (
. ( (
. ( (
( (
. ) Compromise

15

(
.
( ) Cryptography
(
( ) Secure
. )Cryptanalysis ( (
)Compromised ( (
( (

( . ( (
( ( ( ( .
( ) Cryptanalyst (
. (



. ) Redundancy

(
( . (
.
( .
.
: ( (
.
( ( ( System
) Identification Problem (
( . ( (
( .

( ( .
( ) Cryptanalysis
( ( . (
.

16

 ) Cryptology
. ) Cryptanalysis

( ) Cryptography (

( ) William F. Friendman (
(
. (
. ( (
( .
( ( ( ( (
) Cryptology ( ( (
( (
( ( .
.
( ( (
( (
.
( ( .

(
( ( .
( ( ( ( (
( ( (
( ( .
(
( ( ( (
( ( .
( ( ( . (
( (
( e ( . d
) (

( .
(
d ( ( C .
. 2. 0
17

 :2 .0 ( ( .
Key generator
K

Decryptor

K
C=e(M,K
)

Encryptor

Ene
my

: 01-0 :) Security of Algorithms

(
( ( (
( (

(
. (
(
. ( ( ( (
.
( . (
.
( .

:
) 0 (
Dk (C) = P

) Lars Knudsen

: ) Total Break ( k

18

 :) Global Deduction (
) 2
A ) Dk (C ( .K
) 3 :) Instance (Local ) Deduction (
( ( .
) 0 : ) Information Deduction (
.


.
( ( ) Unconditional Secure
(
( ( . (
( .
) ) One Time Pad ( (
( ( ( (
(
Brute
.
. ) Force Attack
( ( (
( . ( ) Computationally Secure
) ( (
. ( ( .

) 0
.

: ) Data Complexity

: ) Processing Complexity
) 2
. ) Work Factor
) 3 : ) Storage Requirements (
.
: 09-0(

:) ONE TIME PADS

(
( (
) One Time Pad 0609 Major Joseph
19

 ) Gilbert Vernam Maubrgne ( One

Threshold
(
Time Pad
( (One Time
. ) Scheme
( ( ( .

Pad
) Pad (
(
( (
( ( ( . (
) Module 26 29 ( (
) . ) One Time Pad
( .
( ( (
( .
:0-0
ONETIMEPAD :

TBFRGFARFM :

( IPKLPSFHGQ :
:
O + T mod 26 = I
N + B mod 26 = P
E + F mod 26 = K

( ) Eavesdropper One
) Time Pad ( (
) Perfectly Secure (
.

( (
)
( .

21

 : 09-0 :
:0( :) Information Theory (
Claud
( 0609
. IEEE
) Elmwood Shannon
:2 ( : ) Entropy And Uncertainty(
( ) Amount of Information
( ( ) Encode

.
M ( (
).H(M
0606 (
( ( ( ( .
( .
(
(
( . (

(
( .
( Bits log2n n
. (
) Uncertainty (
( ( ( .
:3

: ) Rate Of Language

r= H ( M ) / N
1.0
N .
bits /letter 1.5 bits / letter ( . N
( .
) Absolute Rate
L(
( ( .
:
21

R=log2 L
( ( .
log2 26 . 4.7 bits /letters
) Redundancy

( D( :
D= R-r

0.3 3.4 bits

. /letters ( 3.4
( .
:0 : ) Unicity Distance n
( (
)
:
2H (K ) nD - 1
( U ) Unicity Distance
)Unicity Point ( (

) Entropy

( ( ( .
( (
( :

( symmetric systems

U=H(K)/D

.

) Insecurity

0.2 .
:1( : )Complexity Theory( ( (
( .
( .( (

22

 (
( .

( ) One-Time Pad

: 0.0 (
.
Unicity distance ( in
)characters

) Key Length ( in bits

5.9

40

8.2

56

9.4

64

11.8

80

18.8

128

37.6

256

:9 : ) Complexity of Algorithms
.
( T : ) Time Complexity S

Space Time ( ) . T S
( n n . ) Input
( : ) Bandwidth
) .


0-2 ( :
( Flat
) Distribution (
23

 ( . ( (
( . (
)Diffusion ( )Dependencies
(
)
( ) Substring
( . )Unicity Distance
( ) Confusion
) Functional Dependencies ( (



.
) Noisy Channel (
( (
( . ( (
.( ( (

) )Cryptographers (

(
. ) Opponent
( ( Coding/Decoding
) ) ( . )Game Theory
(
( . (
( ( ) Unauthorized (
.
) Opponent

:0 . M
:2 ( M M
( . M

:3 ) Interloper( (
.

24

 Privacy
) Problem ( ( .
( ( (
(
.
) Authentication Problem Dispute
. )Problem
( ( (
. ) evaluate ( (
( ) Uncertainty ) Opponent
.(
( . (
k p .
p (Spreadsheet
().
( (
p (
.
) Shannon
:
) Security

Perfect

) Opponent( E ()
( ) Arbitrary( (
(
(
( .
) PC(M M
( ) .C=E(M ( :

)PC(M)= P(M

) P(M

. M

25

 ) PM(C ( C M
. ) PM(C ) P(K (
M . C

)PM = p(K
Ek(m)=C

K ( . EK(M)=C
( ( C
)PM(C)=P(C
( C ( (
. M
) Cardinality
(
. ( )) Uncertainty
( .
( )Ciphers (
(
. )Ideally Secret (
( ( ) Unbreakable

.
. . ) One-Time Pad
) Bits ( (
.
( (
)Transmission
.
(
( C ( M = Dk
). (C
26


(
( (
Cryptanalytically

) ) Equivalent ( (
. ( R S
) f ). R=f(S
( ( .
(
( ( (

( ( . (
(
.


.
( ( .
( (
) Unconditionally Secure
( (
.) Computing Power

(

.)Statistical Uncertainty ) HC(K (
( ( ( (
( .
( ( (
( .

(

(
( )

( ( ( .

27



( (
(
.( (
) Work Factor
( (
.
/
(
) ( ( . ( (
( ) (
( ) ( ( .(

(
(

( ( (
. ) Cryptosecure

)Certification (
, (Ad hoc Heuristic(
(

.( (
( ( ( ( (
( .
)Certification( ( ( (
(
. ( (
(
) )Complexity Theory ( ( ( (
( ( .
( (
.
(
(
( ( (
.
( . (
( (
(
( ( (
( ( . ) Keysymmetric
( ). ) Involuntary
28

 ( )Criteria
) )Attacks ( (
. )Prospective Cryptosystems (
)Ciphertext Only Attack
( ( (
)Ciphers .
( ( (
( . )Insecure ( Known-
Plaintext ( (
)Compromised (
(
( .
. ) Secure 0699
(
NBS ( ) ) DES
( ) . (
( ( ( ( (
(.
(
( (
(
) Chosen-Plaintext Attack
. (
(
.
) Compromization (
.

( .
( ( (
( : ) Kerckhoffs Principle E
( ( . E
(
( C (
M E(M)=C
( ( .
( ( (
) work factor(
( )Cipher ( (

29

 ) Unicity Distance
. )Invert

( ( (

. ( (
( )Safe ( (
. )Crtptosecure
( (
( :
( ( ) Computationally Secure
E
. )Computationally Infeasible or Intractability
)NP (
Deterministic
(
)Algorithm Exponential
. )Complexity NP (
( ( ( .
(
( (
) Resources

( ( ( (
.
( 214 .. 294
( 221 . 231
) Compromization (

)Computationally Secure ( (
. )Equivocation

. ) Lakshivarahan 029
( ) Decryption . 2128=1034
3.15* 107 . ( (
( ) 01-1
3.15*1016 )Unique Key
(

31

 3.17*1021 .
( (
)Undiminished .

