WWW.DISSERS.RU


...
    !

Pages:     | 1 |   ...   | 7 | 8 || 10 | 11 |   ...   | 14 |

pc aep paa popa 2-e ae pooo, aop cxoe ec a e C COEPAHE . pecoe Beee aa 1 Ocoe o 1.1 Tepoo 1.2 ...

-- [ 9 ] --

Pc. 17-8. Co pecp c eeo opao c (ooo eeoac).

b3 b2 b Pc. 17-9. 3-o co pecp c eeo opao c.

Ha 8- oaa 3-o eepaop co ceye opao c: o o ec poeee epoo opoo o. Ec eo poapoa aee 110, o oceoaeoc ypex co co ye ceye:

1 1 0 1 1 0 0 1 0 0 0 0 0 0 a o ecoeoc. Bxoo ec oceoaeoc ax aax o :

0 1 1 0 1 0 0 0 0 0 0 0....

o e co oeo.

Moe xye. Ec aaoe aee 100, o cey coco c 010, 001, a ae cea 000. Ec aa aee ec 111, o oo ye oopc cea c caoo aaa.

a poeaa opeeea paoa o ce eo cooc poee yx LFSR [1650, 726, 1364, 630, 658, 659]. ocpy, aa cee LFSR a oe eex xapaepc [310] e ec eoaco [842.].

17.7 pye oooe p B epaype ocac pye oooe p. Bo eoope x.

eepamop ecca (Pless) o eepaop coye coca J-K pepo [1250]. Boce LFSR ypa ep J-K pepa;

a pep eeo oee a LFSR. o ea poe, o xo pepa opeee co, aee ceyeo xooo a, oce apoa epex pepo x xo epeeac oye ooaeoo ooa e.

o aop poaaec oa c oo cp aoo pepa oeoc [1356]. oy e, oeee J-K pepo cao popaec;

eepaop aoo a e yco epe oppeo cpe [1451].

eepamop a ae emooo amoama B [1608, 1609], C Bopa (Steve Wolfram) peo cooa aece eepaopa ceoc y ax ce ooep eo aoa. Paccopee eooo aoaa e ec peeo o , o eepaop Bopaa coco ooepoo acca o a1, a2, a3,..., ak,..., an y oo e:

ak'= ak-1 (ak ak 1) eaec ooo ae ak, peao ce pao aoo.

eepaop ee ce a oe cya. Oao x eepaopo cyecye yceoe cpe c ec op eco [1052]. o cpe oo a PC co ae n o o 500 o.

poe oo, o ape (Paul Bardell) oaa, o xo eooo aoaa oe ae ceepp o a c oo cooo pecpa c eo opao c o e , ceoaeo, e ae o e eoacoc [83].

eepamop 1/p o eepaop peoe oepy poaay [193]. Ec ypeee cocoe eepaopa oe pee t pao xt, o xt 1 = bxt mod p Bxoo eepaopa ec a aa xt div p, e div - o eoceoe eee c ycee e. acaoo epoa oca b p o pa a, o p - pocoe co, a b - p ope mod p. coae, o eepaop e eoace. (ae, o b = 2 FCSR e c a c ae oceoaeoc, opay ao.) crypt(1) Opa aop poa UNIX, crypt(1), pecae coo ooo p, coy e e e, o a. o 256-ee, oopoop ocaoo p c opaaee. poop, opaae oyac a. o aop aoo poe, e eea a pee opo poo o, apoaoy poaay ecoo eo oa [1576, 1299]. cp ao, apoax crypt(1), oo cooa cooo ocyy popay UNIX, aaey Crypt Break ers Workbench (CBW, cpye oa po).

pyue cxe Ee o eepaop ocoa a poee paa (c. pae 19.2) [1363]. CRYPTO-LEGGO eeoace [301]. oa e (Joan Daemen) papaoaa SubStream, Jam StepRightUp [402], o o co o, o x oepoa. Moeco pyx aopo ocao epaype, o ee oe xpac ce pee cpoeo aapaypy.

17.8 Cceo-eopeec oxo poepoa ooox po Ha pae, poepoae ooooo pa o oo oxoe poepoae ooo pa. B o cyae coyec oe aeaeco eop, o oe oo popa peaae ay-o cxey ae aec o ee aa.

Coaco Paepy Pey cyecye epe pax oxoa poepoa ooox po [1360, 1362]:

Cceo-eopeec oxo. coy p yaeax pepe aoo poepoa, aec yocoepc, o aa cxea coae coy eecy poey poaa a,.

opaoo-eopeec oxo. aec coxpa op ec ae o poaaa.

Heaco o oo, a oo ec o poaa, o oa e oy ooaoo pee.

Cooco-eopeec oxo. aec cooa aece ocoa pocce e oopy ecy coy poey, ay a paoee a oe e cpex oapo, cea poccey aeo o poee.

Paopoa oxo. aec coa peao oy poey, aca poaa a poep oeco ecccex ax xoe oo poaaa.

oxo oac peooe o ooocx cocoocx poaaa, opeeee ycexa poaaa oae eoacoc. oco cceoa o oac - eopeece, o cpe ecoex ooox po ec oe pe.

Cceo-eopeec oxo cooac o cex paee peex ooox pax, peyao eo pee c oco coyex peao pe ooox po. popa papa aae eepaop ooa e, oaae poepe xapaepca eoacoc - epoo, pacpeeee o, eo cooc .. - a e p, ocoae a aeaeco eop.

popa ae yae pae eo poaaa x eepaopo poepe, yco e e paop o ooe cocoa cp.

Co peee o oxo pe oe aopa pepe poepoa ooox po [1432, 99, 1357, 1249]. O paccapac Peo [1362], e o opoo po eopeece oco x pepe.

epo e oope.

pep eo cooc - oa ea cooc, e po cooc, oaa ea cooc ..

Cacece pep, apep, eae k-epe pacpeee.

yaa - a ooa e oe co peopaoae cex oca o a.

y - ooc ocpyypax oa pacceac, po oee "paaao" ca ce.

pep eeoc oecx y, ae a ocyce oppe m-o opa, pac coe o ex y, a pep, ..

o epee pepe poepoa e yae ooox po, papaoax c oo cceo-eopeecoo oxoa, o cpae cex ooox po. o cpaeo cex ox po. Ocoeoc cceo-eopeecoo oxoa ec o, o oooe p e o cpeceo papaaac, o yoeop pep.

ao poeo ax pocce ec eoooc oaa x eoacoc, oa e o oaao, o pep poepoa eoxo ocao eoacoc. eepaop ooa e oe yoeop ce paa papao, o e e eee oaac eeoac. pyo o e oaac eoac. o poecce ce ee ocaec o-o aecoe.

C pyo copo cpe oo x eepaopo ooa e pecae coo oy p o ey poaaa. Ec ye papaoao ocaoo pax eepaopo, oe oaac, o poaa e cae pa pe, aa a x. Moe, eo oe aepecye oo oc pocac, ocy ycexa, paaa a oe oe ca c cpee o a p.

17.9 Cooco-eopeec oxo poepoa ooox po Pe ae oep cooco-eopeec oxo poepoa ooox po. B cooe c c popa aec cooa eop cooc, o oaa eo eepaop eoac.

Ceoaeo, eepaop o a oo oe coee, ocoac a ex e pyx po e ax, o popa c op a. , ae a aop c op a, o oa a c ee poo.

eepamop nceocyax uce aupa ap cooa aece eepaopa ceocyax ce aop RSA [1417]. Xo ap oaa, o pecaae xoa eepaopa ceocyax ce paoco oy RSA, oeaoe ceee xoa a poeocppoaa [1401, 200].

eepamop Blum-Micali eoacoc oo eepaopa opeeec pyoc ce cpex oapo [200]. yc g - pocoe co, a p - ee oo pocoe co. x0 aae poecc:

xi 1 = gx mod p i Bxoo eepaopa ec 1, ec xi < (p - 1)/2, 0 poo cyae.

Ec p ocaoo eo, o cee cpex oapo mod p cao ec eoo, o o eepaop eoace. ooee eopeece peya oo a [1627, 986, 985, 1237, 896, 799].

RSA o eepaop RSA [35, 36] ec oae [200]. Haae apaep - oy N, poeee yx ox pocx ce p q, eoe co e, ooceo pocoe c (p-1)(q-1), a ae capooe cy aoe co x0, eee N.

xi 1 = xe mod N i Bxo eepaopa pecae coo a aa xi. eoacoc oo eepaopa opaec a cooc cp RSA. Ec N ocaoo eo, o eepaop eoace. ooea eop pe ea [1569, 1570, 1571, 30, 354].

Blum, Blum, and Shub poce aoee e eepaop, coy cooco-eopeec oxo, ec cox aopo aaec Blum, Blum, and Shub. M copa eo aae o BBS, xo oa eo aa eepaopo c apa ocao [193].

Teop eepaopa BBS coye apae oca o oy n (c. pae 11.3). Bo a o paoae.

Caaa ae a pocx ca, p q, oope opy 3 modulo 4. poeee x ce, n, ec e co a (Blum). Bepe pyoe cyaoe eoe co x, ao pocoe c n. Bc x0 = x2 mod n o capooe co eepaopa.

Teep oo aa c . i- ceocya o ec a aa xi, e xi = xi-12 mod n Ca py coco oo eepaopa ec o, o oye i-o a e yo c peye i-1 . Ec a ec p q, oee c i- eocpeceo.

i bi - o a aa xi, e xi = x0(2 ) mod(( p-1)(q-1)) o coco oaae, o oee cooa o popaec c eepaop ceoc y ax ce aece oooo pocce aa c poo ocyo.

eoacoc o cxe ocoaa a cooc paoe n a oe. Moo oyoa n, a o o yoo oe eeppoa c oo eepaopa. Oao oa poaa e coe pa o n a oe, o oa e coe pecaa xo eepaopa - ae yepa o-y poe: "Cey c epooc 51 poe ye ee ".

oee oo, eepaop BBS epecaye eo apae epecaye pao apae.

o oaae, o oy oceoaeoc, ay eepaopo, poaa e coe pecaa cey, pey oceoaeoc. o ao e eoacoc, ocoao a ao o oy e oo coo eepaope o, a aeao paoe n a oe.

o aop eee, o ec coco eo ycop. Oaaec, o aece ceocyax o oo cooa ecoo aoo xi. B cooec c [1569, 1570, 1571, 35, 36] ec n - a xi, oo cooa log2n ax aax o xi. eepaop BBS cpaeo ee e oxo ooox po. Oao cooaex poe, ax a eepa e, o eepaop ye ox pyx.

17.10 pye oxo poepoa ooox po p opaoo-eopeeco oxoe ooo pa peoaaec, o poaa o aae eopae peee ceo ooc. Ece paec peaoa ooo po, ae o aoo poa, ec oopao oo (c. pae 1.5). Ta a ca ooe e oe yoo, eo oa aa oopaoo eo. Ha yx ax eax, a oo poa, a a pyo eppoa, oe aca e oo e. poa poco oec XOR opoo eca c a e. eppoa oec XOR poeca c a pyo, eo e. O o e oo e e c ooa a. Ta a ooa e eceo cya, pecaa oo e eo oo. Ec ca e oce cooa, o eoacoc ye acoo (p yco, o y oo-o pyoo e o e).

pyo opaoo-eopeec ooo p, papaoax ayco oppo ( Claus Schnorr) peoaae, o poaa ee ocy oo opaeoy cy o poeca [1395]. Pe ya c co eopeec results e e paecoo ae. opooc oo a [1361, 1643,1193].

