Diffie - Hellman algorithm

Giao thc tha thun kha Diffie Hellman

TRNG I HC CNG NGHIP H NIKHOA CNG NGH THNG TIN

Bi tp lnAn ton bo mt thng tin tiGiao thc tha thun kha Diffie - Hellman

Gio vin hng dn: Th.S Trn Phng Nhung Nhm sinh vin: 1. Phm Th Yn2. Nguyn Th Nhm3. Nguyn nh Triu4. L Thanh NghH Ni, Thng 11/2012

Mc Lc

Mc Lc1Phn cng cng vic2Li m u3Chng I: Gii thiu v giao thc Diffie - Hellman4Chng II: Giao thc tha thun kha Diffie - Hellman61.Khi nim tha thun kha.62.Giao thc tha thun kha Diffie - Hellman.62.1.Cch thit lp giao thc tha thun kha Diffie - Hellman.62.2.S giao thc tha thun kha Diffie - Hellman.72.3.V d bng s minh ha.82.4.M rng bi ton cho nhiu bn92.5.Cc c im c trng ca giao thc tho thun kha Diffie - Hellman.102.5.1.Giao thc la an toan i vi vic tn cng thu ng.102.5.2.Giao thc l khng an ton i vi vic tn cng ch ng.122.6.Giao thc tha thun kha Diffie - Hellman c chng ch xc nhn.13Ti liu tham kho15

Phn cng cng vic

SttM SVTn SVNi dungTrang-trangNhn xt

1

0541060168

Nguyn Th NhmTm hiu v giao thc tha thun kha Diffie - Hellman + V d bng s minh ha

4 - 10Tch cc hot ng, v nghin cu.Hon thnh tt nhim v

2

0541060137

L Thanh NghVit chng trnh thc hin giao thc Diffie - HellmanTch cc nghin cu. Hon thnh tt nhim v

3

0541060129

Nguyn nh TriuTm hiu cc c im c trng ca giao thc tha thun kha Diffie - Hellman

10 - 14Tch cc nghin cu. Hon thn tt nhim v

4

0541060165

Phm Th YnTm hiu v giao thc tha thun kha Diffie - Hellman + V d bng s min ha

4 - 10Tch cc nghin cu. Hon thnh tt nhim v.

Li m u

Trao i thng tin lun l nhu cu cn thit ca con ngi, c bit l trong cuc sng hin i ngy nay khi m mng my tnh v Internet pht trin mt cch mnh m v gi vai tr quan trng trong mi lnh vc ca i sng x hi nh: chnh tr, qun s, hc tp, mua sm, kinh doanh, Tt c nhng thng tin lin quan n nhng cng vic ny u c my vi tnh qun l v truyn i trn h thng mng. i vi nhng thng tin bnh thng th khng ai ch n, nhng i vi nhng thng tin mang tnh cht sng cn i vi mt c nhn hay mt t chc th vn bo mt thng tin l rt quan trng v c t ln hng u. Chnh v vy nn rt nhiu t chc, c nhn nghin cu, tm kim v a ra rt nhiu gii php bo mt thng tin. Trong giao thc Diffie - Hellman rt thch hp trong truyn thng tin gi liu v c tnh bo mt kh cao. Bo co ny do nhm bin son da trn nhng kin thc lnh hi c t c gio Th.S. Trn Phng Nhung, v thng qua s tm hiu, nghin cu tch cc ca cc thnh vin trong nhm.Bo co ca nhm i su v i su vo trnh by giao thc tha thun kha Diffie - Hellman vi ni dung 3 chng c chia thnh cc ch khc nhau, t vic gii thiu s b, trnh by khi nim, cch thit lp, s v cc v d minh ha c th v giao thc tha thun kha. Mc d nhm rt c gng song vn khng trnh khi mt s thiu st mong thy c v bn b ng gp kin nhm hon thin hn bo co ny.Xin chn thnh cm n ti bn b, ngi thn gp , gip nhm. c bit cm n c gio Th.S. Trn Phng Nhung ngi hng dn nhm hon thnh bo ca mnh!