)Equivocation
) (

( (
0699 (
(

) (
( ( Provable Secure
) Cryptosystem P = NP

)Secure ( P = NP
( ( (
( ( .

)Inversion
)Imperfect ( (
(
) Compromization ( .
( ( ( ) (
( ( )


) . (

( Frequency of
)Replacement ( (
( ( .
( (
)Procedures ( (
( .
( (
)True Key ( )Pseudo Key
)Infeasibility
(
.
( .

31

 : 2-2 :
( ( ( : (
(
) . (
( (
. (
. ( (
) One-Time Pad (
.
(
( (

( .
( (
. ( ( ( .
(
( ) Compression (
( ( .
( (
:

K (

H ( K ) = log2 K
( 90 ( 90
( 19 ( 19 .
( ( ( .
: 3- 2 (

:) Random Cipher

( . ) Equivocation
(
( ( (
) .

32



(
.
( ) .
( .
. (
. (

) Uncertainty
( ) .
(
(
.
( .
( ( ( .
. (

( ( . Periodic
. (
) Sequence
. (
) Unpredictability

( (
( . ( (
( ( ( .
( (
( ( ( (
.
( . ) Pseudo - Random Sequence
( C (
(
.

(
( ( (
. ( (

.

33

 :0-2

:) Achieving Confidentiality

( ( (
( ( ) e ,d
( m M ( c
( ( ) ) . c=Ee(m
( c
Dd ( c) = m( . m
: (
( ( . (

( ( ( (
( .
( (
(

( ( (
( .
( ( ( (
( . 0- 2 (
( .
: 1-2( :) Communication Participants
0.2 :
:0 ) Entity ( ) Party
.
:2( ) Sender ( (
( ( ( ) .
) Alice (.
:3 )Receiver ( (
( ( ) Intended .
) Bob( .
:0 :) Adversary (
( ( (
) Defeat ( .
34

 ( )Adversary
)Enemy )Attacker )Opponent
) Trapper ( ) (Eavesdropper Intruder
).

: 0-2

( ( .

Adversary

Decryption
Dd(c) = m
m

Unsecured
channel

Encyption
Ee(m)=c
m
Plaintext

destination

Source
Bob

Alice

: 9-2 :)Channels :
( (
( ( -:
-0 : )Physical Secure Channel (
.
-2 ( ( ) Unsecured Channel
(
( ( .

35

 )Secured Channel
( ( .
( )Physical Secure Channel

)Secured Channel (
( .
: 9-2

:) Security

)Premise ( :

} M,C,K,{Ee:eEK},{Dd:dEk( .
.)e,d
(
.
( (
( :0- 2
( ( ( )Breakable (
)Party ( )e , d (
)Plaintext (
)Ciphertext .
( ( ( (
( ( ( (
( .)Public
)Exhaustive Search
)Key Space ( (
(

()
.
)Kerckhoff's Desiderata
(
( ( .

:
:0 ( ( ( )Breakable
( .

36

( (

:2
( )
(
:3
(.
: 0 ( )Cryptogram
( .)Telegraph

: 1 (
)Portable .
(
: 9 (
.
(

.

0993

(
( )2
( )Security (
( .
( :
:0 (
( ( C ) Intercepted
( DK
M(.
:2
M

( (
( ( .C

(
( :

( )Criteria ( 0604

:0 (

. ) The Amount of Secrecy Afford

:2 .
:3 ( ( .) Ciphering, Deciphering
:0

.) The Propagation of Errors

:1 . ) Extension of the Message

37

)0 .

( (
) . (
. ( ) 3 ( (

.

( . ( (
( . ( ) Nulls (
( ) ( (
. ( (
.
(

) (
. ( (
( ( .
( (
( ) Monoalphabetic ( ( .
( . (

( One-Time
) Pad ( (
. ) Perfect Secrecy
)1 (
(
(
.
(
( (
. ) 0 ( .
( ( .
( ) Error Propagation
(.
.
(

38

 . (

.
( ( .
( ( ) Encipherment (
. ) Secret (

(

(
. ( ( (
) Procedures
.

(
. ( ( (
( .
(
.
( (
( ( . (
( (

.

( ) Cryptography
( . ( (

.
: 6-2( :) Worst Case Condition
( ( (
( ( .
( ( .
( (
( :
( : ( ( ( .
( : (
( .

( : ( (
( .
39

( (
.
( ( ( ( (
( . (
(
( (
( ( .
.
( ( )
( (
( .
:04-2 :) Information Security in General
( ( (

( ( ( . )Privacy
( (
)Authentication
.)Data integrity

41

-0 )Information Security Service

( ( ( (
( (
.
-2( )Breaking
.

)Defeat

-3 )Passive Adversary
( Unsecured
(
. ) Channel
-0 )Active Adversary
( ( ( .
:00-2 (:
( . ( (
( . (

( ( (
( (
( .
( ( . (
(
. ( .
( ( (
Default
( (
) Settings ( (
( ( . ( ( (
. ( ( (.
( (
( . ( (
(

( ( ( (
( ( (
( ( . ( 9632
41

 Defense Information
) Systems Agency 88%
. ( (
( (
) Configuration Management (
Auditing
( ) Firewalls

).
( ( .
(
( (
. (
( (
( .
( . (
( (
. (
( Black
) Networks .
( (
( ( ) Confidentiality
) Anonymity (
) Authentication (

( .
:0-00-2 ( The Drift Toward
:) Crypto Anarchy

( ( ) Crypto
. ( (
( ( ( . ( (
.
( ).

42

 :2 -00-2 ) Key Escrow:

( (
.) Crypto Anarchy (
.) Key Escrow ( ( (
( . ( ( (
( .
( ( .
( ) Data Recovery Key

.
.
0663
(
( (
(
. ( (

(
( ( (
) National Information Infrastructure
( ( (
(

) Escrowed Encryption Chip . Clipper
Clipper ( (

( ( .
. ( Clipper
0660 ( Escrowed Encryption

) ) Standard (EES
.
( ( Escrow
) ( (
( .
( (

. (
) Bankers Trust (

43

 ( ( (
( .
( ) Hardware Encryption( ( (
( .
:3-00-2 :)Alternatives to Key Escrow
( .
( ( ) Weak Encryption
(
Escrow
. ( (
) ( (
( ( ( .
( (
. ( )
( ( (
).
) Real- Time Decryption
( ( ) Link Encryption
( ( .
.
( (
( (
( ( .

( (

: 0-3 ( :) Cryptography
( ( (

( :

:0 ( )Crypt analysis (
( ( ( .
:2 ( )Cryptanalyst (
(.

44

 (
:3 ( )Cryptology
)Cryptography ( .)Cryptanalysis Cryptology
krypts lgos ( .
(
:0 ( )Cryptosystem (
( ( (
.
(

:0 ( .) Symmetric Key
:2

.) Public Key

45

 : 2-3 ( ( ) :(Symmetric- Key Encryption

:

( . (
) Conventional Algorithms
(
(
. ( ( (
) . (
(
. ( .
( .
bit byte )
. (
(Stream
) Blocks
( ( . ) Block Ciphers
90
( .
( (
) ( ) .

