ma hoa aes va chu ky dien tu (2)

7/27/2019 Ma Hoa Aes Va Chu Ky Dien Tu (2)

1/19

Nghin cu gii php xc thc v bo mt trongtrao i ti liu trn mi trng mng gia cc

c quan nh nc

Trnh Xun Hong

Trng i hc Khoa hc T nhinLun vn ThS chuyn ngnh: Bo m ton cho my tnh v h thng tnh ton;M

M s: 60 46 35

Ngi hng dn: TS. Tn Quc BnhNm bo v: 2012

Abstract:Nghin cu gii php xc thc v bo mt ti liu trong trao i vn bn trnmi trng mng gia cc c quan nh nc v ng dng thnh cng ti tnh Thi Bnh.Thc trng v nhu cu van ton thng tin trong cc c quan nh nc; cc tiu chun,c smt m, gii php cng ngh; trn c s nghin cu gii php xc thc v bomt trong trao i ti liu trn mi trng mng.

Keywords:H thng tnh ton; Bo mt ti liu;Trao i vn bn

Content

M U

1. L dochn ti

Nhn thc c li ch v tm quan trng ca cng ngh thng tin v truyn thng trong vicduy tr v thc y s pht trin bn vng, trong nhng nm va qua lnh vc cng ngh thngtin ni chung v hot ng ng dng cng nghthng tin ni ring pht trin nhanh chng,

mnh m v ngy cng su rng trong mi mt ca i sng kinh t x hi. Cc hot ng c thkn nh: Cc hot ng thng mi in t; cc hot ng hnh chnh cng ph bin nh ginhn th in t, cc h thng h trqun l iu hnh trn mng. Chnh v nhng vn thctin trn, lun vn: Nghin cu gii php xc thc vbo mt ti liu trong trao i vn bntrn mi trng mng gia cc c quan nh ncnhm nng cao vic xc thc v an ton

thng tin trong cc hot ng ca cc c quan, t chc trong cc ng dng trn mi trngmng.
http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=H%e1%bb%87%20th%e1%bb%91ng%20t%c3%adnh%20to%c3%a1n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=H%e1%bb%87%20th%e1%bb%91ng%20t%c3%adnh%20to%c3%a1n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=H%e1%bb%87%20th%e1%bb%91ng%20t%c3%adnh%20to%c3%a1n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=H%e1%bb%87%20th%e1%bb%91ng%20t%c3%adnh%20to%c3%a1n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=H%e1%bb%87%20th%e1%bb%91ng%20t%c3%adnh%20to%c3%a1n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=H%e1%bb%87%20th%e1%bb%91ng%20t%c3%adnh%20to%c3%a1n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=B%e1%ba%a3o%20m%e1%ba%adt%20t%c3%a0i%20li%e1%bb%87u&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=B%e1%ba%a3o%20m%e1%ba%adt%20t%c3%a0i%20li%e1%bb%87u&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=B%e1%ba%a3o%20m%e1%ba%adt%20t%c3%a0i%20li%e1%bb%87u&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=B%e1%ba%a3o%20m%e1%ba%adt%20t%c3%a0i%20li%e1%bb%87u&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=B%e1%ba%a3o%20m%e1%ba%adt%20t%c3%a0i%20li%e1%bb%87u&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=B%e1%ba%a3o%20m%e1%ba%adt%20t%c3%a0i%20li%e1%bb%87u&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=B%e1%ba%a3o%20m%e1%ba%adt%20t%c3%a0i%20li%e1%bb%87u&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=Trao%20%c4%91%e1%bb%95i%20v%c4%83n%20b%e1%ba%a3n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=Trao%20%c4%91%e1%bb%95i%20v%c4%83n%20b%e1%ba%a3n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=Trao%20%c4%91%e1%bb%95i%20v%c4%83n%20b%e1%ba%a3n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=Trao%20%c4%91%e1%bb%95i%20v%c4%83n%20b%e1%ba%a3n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=Trao%20%c4%91%e1%bb%95i%20v%c4%83n%20b%e1%ba%a3n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=Trao%20%c4%91%e1%bb%95i%20v%c4%83n%20b%e1%ba%a3n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=Trao%20%c4%91%e1%bb%95i%20v%c4%83n%20b%e1%ba%a3n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=B%e1%ba%a3o%20m%e1%ba%adt%20t%c3%a0i%20li%e1%bb%87u&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1http://www.lic.vnu.edu.vn:8000/cgi-bin/gw_49_5_4/chameleon?sessionid=2013052811292202026&skin=Citrus&lng=vn&inst=consortium&host=localhost%2b1111%2bDEFAULT&search=SCAN&function=INITREQ&sourcescreen=CARDSCR&elementcount=1&t1=H%e1%bb%87%20th%e1%bb%91ng%20t%c3%adnh%20to%c3%a1n&u1=21&pos=1&rootsearch=KEYWORD&beginsrch=1