C oo paopoaoo ooooo pa popa aec cea peee poe, co e epe poaao, ec eoo. oo, coxpa eoo paep cepeoo a, popa aeo yeae oeco o, c oop pec e eo poaa y. o oe ceao a ce cooa p poa eppoa oo oy o ao cyao cpo. e yaae, ae ac cpo yy cooa p poa e ppoa. poaay, e aey a, pec epepa cyae oa ace cpo. eoacoc aoo pa oo pa c oo cpeeo ca o, oope oe po e p poaa pee, e epoocopee aeo yyc o cpae c epo oc pocoo yaa.

up "Pun a Bu" ec Macce (James Massey) eap eapco (Ingemar Ingemarsson) peo p "P a B" [1011], aa a, ooy o oyae, o aa eppoae, oe oy 2n o poeca. Aop, oaa a 7-, poc peaa, apapoao eoace coepeo epae. poco oe XOR opoo eca c ooo e aepe oo e a pe o 0 o 20 e - oa aepa ec ac a. o coa Macce: "Moo eo oaa, o pae coy poaay cp pa oaoc c e, ec o-o coacc ooa c e e opoo eca o e." Pae o e oo a [1577, 755].

aa oo cyax aepa o (y ec Op oo o poa) aepa ec opoo eca 0-20 e (a acepeea ac o a) Pc. 17-10. p "P a B".

Paouupoa nomoo up uu a cxea epe a peoea o [1362]. coyec 2n cyax oceoae oce. pecae coo cyay n-oy cpoy. poa cooe Aca coye k-y cyay cpoy a oopao oo. ae oa opae poec 2n cyax cpo o 2n 1 pa aaa c.

o ae k-, ooy o oe eo pa, ao oopaox ooo cooa ep poa cooe. Ee ocaec oo epepa cyae oceoaeoc, oa oa e ae p a oopao oo. cp opeyec poep eoopoe co o, o opy paoe O(2n). Pe yaa, o, ec opaee n cyax cpo eco2n, ec coyec a a eo oa x cyax cpo, eoacoc ocaec a pee ypoe.

Paouupoa nomoo up Maypepa e Maypep (Ueli Maurer) oca cxey, ocoay a oe XOR opoo eca c eco o op oceoaeoc cyax o [1034, 1029, 1030]. ec aopo capox o ao oceoaeoc. Moo oaa, o ao p o eoace, c epo oc oa opeeec oeo a, eec pacope oa, eaco o ocyo ey ceo ooc. Maypep yepae, o a cxea caoc pao p 100 pax oceoaeocx o 1020 cyax o aa. O cocoo oy pa oo o ec opoa oepxoc y.

17.11 p c acao ecox ooo Ec pooeoc e aa, o e p pa ecoo ooox po oe x aca. oye poeca poco oe XOR xoa aoo eepaopa c op eco.

Peya e Maypepa (c. pae 15.7) oaae, o ec eepaop coy eace , o eoacoc acaa o pae epe e ee eoacoc caoo coo aopa acaa, a copee ceo aoo oe.

oooe p oec e e cocoa, o ooe (c. ay 15). oooe p oo oe aca (c. pae 15.7) c py ooo pa c o pa.

o po ec cooae ooo aopa, ooooo ooo, acoo oo e a cpoo ooooo aopa (oop oe o aop pee OFB). cp aop oe ca, a a poaa oa e oy ocaoo opoo eca, a poaoo o o.

Cyecye coco pae paep ypeeo coco cpoo aopa (oop oe a eoacoc) a acoy ce a. Cea a oa ooceo aco, e co cooa oo aop c o poeypo ycao a. poe oo, cea a e oa ace o ypeeo coco cpoo aopa.

17.12 Bop ooooo pa Ec yee ooox po ae ao-o peya, a o oee c yae peyp o c ce ox cocoo cp. Tpaoo oooe p opac a oy aeaecy eop. y eop oo o cooa oaaeca ooex aec pa, o ee e oo o cooa oca ox cocoo cp pa. o o p o ooo p, ocoa oo a LFSR, ae oe ecooco.

peoa oooe p, cpoepoae ooo o pa : eee peopaoa , oe S-o, .. oe ceo e pac RC4, a ae SEAL. Me oe xoeoc ye peya poaaa peoex o eepaopo, oex LFSR FCSR. a oac aec eca peaeo ye oooc cooa peax papaoax. oye ooooo pa oo cooa o p pee OFB CFB.

B 14- cpae pee peee coooe eoopx aopo.

Ta. 17-3.

Copoc poa ecox ooox po a i486SX/33 M Aop Copoc poa (Ma/c) A5 PIKE RC4 SEAL 17.13 eepa ecox ooo ooo eepaopa ceocyao oceoaeoc Ec yo apoa ecoo aao c p oo ooo oa - apep, yecopa poc peee ec cooae aoo ooa coeo eepaopa ceocyao oceo a eoc. p o oa e ceyx poe : ya ooea aapaypa, ce eepaop o cxpopoa. poe o cooa o eepaop.

Oo pee - apoa eepaop ecoo pa. Ec yo p eacx ooa, apye eepaop p paa opae o ooy y a oo. o eo paoae, o oy cooc p oye oo aco. Hapep, ec oee apoa eepaop oo p paa cpee apoa ooa ax, coee coa oo p ooa. py cocoo ec cooae oo o e oceoaeoc aoo aaa, ooo c epeeo peeo aepo. o eeoaco.

eceo yaa e [1489], aaeoaa NSA, oaaa a 6-. acae xo aeo oo eepaopa poco m-o co pecp. o aoy aooy ycy cae pecp a o pao. ae aoo xooo ooa oe AND pecpa c py m-o eo po, paccapae a ya eaop paoo xooo ooa, ae oee c oo XOR ce , oya xoo oo ooa. Ec peyec oy apaeo e coo xox ooo, aoo xooo ooa yo cooa oe eop oec acc XOR/AND.

eepaop...

m-o xo Beop 1 Beop 2 Beop n oooe oooe oooe AND AND AND oooe oooe oooe XOR XOR XOR oo 1 oo 2 oo n Pc. 17-11. eepaop ecox o.

Cyecye p ee, oope yo ocea. Ec o x ooo ec eo o ae pyx ooo, o ccea oe oaa. Ho ec ocaoo aypa, oca coco ec poc eoac cocoo pee poe.

17.14 eepaop peax cyax oceoaeoce oa popaec eoace ceocyae oceoaeoc eocaoo xopo. B p opa a oy oaoc eceo cyae ca. epoe, o pxo ooy - o eep a e. pepaco oo eeppoa cyae popaece , coy eepaop ce o cyax oceoaeoce, o ec pa oye o oo eepaopa a , o coe co a e e oa ay poccey, eaco o aeoc ax aopo. oceoa eoc, aaey eepaopo cyax oceoaeoce, ocpoec eooo. Ho, ae ca, e coe ocpoec oceoaeoc o, aaey eepaopa.

pyo ococo poeo ec opoc o o, a eo eceo cyae . e copac ac o cop. ec paccapa ay o, oope eooo o c poec, y oopx cacece coca a y cyax o.

oo eepaopa eceo cyax oceoaeoce a opoco ec eo p o epa. Ha y ey cyecye oeco epayp. Tec a cyaoc oo a [863, 99]. Maypep oaa, o ce ec oo oy o ca oceoaeoc [1031, 1032]. Ec cyaa oceoaeoc caec, o oa e ec o acoey cyao.

B o cyae, ce, o ee o oac, o oo oocc epo a. a oe o ec eepa oceoaeoc o, oopy e coe yaa a po. o opao o ee pya aaa, e aec. e oy oaa, o o ocax eoo eeppye cyae . Peyao x pao c oceoaeoc o, oope eooo eo ocpoec.

opooc oo a [1375, 1376, 511].

Tau RAND a ao, 1955 oy, oa oep ce ee oy, Rand Corporation aa y, co epay o cyax p [1289]. x eo ocac a:

Cyae p o oye p oo paoa ocoo a, ceeppoao e poo pyeo. Bpae, co yco, a x co cyao acoo cpee ooo 100000 yco ceyy, opac pa ceyy yco ocoo aco. e opaa yca poyca yc e pe 5-pap ap ce. o cy aa ac oeco pye c 32-o, oopoe cpee eao ooo 3000 oopoo a opy aao oo co ceyy. cooac oo-ec peopaoae, o op peopaoa 20 32 ce (ocaec eaa opacac ) oca oo oce py ya x ce. ocee p oaa oocep IBM, opay oe oo ay pox apoe cyax p.

B e paccapac peya pax poepo ax a cyaoc. B e ae peaa c coco, a cooa y y opa cyaoo ca :

Cpo a p yepyc o 00000 o 19999. p cooa a yo caaa pa cyay capoy o. Oo poeypo oo ec ceyee: opoe y y a pooo cpae a p , ap aa, epe papoe co. o co oce ae epo p ocao o ee ee a 2 opeee capoy cpoy. Ocao o ee yx p cpaa o epoaao paoo papoo ca a 50 aae capo coe capoo cpoe. o ac o op ce pe a oo cpae ecec eoo cpee pa co oe epy cpa, aoe cooaoe opeee capoo o papoe co oo oeeo e oo oe cooac o e.

a coepae o a "Taa cyax p". p poc pap pya - "10097 32533 76520 13586...'' - o 50 cpoe o ec cpo a cpae. Taa aaa 400 cpa , a cee ocoeo aec py a cpae 283, ee a "69696", a ocaoo cy o. B y ae xoa aa 100000 opax ooe.

epec e RAND c e o cyax p, a o, o o coa o o epo peo. Bo ox popaecx aopax coyc pooe oca - a a aee "aece ca". Bop aecx ce a RAND apapoa, o o e pa ceao o a-o yec pa. Ta, apep, o ceao Khafre.

cnooaue cyaoo ya y cocoo oy ooe oeco cyax o ec eee x ececeo cyaoc peaoo pa. aco ao eo peye ceao aapayp, o o p oo p e oepax.

Hae coe, oopoe cyaec peypo, o cyao: aocep y, peooea ao-o opo, peeo, aa, yac xo. epe epa ey o oo coe coe, cey a . ae. epe peeo epa ey op pe co. Coa a e. Ec ep peeo epa oe opoo, xo o ye 1. Ec opo epa oe epoo, o xoo co ye 0. Ceae o coa ceyeo co .

poce cpey apc epee opoo H-opco ooo pe eco aee. Cpae o poy a, oopy oa, c opoo a po a e. Ec oe a, oopy oa, xo pae 0, a ec ee - 1.

oe oepy ce eepa, ocae oeco yco a cpoa epa pee oe a . epe pe ey oceoae a ticks. (Ta a pao a co pacaaec, cpeee pe ey oceoae a epepo yeaec.

o oo ea, ao pa co c ocaoo epoo oypacaa - ao a y o. Ec ecooec o coe opoe, oee ec cooecye cacece opa.) . . (G. B. Agnew) peo eepaop peao cyax o, oop oo eppoa CC [21]. o oecaop ea-oop-oypoo (metal insulator semiconduction capacitor, MISC).

a ax oecaopa oeac po py c pyo, a cya ec ye paoc ap o x oecaopo. pyo eepaop cyax ce eeppye oo cyax o, coy e caoc aco cooo oeeoc ocopa [535]. oepeca pocxea o AT&T eep pye cyae ca, opac eo a o ee [67]. M. (M. Gude) ocpo eepaop cyax ce, copa cyae ecx e, apep, paoaoo pacaa [668, 669].

Ma Pxep (Manfield Richter) papaoa eepaop cyax ce a ae eepaypoo ya oy pooooo oa [1309].

peooeo cya peee epa ey oceoae 2e4 ye cea pac aaeoc aoa py. coye. A ye ae oypoooy py, oopa oaae pocxe eepaopo cyax ce, x ocaoo oo.