( ( .
( (
( ( . (
(
( . key
. )management ( .
( ( (

( .
: 3-3( ( ( Overview of Block
:) Ciphers and Stream Ciphers
46

( : 0 -3
( ( (
} {Ee:eK } {Dd : d K K (
( )Symmetric - key )e,d
d( e d e .
( ( )Symmetric e =d
( ( ( ( )Single-Key
)One-Key )Private Key (
) .)C conventional Encryption

( (

( (

( ( .
( Private Key Methods
) ( ( . 0614 (
( ( .
( ( ( (
.
.
:
:0 ( ( ( ( ( (
. ( ( .
:2
( (
. .
:3 ( ( (
( .
( ( (
( .
( ( )0-
= 0444 ( . 999000
: 0 -3

47

 A={A,B,C,.,X,Y,Z} :( C,M
1( . A e . A
( 1(

1( .
(
.= e-1

. e (

( e (

( (

A B C D E F G H I J K L M N O P Q R S T U VW X Y Z
DEFGHIJKLMNOPQRSTUVWXYZABC
:
m =THISC IPHER ISCER TAINL YNOTS ECURE

( )C=Ee (m

C= WKLVF LSKHU LVFHU WDLQO BQRWV HFXUH

) (Shift ( )3
( ( ) . 0 - 3
(
0-2 )
( . ) Confidential and Authentic
( (
(
). (Key Distribution Problem
( ( ( ( (
( ( d(
) (Secret e (
( (
. d

( ( :

:0( . ) Block Cipher

48

 :2( . ) Stream Cipher

: 0 - 3( ( ):(Block Cipher
( ( ( (
) ( Strings ) Block t (
A ( . (
( . 90
) .
(
(
( .
( ( ( .
) Block Size ( (
( 90 .
029 ( .( ( (
( ( (
. ( (
( .
( ( ( :
:0( . ) Substitution Cipher
:2( . ) Transposition Cipher
(
). Cipher

( ( ( Product

: 1 -3( (
:) Transposition Ciphers

and

Substitution Ciphers

(
( . ( (

( ( ( ( .
) .
(
( .
49

 : 0 -1-3 :
( (
) ( ( .
: 0-3
.

Adversary
SECURE CHANEEL
e

Key
source
e

Decryption

c
Encryption

De ( c ) = m
UNSECURED
CHANNEL

Ee(m) = c

m
Plaintext

Bobdestination

source
Alice

51

( : 2-1-3( Simple Substitution Ciphers

)
( A
M
K

) . t
)Permutation . A

) e k e

( Ee :

(m)=(e(m1)e(m2)..e(mt)=)c1c2.ct =c

m=(m1m2.mt) M:

( ( c
:

c=)c1c2.ct d

d=e-1 Dd. :
Dd(c) =(d (c1)d(c2)d(ct)=(m1m2.mt)=m.
Ee ( ( Mono-
. ) Alphabetic Substitution Cipher ( ! q
( .) Cipher
( ( -
- ( ( .
(

( .
(
) Permutation ( (
29(
. (
( ( A UXEB..
( A( B U( X . (
( ( . ( (

( . ) Monoalphabetic Cipher
( ( ( (
) Diagram ( qu

51

 (
. ) Polyalphabetic

( ( (
( ( ( (
( ( . ( (
( ( ( ( .
( ( .
( ( ( Simple Substitution
. ) Ciphers
(
( (
( . (
( 26! = 4*1026

( ( ( ( ( Letter
) Frequencies ( . ( E
( ( ( . ( (
( ( E
( .
(
: 3-1-3 ( :
(

( :

:( Monoalphbetic Cipher
:0( (
( ( (
(.
: 2( : )Homophonic Substitution Ciphers

( ( ( (
( ( .
( A 19 1 03 21
B 02 9 06 30 .
: )A Polygram Substitution Ciphers
:3(
( ( ( . ABA
RTQ ABB SLL .
52


:0( ( : ( A polyalphabetic ciphers
( (
( ( Mapping
) . ( ( (
) Alberti . 0099
( ( ( ( .
ROT 13 ( ( UNIX
( . ( A ( N
B ( O . ( 03 . (
( ROT 13 P = ROT 13 ( :
) ) ROT 13 ( P
( ( ( (
. (
(
21( ( (
. ( .
( ) Homophonic
. 0040 ( ( ( (
.

( ( ( .
( (
.
( (
( ) ) Polygram (
. ( ) ) Playfair 0910
( . ( ( (
. ( ( ( . ) Hill
( ( ) Huffman Coding (
( ( ) Polygram ( .
( ( ) Polyalphabetic
) Lean Battista . 0199 (
.( (
( (

)
(

53

 ( .( (
( 0199( ) ) Beaufort( (
(.
(
( (
( ( ( .
( . ( (
( ( .
( ) ( .
24( ( 24( . (
) Period( . ( ( (
( ( (
( ( . ( (
( .
( ) Running - Key Cipher
( ) Book Cipher ( (
( .( ( ( ) Period
( .
: 0-1-3( :) Additive Ciphers :
( ( ( ( Caesar
. ) Cipher ( ( a w 3
( ( ( x,y,z( A,B,C
. ( ( :
plaintext: a b c d e f g h I j k l m n o p q r s t u v w x
yz
ciphertext:D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

54

: 2 .3

Plaintext : Caesar

Solider

Great

was

VROGLHM

JUHDW

Ciphertext : FDHVDU ZDV

: 1-1-3 :N-GRAM
(
(

) Diagrams ) Triagrams .
(

292
26 x 26 ( (
( .
d M . d
1,2,.,d .
: 3 -3
d=5 ) = ( 4 1 3 2 5
M = JOHN IS A GOOD SKIER
C=ONHJ SA I ODOG KEISR
JOHN ONHJ
( 1

: 9-1-3( :) Key Phrase Ciphers

) Phrase (
(
. ( (
. (
( (
(

55

( . ( METTLE
. METL ( ( .
: 0 -3
MY LITTLEFINGER ( . d
( ( . MYLITEFNGR
( M d :
plaintext : a b c d e f g h I j k l m n o p q r s t u v w x y z
ciphertext : M Y L I T E F N G R
( ( (
( A n .B O C P
( Z . C :
plaintext : a b c d e f g h I j k l m n o p q r s t u v w
x y z
ciphertext :W X Z M Y L I T E F N G R A B C D H J K O P Q S U V

( (
. ( (
. ( (
(
( (
29(
( ( (
. ) Monoalphabetic ! 26 ( ( 4x1026
( (
(
( ( ( .
( ( (
( . ( (

(

( .
: 1 - 3

56

( m . m=m1m2m3.
( (
( ! 26 . k
( t m M (
). c=t( m
(
. :

plaintext : a

)ciphertext: t(a) t( b) t ( c) t( d
( : 2 -3(
:) Ciphers

Homophonic Substitution

( ( a
t
) . H(a ( ( c
a A ) C H(a
(
). H(a
.: 9-3
( :
}A={a,b
}H(a)={00,10
}H(b)={01,11

( ab

:
0400,0440,4400,4440

( :
} { 0000, 0010, 1000, 1010

aa

} { 0001, 0011, 1001, 1011

ab

57

} { 0100, 0110, 1100, 1110

ba

} { 0101, 0111, 1101, 1111

bb

( .