2/19

2.Mc ch nghin cu

Lun vn nghin cu gii php xc thc v bo mt ti liu trong trao i vn bn trn mitrng mng gia cc c quan nh nc v ng dng thnh cng ti tnh Thi Bnh.

3.i tng v phm vi nghin cu

Tp trung nghin cu, tm hiu thc trng v nhu cu v an ton thng tin trong cc c quan nhnc; cc tiu chun, c smt m, gii php cng ngh; trn c s nghin cu gii php xc

thc v bo mt trong trao i ti liu trn mi trng mng.

4.Phng php nghin cu

- Tip cn phn tch v tng hp: c ti liu, tng hp l thuyt, phn tch l thuyt v H mtm i xng, h mt m bt i xng (h mt m kha cng khai), ch k s.

- Tip cn theo nh tnh v nh lng: Nghin cu c skhoa hc ca m ha, ch k s cacc tc gitrong v ngoi nc, cc bi bo, thu thp thng tin trn mng, tm hiu cc m hnh

bo mt, chng ch s. T trnh by theo tng ca mnh v xut cc gii php xc thc

v bo mt ti liu trong trao i vn bn trn mi trng mng gia cc c quan nh nc trna bn.

5.B cc Lun vn

Lun vn c trnh by trong 03 chng:- Chng 1: Tp trung tm hiu mt s khi nim vn ton thng tin, nh gi thc trng v

nhu cu v an ton thng tin trong cc c quan nh nc.- Chng 2: Trnh by tng hp, phn tch mt sc smt m cn thit p dng trong vic

bo mt thng tin trn mi trng mng.- Chng 3: Tp trung phn tch thit k gii php xc thc v bo mt thng tin trong trao i

ti liu trn mi trng mng.

.Chng-1. TNG QUAN V AN TON THNG TIN

1.1. Mt s khi nim c bn1.1.1. Khi nim v an ton thng tinThng tin c lu tr bi cc sn phm v h thng CNTT l mt ti nguyn quan trng cho sthnh cng ca t chc , l ti sn ca mt c nhn hay t chc. Cc thng tin c nhn lu trtrong h thng thng tin cn c gi b mt, bo v v khng b thay i khi khng c php.Trong khi cc sn phm v h thng CNTT thc hin cc chc nng ca chng, cc thng tin cn

c kim sot m bo chng c bo v chng li cc nguy c, v dnh vic ph bin vthay i thng tin khng mong mun v tri php, nguy c mt mt thng tin.

1.1.2. Khi nim vm bo an ton thng tinm bo an ton thng tin l m bo an ton k thut cho hot ng ca cc c sh tng

thng tin, trong bao gm m bo an ton cho c phn cng v phn mm hot ng theo cctiu chun k thut do nh nc ban hnh; ngn nga khnng li dng mng v cc c sh


3/19

tng thng tin thc hin cc hnh vi tri php gy hi cho cng ng, phm php hay khngb; m bo cc tnh cht b mt, ton vn, chnh xc, sn sng phc v ca thng tin trong lu

tr, x l v truyn ti trn mng.

1.2. Thc trng v an ton thng tin trong cc c quan nh nc Theo thng k ca Bkav, tnh tu nm 2012 n nay, mi ngy c ti 6 website ti Vit Namb tn cng, tng ng vi hn 2.000 website b hack mi nm. c 175 website ca cc c

quan, doanh nghip ti Vit Nam b hacker xm nhp, trong c 24 trng hp gy ra bihacker trong nc, 151 trng hp do hacker nc ngoi. Hu ht nguyn nhn ca cc v hack

ny l do website tn ti nhiu l hng.

1.3. Nhu cu v an ton thng tin trong ng dng ti cc c quan nh ncNhng thng tin trn cho thy vic la chn gii php v u t cho an ton thng tin l vn cn c cc c quan nh nc ch trng u t, bn cnh l vic hon thin hnh lang chnh

sch v php l trong lnh vc ny vic ng dng CNTT thc s c hiu qu.