Cyecye ae eepaop cyax ce, coy c oepa [439]. O epe pe, yoe e oa ca, coye ee oo pee aece coa cyax ce.

ae pyc, o ya cpyypy, ay aoae, ae eopa ce peec cpoe peopaoae ype. o ycpae ceee oppe. Haoe, aece cyax o coyc cepae y aco aaoe (0, ), opaoae a e epa.

oa ac ee copoc pae ca aa ypyeoc oyxa, oopa ec c oo cyaoc ccee. Xo ao yec ceyee. Ec aee a xo co oo o, o coyee aece eepaopa cyax ce cpoe peopaoae ype pcyee o y opeeey pecayeoc. ye coa coa a o o e co o, o a e poc poa cpyypy, coo oopo ec apo ca. Peaa ao cce ooa oya ooo 100 o yy [439].

cnooaue maepa onmepa Ec a ye o cya ( ae ecoo), ocoyec a aa o oo pecpa aepa. B ccee UNIX o oe e co cya -a pao ooo cxpoa, o a eoopx epcoax oepax o paoae.

He co ea a opao co oo o. Boee oo pa oo o e poeyp oceoaeo oe eo cec , eeppoae cocoo. Hapep, ec oee a o poeyp eepa a aae eoe co o aepa, a xoe aeo eepaopa ye e c oea oceoaeoc oaox o. Ec oee ao poeyp eepa a aae eeoe co o aepa, a xoe aeo eepaopa ye ecoea oceoaeoc epey xc o. ae ec acoc e a oea, oyac o oo ye ae o cyaoo.

O eepaop cyax ce paoae cey opao [918]:

Ha eepaop eceo cyax ce... paoae, ycaaa y ae cpo peepy p e cp cea poeccopa o ex op, oa e pooe pepae. aee oec XOR coepoo pecpa co epoo aa xooo yepa (ae pecpa yceac o 8 o ). oce oo, a ye aoe a a xooo yepa, yep oepaec aee opaoe ec co aoo coa pao a a a.

o po ey epeee aoee ax ( cyax) ax aax o cape aae o . ae ec poecc oopec p paa. Haoe oce pepa a cax cyax a pecpa cea o a a co yepa. To ec pocxo 4n pepa, e n - co yx cyax o.

o eo oe ycee cyaoc ccex pepa aoaoc aepa. p ec poa a peax UNIX-aax peya oe eox.

epeue cpmoo cocmou auamyp poecc eaa cyae, ecyae. O ocaoo ecyae, o eo oo o cooa ea eaaeo eoea, o o ocaoo cyae, o eo oo o cooa eepa cyax o. epe pe ey oceoae aa a, ae ocoy ec a aa a x epe. oaac ocaoo cya. o eo e paoae a UNIX-epaax, a a aa a pee, e o yy epea ae popae, poxo epe p pye exa, o o ye paoa a oce epcoax o e po.

B eae o o aoy aa a eeppoa oo o . cooae oeo oeca o oe cec peya acoc o ao ac. Oao o eo ee p opae. Xo epyo oca a aaypy eoea, eaaeo co copoc 100 co yy ooo oo, ec ec pe eepa a, yo poc acy eaa ec co, o cooa peya pao eepaopa aece oopaooo ooa.

Ceeu u oppeuu ao poeo oox cce c ooe aooepoc eeppyeo oceoae oc. coyee ece poecc oy cya, o ey ec poecco o epo axoc pae epee cpye. cpye oy eo pec oe poe.

Cocoo ycpa ceee, ooee, ec XOR ecox o py c pyo. Ec cy a cee 0 a ey e, o epooc 0 oo aca a:

P(0) = 0.5 e XOR yx ax o ae:

P(0) = (0.5 e)2 (0.5 - e)2 = 0.5 2e Te e ce XOR 4 o a:

P(0) = 0.5 8e XOR m o coeao cxoc pao epooc 0 1. Ec eco acaoe ceee, oopoe oyco ae poe, oee c, coo o a yo oe c o o XOR, o ye ceee o oo ae.

Ee ye paccapa oapo. Ec 2 a oao opoce x e a ceyy apy. Ec 2 a pa, coye ep aece xoa eepaopa. o ooc ycpae ceee. pye eo yee cee coy pacpeeee epexoo cae cpoe p e opaoae ype [511].

oeao poeo oox eoo ec o, o p a oppe ey coce a eo yea ceee. O cocoo cpa o ec cooae ecox cyax coo. Boe epe cyax coa oe XOR o py c pyo oe a cyax coa e a x oapo.

Hapep, oe paoa co pcoee ce eepa aey oepy. Bo e apy yx oo acae aece co aoe peee opeeeoo ae.

epe aocep y. ee aoo coa cya oe x XOR py c py o, oya cya . Boooc ecoe.

Oo o, o eepaop cyax ce cee e oaeo oaae eo ecoeoc. o oo o aae, o o eee eoace. Hapep, paccop poey Ac, eeppye 168-o pooo DES. A ce, o y ee ec, - o eepaop cyax o co ceee 0 : c epooc 55 po eo o ae y c epooc 45 poeo - e. o oaae, o po a a c o ca oo 0.99277 ( eaoo eepaopa oa paa 1). Mop, ac pacp , oe o poa oeoe cpe pyo co, poep caaa aoee epoe (000... 0) ac aeee epooy y (111... 1). -a cee Mop oe oa, o ey yacc oapy a 2109 oo. p ocyc cee Mop opeyec 2 oo. oye eee eoace, o o paec eoyo.

eea cyaocm B oe cyae y coco eeppoa cyae ca - a ooe oeco ayxc c y a co e cyaoc x. a cyaoc oe xpac aoee eac p eoxooc..Ooapaee x-y pepaco oxo oo. O cp, ooy oee poyca epe x, e co aoc o pooeoc eceo cya o c aoo ae. opoye xpoa o ce, o a aec xo y-y cya. H a pep:

o aoo aa a a oa Hoep ceopa, pe aepa oca ao coo oepa eceoe ooee Hoep eye cpo paep oopa Coepae eceo ooo a pa opae Coepae FAT-a, a pa, ..

Bpeea ocya/ee /dev/tty apya poeccopa Bpeea ocye ceex aeo Bxo pooa /dev/audio e pcoeeoo pooa Ec aa ccea coye pae pca-ocop coeo poeccopa aco, oa ec ca pe oo e. B eoopx (o e cex) cceax o pee cya oe a a ey y ocopa.

Ta a cyaoc x cox opeeec cxpoae ocopo, coye ac c a oo e ao pee. B caapo PC coyec pocxea aepa Intel 8254 ( a ea), paoaa a aoo acoe 1.1931818 M, ooy eocpeceoe cae pecpa cea ac papeee 838 aocey. o ea cee peyao, e coye aece coa co pepae aepa. Bo a o poecc a e C c MD5 (c. pae 18.5) aece x-y:

oce ocaox oo churnrand() aoe ocaoo cyaoc Randpool, oo eeppo a oo cyae . MD5 coa caoc oeo, o pa aece eepaopa ceocya oo aooo ooa, paoaeo pee cea.

o o pa x-y ee eoe aee. Bo epx oa oeceae poco coco eeppoa poooe oeco ceocyax ax, e a c pa churnrand(). Ha ee, oa aac aoee oxo oy, ccea oceeo epexo o coepeo cyaoc pa eco. B o cyae caoc meopemuecu oo cooa peya oa genrand() opeee peyeo oceyeo peyaa. Ho oo opeyec eppoa MD5, o ceo eooo.

o ao, a a poeype eeco, o eaec oo co cya a, oope oa op a ae. O o poeyp oe eeppoa cyaoe co poooa, oopoe ocaec o e, ooo oe a po apoc oa. A cey o oe eeppoa cepe coce pyoo ceaca c, cy oopoo xoe poy o. Oea aoc oo, o o e co oy cepe , coy ooy cxey ec.

Ho ocaec oa poea. pee, e ep pa ye aa genrand() acce Randpool[] oo aoeo ocaoo cyax ax. Ec ccea aoe-o pe paoaa c oa ooae e, o-o eaa a aaype, o poe e. Ho a ace eaco cce, oopa epep y aec aoaec, e opaa a a ae ae aayp ?

Ho ec oa pyoc. B aece acoo pee oo opeoa, o oce cao epo a py oepaop aoe-o pe opaoa a aaype coa a ce capo a epe pyo oepaoo cce, o xoe epeapyo cooac cyae ae, epeae Randseed[].

Ho e coxpae eocpeceo ca Randseed[]. Bo, oopoy yacc aoy o a, coe opee ce peya genrand() oce oceeo opae churnrand() pee, e o a ye coa.

Peee o poe ec xpoae acca Randseed[] epe eo coxpaee, oe ae oo genrandO. p epeapye cce caee ae capooo aa, epeaee x churnrand(), a ae eeeo cpaee x. coae o e ycpae ypo oo, o oye oye a ey epeapya coye eo pecaa yyx ae y genrand(). e y oo pee o poe poe, a ooa aoe ocaooo oeca cyax co, cyxc oce epeapy, pee, e oo genrand() aa peya.

aa Ooapaee x-y 18.1 Oco Ooapaea y H(M) peec cooe pooo M opaae aee cpoao h.

h = H(M), e h ee y m Moe y oo c aee cpoao o xo a pooo , o y ooapaex x-y ec ooee coca, eae x ooapae [1065]:

a M, eo c h.

a H, pyo opee M, oopoo H(M)=h.

a M, pyo opee pyoe cooee, M', oopoo H(M)= H(M').

Ec Mop ye ea pye e, o co papy eoacoc oo poooa, c oyeo ooapaey x-y. Cc ooapaex x-y coco oece e M yaoo eaopa ("oeaa aa"). Ec Aca ocaa M c oo aopa poo oc a ae H(M), a o oe coa M', pyoe cooee, ooe o M, oopoo H(M)= H(M'), o o coe yepa, o Aca ocaa M'.

B eoopx poex ooapaeoc eocaoo, eoxoo oee pyoo peoa, aaeoo ycooc cooe.

oo pyo a a cyax cooe, M M', oopx H(M)= H(M').

oe cpe eoo poe paea 7.4? Oo ocoao e a oce pyoo cooe M', oopoo H(M)= H(M'), a a oce yx cyax cooe, M M', oopx H(M)= H(M').

Cey pooo, epe oca eoo ao ( Gideon Yuval) [1635], oaae, a, ec peyee peoae e oec, Aca oe cooa cpe eoo poe o a a oa.

(1) Aca oo e epc opaa: oy, oy oa, pyy, poy eo apocy (2) Aca oc ecoo eaex ee a oye ce x-y.

( ee oy ec, ooe cey : aea POEA oae PO E-AO-POE, caa ooo-yx poeo epe opao ape, .. ea e ea o ooy ee ao 32 cpo, Aca oe eo oy 2 pax oyeo.) (3) Aca cpaae x-ae aoo ee ao yx oyeo, paca apy, oopo ae coaa. (Ec xoo x-y ec ceo 64-papoe a ee, Aca, a pao, coe a coaay apy cpa 2 epc aoo oyea.) Oa occaaae a oyea, ax oaooe x-aee.

(4) Aca oyae ocay oo oy eo epc opaa, coy pooo, oopo o ocae oo x-aee.

(5) Cyc eoopoe pe Aca oee opa, oca oo, py, oop o e oc a. Teep oa oe ye appa o, o o oca pyo opa.

o aea poea. (O coeo ec ecee oceecx cpae ocae oye.) p oooc yceoo cp eoo poe, oy pec pye coco cp . Hapep, po oe oca ccee aoaecoo opo (oe cyoo) cy ae cpo cooe co cya cpoa oce. B oe oo oc o o x c y ax cooe oaec pao. Bpa e coe ya, ey pee a oaa, o, ec eo eceo e ec eaeco paoy cya, o coeo oec.

u ooanpaex x-yu 64-oe x-y co a, o pooco cp eoo poe. oee pa ooapaee x-y, ae 128-oe x-ae. p o, o a a oyea c oao x-ae, cp eoo poe pec xpoa 264 cy ax oyeo, o, poe, eocaoo, ec ya ea eoacoc. NIST coe Caape eoacoo xpoa (Secure Hash Standard, SHS), coye 160-ooe x-aee. o ee cee ycoe cpe eoo poe, oopoo oaoc 280 xpoa.

ye x-ae, aaex opeo x-ye, peoe cey eo.