) 4-bitstring ( Coodomain
( .
( ( .
) Simple Substitution ( ( (
( . ( ) Homophonic
( ) Occurrence( ( (
. )Data Expansion (
) Decryption ( .
( ( (
( 1 (
. M
( 2
( C(
. 2 1
: 9-1-3( ( Polyalphabetic Substitution
:)Ciphers
( (
( A :

( t

( (
:0 K
) t Permutations) t (
( .
(P1,P2, ..P t pi
-2 ( ( )m=(m1m2..mt
) e = (p1,p2,.pt ( (

))Ee (m)=(p1(m1)p2(m2)..pt(mt
-3 ( ) (Decryption Key
) ,pt

58

e=(p1,p2

)d = (p1-1,p2-1,.,pt-1
: 9-3( ( ):(Vigenere cipher
( )..,X,Y,Z
) (p1,p2,p3 :

A=(A,B,C,

t=3 = e

p1 ( ( ( 3

.
p2 ( 9 .
p3 ( 04 .
m = THI SCI PHE RIS CER TAI NLY NOT SEC URE
:
c = Ee(m) = WOS VJS SOO UPC FLB WHS QSI QVD VLM XYO
( ( ( (
( ( . ( E (
( . L O ( (
( .
:9 -3
( ( ( ( ( .
( ( .
) Keyword t: M
. C t t1t2t3t4.
M C m=m1m2m3m4. = )t(m
t(m1)t(m2)t(m3)t(m4).
may t1,t2,t3 M C (
12,0,24 t
. t1t2t3t1t2t3t1.
: 9- 1- 3( :) The Autokey C ipher
59

 (
( . ( (
( . ) Running Cryptogram
: 6-3
( COMET SEND SUPPLIES
( . 29
SEN DSUPPLIES

M:

C O M E T S E N D SU P

K :

________________________
USZHLMTCOAYH

Cryptogram

( ( :
S E NDSUP PLI E S

M:

COMETUSZHLOH

K :

________________________
US Z HLOHOSTSZ

61

Cryptogram

 : 9- 1- 3( ( ( :

(
( ) (
( .

(

.


(

( ( ( .
. ) Guess
( (
. ( (
( ( .
( ( . (

( (
( (
.
( (
( (
( ( ( (
(
(
. ( )

(
( ( (
. (


( ( .
: 6 -1-3( ( :
(

( ) Translation Table (
( ( ( ( (
. ( ( ) Dynamic (
( ( ( .

61

 ( ( ( ) Combiner
XOR ( ( . (
( (
( .
( . ) Dynamic
(
( (
.
(
( ( .

( ( XOR ( (
.
( ( ( ( .( (

(
. ) mod 2 addition 2( (
XOR (

( (
( . ( ( (
2 ( (
.
(

Cryptographic Combining
( (
) Functions ( XOR ( (
( ( (
. ( ( ( .

62

 : 9 -3(

:) Transposition Ciphers

(Permutation(

( ( :

t K ( )(Permutations
}. {1,2,..,t e e K (
( :
))Ee(m)=(me(1)me(2).me(t

m=(m1m2..mt) m

( ) (Decrypt (
( d= e-1
( ( C

) c=(c1c2ct

)). Dd(cd(1)cd(2)..cd(t
( )Transposition (
)Block ( .

( ( (
( . (
) Simple Columnar Transposition Cipher
( ( )

( ( :
:04-3
plaintext : COMPUTER GRAPHICS MAY BE
SLOW BUT AT
LEAST IT`S EXPENSIVE

COMPUTERGB
APHICSMAYB
ESLOWBUTAT
63

LEASTITSEX
PENSIVE
CAELP OPSEE MHLAN PLOSS UCWTI TSBTV
EMUTE RATSG YAERB TX

Ciphertext

( ( .
: 6-3 XOR:
XOR :
0 0 0
0 1 1
1 0 1
11 0

XOR

aa 0
abb a
( ( ( .
( ( MS DOS
( ( XOR
( ( ( :
p k c
c k p

( (

( ( .

( ( ( ( ( Diagrams
) ( ) Triagrams
.
( ( (

64

 : 9-3(

( :) Composition of Ciphers

( ( ( ( ) ( Product Cipher (
( ) .( ) (Composition(
( .
(
(
(
( . ( (
0606 ( (
:
:0 . ) The weighted Sums
:2( . ) Product
: 0 -9-3 :
S1 S2 (
) 0 < P < 1 pS1 + ( 1-p ) S2
( :
S1 p S2 . p-1
( ( .

:00 -3
( T R (
. S

(
. ( )
( . (


) . (
(
( .
( . ) Variant
( (

65

 T R ( ( M p
q p+q=1
R T ( ( S
R T S= pR+qT . M (
( S R T
(
R . ) p
( . R r1,r2,r3,..rm
p1,p2,p2,.pm T t1,t2,,tn
q1,q2,..,qn S :
r1,r2,r3,..rm t1,t2,,tn p1,p2,p2,.,pm,
q1,q2,..,qn .
:2-9-3(

:) Composition of Functions

( :0 -3
S,T,U

f:sT

g:Tm

) ( Finite

( Composition g p( dof
(
S U
)gf
( )) (gof)(x)=g(f(x x . x S
.
( ( (
: 3-9-3( :) Compositions & Involutions
) Involution
EK ( EK(x)=x

x ) Ek (Domain of Ek ( Ek oEk
). (Identity Function
: 0-3

66

 ( ) ( Two Involutions ( .
(
( (
) . (Decryption :
Ek1.,Ek2,,EKt ) (Inverse
EK=EK1EK2EKt :
E-1K=E-1K1E-1K2E-1Kt

( ( ) (Composition (

67

 : 2 .3(
U

g .f

g o f
U

T
S

t
b

f
g

gof

: 9-3( (

:)Product Cipher

( Simple
Substitutions and

) Transposition ( (
( ( .
t 2

( ( ) Product Cipher (

(1 <I < t) , EKi .

).) Round

: 3 .3(

g o f

g f ( .

gof

g
68

 :-3( ( ):( Product Cipher

M=C= K
) ) String . 9 ( M .26=64

Binary

) . m=(m1m2m6 ( :

E(1) k ( m) = m k

k K

) E(2) (m) =( m4m5m6m1m2m3

) E(1 ( ( ( (Polyalphabetic
) Substitution ) E(2 ( ( )(Transposition
. ( ) E(2 .
( ) Ek(1) Ek(2) (Product . ) Round
( ( ( (
)Linear Substitution n

( ( ) ( d ) Period
) Block Transposition . n
( ( ( ( ( ) Product Encryptions
( ( .( ( ( (
(
( d1 ,d2 ( ( (
) lcm ( d1, d2 ( n1 , n2
.
( )Superencryption ( (:
( ( ( ( ( . ( ( Z10
. N=10 ( ( .
: 2-3

:) Practical Security

69

 .
( (
( .
( ( Theoretically
. ) Secure
(
( (
(
( ( ) Theoretically Insecure (
. ( (
. ( One-
) Time Pad ( ( ( (
.
( ( (
. ) Ideal System
( ( ) Monoalphabetic Ciphers
(
(

. ( ( .