1.4. Mt s k thut mt mK thut mt m [1], [9] ng vai tr thit yu trong vic gii quyt vn an ton thng tin.

Bng 1.1 lit k mt s k thut v cng ngh gii quyt yu cu xc thc, ton vn, b mt,chng chi b trong an ton v bo mt thng tin.

Bng 1.1. Mt s k thut v cng ngh gii quyt yu cu an ton v bo mt

Yu cu Cng ngh - K thut

B mt M ha v gii m da vo kha

Xc thcS dng tn v mt khu ca ngi dng, c im sinh trc hc,

k s v kim tra ch k s da vo kha

Tin cy K s v kim tra ch k s da vo khaChng chi b K s v kim tra ch k s da vo kha

Ton vn Tm lc thng bo

Trao quyn p dng chnh sch kim sot truy nhp v qun l quyn hn

Kim ton Lu nht k v s dng cng c kim ton

1.4.1. Cc h mt mH mt chnh l h thng cung cp cc k thut m ha v gii m d liu, c phn loi thnh

h mt kha cng khai v h mt kha i xng.H mt kha i xng s dng cng mt kha khi m ha v gii m, c minh ho trong Hnh1.1. an ton ca h mt ny ph thuc chnh vo s b mt ca kha.


4/19

Hnh 1.1. H mt kha i xng m bo tnh b mt v xc thc

H mt kha cng khai s dng mt cp kha (kha ring v kha cng khai), mt kha c sdng m ha v kha cn li c s dng gii m, c minh hotrong di y:

Hnh 1.2. H mt kho cng khai


5/19

Mc ch chnh ca h mt kha cng khai l phn phi kha v k s. Cc ng dng ca h mtny gm c: M ha/gii m, ch k , trao i kha.

Cc thut ton mt m:

- Tm lc thng bo (MD2-4-5, SHA, SHA1, SHA2,): chuyn thng bo r c di khngxc nh thnh thng bo m c di xc nh.

- Mt m kha b mt (DES, IDEA, RC2-4-5, Triple-DES, AES,): s dng cng mt kha chom ha v gii m.

- Mt m kha cng khai (DSA, RSA,): s dng mt kha m ha v mt kha khc giim.

Khi A mun truyn thng vi B, th tc c tin hnh nh sau:1. A to ra mt cp kha {KUa, KRa} v truyn thng bo cho B gm KUa v tn ca A (IDA).

2. B to ra kha b mt Ks v gi cho A sau khi m ha vi kha cng khai ca A.3. A tnh ton DKRa[EKUa[Ks]] khi phc li kha b mt. Ch A c kha ring nn gii m

c kha b mt. Ch A v B bit kha b mt Ks.

Nu kim sot c knh truyn thng, i tng E c th dn xp cuc truyn thng m khngb pht hin, theo hnh thc sau y:1. A to ra mt cp kha {KUa, KRa} v truyn thng bo cho B gm c KUa v tn ca A

(IDA).E chn ly thng bo, to ra mt cp {KUe KRe} v truyn KUe || IDA cho B.

B sinh ra mt kha b mt Ks v truyn EKUe[Ks] cho A.E chn ly thng bo, bit c Ks bng cch tnh DKRe[EKUe[Ks]].

E truyn EKUa[Ks] cho A.A v B khng bit E lm giKs v dng Ks trao i cc thng bo. Khng mt nhiu thigian, E c th can thip vo knh truyn thng, nghe trm v gii m tt c cc thng bo v bit

Ks.

- Lc phn phi kha b mt m bo tnh b mt v xc thc:1. A s dng kha cng khai ca B m ha thng bo (1) gi cho B c cha tn ca A (IDA)v mt nonce N1 nhn dng giao dch ny.

2. B gi thng bo (2) cho A. Thng bo c m ha bng KUa, c cha N1 ca A v noncemi N2 do B sinh ra. Do ch c B mi c th gii m thng bo (1) nn s xut hin ca N1

trong thng bo (2) m bo A ang lin lc vi B.3. A tr li N2, c m ha bng kha cng khai ca B m bo rng B ang lin lc vi A.4. A chn mt kha b mt Ks v gi thng bo (3) M= EKUb[EKRa[Ks]] cho B. Vic m hathng bo vi kha cng khai ca B m bo ch c B mi c thc. Vic m ha vi kha

ring ca A m bo chnh A gi thng bo.5. B tnh ton DKUa[EKRb[M]] khi phc kha b mt.