Chng I: Gii thiu v giao thc Diffie - Hellman

Nm 1976, mt s t ph thay i nn tng c bn trong cch lm vic ca cc h thng mt m ha. chnh l vic cng b ca bi vit phng hng mi trong mt m hc (New Directions in Cryptography) ca Whitfield Diffie v Martin Hellman. Bi vit gii thiu mt phng php hon ton mi v cch thc phn phi cc kha mt m. L h thng u tin s dng "public-key" hoc cc kha mt m "khng i xng", v n c gi l trao i kha Diffie-Hellman (Diffie-Hellman key exchange). Bi vit cn kch thch s pht trin gn nh tc thi ca mt lp cc thut ton mt m ha mi, cc thut ton cha kha bt i xng (asymmetric key algorithms).Trao i kha Diffie-Hellman b co buc rng n c pht minh ra mt cch c lp mt vi nm trc trong Tr s Truyn Thng Chnh ph Anh (GCHQ) bi Malcolm J. Williamson). Vo nm 2002, Hellman a ra thut ton c gi chung l trao i kha DiffieHellmanMerkle cng nhn s ng gp ca c Ralph Merkle, ngi pht minh ra thut ton m ha cng khai.Trc thi k ny, hu ht cc thut ton mt m ha hin i u l nhng thut ton kha i xng (symmetric key algorithms), trong c ngi gi v ngi nhn phi dng chung mt kha, tc kha dng trong thut ton mt m, v c hai ngi u phi gi b mt v kha ny. Tt c cc my in c dng trong th chin II, k c m Caesar v m Atbash, v v bn cht m ni, k c hu ht cc h thng m c dng trong sut qu trnh lch s na u thuc v loi ny. ng nhin, kha ca mt m chnh l sch m (codebook), v l ci cng phi c phn phi v gi gn mt cch b mt tng t.Do nhu cu an ninh, kha cho mi mt h thng nh vy nht thit phi c trao i gia cc bn giao thng lin lc bng mt phng thc an ton no y, trc khi h s dng h thng (thut ng thng c dng l 'thng qua mt knh an ton'), v d nh bng vic s dng mt ngi a th ng tin cy vi mt cp ti liu c kha vo c tay bng mt cp kha tay, hoc bng cuc gp g mt i mt, hay bng mt con chim b cu a th trung thnh... Vn ny cha bao gi c xem l d thc hin, v n nhanh chng tr nn mt vic gn nh khng th qun l c khi s lng ngi tham gia tng ln, hay khi ngi ta khng cn cc knh an ton trao i kha na, hoc lc h phi lin tc thay i cc cha kha-mt thi quen nn thc hin trong khi lm vic vi mt m. C th l mi mt cp truyn thng cn phi c mt kha ring nu, theo nh thit k ca h thng mt m, khng mt ngi th ba no, k c khi ngi y l mt ngi dng, c php gii m cc thng ip. Mt h thng thuc loi ny c gi l mt h thng dng cha kha mt, hoc mt h thng mt m ha dng kha i xng. H thng trao i kha Diffie-Hellman (cng nhng phin bn c nng cp k tip hay cc bin th ca n) to iu kin cho cc hot ng ny trong cc h thng tr nn d dng hn rt nhiu, ng thi cng an ton hn, hn tt c nhng g c th lm trc y.Mc d, bn thn thut ton l mt giao thc chn kha nc danh (khng cn thng qua xc thc) nhng n cung cp ra mt c s cho cc giao thc xc thc khc nhau kh hon ho.Phng thc tip ni ngay sau Diffie Hellman l RSA, mt th hin ca m kha cng khai s dng thut ton bt i xng.