(
( ( .
( (
(
( ( ( ( (
.
:3-3 ( :Confusion and Diffusion
) Obscuring

) Redundancies (
( .
) (Substitution ) Round (
(Confusion ( ) (Transposition
. ) Diffusion

71

 (
. (
( (
( . ( (
( ( (
( .
( ( )
( ( .
( ( . (
( .
( ) Transposition
.) Permutation(
( ( . (
( ( (
.
( ( (.
) Rounds
(
( ( . ( (
( .
( .
( (
( . ( ( (
m=m1m2m3..msms+1,..m2s,m2s+1 S
)
. K S
f1,f2,.,fs ( ( . c1c2..cs
s(
(
( s (
. (
.
:0 -3
( ( ( (
( ( ( . (
(
( ( ( (

71

 . ( .
(

( . (
(

( ( .
( .
( (
. ) Diffusion ( ( 29
) modulo 26 .
m=m1m2. s m
y1y2. :
. n =1,2,3,
M ( ( y
( . M ( (
s 1

)(mod 260

n 1

i 0

yn

( ( ( ( .
(
(
. ( .
( ( . (

(
. ( (
( . ) Error Propagation
( (
( ( (
( . ) Confusion and Diffusion (
( (
( ( . ( (
( .

. ( ( (
(

72


(
( .

:6 -3( :) Stream Ciphers

( ( ( ( ( (
.
( ( (
( . (
) ( Transmission Errors (
( (Error
) . Propagation (
( .
) Buffer ) .
( (
( ) Streams (
bit ( (
32 ) . ( (
( .
(
( (
( ( .
( ( ( .
( ( (
. (
( ( . (
( (
( .
( ) keystream
( ) . ( (
. XOR ( ) (
( ) synchronous (
( . ) self-synchronizing ( (
.

( . 0-3
) Stream Generator
)) Running-Key Generator( :
73

K1 , K2 , K3 , .. , Ki
) Key Stream XOR
P1 , P2 , P3 , , Pi (

( :
Ci = Pi + Ki
( (
( :

XOR

Pi = Ci + Ki
:
P i + Ki + K i = P i
.
( :1 -3
(
K
( e1e2e3ei k .) Keystream
( :9 -3
A ( ) (Alphabet q(
Ee ( ( 0 . e k
( m1m2m3. e1e2e3..
. k ( (
( c1c2c3. ) . ci=Eei(mi di ei
Ddi(Ci)=mi ( ) (Decrypt ( .
( (
( .

0-3
Keystream

Keystrean

Generator

Generator
74

 : 3-3( .


] [
) Initial ) Seed
) Seed ( .
.
( ( ( (

. ) one-time pad ( (
. ( XOR

75


( .
( . ( (
) Perfect Secrecy ( ( ( .

( ( ( ( (
( ( )

( . ( ( (

( ( ( . ( (
.( ( ( RC4
.
: 1 -3
( (
. (
.
( ( . (
( .
(
( ( ( (
One-Time Pad ( ( .( (
( ( (
. ( (
( (
0624

(
( ( .
. (

(
.(
(
( . (
.
( ( ) Stream Cipher
. 1 -3
(
( .
) Sequence Generator
. ) Keystream Generator
76

 1-3

KEY
INFINTE SEQUENCE
ALGORITHM

CIPHERTEXT
MIXER

PLAINTEXT DATA

( ) Confusion ) Diffusion
( ( Error
. ) Propagating ( ( (
( ( .
: 0 -6-3(
: Ciphers

( bit
( .

Self-Synchronizing Stream

(
. ) Ciphertext Autokey CTAK (
. 0609
: 2 -6-3(

: Synchronous Ciphers

( ) Key Stream
. (
. ) Key Auto - Key KAK (
( . (
( (
77

 . (
.
( ( (
( . (
( .
( ( ) Long Period (
( . ( ) Period
( (

(
( (
(

. ( (
) Insertions ) Deletions (
) ( .
: 3-6-3 :) Insertion Attack
( ( .) Insertion Attack
(
(
( :
Original plaintext :

p4 .

p3

p2

p1

k4 .

k3

k2

Original keystrean : k1

c4 ..

c3

c2

Original ciphertext : c1

( p
( ( ) Insert
p1 (
( . (
:
Original

New plaintext :
keystream :
k1

p4

p3
k5

p2
k4

p
k3

p1
k2

c5

c4

c3

c2

Updated ciphertext : c1

( ( p
( ( :

78

k2= c2 p
k3=c3 p3
k4=c4 p3

p2 = c2 k2
p3=c3 k3
p4 =c4 k4

(
( (
. ( (
( .
: 0 -6-3( ( :) The Vernam Cipher
( ( .
( : 9 -3
( ( ( ( ( }. A={0,1
) ) Binary k1k2kt ( (
m1m2mt k,m
( c1c2ct :

ci mi ki ,1 i t
(
( ( ) One-Time-System ( One
. ) Time-Pad
( ( ( ( (
( ) Substitution . A
( E0 4 4 0 0( ( E1
( 4 0 0 . 4 4 E0
. E1

79

 (
( . c1 c2 ct c1c2ct (
:
:

ci mi ki , ci mi ki
) (Redundancy ( .

ci ci mi mi.
( ) One-Time Pad( (
. ( ( c1c2..ct (
( (
( .
( (
.
.

((
( . )One-Time Pad
. ) Trusted Courier
: 04-3 :) The Key Space
( ( (
( .
( ( (
( ) .

( ) (Transposition Cipher
( ) (Encryption Functions
t !t
.

( ( .
( .

81

 : 0 -3
( ( ( (
( (
( ( ( ) (Exhaustive Search
(
3
. 26!4*1026
) Polyalphabetic Substitution( (
3904( (
(26!) 7*1079.
( )Infeasible
( .

81

82

 (
(
: 0-0 (

:) Digital Signatures

)BASICS ( (
(
(Authentication

Authorization ( )Non Repudiation
( ( ( () .
( ( ( )Entity (
.
(
( ( )Tag
.
(
( .

M :0

(:

S :2 (
.

M
SA :3
S A ( ) . SA
( ( . M
VA :0 MXS {True
) (m ,s m M s S
} . , False MXS
( )Cartesian Product M . S
VA )Verification Transformation A
VA( )Public (
.A

( :0-0
VA SA (
( .

83

 : 0- 0( ( ):

) M = { m1 , m2, m3 } S= {s1, s2 , s3

( 1 .2
. VA

SA

84

 :0 -0-0( ) :) Signing Procedure

A )Signer
M -:
:0

A )s = S A (m

:2( ) . (m ,s s . m
: 2 -0-0( :)Verification Procedure
s m A
) Verifier :

:0 VA A
:2 ). u =VA (m ,s
:3
.u =false
:0-0 (

A u=true (
:)Concise Representation

SA VA
)Verification(
. SA )
(
( A KA ( A kA
( ) .(Secret ) (Verification
( A . lA

: 0- 0 ( .
)(m1,s1
)(m1,s2
True
False

)(m1,s3

s3

m1

)(m2,s1

s1

m2

)(m2,s2

s2

m3

85
)(m2,s3

SA

 : 2-0

:) Handwritten Signatures

( ( . (
S (

( A . SA
A . SA
A . SA

( ( ( .