(1) cooe c oo oo yoyx o e ooapaex x-y eepp y ec x-aee.

(2) X aee oaec cooe.

(3) eeppyec x-aee oee cooe x-ae aa (1).

(4) Coaec oee x-aee, cocoee oee x-ae aa (1) x-ae aa (3).

(5) a (1)-(4) oopc yoe oeco pa oecee peyeo x-ae.

Xo oa e a oaaa eoacoc eeoacoc oo eoa, yp e o eo ae opeeee coe [1262,859].

Oop ooanpaex x-yu He eo ocpo y, xo oopo ee poo paep, a e oee cea ee oo a paeo. B peao pe ooapaee x-y cpoc a ee y ca. Taa oo apaea y ae x-aee n p aax xox ax oe m [1069, 414]. Bxoa y ca c o cooe xo peyeo oa eca (c. 17-). Bxo pecae coo x-aee cex oo o oo oea. To ec, x-aee oa Mi pao hi = f(Mi, hi-1) o x-aee ece co cey oo cooe caoc cey xoo y ca.

X-aee ceo cooe ec x-aee oceeo oa.

Mi Ooapaea hi y hi- Pc. 18-1. Ooapaea y Xpye xo oe a-o cocoo coepa apoe pecaee ceo cooe.

Ta opao peooeaec oeaa poea, aa e, o cooe pao oy aa oo o e x-aee [1069, 414]. oa ao eo aaec MD-ycee [930].

Pae cceoae a peooe, o ec y ca eoaca, o o eo x poa cxox ax pooo ae eoace - o eo e o oaao [1138, 1070, 414].

Ha ey poepoa ooapaex x-y acao oo. oee opoy aeae cy opa oo a [1028, 793, 791, 1138, 1069, 414, 91, 858, 1264]. Booo ca ooo eppeae ooapaex x-y c ec apa peea (Bart Preneel) [1262].

18.2 Snefru Snefru - o ooapaea x-y, papaoaa Pao Mepo [1070]. (Snefru, ae a Khufu Khafre, eec apaoo.) Snefru xpye cooe pooo , pepaa x 128-oe 256-oe ae.

Caaa coee paaec a yco o o 512-m. (epeea m ec o x ae.) Ec xo - o 128-ooe aee, o a ycoo paa 384 a, a ec xo 128-ooe aee, o a ycoo - 256 o.

Cepe aopa cy y H, xpya 512-ooe aee m-ooe. epe m o xoa H c x-aee oa, ocae opacac. Cey o oaec x ae peyeo oa coa xpyec. ( epoaaoy oy oaec cpoa ye.) oce oceeo oa (ec cooee coco e eoo ca oo, oce o ooec y ) epe m o oac apoy pecae cooe xpyc oce pa.

y H ocoaec a E, opao y ooo poa, paoae c 512 o oa. H - o ocee m o xoa E, oeee ocpeco XOR c ep m a xoa E.

eoacoc Snefru opaec a y E, oopa paopye ae a ecoo poxoo. a poxo coco 64 paopyx ao. B ao ae aece xoa S-oa coyec pyo a ax. Bxooe coo oepaec oepa XOR c y coce coa cooe. o cpoee S-oo aaoo ocpoe S-oo Khafre (c. pae 13.7). poe oo, oec p ecx co. Opa Snefru coco yx poxoo.

punmoaau Snefru coy epea poaa, xa ap oaa eeoacoc yxpoxooo Snefru (c 128-o x-aee) [172]. x coco cp a ecoo y oapyae apy coo e c oao x-aee.

128-ooo Snefru x cp paoa ye, e cpe pyo co epex eee p o xoo. Bcpe Snefru eoo poe peye 264 oepa;

epea poaa oe a apy cooe c oao x-aee a 228.5 oepa pexpoxooo Snefru a 244.5 oe pa epexpoxooo Snefru. Haxoee cooe, x-aee oopoo coaae c aa, p cooa pyo c peye 2 oepa, p epeao poaae oo yo 256 oepa pexpoxooo 288 oepa epexpoxooo Snefru.

Xo xa ap e aapoa 256-oe x-ae, o poe aa o o 224 ox x-ae. B cpae c cpe eoo poe, pey 2 oepa o oy a cooe c oao x-aee a 212.5 oepa yxpoxooo Snefru, a 233 oepa pexpoxooo Snefru a 281 oepa epexpoxooo Snefru.

B acoee pe Mep peoeye cooa Snefru o pae epe c oce poxoa [1073].

Oao c a oeco poxoo aop caoc aoo eeee, e MD5 SHA.

18.3 N-x N-x - o aop, pya 1990 oy cceoae Nippon Telephone and Telegraph, e e , oope ope FEAL [1105, 1106]. N-x coye 128-oe o cooe, coy pa opyy y, oxoy a FEAL, ae 128-ooe x-aee.

X-aee aoo 128-ooo oa ec ye oa x-ae peyeo oa.

H0 = I, e I - cyaoe aaoe aee Hi = g(Mi, Hi-1) Mi Hi- X-aee ceo cooe pecae coo x-aee oceeo oa cooe. Cyaoe aaoe aee I oe co, opeee ooaee (ae o y).

y g ocaoo coa. Cxea aopa peea a 16-. Caaa epecac ea paa 64-oe oo 128-ooo x-ae peyeo oa Hi-1, a ae oec XOR c oo pc aoo (128-o) XOR c ey oo cooe Mi. aee o aee acao pe opayec N (a pcyax N= 8) ca opao. py xoo ca opao ec peyee x-aee, oepyoe XOR c oo oc ox oca.

M i EXG: epecaoa eo pao ace 128 o g : 1010... 1010 (ooe, 128 o) PS: ca opao (processing stage) EXG V =||A ||A ||A ||A j j1 j2 j3 j V ||: oaea PS : 000... 0 (ooe, 24 ) V A =4*(j-1)+k(k=1,2,3,4, A - 8 o y) jk jk PS H = g(M, H ) M H i i i-1 i i- V PS V PS V h h i=1 i 128 o 128 o PS V PS V PS V PS Pc. 18-2. Cxea N-x.

Oa ca opao oaaa a 15-. o cooe paaec a epe 32-ox ae. pe yee x-aee ae paaec a epe 32-ox ae. y f pecaea a 14th.

y S0 S1 e e cae, o FEAL.

S0(a,b) = ec c eo a a a (( a b) mod 256) S1(a,b) = ec c eo a a a(( a b 1) mod 256) Bxo: X= X ||X ||X ||X 1 2 3 P= P1||P ||P ||P 2 3 X X2 X3 X 32 a 32 a 32 a 32 a P P P P 1 2 3 32 a 32 a 32 a 32 a f f P 1 P f f P3 P Bxo: Y= Y ||Y ||Y ||Y 1 2 3 Y Y Y Y 1 2 3 Y=PS(X,P) Pc. 18-3. Oa ca opao N-x.

Bxo oo ca opao caoc xoo ceye ca opao. oce ocee ca opao oec XOR xoa c Mi Hi-1, a ae xpoa oo cey o.

x 32 a 32 a P 8 o 8 o 8 o 8 o S S S0 S 32 a f (x,P) Y=S0(X1,X2)=Rot2((X1+X2) mod 256) Y=S1(X1,X2)=Rot2((X1+X2+1) mod 256) Y: xoe 8 o, X1,X2 (8 o): xo Rot2(Y): ec c eo a 2 a 8-ox ax Y Pc. 18-4. y f.

punmoaau N-x ep e oep (Bert den Boer) op coco coaa cooe y aa N-x [1262]. xa ap pe epea poaa cp 6-ao N-x [169, 172]. opeoe oeoe cpe (oeo e, o pye) paoae oo N, eeoc a 3, eee cp eoo poe oo N, eeo 15.

To e caoe cpe oe oapya ap cooe c oao x-aee 12-ao N-x a 256 oepa ( cp pyo co yo 2 oepa). N-x c 15 aa eoaca o o oe epeaoy poaay : cp opeyec 272 oepa.

Papao aopa peoey cooa N-x e ee, e c 8 aa [1106]. C yeo o aao eeoacoc N-x FEAL ( ee copoc p 8 aax) peoey ooc oaac o oo aopa.

18.4 MD MD4 - o ooapaea x-y, opeea Poo Peco [1318, 1319, 1321]. MD ooaa e Message Digest (paoe oee cooe), aop xooo cooe ae 128-ooe x aee, paoe oee cooe.

B [1319] Pec oca e, peceyee p papaoe aopa :

eonacocm. Bceo eooo a a cooe c oao x-aee. Bcpe pyo co ec ca e.

pa eonacocm. eoacoc MD4 e ocoaec a ax-o oyex, apep, pe o oe o pyoc paoe a oe.

Copocm. MD4 oxo coocopocx popax peaa. Oa ocoaa a poco ao pe ox ay c 32-o oepaa.

pocmoma u onamocm. MD4 poca, acoo o ooa, e coep ox cpyyp ax cox popax oye.

aa apxumemypa. MD4 opoaa popoeccopo apxeyp (ocoeo popo eccopo Intel), oee pyx cpx oepo oo o e eoxoe ee.

oce epoo oe aopa ep e oep Ao occeaepc (Antoon Bosselaers) oc ycexa p poaae ocex yx pex ao aopa [202]. Pay Mepy coepeo eaco yaoc cp epe a aa [202]. xa paccope cooae epeaoo poa a a po epx yx ao MD4 [159]. Xo ce cp e pacpocpae a o a o p, Pec yc co papaoy. B peyae oac MD5.

18.5 MD MD5 - o yyea epc MD4 [1386, 1322]. Xo oa coee MD4, x cxe oxo, peyao MD5 ae ec 128-ooe x-aee.

Onucaue MD oce eoopo epoaao opao MD5 opaaae xoo ec 512-o oa, pa a 16 32-ox ooo. Bxoo aopa ec aop epex 32-ox oo, oo pe oec eoe 128-ooe x-aee.

Bo epx, cooee ooec a, o eo a a a 64 a opoe ca, paoo 512. ooee ec 1, a oopo o o oa cooe ceye coo ye, coo yo. ae, peyay oaec 64-ooe pecaee cooe (co, o ooe). a ec cya oo, o a cooe a paa 512 a (o peyec ocaec ac a o pa), o apapoa, o pae cooe e yy e oaoo oce ooe. apyc epe epeex:

A = 0x B = 0x89abcdef C = 0xfedcba D = 0x O aac epee cee.

Teep epee ocooy y aopa. o pooaec, oa e cepac 512-oe o cooe.

epe epeex opyc pye epeee : A a, B b, C c D d.

a coco epex oe oxox ao (y MD4 o oo p aa). Ha ao ae 16 pa coyc pae oepa. aa oepa pecae coo eey y a p e a, b, c d. ae oa oae o peya eepo epeeo, ooy eca ocae. a ee peya ec caec pao a epeeoe co o oae peya oo ep e ex a, b, c d. Haoe peya aee oy epeex a, b, c d. C. 13- 12-. Cyecy epe eex y, coyee o oo ao oepa ( aoo aa - pya y ).

o cooe A A B B a 1 a 2 a 3 a D D Pc. 18-5. a MD5.

Mj ti a b Heea c <<

F(X,Y,Z) = (X Y) ((X) Z) G(X,Y,Z) = (X Z) (Y (Z)) H(X,Y,Z) = X Y Z I(X,Y,Z) = Y (X (Z)) ( - o XOR, - AND, - OR, a - NOT.) y cpoepoa a, o, ec cooecye X, Y Z eac ecee, a peyaa ae eac ecee. y F - o oooe ycoe: ec X, o Y, ae Z. y H - ooa oepa eoc.