Chng II: Giao thc tha thun kha Diffie - Hellman

1. Khi nim tha thun kha.Tho thun kho: vic trao i khoa gia cac chu th trong mt cng ng nao c th c thit lp mt cach t do gia bt c hai ngi nao khi c nhu cu trao i thng tin.2. Giao thc tha thun kha Diffie - Hellman. Trao i kha Diffie Hellman l thit lp mt kha chia s b mt c s dng cho thng tin lin lc b mt bng cch trao i d liu thng qua mng cng cng. y m mt trong s nhiu phng thc dng trao i kha trong ngnh mt m hc. Phng php ny khng cn c s can thip ca mt TA ( c quan y thc) lm nhim v iu hnh hoc phn phi kha. Phng php ny cho php nhng ngi s dng c th cng nhau to ra mt kha b mt thng qua mt knh truyn thng khng m bo v bo mt. Kha b mt ny s c dng ngi s dng trao i thng tin vi nhau.2.1. Cch thit lp giao thc tha thun kha Diffie - Hellman. Tnh hung:+ Alice v Bob mun chia s thng tin bo mt cho nhau nhng phng tin truyn thng duy nht ca h l khng an ton. Tt c cc thng tin m h trao i c quan st bi Eve k th ca h. + Lm th no Alice v Bob chia s thng tin bo mt cho nhau m khng lm cho Eve bit c? + Thot nhn ta thy Alice v Bob phi i mt vi mt nhim v khng th. Gii quyt tnh hung trn: + Alice v Bob ng dng chung v mtnhm cyclichu hnGv mt yu tto ragtrongG.(iu ny thng c thc hin rt lu trc khi phn cn li ca giao thc,gc gi nh l c bit n bi tt c cc k tn cng)+ Khi Alice v Bob mun truyn thng tin bo mt cho nhau c th cng thc hin theo giao thc sau trao i:1. Alice chon ngu nhin s aA (0 aA p-2) bi mt, tinh

va gi bA cho Bob .2. Tng t, Bob chon ngu nhin s aB (0 aB p-2) bi mt, tinh

va gi bB cho Alice.3. Alice tnh c kha: 4. Bob tnh c kha:

+ By gi Alice v Bob c cng kha chung l: + M t giao thc Diffie - Hellman bng bng sau:AliceBob

B mtCng khaiTnh tonGiTnh tonCng khaiB mt

aAp, gaB

aAp, g, bA

bAp, gaB

aAbB

p, g, bBaB

aA, KAp, g, bA, bBp, g, bA, bBaB, KB

Ch l ch c aA, aB v KA, KB l c gi b mt. Tt c cc gi tr cn li nh p, g, bA, bB u cng khai. Mt khi Alice v Bob tnh c kha b mt dng chung, h c th dng n lm kha m ha ch h bit gi cc thng ip qua cng knh giao tip m. ng nhin, m bo an ton, cc gi tr aA, aB v p cn c ly ln hn, g khng cn ly gi tr qu ln. Thc t th g thng ly gi tr 2 hoc 5

2.2. S giao thc tha thun kha Diffie - Hellman.S di y minh ha phn no tng chung.u tin, Alice v Bob thng nht v mu sn chung (mu vng), Alice v Bob trao i mu sc c trn ca h. Cui cng, iu ny to ra mt mu b mt ging ht nhau m k khc khng c kh nng to c ra ging vy. K t y, Alice v Bob s trao i bng cch m ha v gii m s dng kha b mt (th hin bng mu sn b mt cui cng).

Hnh 1: S giao thc tha thun kha Diffie - Hellman2.3. V d bng s minh ha.1. Alice v Bob thng nht vi nhau chn s nguyn t p = 37 v g = 5.2. Alice chn mt gi tr ngu nhin bt k aA = 7 v b mt aA. Alice tnh bA = 57 mod 37 = 18. Sau Alice gi bA = 18 cho Bob.3. Bob chn mt gi tr ngu nhin bt k aB = 5 v b mt aBBob tnh bB = 55 mod 37 = 17.Sau Bob gi bB = 17 cho Alice.4. Bob nhn c bA = 18 v tnh kha chung: KB = 184 mod 37=15, v b mt KB 5. Alice nhn c bB =17 v tnh kha chung: KA= 177 mod 37=15, v b mt KA

2.4. M rng bi ton cho nhiu bnTha thun kha Diffie-Hellman khng ch gii hn thng lng mt kha dng chung gia hai bn. Bt c mt s lng ngi dng no cng c th tham gia vo mt tha thun nh th bng cch lp cc giao thc tha thun v trao i d liu trung gian. V d, Alice, Bob v Carol c th tham gia vo mt tha thun Diffie-Hellman nh sau (vi tt c php ton u ly mod p): 1. Cc bn ng vi cc tham s ca gii thut l p v g. 2. Cc bn t sinh kha b mt, t tn l aA, aB v ac. 3. Alice tnh v gi n cho Bob. 4.

