第五章密碼學概論

*5.1 (Ciphering) (Transformation) ( Plaintext ) ( Ciphertext )

*5.1 400 ( Key ) 5.1

*5.1 (Cryptograph)kryptsgrphein (Encryption) (Decryption) (Enciphering) (Deciphering)51 (Caesar) Enigma

*5.1

1975DES Data Encryption StandardDES30AES (Advanced Encryption Standard) 5.2

*5.2 ( Single-key ) DES ( Data Encryption Standard) AES ( Advanced Encryption Standard ) ( Public Key) ( Private Key)

*5.2 RSA (Rivest-Shmir-Adleman) ElGamal (ECC, Elliptic Curve Cryptography) A BA BAB

*5.2 5.4

ABCDEK K K K

#$&@* K K K K

[Kk

_ A

ABCDEK K K K

#$&@* K K K K

Kk

_ B

qTqD

Te

T

*5.3 (Confusion) (Diffusion) (Confusion) (Diffusion)

*5.3 (Substitution) (Transposition)

*5.4 5.4.1.(Caesar) (Caesar Cipher)3

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

k3r

*5.4.2. (Rail Fence) (Rail Fence) [ RELEA OCIENRLN Y CAPFRNTAYDINP OCTDN ]

1 2 3 4 5 6 7 8 9

R A I L F A N C E E N C R Y P T I O N A N D D E C R Y P T I O N

5.5 5.5.1 DES DES 1970 IBM LUCIFER 1977 FIPS PUB 46-2DES ( Data Block ) 64 bits 64 bits 64 bits 64 bits 8 bit 56 bits16

5.5.1 DES 5-73DES DES DES 3 1 2 3 5-7 3DES

5.5.1 DES 5-8 3 2 1

5-8 3DES

5.5.1 DES 5-9 3DES

66 6F 78 20 6A 75 6D 70

DES [K

DES K

DES [K

Key 223 45 67 89AB CD EF 01

Key 345 67 89 ABCD EF 01 23

K2C 1A 91 7234 42 53 65

K80 59 EE 8212 E2 2A 79

K68 D5 C0 5DD9 B6 B9 00

Key 101 23 45 67 89 AB CD EF

*5.5.2. AES DES ( Data Encryption Standard ) 3-DES (Triple DES) NIST 2001AES ( Advanced Encryption Standard ) FIPS PUB 197 2002AES128 bits ( Data Block ) 128192 256 bits ( Key Size )AES ( Round Number)

*5.5.2. AES Add Round Key (Subkey) XOR (Confusion) SubBytes (Table Look-up) Shift Rows (Cyclic Shift) Mix Columns

*5.5.2AES AES ( Simple AESS-AES ) AES AES 16 bits( AES 128 bits )

ABCDEK K K K

1.Add Round Key

2.Substitute Nibbles

3.Shift Rows

4.Mix Columns

5.Add Round Key

6.Substitute Nibbles

7.Shift Rows

8.Add Round Key

#$&@* K K K K

K

@^X

G^X

W[1,0]

W[2,3]

W[4,5]

*5.5.2 AES 5-11 AES

AES [K

32 43 F6 A888 5A 30 8D31 31 98 A2E0 37 07 34

Key 2D 7E 15 1628 AE D2 A6AB F7 15 8809 CF 4F 3C

K39 25 84 1D02 DC 09 FBDC 11 85 9719 6A 0B 32

*5.5.3 RSA Diffie-Hellman (Key Agreement)DSA (Digital Signature)RSA ECCDiffie-Hellman 1976 RSA 1977Rivest Shamir Adleman RSA RSA (Factoring Problem) RSA (Unconditionally Secure) (Computationally Secure)

*5.5.3 RSARSA3 (Key Pair Generation) (Encryption) (Decryption) Alice Bob Ailce Bob Alice RSA 1. pqpqN=p*q 2. e(p-1)*(q-1), e (p-1)*(q-1)3. d e* d = 1 (mod (p-1)(q-1)). ( mod )Alice N e BobAlice d.

*5.5.3 RSABob m AliceBob Alice e m me = c ( mod N ) c Bob c AliceAlice c d cd = m ( mod N ) m Bob Alice

*5.5.3. RSA RSA RSA 5-7Alice p = 5 q = 7 N = 7*5 = 35e d e*d mod (p-1)(q-1) = 5 * 29 = 145 (mod (5-1)(7-1)) = 145 mod 24 = 1 d = 29Alice 35 5 Bob

*5.5.3. RSA Bob m = 33 me mod N = 335 mod 35 = 39135393 mod 35 = 3 c = 3 Alice Alice c = 3 cd mod N = 329 mod 35 = 68630377364883 mod 35 = 33 Alice 33 Bob Alice 5-13 RSA

Alice

Bob

[KT m = 33me = 335 = 3 mod 35c = 3

KTcd = 329 = 33 mod 35m = 33

_1.p = 5, q = 7, N = 352. e = 53.p d = 29

(N, e) = (35, 5)

( c ) = ( 3 )

*5.6. (Hash Functions) (Hash Functions) 5-14(Message Digest, Message Fingerprint, Message Abstract) (Integrity) 5-13

OKX@B

NIST

pzWATKnJTOx,qpzWAnPTPTKnx

e374 43d9 328f 2049 3743

3762 03b3 8710 a7d3 38b2

Df38 9381 c372 9401 8372

lT

TKn

*5.5. (Hash Functions)NIST SHA-1 SHA-2SHA-2 SHA-224 SHA-256 SHA-384 SHA-512 (Collision) SHA-1 160 bitsSHA-2

*5.7. ( 5-14)SSL ( Secure Socket Layer) HTTPS SSL 5-14 (Authentication) (Integrity) (Confidentiality)

B

jkB MODBx}K

[Ktk

RSABDESBAESK

t

SSLBHK

*5.7.1. User Name Password 5-15

5-15

JohnJohn871635LilyCd04d73sasDw243

*5.7.1. 5-16 User Name ( ) User Name 5-16

John

Lily

KXTKn

SJYEHDS

EJXYESS

3b72 019a ab23 0712

d847 8372 0192 8372

John

John871635

KX

PTKnT

nJ\

nJ

Y

N

*5.7.2. (Digital Signature) (Private Key) ( 5-18) (Public Key)

*5.7.2. 5-17

*5.7.3. (Digital Envelop) (Secret Key) ( 5-18) 5-18

G

ABCDE

$2&@

3bd3 4832 9a32 8212

3bd3 4832 9a32 8212

$2&@

*5.7.3. ( 5-19) 5-19

3bd3 4832 9a32 8212

$2&@

$2&@

3bd3 4832 9a32 8212

ABCDE

*5.7.4. (Digital Certificate) 5-20 ( CACertification Authority )IC 5-20

*5.6.4. 5-1

Version v3(2)serialNumbersignatureAlgorithmIdentifierIssuer CA ValiditySubjectsubjectPublicKeyInfoissuerUniqueIdentifierPKIXsubjectUniqueIdentifierPKIXextensionsX.509 v3

*5.7.5.(SSL)SSL ( Secure Socket Layer) (Network Access) (IP Internet) (TCP Transport) (Application)SSL 5-22 SSL HTTPS http://aaa.bbb.edu.tw 5-23 5-22 SSL 5-23 SSL

sh (Network Access)

h (IP Internet)

h (TCP Transport)

wMh (SSL)

h (Application)

第五章密碼學概論

Documents

Transcript of 第五章密碼學概論

第五章 密碼學概論

Documents

Transcript of 第五章 密碼學概論

第五章密碼學概論

Transcript of 第五章密碼學概論