Ec Mj ooaae j- oo cooe (o 0 o 15), a <<

FF(a,b,c,d,Mj,s,ti) oaae a = b ((a F(b,c,d) Mj ti) <<

a 1:

FF(a, b, c, d, M0, 7, 0xd76aa478) FF(d, a, b, c, M1, 12, 0xe8c7b756) FF(c, d, a, b, M2, 17, 0x242070db) FF(b, c, d, a, M3, 22, 0xc1bdceee) FF(a, b, c, d, M4, 7, 0xf57c0faf) FF(d, a, b, c, M5, 12, 0x4787c62a) FF(c, d, a, b, M6, 17, 0xa8304613) FF(b, c, d, a, M7, 22, 0xfd469501) FF(a, b, c, d, M8, 7, 0x698098d8) FF(d, a, b, c, M9, 12, 0x8b44f7af) FF(c, d, a, b, M10, 17, 0xffff5bb1) FF(b, c, d, a, M11, 22, 0x895cd7be) FF(a, b, c, d, M12, 7, 0x6b901122) FF(d, a, b, c, M13, 12, 0xfd987193) FF(c, d, a, b, M14, 17, 0xa679438e) FF(b, c, d, a, M15, 22, 0x49b40821) a 2:

GG(a, b, c, d, M1, 5, 0xf61e2562) GG(d, a, b, c, M6, 9, 0xc040b340) GG(c, d, a, b, M11, 14, 0x265e5a51) GG(b, c, d, a, M0, 20, 0xe9b6c7aa) GG(a, b, c, d, M5, 5, 0xd62fl05d) GG(d, a, b, c, M10, 9, 0x02441453) GG(c, d, a, b, M15, 14, 0xd8ale681) GG(b, c, d, a, M4, 20, 0xe7d3fbc8) GG(a, b, c, d, M9, 5, 0x2,lelcde6) GG(d, a, b, c, M14, 9, 0xc33707d6) GG(c, d, a, b, M3, 14, 0xf4d50d87) GG(b, c, d, a, M8, 20, 0x455al4ed) GG(a, b, c, d, M13, 5, 0xa9e3e905) GG(d, a, b, c, M2, 9, 0xfcefa3f8) GG(c, d, a, b, M7, 14, 0x676f02d9) GG(b, c, d, a, M12, 20, 0x8d2a4c8a) a 3:

HH(a, b, c, d, M5, 4, 0xfffa3942) HH(d, a, b, c, M8, 11, 0x8771f681) HH(c, d, a, b, M11, 16, 0x6d9d6122) HH(b, c, d, a, M14, 23, 0xfde5380c) HH(a, b, c, d, M1, 4, 0xa4beea44) HH(d, a, b, c, M4, 11, 0x4bdecfa9) HH(c, d, a, b, M7, 16, 0xf6bb4b60) HH(b, c, d, a, M10, 23, 0xbebfbc70) HH(a, b, c, d, M13, 4, 0x289b7ec6) HH(d, a, b, c, M0, 11, 0xeaa127fa) HH(c, d, a, b, M3, 16, 0xd4ef3085) HH(b, c, d, a, M6, 23, 0x04881d05) HH(a, b, c, d, M9, 4, 0xd9d4d039) HH(d, a, b, c, M12, 11, 0xe6db99e5) HH(c, d, a, b, M15, 16, 0x1fa27cf8) HH(b, c, d, a, M2, 23, 0xc4ac5665) a 4:

II(a, b, c, d, M0, 6, 0xf4292244) II(d, a, b, c, M7, 10, 0x432aff97) II(c, d, a, b, M14, 15, 0xab9423a7) II(b, c, d, a, M5, 21, 0xfc93a039) II(a, b, c, d, M12, 6, 0x655b59c3) II(d, a, b, c, M3, 10, 0x8f0ccc92) II(c, d, a, b, M10, 15, 0xffeff47d) II(b, c, d, a, M1, 21, 0x85845ddl) II(a, b, c, d, M8, 6, 0x6fa87e4f) II(d, a, b, c, M15, 10, 0xfe2ce6e0) II(c, d, a, b, M6, 15, 0xa3014314) II(b, c, d, a, M13, 21, 0x4e081lal) II(a, b, c, d, M4, 6, 0xf7537e82) II(d, a, b, c, M11, 10, 0xbd3af235) II(c, d, a, b, M2, 15, 0x2ad7d2bb) II(b, c, d, a, M9, 21, 0xeb86d391) oca, ti, pac cey opao:

Ha i-o ae ti ec eo ac 232*abs(sin(i)), e i epec paaax.

oce ceo oo a, b, c d oac A, B, C D, cooeceo, aop pooaec ce yeo oa ax. Ooae peyao cy oeee A, B, C D.

eonacocm MD Po Pec pe ceye yye MD5 cpae c MD4 [1322]:

1. oac eep a.

2. Teep ao ec coyec yaa paea ocaa.

3. y G a ae 2 c ((XY)(XZ)(YZ)) a eea a (XZ)(Y(Z)), o cea G eee cepo.

4. Teep aoe ece oaec peyay peyeo aa. o oeceae oee c p a e.

5. ec opo, oopo cooac oo cooe a aax 2 3, o cea ao eee oxo.

6. ae ecoo ca eo a ao ae peo opoa yc o pe aoo ea. epe ca, coyee a ao ae, oac o ae, coyex a pyx aax.

To epco (Tom Berson) oac pe epea poaa ooy ay MD [144], o eo cpe e oaaoc e ooo epex ao. oee yceoe cpe e oepa occeaepca, coyee y ca, peo oapye cooe MD5 [203, 1331, 1336]. Cao o cee o cpe eooo cp MD5 paecx poex, oo e e a cooae MD5 aopax poa, oox Luby-Rackoff (c. pae 14.11). cex oo cp oaae oo, o oa ocox ee poepoa MD5- coa ycoy cooe y ca - e a ocya. Xo cpaeo, o "aec, o y y ca ec caoe eco, o o paec e e a eoacoc x-y " [1336], ooyc coo a MD5 oe ocopoo.

18.6 MD MD2 - o pya 128-oa ooapaea x-y, papaoaa Poo Peco [801, 1335].

Oa, ece c MD5, coyec poooax PEM (c. pae 24.10). eoacoc MD2 opaec a cy ay epecaoy ao. a epecaoa cpoaa ac o papo. S0, S1, S2,..., S255 c epecaoo. o o xpoae cooe M:

(1) ooe cooee i aa, aee i oo a, o a oyeoo cooe a paa 16 aa.

(2) oae cooe 16 ao opoo cy.

(3) poapye 48-ao o : X0, X1, X2,..., X47. aoe epe 16 ao X y, o ope 16 ao X copye epe 16 ao cooe, a pe 16 ao X o pa XOR epx opx 16 ao X.

(4) Bo a y ca:

t = For j = 0 to For k = 0 to t = Xt XOR St Xk = t t = (t j) mod (5) Copye o ope 16 ao X ope 16 ao cooe, a pe 16 ao X o pa XOR epx opx 16 ao X. Boe a (4). oope a (5) (4) o oepe a x 16 ao cooe.

(6) Bxoo c epe 16 ao X.

Xo MD2 oa e o aeo cax ec (c. [1262]), oa paoae eeee oca pyx peaaex x-y.

18.7 Aop eoacoo xpoa (Secure Hash AIgorithm, SHA) NIST, ece c NSA, Caapa poo oc (Digital Signature Standard, c. Pae 20.2) papao a Aop eoacoo xpoa ( Secure Hash Algorithm, SHA) [1154 (Digital Signature Standard]. (Ca caap aaec Caap eoacoo xpoa ( Secure Hash Standard, SHS), a SHA - o aop, coye caape.) B cooec c Federal Register [539]:

peaaec eepa caap opao opa (Federal Information Processing Standard, FIPS) Caapa eoacoo xpoa (Secure Hash Standard, SHS). o peoee opeee Aop eoacoo xpoa (Secure Hash Algorithm, SHA) cooa ece co Caapo poo oc ( Digital Signature Standard)....

poe oo, poe, oopx e peyec poa oc, SHA oe cooac o cex eepax poex, oopx oaoc aop e oacoo xpoa.

o Caap opeee Aop eoacoo xpoa ( Secure Hash Algorithm, SHA), eoxo oece e eoacoc Aopa poo oc ( Digital Signature Algorithm, DSA). oo xooo cooe o ee 264 o SHA ae 160-o peya, aae pa coepae cooe. aee, paoe co epae cooe caoc xoo DSA, oop ce oc cooe. ocae paoo coepa eco ceo cooe aco oae eoc poecca, a a paoe coepae cooe aoo ee, e cao cooee. To e paoe coepae cooe oo oyeo e, o poepe oc, ec pa epc cooe coyec aece xoa SHA. SHA aaec eoac, a a o papaoa a, o o ceo eooo a cooee, cooecyee aoy paoy coepa cooe a a pax cooe c oao pa coepae cooe. e ee, pooee p e peae cooe, c oe coo epooc pey ee paoo coepa cooe, oc e poe poepy. p, eae ocoe SHA, aao cooa poeccopo Poao . Peco MIT p poepoa aopa paoo coepa cooe MD4 [1319]. SHA papaoa o opay yoyoo aopa.

SHA ae 160-ooe x-aee, oee oe, e y MD5.

Onucaue SHA Bo epx, cooee ooec, o eo a a pao 512 a. coyec o e ooe e, o MD5: caaa oaec 1, a ae y a, o a oyeoo cooe a a a ee ca, paoo 512, a ae oaec 64-ooe pecaee opaoo coo e .

apyc 32-ox epeex ( MD5 coyec epe epeex, o paccap ae aop oe aa 160-ooe x-aee ):

A = 0x B = 0xefcdab C = 0x98badcfe D = 0x E = 0xc3d2e1fO ae aaec a aopa. O opaaae cooee 512-o oa poo aec, oa e cepac ce o cooe.

Caaa epeex opyc pye epeee : A a, B b, C c, D d E e.

a coco epex ao o 20 oepa ao ( MD5 epe aa o 16 oepa ao). aa oepa pecae coo eey y a pe a, b, c, d e, a ae o e c coee aaoo MD5. B SHA coyec cey aop eex y :

ft(X,Y,Z) = (X Y) ((X) Z), t=0 o ft(X,Y,Z) = X Y Z, t=20 o ft(X,Y,Z) = (X Y) (X Z) (Y Z), t=40 o ft(X,Y,Z) = X Y Z, t=60 o aope coyc ceye epe oca:

Kt = 0x5a827999, t=0 o Kt = 0x6ed9eba1, t=20 o Kt = 0x8flbbcdc, t=40 o Kt = 0xca62c1d6, t=60 o (Ec epeco, a oye ca, o :0x5a827999 = 21/2/4, 0x6ed9eba1 = 31/2/4, 0x8flbbcdc = 51/2/4, 0xca62c1d6 = 101/2/4.) o cooe pepaaec 16 32-ox co (M0 o M15) 80 32-ox co (W0 o W79) c oo ceyeo aopa:

Wt = Mt, t = 0 o Wt = (Wt-3 Wt-8 Wt-14 Wt-16) <<< 1, t = 16 o (B aece epecoo aea, epoaao cea SHA e o ecoo ca e o. eee "cpae exec , oop ea caap eee eoac, e peoaaoc " 1543]. NSA oaaoc yo cy py a.) Ec t - o oep oepa (o 1 o 80), Wt pecae coo t- oo pacpeoo cooe, a <<

FOR t = 0 to TEMP = (a <<< 5) ft(b,c,d) e Wt Kt e = d d = c c = b <<< b = a a = TEMP Ha 11- oaaa oa oepa. C epeex oe y e y, oopy MD5 oe cooae pax ecax pax epeex.