1.4.2. Chk sCh k s l d liu xc nh ngun gc v tnh ton vn ca thng bo. Ngi gi s dngkha ring ca mnh k s thng bo hay to ch k scho thng bo c gi i. Ngi

nhn s dng kha cng khai ca ngi gi kim tra ngun gc thng bo v xc nh thngbo khng bthay i trn ng truyn.

Ch k stng tnh ch k vit tay v phi c mt s tnh cht sau:- C khnng kim tra ch k s v thi gian k s.


6/19

- C khnng xc thc cc ni dung ti thi im k s.- Thnh vin th 3 c th kim tra ch k s gii quyt cc tranh chp.

Da vo cc tnh cht c bn ny, ch k s c cc yu cu sau:- Phi l mt mu bt ph thuc vo thng bo c k s.

- Phi s dng mt thng tin duy nht ca ngi gi ngn chn tnh trng lm gi v chi b.

- c to ra d dng.- Kh c th lm gi ch k s bng cch to ra mt thng bo mi cho mt ch k s hin c,hoc to ra mt ch k s gi mo cho mt thng bo cho trc.

- Trong thc t, cn lu gi mt bn sao ca ch k s.

1.4.3. Phn phi kha cng khaiNhiu k thut phn phi kha cng khai c a ra nh khai bo cng khai, th mc cng

khai, trung tm qun l kha cng khai v chng ch kha cng khai.Mt gii php la chn khc l s dng chng chkha cng khai. Cc thnh vin trao i khathng qua chng ch kha cng khai m khng cn lin lc vi c quan qun l kha cng khai.

Khi cn s dng kha cng khai, cc thnh vin kim tra chng chdo c quan qun l pht

hnh.

1.4.4. Chng ch kha cng khaiChng ch kha cng khai l s gn kt kha cng khai ca mt thc th(con ngi, thit b

phn cng, dch v) vi mt hoc nhiu thuc tnh nhn dng thc th, c mt c quan chngthc (Certification Authority - vit tt l CA) pht hnh.

Vic s dng kha cng khai c trong chng ch hon ton rt n gin nhng vic cng b vqun l cc chng ch gp rt nhiu vn nh pht hnh, hy b, kim tra tnh trng trc tuyn,

th mc lu tr, chng thc cho. Nhng vn ny c gii quyt thng qua h tng khacng khai.

1.4.5. H tng kha cng khaiCc thnh phn c bn ca PKI X509 gm pha nh cung cp (c quan chng thc, c quan ngk, h thng qun l v phn phi chng ch) v pha ngi dng (cc ng dng PKI). M hnh

cp pht chng ch kha cng khai ca PKI X509 c minh ha trong hnh di dy


7/19

Hnh 1.3. M hnh cp pht chng ch ca PKI X509


8/19

MT SC S MT M PHC V AN TON THNG TIN1.5. Lc m RSA-OAEP1.5.1. Hm m ho RSAES-OAEP

RSAES-OAEP-ENCRYPT((n, e), M,L)

Cc la chn: Hash l hm bm (hLen k hiu di theo byte ca u ra hmbm)

MGF l hm sinh mt n

u vo: (n, e) l kho cng khai RSA ca ngi nhn (k k hiu ditheo byte ca RSA modulo n).

M l thng bo c m ha, chui byte c di mLen vimLen k2hLen-2.

L l nhn ty chn lin quan n thng bo, gi tr mc nh caL l chui rng nu khng c cung cp.

u ra: C bn m, chui byte c di k.

Cc li: thng bo qu di, nhn qu di.

Gi thit: Kho cng khai RSA (n, e) l hp l.

Hnh 1.4. Thut ton m ha EME-OAEP


9/19

1.5.2. Hm gii m RSAES-OAEPRSAES-OAEP-DECRYPT(K, C,L)

Cc la chn: Hash l hm bm (hLen k hiu di theo byte ca u ra hmbm.