86

 : 3-0-0 :

s :0(
VA(m.s)=true

)(Valid

( A m

:2 ( A
A mM s S VA(m
. ,s)=true ( A
( s . ( m
: 2-0 ( :) Authentication and Identification

.
.
( ) (Access Control
) (Entity Authentication (Message
) Authentication ) (Data Integrity
) (Non - Repudiation ) (Key Authentication
.( ) (Authentication(
.
0694 )Secrecy

)Authentication .
)Hash Function (

. (
) . (
(

) )Identity ( .

( (
( :

87

 :0 ( ) active (
). Real Time
:2 ( ( ) ( Delay
( ( ( ) (Routed

.
( ( (

. ( ( (

( . (
( ( ) . (entity
) Authentication ( ) . (Identification
( ( (
( ( ) , (Response
(
.
( Data Origin
) . Authentication
: 0-2-0( :) Identification
( : 2- 0 (
: )Entity Authentication

Identification or

( ( ( (
( ) Active
. ( ( ( (
( )
( .
( .

88

 : 2-0(

)Identification

( A ( B(

A, B( ( (
.)Voice Recognition (
( ( .
: 3-0(

:)Identification

A ( )Banking Machine
( )Personal Identification Number - PIN
)Magnetic Stripe Card A
( PIN (
. A
( .
2-0 ) Mutual Authentication
3- 0( Unilateral
( (
. ) Authentication
.

89

 : 2 -2-0

:) Data Origin Authentication

( : 3- 0
Message Authentication
( ) Identity( .
( B
( B
) .
( .
( ( .
: 0-0

) (Data Origin Authentication

A B ( ( ( ) (E- Mail
( B (
A
( . (
. B ( ( B ( ) ( Verify
.B
( A

( ) (Data Integrity
( ( ( A(
.
: 3-0 ( :) Public Key Cryptoyraphy
( (

( .

} {Ee : eK ( } {Dd :d K
( ) (Decryption K
. ( ( ( ) (Ee , Dd
( Ee (
(
c C mM . Ee(m) =C
. )Ee(m)=c
c
m
e

( d . e d,e (

91

( . (
( ( (
(
( )
( ) (Symmetric-Key e d .

91

 2-0 ( ( .
: 2-0 ( .
Passive
Adversary
e

Key

UNSECURED CHANNEL

Source

Decryption
Dd(c)=m

Encryption

UNSECURED CHANNEL

Ee(m) = c
m
Plaintext

m
Decryption

source
Alice

Bod

( ( .) Bob ,Alice ( Bob

) . ) e ,d( Bob ( e
) Alice( ) (d
)private key ( (
( ) . Alice m ( (
Bob ( )c =Ee(m
. ( Bob ( c Dd(
.d
( ( Alice( (

. ( (
( . e ( (

92

 ( ( Bob Bob
( ) . (decrypt
: 3-0
( (
. e d

: 0-0 (

(
(
) Private Key ( (
( ) (Secret Key ( ( .
( ( (
) Private (
(
( .
( ( (
(

( . ) Qualifying Assumptions (
( ( ) ) one-time pad
( .
: 0-3-0(

The Necessity of

:)Authentication in Public Key Systems

( (Ideal
) System ( .
(

. ( . 3-0
( ( (
( ( ( ( .
) ( Impersonation ( (Protocol
) . Failure B
) A e ( A
( ) . B (

93

 A B ( d
( (
) ( ) (re encrypts
e B( ( . B (
) (Authenticate (
).
(
( (
A

B
.
( From
: 2 -3-0 (
:) Reversible Public Key Encryption
( (
.
( Ee (
M ( .C( M=C Dd (
( Ee Ee , Dd
( ( ) (Permutation :
Dd (Ee (m) )=Ee(Dd(m))=m
. m M ( (
) . (Reversible

94

(: 3- 0
Adversary
Key
Encryption

Source
d

Ee (c) = c

Decryption
Dd(c) = m

e
Encryption
m
Ee (c) = c
Plaintext
m
source
Plaintext

Keyd
Decryption
Source
d
Dd(c)=m
m
Decryption
destination
Dd(c)=m
m
destination
B

A
source
A

Construction for a Digital

( (

( (: 3-3-0
:)Signature Scheme

. M

:0

. S C=M

:2

( e ,d )

95

:3
.

 ::0( SA Dd ( Mm
)s=Dd(m
:1( (Verification Function ) VA :

True, if Ee(s)=m ,
False , otherwise .

=) VA(m,s) = s

A
( . M
) (Subset M ( M ( M
. (
(
M 2 t t (
t
M
M
( ( t bits 101101
.) t=3 A
' M
' M (
) (Verifier ( VA :
true; if Ee(s) M' ,

= )VA (s

False , otherwise
A ( s
) m =Ee(s ) (recover .
( ( ( ( .
) (Special Structure
(
)

96

 :0 -3-0 (
:) Practice

Digital Signatures in

( :

-0
) .

) (Signer (

( ) (Verify
-2
( Verification Function
) .
-3 ( (
( ) . ( Forgery

97

 : 1 -3-0

:) Resolution of Disputes

( ( )
(
(
. A
B

. A (
( ) (Trusted Third Party TTP
) .(Judge TTP (
( .
( A m( B B
SA M ( . TTP
( TTP B VA(m ,SA ) = true (
. A ( B ( B
TTP VA . A ( A
TTP VA
( TTP A
SA ( . (
( ) ( Criteria ( :

98

 : 9-3-0 ( :
SA ,VA :0 (
.
:2

) (Authentic

. VA

SA( ( (
:3
).
: 0-0 ( (
:) Key vs. Public-Key Cryptography

) Symmetric

( ( (
( Needman ) Schrooder
( .
( (
.
( (
( ( (
.( ( ( (

( ( ( ( . (
( ( (
( ( ( .
( ( (
( . (
:
:0 ( (:

: ( (
. ) Data Throughput
) Hardware (

(
.
:

( ( (.

99

 : ( ( )Primitives
(
Hash
)Pseudorandom Number Generators
)Functions( .
: ( ( )Composed
( ( (
( (
( (
( .
: ( ( (
( ( . )DES
:2 ( :
: (
( ) .

: ( (
( ( ( .
: B , A ( (
( Communication
. )Session
: ( ( (
( ( (Verification
) Function ( ) . (TTP
:3 ( :
: : (
) (Authenticity ) .

:
TTP ( ( .
) ) ( Mode of Usage
: (

( ( ) (
) .

111

 : ( ( ( .
( ( (
( .
: ( ) ( Large Network
( (
( .
( :
:0

) Throughput Rates ( (
:
( ( ( ( .
: ) (Key Sizes ( (
( ( (
( (
( .
( ) (Secure
:
( ( . (
(
( .
(
(
: ( (
( (
. 0694
: 0 -0-0

( (:

( (
. ( ( .
(
(
. A , B
( (

A , B

(
A , B ( ( .

(
(
( . A , B
111

 ) (
.
( (
:0( ( (
) Non Repudiation (Key
) . Management
-2( ( ( (
. ) Data Integrity
: 1-0 - (

( (

1024 bits ) RSA( ( (

90 029) (
(
( ( ( (
(
) (Factoring
. (
(
) bits
( (
( (
04 ( ).
: 9-0
( ( (
( ( ( (
( ) .
( A B ( ( B
A ( ( A

. B ( A( (

( ( ( A
( ( ( . A (

. (
0444(
) . 0699

112

 : 1 -0 ( (
:) and Encryption

Compression, Encoding ,

:
:0 ( ) Redundancies
( .
:2
( ( .