Bob tnh = v gi n cho Carol. 5.

Carol tnh = v dng n lm kha b mt. 6. Bob tnh v gi n cho Carol. 7.

Carol tnh = v gi n cho Alice. 8.

Alice tnh = = v dng n lm kha b mt. 9. Carol tnh v gi n cho Alice. 10.

Alice tnh = v gi n cho Bob. 11.

Bob tnh = = v dng n lm kha b mt.

Mt k nghe trm c th bit, , , , , nhng khng th no kt hp chng sinh li . m rng c ch ny cho cc nhm ln hn cn phi tun th 2 nguyn tc c bn sau: Bt u vi mt kha rng ch gm c g, kha b mt c to ra bng cch tng gi tr hin ti theo s m b mt ca nhng bn tham gia mt ln, theo th t bt k. Bt k gi tr trung gian no (s m s ln ti tch N-1 s m, trong N l s bn tham gia vo nhm) u c th b cng khai, nhng gi tr cui cng (khi c N s m u c dng) s to thnh kha b mt dng chung v do phi trnh b cng khai. V vy, mi ngi dng cn thu v bn sao ca kha mt bng cch s dng kha mt ca chnh h lc cui cng (mt khc, khng c cch no bn tham gia cui cng trao kha cui cho bn nhn ca n, v bn ny phi gi b mt kha) Nhng nguyn tc ny m ra rt nhiu ty chn sp xp cc bn tham gia ng gp to kha. Phng php n gin v r rng nht l sp N bn tham gia vo mt vng trn v c N kha quay quanh vng trn ny, cho ti khi mi kha u c N bn ng gp xy dng (kt thc vi chnh bn s hu n) v mi bn tham gia u ng gp vo N kha (kt thc vi kha ca h). Tuy nhin, iu ny yu cu mi bn phi tnh N s m thnh phn.Bng cch chn mt th t ti u hn, ph thuc vo thc t l cc kha c th trng lp, chng ta c th gim khi lng tnh ton s m ca mi bn l log2(N) + 1 s dng phng php Chia tr, c xut sau y i vi 8 bn: 1.

Cc bn A, B, C v D mi bn thc hin tnh ton , gi tr ny c gi cho E, F, G, H. Ngc li, h cng nhn c . 2.

Cc bn A v B mi bn tnh , gi cho C v D, khi C v D cng lm vic tng t l gi cho A v B. 3.

Bn A tnh ton v gi cho B, tng t, B gi li cho A. C v D cng lm vic tng t. 4.

Bn A tnh s m cui thu c = , trong khi B lm iu tng t nhn c = . C v D cng lm iu tng t. 5. Cc bn t E qua H ng thi thc hin tnh ton s dng gabcd lm im khi u.

Sau khi hon thnh thut ton, tt c cc bn tham gia u s hu kha mt , nhng mi bn ch phi tnh ton 4 ln s m thnh phn, thay v phi tnh 8 ln nh trong sp xp vng trn n gin. 2.5. Cc c im c trng ca giao thc tho thun kha Diffie - Hellman.2.5.1. Giao thc la an toan i vi vic tn cng thu ng. Giao thc la an toan i vi vic tn cng thu ng, ngha la mt ngi th ba d bit bA v bB s kh ma bit c KA,B. Xt v d:1.Alice v Bob thng nht vi nhau chn s nguyn t p = 17 v g = 2.2.Alice chn mt gi tr ngu nhin bt k aA = 6 v b mt aA.Alice tnh bA = 26 mod 17 = 13.Sau Alice gi bA = 13 cho Bob.3.Bob chn mt gi tr ngu nhin bt k aB = 9 v b mt aB Bob tnh bB = 29 mod 17 = 2. Sau Bob gi bB = 2 cho Alice.4.Bob nhn c bA = 13 v tnh kha chung: KB = 139 mod 17=13, v b mt KB 5.Alice nhn c bB = 2 v tnh kha chung: KA= 26 mod 17=13, v b mt KAEve l mt k nghe trm c ta theo di nhng g Alice v Bob gi cho nhau nhng khng th thay i ni dung cc cuc lin lc.Eve mun ti thit li nhng thng tin bo mt m Alice v Bob chia s cho nhau. Eve s phi i mt vi mt nhim v thc s kh khn. Di y l cc biu gip xc nh ai bit c gi tr no. (Eve l mt k nghe trm.)