MGF l hm sinh mt n.u vo: K l kho ring RSA ca ngi nhn (k k hiu di theo byte

ca RSA-modulo n).C l bn m cn c gii m, chui byte c di k, vi k

2hLen + 2.L l nhn ty chn lin quan n thng bo, gi tr mc nh ca

L l chui rng nu khng c cung cp.u ra: M thng bo, mt chui byte c di mLen vi mLen k

2hLen -2Li: Li gii m

1.5.3. Yu cu tham s an ton cho h mt RSA V2. Sm cng khai e phi c chn vi cc rng buc sau:

a) Chn trc khi to sm b mt.b) L snguyn dng l sao cho 65537 e < 2nlen-2security_strength.

V3. Hai s nguyn t p, q phi c chn vi rng buc:a) p-1 v q-1 phi nguyn t cng nhau vi e.

b) Mi mt trong bn s p-1, p+1, q-1 v q+1 phi c c nguyn t ln hn2security_strength+20.

c) 2 2nlen/2-1 p, q 2nlen/2-1.V4. Sm b mt d phi c chn sau khi to p v q vi cc rng buc:

a) d > 2nlen/2.

b) d e-1 (mod lcm(p-1,q-1)).

1.6. Thut ton m khi AES1.6.1. Gii thiu thut ton AESAES l thut ton hng byte. n vthng tin c x l trong thut ton l byte. Chng c

xem nh mt phn t ca trng Galois GF(28) vi php v php nhn Mi byte c thc biu din theo nhiu cch khc nhau. dng nh phn l {b7 b6 b5 b4 b3

b2 b1 b0}, dng hc s 16 l { h1 h0}, dng a thc c cc h s nh phn l

7

0

i i

i

b x

. V

d, mt byte c biu din dng nh phn l {01100011}, dng a thc: hocdng hexa l {63}.

Php cng trn GF(28) nh sau:

vi ,Php nhn trn GF(28) nh sau:

.

6 5 1x x x

7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0{a a a a a a a a } {b b b b b b b b }={c c c c c c c c } i i ic a b 0 7i

8 4 3( ) ( ) ( ) ( ) mod( 1)a x b x a x b x x x x x


10/19

1.6.2. Cu trc bn trong ca AES. Slng cc vng ph thuc vo kch ckha c chn, v d kch ckha 128 bit-10 vng,192 bit-12 vng, v 256 bit14 vng. Mi vng gm nhiu tng khc nhau. Cc tng cho qu

trnh m ha v gii m nh sau:* M ha

Tng thay th byte (ByteSub)Tng thay th byte gm 16 S-box c cc tnh cht sau:

Cc S-box ging ht nhau. L thnh phn phi tuyn duy nht trong AES, ngha l: ByteSub(Si)

+ ByteSub(Sj)ByteSub(Si+Sj), .S-box ca AES c xy dng da trn nh x nghch o trn trng GF(28).

Trong ci t bng phn mm, cc S-box thng c thc hin nh mt bng tra.Lc to kha (Keyschedule)

Cc kha con c tnh mt cch quy t 128/192/256 bit kha gc u vo.Mi vng m ha/gii m, s dng mt kha con cng vi mt kha con phn bt u ca

thut ton AES. Nh vy, s kha con=svng +1. Tng ng vi mi kch ckha u vo c

mt lc kha. Vi kha 128 bit c s kha con l 11, kha 192 bit c s kha con l 13 vkha 256 bit c s kha con l 15.

* Gii m

AES khng da vo cu trc Feistel nn mi bin i phi thc hin ngc khi gii m. Vibin i MixColumn c InvMixColumns cho qu trnh gii m, vi bin i ShiftRows, vi

ByteSub c InvByteSub. Tng cng kha cng phi thc hin vi cc kha con c th tngcli.

InvMixColumns: s dng a thc .

InvShiftRows: tt c cc hng trong ma trn trng thi c dch vng theo hng ngc li.

InvByteSub: V S-box l song nh nn chng ta c th xy dng mt nh xngc sao choAi=S-1(Bj). nh xny c dng khi gii m. N thng c lu trdng mt bng tra.

Lc kha cho gii m: Mi kha con phi c s dng theo th tngc li. Trongthc t, c khi m ha v gii m, chng ta vn s dng cng mt lc kha. iu ny dn

n vic phi tnh ton cc kha con trc khi m ha khi u tin.