:2 ( ) Time-Consuming
( ( .
( ( .
( (
.
( ) Encoding
) Error Detection and Recovery
( .
: 9-0

) :) Hash Functions

) (primitives( (
( (
) . One Way Hash Function
( :0-0
H (
) Mapping
) ( Hash Values
H (M) = h ( . M
n-bit n=128
) n=160

113

 (Image ) n 2 -n 2-n ) . (
(
. ( h



y x
) ( Collision
) ) h(x) =h (y y

).
x h(x)=y
( :
:0 ) Input

:2( ) Output .
H(x) :3 . x
H(x) :0 .
:1

. ) collision-free

H
x
) hard to invert
. H(x) = h x
y x ) H(x) = H(y H
( . ) weakly collision-free

( H
x y ). H(x) = H(y
(
( . ) message digest ( (
( ) digital fingerprint .
( MD2 . MD5
( ( (
(
( (
( (
(
( . ( ) Digest

114

) Public

( ( Damgrd ) Merkle (
( (
. ) compression function ( ( (
. ( (
. (
Pad
.

( )

) multiple

( ( (
( . (
. (

) (Verifies

. (
(
(
) .

) (
)
( ) (Signer
) (Claim
( .

(
.
:
.

.

( (
(

115

.
( ( .

(
( ( ( (
( . ) Identification
(
( .
( ( ( )(MDCs
. )Modification Detection Codes
( (
(
) . (Message Authentication Codes (MACs
: 9-0

( :

(
( .( protocol
( ( (
)
. ( .
( .
.(
( (

( ( ( .
( ( (
. ( (
( .
( (
:0 (
.
:2 (

( (
( .

:3( (
) .

116

( :

 :0

( .

( (

( ( ( ( (
.

117

 :0-9-0(
( : 1 -0

:)Protocols and Mechanisms

(
( (
( (
. ( ( ) Cryptographic Protocol
( ( . (
( ( . (
( . (
(

( (
( ( (
( ( (
. ( (
( . ) Cheating
: 9-0 (
) :Mechanism

(Protocol vs.

( ( (
( (
) ( ( (
( ) Procedural Control ( .
( ( ( (
( ( . ( (
( ( .
( ( (
( ) .
: 2-9-0
:) RNG

Random Number Generators

) RNGs (

( . ( ) RNG
( ( ( ) Confusion
(
.(

118

( ] .[54 ,26 ( (
XOR ) ( .

( (
( ( .

119

 : 1 -0( (A
) :Simple Key Agreement Protocol
( ) )Bob , Alice (
( ( ( ( ( (
( .
( :
:0 ) Bob( ( (
) (Alice( .
:2
( .

( Alice

( (

:3 ( Alice ( Bob
) ( ( .
:0 ( ) (decrypt
( ( ( ) .
:1 Bob ,Alice (
( ( ( ( .
(
( (
( ( .
) Privacy
( ( ( ( .
( (
) ( Impersonation Attack (

( .
) Eve Alice
) Bob (
( . ) Passive (
)3 ( .
( (
( . (
(
( ( ) .

111

 )0

)2( . ( ( .
( ( : :
:0 (
.

. ( (

:2 ( ( )
( ( .
( ( ( ( ( .
:3 (
( .
n n ( n - 1 ) / 2 04

01 ( ( ( 044
0014 .
( ( .

(Privacy
(
) Communications ( (
(
( ( ) Performance
( ( ( .
: 3-9-0 (
)):

Protocol and Mechanism Failure

(
( ) Adversary

( ( (
) Manipulate( (

( ( (
.
: 9- 0

) :(Mechanism Failure

(
(
(
(

111

) (Special Form (
) (Monetary Amount
(
(XOR

( ( . (
( (
. ( ( ( (
; ( (
( ( (
( ) .
: 0-9-0 ( :
( (
( (
( (
( ( .
( (
( .
( ( .
( ( (
. ) Passive Attack
( ( (
( (
(
.
( ( (
) . ) Pretend (
( ( (
) Replay (
. ) Active Attacks
( .
.
(
( ( (
(
( .

112

 .

(

( . (
( (
.
( (
.
(
( ( .
. ) Cheater ) Passive Cheater
( ( (
( . ) Active Cheater
( ( .
: 9- 0 ) :(Forward Search Attack
( ( ( (Electronic
) Bank Transaction 32
( ) ( Transactions ( ( .
)Privacy
( (
.
232 )
( ( . (
( ) .
232 ( (
.
( ) ( Compromised ( (
) (
. (
) Authentication( (
. ) Dictionary Attack
: 9-0 ( : ) Causes of Protocol Failure
( :

113

 :0 ) Primitive ( )Amplifie
( .
:2 ( ) Guarantees
( .
:3
) Encryption .
: 6-0 (

: ) Protocol Design

( (

:
:0( ( ) (Assumptions
( .
:2 ( ( (
( .
: 9-0
:) Establishment ,Management,
(
( .

)Key Certification

( ( (

( : 9-0 ): (Key Establishment

( (
( .
(
( : 9-0

: ) Key Management

)Ongoing ( (
( .

114

 ) ( Key Agreement
( (
) . (Key Transport (
( .
(
( . ( (
( ( ( .

9 ( (

( ) ( ( )
:

) 15 ( 62

:

)n( n 1
2

( n2 )

01
0-0
( -0

. 1 ( (
( ( ) (
.
.
( . ( (
.

115

 : 0-0
A2

9(

A1

A6

A3

A4

: 6-0

A5

(:

( ( (

) Entity
( .
( ) . ) TTP Ai

Ki TTP (
( . ( )
K ) ) Session Key
( ( A 5 A1
: 9-0
: 1-0 .
A1

A2
Private Key d2

Private Key d1

Public file
116

A3

)C =cEE6 (m
e6

A6
Private Key d3

Private Key d6

 : 9-0 (

117

. ) TTP

 : 0-6-0 ( )
):
:0

Advantages of This Approach

:2 ( ( (Long
) Term Secret Key
:) Disadvantages

: 2-6-0 (

:0 .
:2

( ( .

:3 TTP ( .
:0 ( ( .
: 04-0 :
( .

.
( ( (
( ) (Central Repository
) ( Public File ( (
( ) Identity . A1 (

( A6 A1( e6 A6
( e6 (
( . A6 0-0 .
: 0-04-0 (

( ):

:0 (

:2

) Reside .

:3 n (
( .
. ) Passive Adversary

118

 (
(
) . (
A6 . ex (

A6
( . (
( A6 (
. A6 A1 A6
( ( . C
(
( ) Certify .
ST VT ) Verification Algorithm
.
( (
( ) Identifier
. ) Authentic
) Certificate (
. ( :
:0

:2 ( .
( ( .
:3
. ) Locally
:
:0 ( (
( .
:2

: 2-01-4 :
( (
:
( : 9-0
119

 : ( ( ) Unconditionally
( )

(
( . ) Identifiers
( : 6-0
: ) Functionally
( ) Honest
( .
(
) Certify
) .
: 3-04-0
:) Certificates

Public Key

( .
) Authenticity ( ( .
.

( ( ) Validity Period
( . ) Attributes
. B
) Authenticity A B
) Authentic Copy . TP
B ( ( B
. B :

:0 A (
A(


( ( .
. A

:2

121

 :3
A (
( . ) Invalid
) Certificate A
A
(
. A


(
( .