Alice

BitKhng bit

p = 17

aB= ?

g = 5

aA = 6

bA = 26 mod 17 = 13

KA= 26 mod 17=13

KA,B = 13

Bob

BitKhng bit

p = 17aA =?

g = 2

aB = 9

bB = 29 mod 17 = 2

KB = 139 mod 17=13

KA,B= 13

Eve

BitKhng bit

p = 17aA = ?

g = 2aB =?

KA,B = ?

Ta thy Eve ri vo tnh th tin thoi lng nam. C y bit c gi tr ca bA, bB v vy c y bit c , . C y cng bit nhng gi tr ca g v p, nhng li khng bit c cc gi tr ca aA, aB v KA, B y chnh l bi ton Diffie - Hellman m khi bit bA, bB tm KA,B, bi ton ny tng ng vi bi ton ph m ElGammal. By gi ta i chng minh iu ny. Php mt ma ElGammal vi khoa K = (p, g, a, ), trong = ga mod p cho ta t mt ban r x va mt s ngu nhin k Zp-1 lp c mt ma eK(x, k) = (y1, y2) vi y1 = gk mod p, y2 = xk mod p . Va php giai ma c cho bi y1 = gk mod p. Gia s ta c thut toan A giai bai toan Diffie-Hellman. Ta s dng A pha ma ElGammal nh sau: Cho mt ma (y1, y2). Trc tin, dung A cho y1 = gk mod p v =ga mod p ta c A(y1,B) = gka =k mod p . Sau , ta thu c ban r x t kv y2 nh sau: x = y2(k)-1 mod p. Ngc lai, gia s c mt thut toan khac la B dng pha ma ElGammal, tc l B (p, g, , y1, y2) = x = y2 (y1a)-1 mod p . Ap dung B cho =bA ,

y1 = bB, y2 =1, ta c tc giai c bai toan Diffie-Hellman. Trn thc t cc gi tr ca p, aA, aB l rt ln. Nu p l s nguyn t c t nht 300 ch s, aA v aB c t nht 100 ch s th thm ch ngay c thut ton tt nht c bit n hin nay cng khng th gii c nu ch bit g, p, bA, bB k c khi s dng tt c kh nng tnh ton ca nhn loi. Bi ton ny cn c bit n vi tn gi bi ton logarit ri rc. Bi ton logarit ri rc vn cn ang gy rt nhiu tranh ci v cha c thut gii c th no.

2.5.2. Giao thc l khng an ton i vi vic tn cng ch ng. Giao thc la khng an toan i vi vic tn cng chu ng bng cach anh trao gia ng. Ngha la mt ngi th ba Eve c th anh trao cac thng tin trao i gia Alice va Bob.