1.6.3. Mt s yu cu m bo an ton khi ng dng m khi A ESH m khi AES c vai tr quan trng v c s dng nhiu trong cc h thng an ton v

bo mt. Tuy nhin, ta cn tun th mt s yu cu vci t hiu qu v chn la ch lmvic cho AES nhm m bo an ton khi ng dng.

Yu cu ci t hiu qu AES trong thc t:

Cch ci t trc tip l cch kh tt i vi cc b vi x l 8-bit, nhng khng hiu qu vicc b vi x l 32-bit hoc 64-bit. i vi cc b vi x l (hoc thit b c ti nguyn nh), vic

ci t ti u cn ch vn sau:

- S-box: c thlu bng tra n (1 S-box 8 bit) hoc tnh ton qua cc php tnh s hc trnGF(28).

,i j

3 2( ) {0 } {0 } {09} {0 }d x b x d x x e


11/19

- Bin i MixColumns: c th tnh php nhn mt phn t vi cc hng s 0x09, 0x03,0x0b, 0x0d, 0x0e c thc tnh thng qua cc php nhn vi hng s 0x02, 0x01. C th:

a.0x03 = (0x02.a) +(0x01.a) = (0x02.a) ^ a

a.0x09 = (((a.0x02).0x02).0x02) + (0x01.a)= (((a.0x02).0x02).0x02)^a

a.0x0b = (((a.0x02).0x02).0x02) + (a.0x02) + (a.0x01)= (((a.0x02).0x02).0x02) ^ (a.0x02) ^ a

La chn ch lm vic cho AES: Mi ch lm vic ca m khi u c nhng unhc im ring, cn tm hiu v la chn p dng.

Chng-2. GII PHPXC THC V BO MT2.1. Gii thiu gii php

Hin nay c nhiu cng c (phn mm, gii php) h trngi dng trong vic xc thc vm ho thng tin. Tuy nhin cc cng c ny ch yu c cung cp t cc nh cung cp ch k

s hoc phn mm min ph dng ci t ti my PC ca ngi dng s dng cho cc ngdng ci t ti my. Vic tch hp vi cc ng dng khc, c bit l cc ng dng web chac ch trng.

Gii php xc thc ti liu trn mi trng mng: L vic xy dng phn mm xc thc (k s)ti liu trong trao i vn bn trn mi trng mng. Gii php c xy dng cho php tch hptrn cc chc nng gi nhn ti liu ca cc ng dng web bng vic s dng chng ch s cho

my ch v chng ch s ca t chc, c nhn tham gia vo h thng.

2.2. S kin trc gii php xc thc ti liu trn mi trng mngT nhng nghin cu trong chng 1 v him ha i vi ng dng web, c bit i vi cc

ng dng trong cc hot ng ca cc c quan nh nc cn c coi trng v m bo tnh xc

thc, ton vn cho cc ti liu (vn bn) trao i qua mng. Hnh 2.1 m t qu trnh xc thc tiliu truyn nhn gia my ch v my trm.

Hnh 2.1. M hnh xc thc ti liu trn mi trng mng

Cc thnh phn trong ca s :a) Thit b eToKen:


12/19

L thit bc s dng lu tr cc kha ring v chng ch s ca ngi dng, c sdng trong xc thc ngi dng, k s ti liu in t, m ha ti liu in tnhHnh 2.2 a v

b.

a) Thit b eToKen

b) Thnh phn ca eToKen

Hnh 2.2. Thit b eToKen v thnh phn ca eToKen

Trong hnh b:D liu: L d liu c to ra bi cc ng dng ca ngi dng.

Chng ch: Lu tr chng ch sc cp bi t chc cp chng chcho ngi dng.

Kha: Bao gm mt kha cng khai (public key), mt kha ring (private key) v kha bo v(secret key).b) ng dng pha my trm bao gm: L giao din c tch hp trong mi chc nng c yu

cu k s hoc xc thc ca ng dng.c) Th vin mt m: Cung cp cc lp, cc phng thc cho php tng tc vi modul tch hp

trn trnh duyt thc thi cc chc nng theo yu cu ca chng trnh.d) Chng chscho my ch

S dng chng ch SSL, nhm m bo thng tin trn knh truyn cho ng dng web. Khi mi d liu trao i gia ngi dng v website sc m ha (pha ngi gi) v gii m (pha ngi nhn) bi c ch SSL mnh m nht hin nay. Nu website khng s dng chng chs SSL, mi d liu nhp vo website tngi dng sc truyn i nguyn bn trn Internet.