Wj Kt ai-1 ai b b i-1 i Heea y c c i-1 i d <<<30 d i-1 i <<< e e i-1 i Pc. 18-7. Oa oepa SHA.

oce ceo oo a, b, c, d e oac A, B, C D E, cooeceo, aop pooaec ceyeo oa ax. Ooae peyao cy oeee A, B, C D E.

eonacocm SHA SHA oe oxoa a MD4, o ae 160-ooe x-aee. a eee ec eee pacpeo peopaoa oaee xoa peyeo aa cey c e oye oee cpoo aoo ea. Po Pec oyoa e, peceyee p poepoa MD5, o papao SHA oo e cea. Bo yye, ecee Peco MD5 ooceo MD4, x cpa ee c SHA:

1. "oac eep a." B SHA oe. Oao SHA a eepo ae coyec a e y f, o a opo ae.

2. "Teep ao ec coyec yaa paea ocaa." SHA pepaec cxe MD4, oopo coy oca ao py x 20 ao.

3. "y G a ae 2 c ((XY)(XZ)(YZ)) a eea a (XZ)(Y(Z)), o cea G eee cepo." B SHA coyec epc y MD4: (X Y) (X Z) (Y Z).

4. "Teep aoe ece oaec peyay peyeo aa. o oeceae oee c p a e." o eee o eceo SHA. Oe coco o, o SHA o aea a epeea b, c d, oope ye coyc ft. o eaeoe eee eae pee cp MD5 e oepo occeaepco eoo o ooe SHA.

5. "ec opo, oopo cooac oo cooe a aax 2 3, o cea ao eee oxo." SHA o ece coepeo oaec, a a coye e c o cpae oo.

6. "ae ecoo ca eo a ao ae peo opoa yc o pe aoo ea. epe ca, coyee a ao ae, oac o ae, coyex a pyx aax." SHA a ao ae coye ocooe aee ca. o aee - ao pocoe co c paepo coa, a MD4.

o po ceyey ae : SHA - o MD4 c oaee pacpeo peopaoa, ooeoo aa yye a eo. MD5 - o MD4 c yye o xpoa e, ooe ao yye a eo.

Cee o ycex popaecx cpx SHA ocycy. Ta a a ooapaea x y ae 160-x-aee, oa ycoee cp pyo co (a cpe eoo poe), e 128-oe x-y, paccapaee o ae.

18.8 RIPE-MD RIPE-MD a papaoaa poea RIPE Epoecoo cooeca [1305] (c. pae 25.7). o ao p pecae coo apa MD4, papaoa a, o pooco ec eoa p o paecoo cp, ae 128-ooe x-aee. Bece ee ece c op o co cooe. poe oo, apaeo paoa e o aopa, oaec ocaa. o ce aoo oa peya oox o oaec epee cee. o oy, o oae ycooc aopa poaay.

18.9 HAVAL HAVAL - o ooapaea x-y epeeo [1646]. Oa ec oae MD5.

HAVAL opaaae cooee oa o 1024 a, a paa o, e MD5. coyec oce 32-ox epeex cee, a paa oe, e MD5, epeeoe co ao, o pex o ( ao 16 ec). y oe aa x-ae o 128, 160, 192, 224 256 o.

HAVAL aee poce eee y MD5 a co eee y 7 epeex, aa oopx yoeope cpooy aoy pep. Ha ao ae coyec oa y, o p ao ec xoe epeee epecac pa opao. coyec o opo co oe, p ao ae (poe epoo aa) coyec co paea ocaa. B aope ae coyec a ecx ca.

po aopa c ceye ec:

TEMP = (f(j,A,B,C,D,E,F,G) <<<7) (H <<<11) M[i][r(j) K(j)] H = G;

G = F;

F = E;

E = D;

D = C;

C = B;

B = A;

A = TEMP epeeoe oeco ao epeea a aaeoo ae oaa, o cyecye 15 e p c aopa. Bcpe MD5, oeoe e oepo occeaepco [203], epeo HAVAL -a ecoo ca H.

18.10 pye ooapaee x-y MD3 ec ee oo x-ye, peoeo Poo Peco. Oa ea p eocao o a e xoa a pee aopaop, xo ee ocae eao o oyoao [1335].

pya cceoaee epcea Baepoo peoa ooapaey x-y a ae epaoo oee cee GF(2593) [22]. o o cxee cooee paaec a 593-oe o.

Haa c epoo oa o oceoaeo ooc cee. oaae cee - o peya ce peyeo oa, ep oaae aaec c oo IV.

A aap (Ivan Damgrd) papaoa ooapaey x-y, ocoay a poee p aa (c. pae 19.2) [414], oa oe oaa pepo a 2 oepa [290, 1232, 787].

B aece oco ooapaex x-y peaac eo aoa Ca Bopaa [1608]. Pa peaa [414] eeoaca [1052,404]. pya ooapaea x-y, Cellhash [384, 404], yyea epc, Subbash [384,402, 405], ae ocoa a eox aoaax peaae aapao peaa. Boognish oe p Cellhash MD4 [402, 407]. StepRightUp ae o e peaoaa a x-y [402].

eo 1991 oa ayc opp (Claus Schnorr) peo ooapaey x-y a ae c peoo peopaoa ype, aay FFT-Hash [1399]. epe ecoo ece oa a oaa y eac pya [403, 84]. opp peo oy epc, FFT-Hash II (peya a epe eoaa FFT-Hash I) [1400], oopa a oaa epe ecoo ee [1567]. opp peo aee oa [1402, 1403] o, p ax ocoecax, o aoo eeee, e pye aop o a. Ee oa x-y, SL2 [1526], eeoaca [315].

ooey opa o eop poepoa ooapaex x-y ooapa ex y ooapaex epecaoo oo a [412, 1138, 1342].

18.11 Ooapaee x-y, coye cepe o e aop B aece ooapaex x-y oo cooa cepe oe aop poa. e o, o ec eoace o aop, o ooapaea x-y ye e o aco.

Ca oe cocoo ec poae cooe pee CBC CFB c oo cpo aoo a IV, x-aee ye oce o poeca. eo oca pax caapax, coyx DES: oa pea [1143], CBC [1145], CFB [55, 56, 54]. o coco e c o oxo ooapaex x-y, xo o ye paoa MAC (c. pae 18.14) [29].

Coco oyee coye aece a o cooe, peyee x-aee aece xoa, a eyee x-aee cy xoo.

ecee x-y ae ee coee. Paep oa oo coaae c o a, pa e po x-ae ye a oa. Ta a oco ox aopo 64-oe, cpoepoa p cxe, ax x-aee a paa oee oa.

p yco, o x-y paa, eoacoc o cxe ocoaa a eoacoc coyeo oo y. Oao ec ce. epea poaa ye paoae po o x y x-yx, e po ox y, coyex poa : ece, ooy oo cooa pae pe. ycexa ya oo oa paa apa, oo e eppoa coo paoo opoo eca, coo yo. o apaee oceaec [1263, 858, 1313].

He pee oop pax x-y, ocax epaype [925, 1465, 1262]. Bo o o ooc cp peoaa, o coye o aop eoace, y cpe ec cpe pyo co.

oeo epo x-y, ocoax a ox pax, ec copoc xpoa, oeco n-ox oo cooe (n - o paep oa aopa), opaaaex p poa.

e e copoc xpoa, e cpee aop. (pyoe opeeee oo apaepa aec [1262], o opeeee, peeoe o, oee yo pe coyec. o oe aya.) Cxe, omopx ua x-aeu paa ue oa Bo oa cxea (c. 10-):

H0 = IH,, e IH - cyaoe aaoe aee Hi = EA(B) C e A, B C oy o Mi, Hi-1, (Mi Hi-1), o oca (ooo pae 0). H0 - o eoopoe cyaoe aaoe co IH. Cooee paaec a ac cooec c paepo oa, Mi, opaa aee oeo. poe oo, coyec apa MD-yce, ooo a e poeypa ooe, o MD5 SHA.

A C B poae Pc. 18-8. Ooea x-y, y oopo a x-ae paa e oa.

Ta. 18-1.

eoace x-y, y oopx a x-ae paa e oa Hi = EH ( Mi ) Mi i- Hi = EH ( Mi Hi-1) Mi Hi - i - Hi = EH ( Mi ) Hi -1 Mi i - Hi = EH ( Mi Hi-1 ) Mi i - Hi = EM (Hi -1) Hi - i Hi = EM ( Mi Hi -1) Mi Hi - i Hi = EM (Hi -1) Mi Hi - i Hi = EM ( Mi Hi -1) Hi - i Hi = EM Hi-1 ( Mi ) Mi i Hi = EM Hi-1 (Hi -1) Hi - i Hi = EM Hi-1 ( Mi ) Hi - i Hi = EM Hi-1 (Hi -1) Mi i Tp pae epeee oy pa oo epex oox ae, ooy ceo cyec ye 64 apaa cxe oo a. O ce ye apo peeo ( Bart Preneel) [1262].

aa x pao ca, a a peya e ac o ooo xoo. Tpa ce e eoac o oee o pa. B 17- epece ocaec 12 eoacx cxe : epe epe eoac po cex cp (c. 9th), a ocee 8 eoac po cex o cp, poe cp c cpoao oo, o oopo peax ycox e co ecooc.

Mi Hi- Hi-1 poae Hi Mi Hi poae Hi-1 Hi- Hi Hi Mi Mi poae poae Pc. 18-9. epe eoacx x-y, y oopx a x-ae paa e oa.

epa cxea a ocaa [1028]. Tpe cxea a ocaa [1555, 1105, 1106] peaaac ae ce caapa ISO [766]. a cxea a peoea apo Maepo (Carl Meyer), o epaype oo aaec Davies-Meyer [1606, 1607, 434, 1028]. eca cxea a peoea aece pea x y LOKI [273].

Copoc xpoa epo, opo, pee, eepo, o oaao cxe paa 1 - a a paa e oa. Copoc xpoa pyx cxe cocae k/n, e k -a a. o oaae, o ec a a opoe oa, o o cooe oe o e pae y. He peoeye c, o o cooe ee a, ae ec a a aopa poa oe, e a oa.

Ec o aop ooo DES oaae coco oeapoc ca a, cex 12 cxe cyecye oooc ooeoo cp. Oo e co oaco eceoc e co o o ecooc. Oao oee oeoac ce o aoo cp, acpoa aee opoo peeo o a, paoe ''01" ''10" [1081,1107]. oeo e o ye y k c 56 o o 54 o ( DES) ye copoc xpoa.

o oaao, o ceye cxe, ocae epaype, eeoac.

a cxea [1282] a oaa [369]:

Hi = E (Hi-1) Mi c (Davies) pac (Price) peo apa, oopo ce cooee ec opaaaec aopo a [432, 433]. Bcpe oepca aae ay cxey ae p eoo c eo ooc [369]. B [1606] a oaaa eeoacoc ee oo cxe [432, 458]:

Hi = E (Hi-1) Mi Hi - B [1028] a oaaa eeoacoc ceye cxe (c - ocaa):

Hi = Ec ( Mi Hi -1) Mi Hi - Mouuau cxe Davies-Meyer a (Lai) Macce (Massey) opoa eo Davies-Meyer, o oo o cooa p IDEA [930, 925]. IDEA coye 64-o o 128-o . Bo peoea cxea:

H0 = IH,, e IH - cyaoe aaoe aee Hi = EH, Mi (Hi-1) i- a y xpye cooee 64-o oa ae 64-ooe aee (c. 8-).

oee pocoe cpe o cxe, e eo pyo c, eeco.

Mi Hi-1 poae Hi Pc. 18-10. Moa cxe Davies-Meyer.