121

122


(
: 0-1
:)Pseudo-Random Sequence Generation

Random And

(
( ) Compilers .
(
( ( (
(
. (
.
( .

. (
)Pseudo (
.

123

 : 0-0-1 Pseudorandom
): )Numbers and Sequences
(
(
( . (
.
.

(
n
:0
( .

} ) {1,2,,n

) Sequences ) String
:2
(
n
( A
m
.
:3
n( .

( m

.
( .
(
( 23
( 23 . 1/ 49
( (
( ( 9 9
] . A={1,2,,49
( 17,45,1,7,23,35 (
1/ 49
17,45,1,7,23,35
1/49*1/49*1/49*1/49*1/49*1/49= 1/13841287201
13841287201 9
. A ( (
.
:0-1

:) Random Sequence Generator

124

 ) 1,0
(
)0 ( (
( ) Unbiased
0 )
( . )0 ) Coin
. (
( ( (
( ( ( ( .
: 2-1
) -:)Generator

Random Sequence

) Noise Diode
.( 0
. (

. ( ) .
) Reliability (

) output .
) Binary Sequences
( ( ( ( .


. (
( (
) Pseudorandom (
. ) Seed ( seed
) ( ( (

) .
( ( ( .
: 2-1 ) -:) Classes of Attacks
125


(
( )Primitives( .
( ( ( .
( ( ( .
(
:
: 0 ) Passive
( .
. ) Confidentiality
: 2 )Active
( ( ( .
)Authentication
. (
( ( .
: 0-2-1 ( (
) -:) Schemes

Attacks on Encryption

( . ) Attack (
( ( Dutchman A
) kerchoffs ( ( (
.( ( (
( .
) Recovery
(
( ( ( ) Deduce ( .
( ( (
( .

126

 :0 ( : ) Ciphertext Only Attack

( (
( ( ( . ( (
( ( ( .
( ( (

(
) ( ( (
( ( .
:
) C1 = Ek ( P1 ) , C2 = Ek ( P2 ) , Ci = Ek ( Pi
( :
P1 , P2 , , Pi , k

Pi+1

). Ci+1= EK ( Pi+1

:2 ( ): )Known Plaintext Attack

( .

( (
. (
) ( (
( ) .
C1 = Ek ( P1 ) , C2 = Ek ( P2 ) , . , Pi, Ci = Ek ( :
) Pi
k
) . Ek (Pi+1

127

( Pi+1

= Ci+1

 :3 : ) Chosen- Plaintext Attack

( . (
( ( ( .
( (

( .( ( (
( ( (
( . ( )
) (
( ( ) .
:
) P1 , C1 = Ek ( P1 ), P2 , C2 = Ek ( P2 ) , . , Pi , Ci = Ek ( Pi
( . P1 , P2 , , Pi
k Pi+1 ) . Ci+1= Ek ( Pi+1
:0 Chosen-
-: Plaintext

(Adaptive

( .
(
( (
( . (
( (
( (
( .
:1 ( ) : (Chosen Ciphertext Attack

(
.

128

( ( ) .
(

( .
(
. (
( ( .
( Chosen
. ) Text Attack

:9 ( Adaptive Chosen-
: )Ciphertext Attack
(
.
:9

: ) Chosen Key Attack

(
( . (
.
: 9 ( ( (
- : ) Cryptonalysis

Rubber Hose

( (
.
(
( .
(
( ( ) Source Code (
129

 return , else , struct ,

. #define( ( ( loop :
:
structures , functions .
( )
( . )David kahn
. (

( (
( .
( ( (
( ( .
: 2-2-5 (-: ) Attacks on Protocols
( (

( :
: 0 ( : ) Know-Key

.

: 2 : ) Replay
)Sessions
.

131

 : 3

: )Impersonation

( ( ( (
.

: 0 : ) Dictionary
( .( (
) Image
)Unkeyed Has Function ) Log On
( (
(
.
hash
( ( (matches
( .
:1 : )Forward Search
( (
.
:9 :) Interleaving Attack
(
.

131

: 3-1
)-:

Models of Evaluating Security

( (
:
:0 ( (

: ) Unconditional Security

(
( ( ( ) Defeat ( .
( ( (
. ) Perfect Security
) Uncertainty ( (
( ( (
.
( ( ( ( ( ( (
.( one-time
) pad ( ( ( .
( ( ( ( ( (
(uncertainty( ( (
( . ( ( ( (
( c ( p (
. c
.
(

:2 ( )Complexity Theoretic Security

:3 (
:0

) Provable Security
) Computational Security

132

 : 0-3-1 (
-:) Computational Security
( )Evaluate( ( (
.

: 2-3-1(

Perspective for

-:) work factor Wd

Wd
) ) Elementary Operations ) )Clock Cycles

d( k
) k ( k ( ( . (
d( k
Wd (
( ( Wd ( . ) k
( (
n ( ) . Wd ( n
Wd t t (
( ( ( . (
Wd(

( .
: 3-3-1( : ) Historical Work Factor Wd

e ( ( .
Wd ( .
wd wd .
: 0-3-1
) Key Space (

( .

133

0-1 . (
. ( (
. ) Prefix
) Powers
) teraflops ) Rated (
. 0402 teraflop
. : 0-1
Reference
Seconds in a year
Age of our solar system

Magnitude
3 107
6 109

(years)
Seconds since creation of

2 1017

solar system
Clock cycles per year,

1.6 1015

50MHz computer
Binary strings of length 64
Binary strings of length

264 1.8 1019

128
2128 3.4
Binary strings of length

1038

256
Number of 75-digit prime

2256 1.2
1077

numbers

134

Electrons in the universe

5.2 1072

8.37 1077

135

 2-1 (Prefixes .
: 1-3-1 ( :)Symmetric Key Length

( (
.
( .
( ( (

. ) Brute Force Attack
: 2-1 Prefixes

Prefix Symb magni

ol
tude

. 04

Prefix Symb magni

ol
tude

10-1

Deci

1018

Exa

10-2

Centi

1015

Peta

10-3

Milli

1012

Tera

10-6

Micro

109

Giga

10-9

Nano

106

Mega

10-12

Pico

103

Kilo

10-15

10-18

Femt
o

102

Hecto

10

Da

Deca

Atto
( (
(

( . ( (
( : 90 .
( ( .

(
136

( ( . (
) Format ( : wordperfect
UNIX
( . ( (
.
( .
9 29 219 . 219
( %14
. 19 219
( ) Super Computer
2291 .
90 ( 191 444
290 . 029

21
04
0421 . ( 04 04 .
2409
04169 ( .
( ( 9


( ( :
( . (
) Perfect . (
( .
: 9 (
:) Estimates for Brute-Force Attack
( ( .

(

( :
( . (
. ( ) DES
19 219 .

90 290
( 029 .( (
. (

( (
Time and Cost

137

 . (
( ( .

( (

(

.) DES 0499(

) DES ( .
.
) Chip
19
2 24 .
90 290 200
.
.



( . ( ( .


( .
( Cryptography Research,

) Advanced Wireless Technologies EFF
( . ) DES ( 19
.
) 72,057,594,037,927,936
( ( (
64
10,000 . (
( ) chip simulators ( ( Paul
) Joshua Jaffe (
) Kocher
( .
(
) Michael Winer
( . ) board 3-1
.

138