Khi , nguy c d liu b xm nhp trong qu trnh trao i d liu gia ngi dng v websites rt cao.e) Cc Dch v pha my ch

Thc hin xc thc ti liu; dch v Upload ti liu cho php my trm thc hin ti ti liu c k s hoc m ha ln server phc v cho qu trnh phn phi ti liu ca ng dng (mng

vn phng in t lin thng).


13/19

2.3. Phn tch thit k gii php2.3.1. Cc chc nngcn thit cho yu cu ca phn mmxc thc

STT Tn chc nng M t chi tit

1 Chc nng ti my trm

1.1 Cung cp giao din cho ngi dng to giao din tch hp vi ng dng

cho php ngi dng thc hin cc thao

tc cn thit

1.2 Ghp ni vi th vin mt m Ghp ni vi th vin mt m thc

hin k s, m ha theo yu cu ca

chng trnh

1.3 Ghp ni vi thit b eToKen Ghp ni vi thit b eToKen khi c yu

cu v kha v chng ch lu tr trong

eToKen

2 Chc nng ti my ch

2.1 To giao din giao tip vi my trm To giao din ti ti liu trc khi x l

2.2 Kim tra, xc thc ti liu Kim tra tnh ng n ca ti liu c

gi cng nh chng ch ngi gi

2.3 Thc hin Upload ti liu ln my

ch

Upload ti liu ln th mc hoc CSDL

trn my ch

3 Th vin mt m

3.1 Cc phng thc c eToKen Cc phng thc c eToKen

3.2 Cc phng thc k s Cc phng thc k s

3.3 Cc phng thc m ha Cc phng thc m ha


14/19

2.3.2. La chn ngn ng lp trnh v cng c thit k ng dng - Visual Studio 2010 v.NET Framework 4

Visual Studio l b cng c hon chnh cho php xy dng, trin khai cc ng dng cho my bn ln cc ng dng web. Visual Studio h trnhiu ngn ng lp trnh t C, C++, C#, C#.net,VB..; vi Visual Studio 2010 Ultimate SP1 h tr.NET Framework 4 v Siverlight 5 cn thit

xy dng ng dng trong gii php ny.Trn c sm hnh xc thc v bo mt gii thiu trong mc 2.2, vic phn tch thit k phn

mm cn thc hin cc ni dung sau:- Phn tch thit kth vin mt m ci t pha my trm v s dng ti my ch;

- Phn tch thit k dch v pha my ch- Thit k cng c k s trn web

2.3.2.1. Th vin mt mTh vin mt m trong m hnh ny c xy dng trn c scc tiu chun bt buc p dngv ch k s v dch v chng thc ch k sc quy nh ti Quyt nh s: 59/2008/Q-

BTTTT ngy 31/12/2008 ca B Thng tin v Truyn thng v cc tiu chun v an ton thngtin theo quy nh ti Thng t s 01/2011/TT-BTTTT ngy 04/01/2011 ca Btrng B Thngtin v Truyn thng.

Th vin mt m bao gm cc hm, th tc cho php giao tip vi thit b eToken v cc hm,th tc k s, xc thc vn bn nh hnhHnh 2.3 v di y:


15/19

Hnh 2.3. Lc k s vn bn

2.3.2.2. Dch v pha my ch nng cao tnh an ton thng tin, m hnh xc thc v bo mt ti liu thit k theo m hnhclient- server trn mi trng web, trong qu trnh k s hoc m ha c thc thi ti mytrm (client), my ch (server) ch lm nhim v cung cp giao din ti trnh duyt v y d

liu ln server.Thit k dch vpha server nh sau:


16/19

Dch v WebService vi phng thc Upload cho php ng dng s dng a d liu file ln

my ch mt cch an ton. Thut ton c m tnh sau:- u vo: tp d liu t my trm c chn- u ra: ng dn tp d liu trn my ch

- Cc bc thc hin:B1) c d liu t tp d liu t my trm c chn

B2) Th Ghi d liu vo bin writer (BinaryWriter) v y ln my chB3) Nu qu trnh ti B2 thnh cng th tr vng dn tp d liu trn my ch, nu khng

c th tr vng dn rng.