Preneel-Bosselaers-Govaerts-Vandewalle a x-y, epe peoea [1266], ae x-aee, a paa oee oa aopa poa: p 64-oo aope oyaec 128-ooe x-aee.

p 64-oo oo aope cxea ae a 64-ox x-ae, Gi Hi, oeee oo px ae 128-ooe x-aee. oca ox aopo a oa paa 64 a. a cocex oa, Li Ri, paep aoo pae paepy oa, xpyc ece.

G0 = IG, e IG - cyaoe aaoe aee H0 = IH,, e IH - pyoe cyaoe aaoe aee Gi = EL Hi-1 (Ri Gi -1) Ri Gi-1 Hi - i Hi = EL Ri (Hi -1 Gi -1) Li Gi-1 Hi - i a po cpe o cxe, oopoe eoopx cyax eae cpe eoo poe pa [925, 926]. pee (Preneel) [1262] oepc (Coppersmith0 [372] ae yceo oa y cxey. He coye ee.

Quisquater-Girault a cxea, epe peoea [1279], eeppye x-aee, a paa oee oa. Ee copoc xpoa paa 1. Oa coye a x-ae, Gi Hi, xpye ece a oa, Li Ri.

G0 = IG, e IG - cyaoe aaoe aee H0 = IH,, e IH - pyoe cyaoe aaoe aee Wi = EL (Gi-1 Ri ) Ri Hi- i Gi = ER (Wi Li) Gi-1 Hi -1 Li i Hi = Wi Gi - a cxea oac 1989 oy poee caapa ISO [764], o a aeea oee oe epce [765]. poe eoacoc o cxe oca [1107, 925, 1262, 372]. (B eceoc, epc, ocaa aepaax oepe, a oce oo, a epc, pecaea a oepe, a cpa.) B pe cyae cooc cp eoo poe ee paa 2, a e 264, a y cp pyo. He coye y cxey.

LOKI c yoe oo o aop pecae coo oa Quis uater-Cirault, ceao cpoepoay pa o c LOKI [273]. Bce apaep - e e, o Quis uater-Girault.

G0 = IG, e IG - cyaoe aaoe aee H0 = IH,, e IH - pyoe cyaoe aaoe aee Wi = EL Gi-1 (Gi -1 Ri) Ri Hi - i Gi = ER Hi-1 (Wi Li) Gi-1 Hi-1 Li i Hi = Wi Gi - coa eoopx cyax cpe eoo poe oaaec pa [925, 926, 1262, 372, 736]. He coye y cxey.

apaea cxea Davies-Meyer o ee oa oa coa aop co copoc xpoa 1, oop ae x-aee, a paa oee oa. [736].

G0 = IG, e IG - cyaoe aaoe aee H0 = IH,, e IH - pyoe cyaoe aaoe aee Gi = EL Ri (Gi -1 Li ) Li Hi - i Hi = EL (Hi -1 Ri ) Ri Hi - i coae a cxea oe eeoaca [928, 861]. Oaaec, o x-y yoeo co copoc xpoa, pao 1, e oe eoacee, e Davies-Meyer [861].

Taea (Tandem) u oopeea (Abreast) cxe Davies-Meyer pyo coco oo opae, pcye o pa c 64-o o, coye a o p, oo IDEA (c. pae 13.9), c 64-o oo 128-o o. Ceye e cxe a 128-ox-aee, a x copoc xpoa paa /2 [930, 925].

poae Hi-1 Hi Mi Wi Gi-1 poae Gi Pc. 18-11. Taea (Tandem) cxea Davies-Meyer.

B epo cxee e opoae y Davies-Meyer paoa aeo, oeepo (c. 7-).

G0 = IG, e IG - cyaoe aaoe aee H0 = IH,, e IH - pyoe cyaoe aaoe aee Wi = EG, Mi (Hi-1) i - Gi = Gi -1 EM,Wi (Gi-1) i Hi = Wi Hi - B ceye cxee coyc e opoae y, paoae oopeeo (c. 6-).

G0 = IG, e IG - cyaoe aaoe aee H0 = IH,, e IH - pyoe cyaoe aaoe aee Gi = Gi -1 EM,Hi-1 (Gi -1) i Hi = Hi-1 EG, Mi (Hi -1) i- poae Hi-1 Hi Mi Gi-1 poae Gi Pc. 18-12. Oopeea (Abreast) cxea Davies-Meyer.

B oex cxeax a 64-ox ae, Gi Hi, oec, opay eoe 128-ooe x-aee.

Hacoo eco, eoacoc 128-oo x-y x aopo eaa : oapye cooe c aa x-aee peyec 2 oo, a axoe yx cyax cooe c oao x-aee - 264 oo, p yco, o y cocoo cp ec peee pyo c.

MDC-2 u MDC- MDC-2 MDC-4 papaoa IBM [1081, 1079]. B acoee pe yaec opoc cooa MDC-2, oa aaeo Meyer-Schilling, aece caapa ANSI ISO [61, 765], o apa pe oe [762]. MDC-4 opeeea poea RIPE [1305] (c. pae 25.7). Cea coye DES aece oo y, xo eopeec oe cooa o o aop.

Copoc xpoa MDC-2 paa /2, a x-ae o y a paa oe paepa oa.Ee cxea oaaa a 5-. MDC-4 ae ae x-aee a paa oee paepa oa, a ee c o poc xpoa paa 1/4 (c. 4-).

Gi- Gi poae Mi poae Hi Hi- Pc. 18-13. MDC-2.

Gi- Gi poae poae Mi poae poae Hi Hi- Pc. 18-14. MDC-4.

cxe poaapoa [925, 1262]. O eoac c yeo ceox oooce ceo ex, o x aeoc e a ea, a xoeoc papaoa. x ycooc e peaoy poaay p DES aece ooo aopa a paccopea [1262].

MDC-2 MDC-4 aaeoa [223].

X-yu AR X-y AR a papaoaa Algorithmic Research, Ltd. ae pacpocpaea ISO oo opa [767]. Ee aoa cpyypa ec apao coyeoo ooo pa (DES yoyo cae) pee CBC. Boec XOR ocex yx oo poeca, oca eyeo oa cooe, peya pyec aopo. X-aee c ocee cee a oa poeca. Cooee opaaaec a, y pa a, ooy copoc xpoa paa 1/2. ep o cy 0x0000000000000000, op - 0x2a41522f4446502a, a aee oca c pao 0x0123456789abcdef. Peya caec o ooo 128-ooo x-ae. opooc pee [750].

Hi = EK(Mi Hi-1 Hi-2 c) Mi y peaeo, o e ec eoaco. oce eoopo aeo peop a o caoc oo eo axo cooe c oao x-aee [416].

X-yu OCT a x-y oac Pocc opeeea caape OCT P 34.11.94 [657]. B e coyec o aop OCT (c. pae 14.1), xo eopeec oe cooac o o aop c 64-o oo 256-o o. y ae 256-ooe x-aee.

y ca, Hi = f(Mi,Hi-1) (oa oepaa - 256-oe e ) opeeec cey opao:

(1) p oo eoo cea Mi, Hi-1 eoopx oca eeppyec epe a po a OCT.

(2) a coyec poa ox 64 o Hi-1 pee ECB. oyee 256 o coxpac o peeo epeeo S.

(3) Hi ec coo, xo eo ye S, Mi Hi-1.

X-aee oceeo oa cooe e ec eo ooae x-aee. Ha ee co yec p epeee cee: Hn - o x-aee oceeo oa, Z - o XOR cex oo cooe, a L - a cooe. C cooae x epeex ooeoo oceeo oa M', ooaeoe x-aee pao:

H = f(Z M',f(L,f(M', Hn))) oyea eoo ayaa ( a pycco e), o ya, o o ce pao. Bo co cy ae a x-y opeeea a ac pocccoo Caapa poo oc (c. pae 20.3).

pyue cxe Pa Mep peo cxey, coyy DES, o oa eea - opaaae oo ce o c o oe a epa, aa epa coco yx poa DES [1065, 1069]. pya cxea [1642, 1645] eeoaca [1267], oa-o oa peaaac aece caapa ISO.

18.12 cooae aopo c op o B aece ooapaeo x-y oo cooa aop poa c op o pee cee oo. Ec ae poc , o oa x-y ye ae pyo, a poa cooee e oo a.

Bo pep, coy RSA. Ec M - o xpyeoe cooee, n - poeee yx pocx ce p q, a e - pyoe ooe co, ao pocoe c (p - l)(q - 1), o x-y, H(M), ye paa H(M) = Me mod n Ee poe cooa oo coe pocoe co aece oy p. Toa:

H(M) = Me mod p Bcpe o poe ooo e ee, e oc cpeoo oapa e. poea oo aop a coco o, o o aoo eeee, e pye ocyaee aop. o o pe e coe y eo.

18.13 Bop ooapaeo x-y y ayc SHA, MD5 cxe, ocoae a ox pax. pye a cao ee e c ceoa ocaoo cee. oocy a SHA. ee oee oe x-aee, e y MD5, oa c pee, e oe cxe c o pa, papaoaa NSA. ep poaaece oooc NSA, ae ec o e yy co peya.

B 16- cpae pee peee coooe eoopx x-y. They are meant for comparison purposes only.

Ta. 18-2.

Copoc poa eoopx x-y a i486SX/33 M Aop a x-ae Copoc poa (a/c) Oopeea cxea Davies-Meyer (c IDEA) 128 Davies-Meyer (c DES) 64 X-y OCT 256 HAVAL (3 poxoa) epeea HAVAL (4 poxoa) epeea HAVAL (5 poxoa) epeea MD2 128 MD4 128 MD5 128 N-x (12 ao) 128 N-x (15 ao) 128 RIPE-MD 128 SHA 160 Snerfu (4 poxoa) 128 Snerfu (8 poxoo) 128 18.14 o poep ooc cooe o poep ooc cooe ( message authentication code, MAC) - o aca o a ooa paea x-y. o MAC oaa e e coca, o paccopee paee x-y, o o, poe oo, a . (o e oaae, o oee oyoa MAC cooa MAC a ooapaey x-y.) Too aee eoo a oe poep x aee. o MAC oe oe oecee poep ooc e apye eoacoc.

o MAC oy cooa poep ooc ao, oop oeac oo a e. Tae o oy cooa o ooaee poep, e ec eo a, oe -a pyca. ooae oe c MAC eo ao coxpa ae ae.

Ec ooae ocoyec eco MAC ooapaeo x-ye, o pyc oe c oe x-ae oce apae ao ae ee a. C MAC pyc e coe oo oc, a a pycy eece.

poc cocoo peopaoa ooapaey x-y MAC ec poae x ae cep aopo. o MAC oe peopaoa ooapaey x y c oo pacp a.

CBC-MAC poce coco coa acy o a ooapaey x-y - poae cooe o aopo peax CBC CFB. X-aee ec oce poa o, a poa peax CBC CFB. Meo CBC opeee ANSI X9.9 [54], ANSI X9.19 [56], ISO 8731- [759], ISO 9797 [763] acpaco caape [1496]. epea poaa oe cp y cxey, ec aece ooo aopa coyec DES c yee co ao FEAL [1197].

oeaa poea, caa c eoacoc oo eoa, coco o, o oyae oe a , o ooe ey eeppoa cooe c e e x-aee, o y pcaoo cooe, c oo eppoa opao apae.

Aopum npoepu nouocmu cooeu (Message Authenticator Algorithm, MAA) o aop ec caapo ISO [760]. O ae 32-ooe x-aee cpoepoa peo c cp cpy yoe [428].

v = v <<< e = v w x = ((((e + y) mod 232) A C) * (x Mi)) mod 232- y = ((((e + x) mod 232) B D) * (y Mi)) mod 232- ec oopc aoo oa cooe, Mi, peypyee x-aee oyaec c oo XOR x y. epeee v e ac o a. A, B, C D c ocaa.