Chng han, Eve thay ma Alice inh gi cho Bob bi v thay ma Bob inh gi cho Alice bi . Nh vy, sau khi thc hin giao thc trao i khoa, Alice a lp mt khoa chung vi Eve ma vn tng la vi Bob; ng thi Bob cung lp mt khoa chung vi Eve ma vn tng la vi Alice. Eve c th giai ma moi thng bao ma Alice tng nhm la mnh gi n Bob cung nh moi thng bao ma Bob tng nhm la mnh gi n Alice. Mt cach khc phuc kiu tn cng nay la lam sao Alice va Bob c kim th xac nhn tinh ng n cua cac khoa cng khai bAv bB. Ngi ta a vao giao thc trao i kho Diffie-Hellman thm vai tr iu phi cua mt TA c mt h phn phi khoa Diffie-Hellman nh mt cach khc phuc nhc im nay. Trong h phn phi khoa Diffie-Hellman, s can thip cua TA la rt yu, thc ra TA ch lam mi vic la cp chng ch xac nhn khoa cng khai cho tng ngi dng ch khng i hi bit thm bt c mt bi mt nao cua ngi dng. Tuy nhin, nu cha thoa man vi vai tr han ch cua TA th c th cho TA mt vai tr xac nhn yu hn, khng lin quan g n khoa, chng han nh xac nhn thut toan kim th ch ky cua ngi dng, cn ban thn cac thng tin v khoa (ca bi mt ln cng khai) th do cac ngi dng trao i trc tip vi nhau. Vi cch khc phc c vai tr ht sc hn ch ca TA, ta c giao thc sau y: 2.6. Giao thc tha thun kha Diffie - Hellman c chng ch xc nhn. Mi ngi dng A c mt danh tinh ID(A) va mt s ch ky vi thut toan ky sigA va thut toan kim th verA. TA cung c mt vai tr xac nhn, nhng khng phai xac nhn bt ky thng tin nao lin quan n vic tao khoa mt ma cua ngi dng (d la khoa bi mt hay khoa cng khai), ma ch la xac nhn mt thng tin it quan h khac nh thut toan kim th ch ky cua ngi dng. Cn ban thn cac thng tin lin quan n vic tao khoa mt ma th cac ngi dng s trao i trc tip vi nhau. TA cung c mt s ch ky cua mnh, gm mt thut toan ky sigTA va mt thut toan kim th cng khai verTA. Chng ch ma TA cp cho mi ngi A s la:C(A) = (ID(A), verA, sigTA (ID(A), verA )).R rang trong chng ch TA khng xac nhn bt ky iu g lin quan n vic tao khoa cua A ca. C ch giao thc tha thun kha Diffie - Hellman c chng ch xc nhnVic trao i khoa gia hai ngi dng A va B c thc hin theo giao thc sau y:1. A chon ngu nhin s aA (0 aA( p-2), tnh va gi bA cho B.2.

B chon ngu nhin s aB (0 aB p-2), tnh, tnh tip, va gi (C(Alice), bB, yB) cho A. 3. A tnh dng verB kim th yB , dng verTA kim th C(B), sau tinh yA= sigA(bA, bB ) va gi (C(A), yA) cho B.4. B dng verA kim th yA v dng verTA kim th C(A). Nu tt ca cac bc c thc hin va cac php kim th u cho kt qua ng n th giao thc c kt thc, va ca A va B u c c khoa chung K. Do vic dng cac thut toan kim th nn A bit chc gia tri bB la cua B va B bit chc gia tri bA cua A, loai tr kha nng mt ngi C nao khac anh trao cac gia tri gia ng.

Ti liu tham kho

1. Gio trnh an ton v bo mt thng tin Trng H Hng Hi2. Gio trnh an ton bo mt thng tin Trng H Giao Thng Vn Ti3. Whitfield Diffie, Martin E. Hellman, New Directions in Cryptography, IEEE transactions on information theory, Vol. IT-22, No.6, November 1976.4. A Review of the Diffie-Hellman Algorithm and its Use in Secure Internet Protocols - David A. Carts5. Diffie-Hellman Key Exchange A Non-Mathematicians Explanationhttp://www.packetsource.com/article/encryption/40070/diffie-hellman-key-exchange-a-non-mathematicians-explanation6. Discrete Logarithms and Diffie - Hellman.7. http://www.math.brown.edu/~jhs/MathCrypto/SampleSections.pdf8. http://bytes.com/topic/c/answers/795749-storing-doing-modulus-long-doubles9. http://diendan.congdongcviet.com/showthread.php?t=4811010. http://diendan.congdongcviet.com/showthread.php?t=415511. http://en.wikipedia.org/wiki/Primitive_root_modulo_n12. http://vi.wikipedia.org/wiki/C%C4%83n_nguy%C3%AAn_th%E1%BB%A7y_modulo_n13. http://stackoverflow.com/questions/5656835/generator-gs-requirement-to-be-a-primitive-root- modulo-p-in-the-diffie-hellman?rq=114. Cryptography in C and C++ - Michael Welschenbach 2nd Edition (2005)15. Primitive Roots - David Savtt16. The Primitive Root Theorem - Philadelphia University17. New Directions in Cryptography - Invited Paper - Whitfield Diffie and Martin E. Hellman18. A Review of the Diffie-Hellman Algorithm and its Use in Secure Internet Protocols - David A. Carts19. Video:Public Key Cryptography- Diffie-Hellman Key ExchangePrimitive Root Calculator20. V mt s ti liu v cc trang web khc.

7Nhm 7 : HKHMT2-K5