2.3.3. Cng c k s trn webVic thit k cng c k sm bo cc yu cu sau:

- Cho php ngi dng la chn vn bn k (vn bn nh dng.pdf)- Khi thc hin lnh k scho vn bn ng dng tng giao tip vi thit beToken v th

vin mt m ci t ti my trm thc hin k vn bn.- Kt qu tr v tp vn bn c k v tng y ln my ch

- Thng bo cho ngi dng kt qu thc hin.M tchng trnh:

u vo: - Tp vn bn cn k

- Thit b eToken- Thao tc, lnh tngi dngu ra: - Tp vn bn c k

- y tp vn bn k ln my ch- Thng bo cho ngi dng kt qu thc hin

Cc bc:B1 Kim tra tin cy (ng dng phi c tin cy vi trnh duyt bng

cch s dng chng ch k cho ng dng v ci t ti my trm.Nu khng tin cy th cho thng bo v kt thc.

B2 Cho php ngi dng duyt tp vn bn, nu tp vn bn khng dngnh dng th yu cu duyt li tp vn bn.

B3 - Kim tra thit b eToken, nu hp l( kt ni v nhp ng mPIN) th thc hin k tp vn bn

- y tp vn bn k ln my ch - Thng bo k thnh cng

Trong tp KySo.xap l tp bin dch tng dng Siverlight cung cp giao din k scho ng dng web.

b) Ci t th vin ti my trmng dng Siverlight hot ng c trn my trm cn thc hin cc yu cu sau:


17/19


18/19

KT LUN

nghin cu gii php xc thc v bo mt ti liu trong trao i vn bn trn mi trngmng gia cc c quan nh nc, lun vn tp trung nghin cu cc vn sau:

Nghin cu, tm hiu mt s khi nim v an ton thng tin, nh gi thc trng v nhu cu v

an ton thng tin trong cc c quan nh nc. xy dng gii php p ng c yu cu trong thc t, lun vn tp trung tng hp, phn

tch mt sc smt m cn thit p dng trong vic bo mt thng tin trn mi trng mngtheo tiu chun nh nc quy nh (i vi m ho phi i xng v ch k s, p dng lc RSA-OAEP theo chun PKCS#1 phin bn 2.1; i vi m ha i xng p dng thut ton

m khi AES).Trn c scc nghin cu v mt l thuyt, lun vn tp trung nghin cu, xy dng cc gii

php xc thc ti liu trong trao i vn bn trn mi trng mng gia cc c quan nh nc.Trong thi gian ti, tc gi s tip tc nghin cu mrng cc tnh nh xc thc ng nhp, mha d liu trong trao i ti liu cho cc ng dng. Vi thi gian v trnh cn hn ch, tronglun vn ny khng trnh khi s sut. Rt mong nhn c sng gp kin ca cc Thy C

lun vn c hon thin hn.

ReferencesTing Vit

[1]. Phan nh Diu,L thuyt mt m v an ton thng tin, i hc Quc gia H Ni,1999.

[2]. TCVN 7635:2007, Chk s, Kthut Mt m, 2007[3]. Quyt nh S: 59/2008/Q-BTTTT ngy 31 thng 12 nm 2008 ca Btrng B

Thng tin v Truyn thng Ban hnh Danh mc tiu chun bt buc p dng v chk s v dch v chng thc ch k s.

[4]. Ngh nh s 64/2007/N-CP ngy 10-04-2007 ca Chnh ph v ng dng cngngh thng tin trong hot ng ca c quan nhnc.

Ting Anh[5]. Microsoft, Building Secure ASP.NET Applications, Patterns & practices.[6]. Microsoft, Introduction to Web Applications Security, Patterns & practices.[7]. NIST (26/10/2001) Advanced Encryption Standard (AES), FIPS 197.[8]. RSA Laboratories (14/6/2002) RSA Cryptography Standard PKCS #1 V2.1.[9]. William Stallings, Cryptography and Network Security: Principles and Practices,

Fourth Edition, Prentice Hall, 2006.


19/19

[10]. Bruno Lowagie,Digital Signatures for PDF documents, 17 Sep 2012.Ti liu trn Internet:

[11]. http://wp.nestcape.com/eng/ssl3[12]. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf[13]. ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
http://wp.nestcape.com/eng/ssl3/http://csrc.nist.gov/publications/fips/fips197/fips-197.pdfhttp://csrc.nist.gov/publications/fips/fips197/fips-197.pdfhttp://wp.nestcape.com/eng/ssl3/

ma hoa aes va chu ky dien tu (2)

Documents