Booo, o aop poo coyec, o e ep, o o ocaoo eoace. O papao a a ao e co coe.

yanpae MAC o MAC ae x-aee, oopoe a paa ee oa aopa [978). Caaa cooe cec CBC-MAC. ae cec CBC-MAC cooe c opa opo oo. yapa e MAC poco ec oeee x yx ae. coae a cxea eeoaca [1097].

Memo yeaa o MAC ae aa apa opy oo oapye ay ( uadratic con gruential manipulation detection code, QCMDC) [792, 789]. Caaa pae cooee a m-oe o.

ae:

H0 = IH,, e IH - cepe Hi = (Hi-1 Mi)2 mod p, e p - pocoe co, eee 2m-1, a ooaae eoceoe coee.

yea (Jueneman) peaae n = 16 p = 231-1. B [792] o ae peaae, o H1 cooac aece ooeoo a a eceoe cooee aaoc c H2.

, -a oeca cp a poe, oex copyece c oo oepco, yea peo c QCMDC epe paa, coy peya oo epa aece IV ceye epa, a ae peya oec 128-ooe x-aee [793]. B aee a e a ycea a ce apaeoo oe epex epa c oepe c ey [790, 791]. a cxea a oaa oepco [376].

B pyo apae [432, 434] oepa coe aeea XOR, coyc o cooe, aoo ee p. poe oo, aa H0, o pepao aop ooapaey x-y e a.

oce oo, a a cxea a cpa [612], oa a ycea cooa aece ac poea European Open Shop Information-TeleTrust [1221], popoaa CCITT X.509 [304] pa ISO [764, 765]. coae oepc oa y cxey [376]. B pe cceoa yaac oooc cooa oe o 2 ocoa coe [603], o oo e oaaoc epce.

RIPE-MAC RIPE-MAC opee apo peeo [1262] cooa poee RIPE [1305] (c. pae 18.8).

O ocoa a ISO 9797 [763] coye DES aece y ooo poa. Cyecye a apaa RIPE-MAC: o, oop coye o DES, aaec RIPE-MAC1, a pyo, coy ee oe eoacoc poo DES, aaec RIPE-MAC3. RIPE-MAGI coye oo poae DES a 64-o o cooe, a RIPE-MAC3 - p.

Aop coco pex ace. Bo epx, cooee yeaec a, o eo a a paa a. ae, yeeoe cooee paaec a 64-oe o. xpoa x oo o o coyec y ca, aca o cepeoo a. Ha o ae coyec o DES, o poo DES. Haoe, xo o y ca oepaec ee ooy DES-poa c py o, oye a, coyeoo p ca. opooc oo a [1305].

IBC-x IBC-x - o ee o MAC, coye poee RIPE [1305] (c. pae 18.8). O epece ooy, o eo eoacoc oaaa, epooc yceoo cp oe oeea oeceo. coae aoe cooee oo xpoac o o. Bpa ypoe eoacoc opaae aca paep xpyeoo cooe, eo e eae oa pya paccopex o ae y. C yeo x coopae oee RIPE peoeyec, o IBC-x cooaac oo x, peo ocaex cooe. po y ec hi = ((Mi mod p) v) mod 2n Cepe pecae coo apy p v, e p - n-ooe pocoe co, a v - cyaoe co, eee 2n. ae Mi oyac c oo cpoo opeeeo poeyp ooe. Bepooc cp a ooapaeoc, a ycooc cooe, oy oee oeceo, ooae, e apaep, oy pa y ypoe eoacoc.

Ooanpaea x-yu MAC B aece MAC oe cooaa ooapaea x-y [1537]. yc Aca o c oy o K, Aca xoe opa oy MAC cooe M. Aca oee K M, c e ooapaey x-y oee: H(K,M). o x-aee ec oo MAC. Ta a o ae K, o oe ocpoec peya Ac, a Mop, oopoy eece, e coe o cea.

Co eoa MD-yce o coco paoae, o ec cepee poe. Mop cea oe oa oe o oy cooe c pa MAC. o cpe oe peopaeo, ec aay cooe oa eo y, o pee coeaec o cxee [1265]. ye oa oy cooe, H(M,K), o p o ae oa poe [1265]. Ec H ooapaea y, oopa e aea o cooe, Mop oe oea cooe. Ee ye H(K,M,K) H(Kl,M,K2), e Kl K2 pa [1537]. pee e yepe o [1265].

eoac ayc ceye ocpy :

H(Kl, H(K2, M)) H(K, H(K,M)) H(K, p,M,K)), e p ooe K o ooo oa cooe.

y oxoo ec oeee c a oo cooe o pae epe 64 o a. o eae ooapaey y eee eo, a a yeac o cooe, o a oa caoc aoo eoacee [1265].

coye ooapaey x-y cep aop. Caaa xpye a, oo apye x-aee. o eoacee, e caaa poa a, a ae xpoa ap o a a, o a cxea ycea oy e cp, o ocpy H(M,K) [1265].

MAC c ucnooaue nomoooo upa a cxea MAC coye oooe p (c. 3-) [932]. popaec eoac eepaop ceocyax o eyecpye oo cooe a a oooa. Ec a xoe eepaopa o ki ea, o ey cooe mi opaec ep ooo, ec o, o mi opaec o opo ooo. a ooo opaec a co LFSR (pae 16.2). Bxoo MAC poco e c oeoe cocoe oox pecpo.

ecac o eo eeoace o ooe eo ee cooe [1523].

Hapep, ec e oce cooe, o coa oeoo MAC yo ye e oo 2 a cooecyeo MAC;

o oe oeo c aeo epooc. Aop peaae oee eoac, oee co, apa.

CSPRNG Co pecp epe oo cooe ae Co pecp Pc. 18-15. MAC c cooae ooooo pa.

aa 19 Aop c op a 19.1 Oco oe popa c op a a ya o ( Whitfield Diffie) Mapo Xeao (Martin Hellman), eaco Pao Mepo (Ralph Merkle). x ao po pa o yeee, o oo cooa apa - poa eppoa o oe eooo oy o pyoo (c. Pae 2.5). Xea epe peca y e a Haoao oepo oepe ( National Computer Conference) 1976 oa [495], epe ecoo ece a oyoaa x ocoooaaa paoa "New Directions in Cryptogra phy'' ("Hoe apae popa") [496]. (-a eccpacoo poecca ya ep a Mepa y oac e oc oo 1978 oy [1064].) C 1976 oa o peoeo oeco popaecx aopo c op a. Moe x eeoac. ex, oope c eoac, oe epo paeco peaa.

o o coy co oo , o paep oyeoo poeca aoo peae pa ep opoo eca.

Heoe aop c eoac, pa. Oo aop ocoa a oo pyx poe, paccopex paee 11.2. Heoope x eoacx pax aopo oxo oo pacpeee e. pye oxo poa ( pacpeee e).

Tpe oe oo pox oce. Too p aopa xopoo paoa a p poa, a poo oc: RSA, EIGamal Rabin. Bce aop ee. O py ep py ae aoo eeee, e cepe aop. Oo x copoc eocaoa p o a ox oeo ax.

pe pocce (c. pae 2.5) oo ycop co: poa cooe c oyec cep aop co cya o, a aop c op o peec poa cyaoo ceacooo a.

eonacocm aopumo c ompmu au Ta a y poaaa ec ocy opoy y, o cea oe pa poa oe cooee. o oaae, o poaa p aao C = EK(P) oe opooa yaa aee P eo poep co oay. o ec cepeo poeo, ec oeco oox opx e co acoo ao, o eae oo cepa oc, o y poey eo oo pe, o o cooe cpoo cyax o. o po oy, o e op eca cooe cy pae poec. (oee opoo a e ocaa paee 23.15.) o ocoeo ao, ec aop c op o coyec poa ceacooo a.

Ea oe coa ay ax cex oox ceacox e, apoax op o oa.

oeo, o opeye oo pee a, o o pyo co papeeoo copy 40-ooo a 56-ooo a DES opeye aoo oe pee a. a oo Ea coac ay ay ax, oa oy oa coe a eo oy.

Aop c op a cpoepoa a, o pooco cp c pa o p eco. x eoacoc ocoaa a a pyoc oye cepeoo a o opoy, a a pyoc oy op ec o poecy. Oao oco aopo c op o ocoeo yce cp c pa poeco (c. pae 1.1).

B cceax, oopx oepa, opaa poa, coyec poo oc, o cpe eooo peopa, ec poa oce cooa oaoe .

Ceoaeo, ao ye c ccey eo, a e oo cocae ac. Xopoe pooo c o p a cpoepoa a opao, o pae copo e o pacpoa po oe cooe, eeppoae py copoa, - xopo pepo c pooo oa a eca eoc (c. pae 5.2).

19.2 Aop paa ep aopo ooeoo poa c op o ca aop paa, papa o a Pao Mepo Mapo Xeao [713, 1074]. O o cooa oo po a , xo oee A ap aapoa ccey poo oc [1413]. eoacoc aopo paa opaec a poey paa, NP-oy poey. Xo oe o oapyeo, o o a o p eeoace, eo co y, a a o eocppye oooc pee NP-oo poe popa c op a.

poea paa ecoa. aa ya peeo pao acc, oo oo eoope x peeo pa a, o acca paa caa paa opeeeoy ae ? oee opao, a aop ae Ml, M2,..., Mn cya S, c ae bi, ae o S = blM1 b2M2... bnMn bi oe o ye, o ee. Ea oaae, o pee ay pa, a o - o e ay.

Hapep, acc peeo oy e ae 1, 5, 6, 11, 14 20. B oee yaoa pa a, o eo acca caa paa 22, cooa acc 5, 6 11. Heooo yaoa pa a, o eo a c ca a paa 24. B oe cyae pe, eoxooe pee o poe, c poco oeca pe eo ye pace coeao.

B ocoe aopa paa Mepa-Xeaa e e poa cooee a peee aopa p o e paa. pee y pac c oo oa opoo eca, o e paoo oecy peeo ye ( opoo eca cooecy ae b), a poec ec oyeo cy o. pep poeca, apoaoo c o o poe paa, oaa a.

Op ec 1 1 1 0 0 1 0 1 0 1 1 0 0 0 0 0 0 0 0 1 1 0 0 Pa 1 5 6 11 14 20 1 5 6 11 14 20 1 5 6 11 14 20 1 5 6 11 14 poec 1 5 6 20=32 5 11 14=30 0=0 5 6= Pc. 19-1. poae c paa oyc o, o a cao ee cyecy e pae poe paa, oa peaec a eoe pe, a pya, a caec, - e. ey poey oo pepa pyy. Op peca e coo pyy poey, oopy eo cooa poa, o eooo eppo a cooe. ap ec eo poeo, aa poco coco eppoa cooe.

Toy, o e ae ap , pec oac pe pyy poey paa.

Cepxopacmaue pau o aoe ea poea paa? Ec epee acc pecae coo cepxopacay oceo aeoc, o oyey poey paa eo pe. Cepxopacaa oceoaeoc - o oceoaeoc, oopo ao e oe cy cex peyx eo. Hapep, oceoa eoc {1,3,6,13,27,52} ec cepxopacae, a {1,3,4,9, 15,25} - e.

Peee cepxopacaeo paa a eo. Boe o ec cpae eo c ca o co oceoaeoc. Ec o ec ee, e o co, o eo e ay pa. Ec o ec oe pae oy cy, o oo aec pa. e accy paa a o aee epee ceyey o ee cy oceoaeoc. ye oop, oa poecc e aoc.

Ec o ec yec o y, o peee aeo. B poo cyae, there isn't.

Hapep, yc o ec paa - 70, a oceoaeoc eco {2,3,6, 13,27,52}. Ca oo ec, 52, ee 70, ooy ae 52 pa. Ba 52 70, oyae 18. Cey ec, 27, oe 18, ooy 27 pa e aec. ec, 13,ee 18, ooy ae 13 pa. Ba 13 18, oy ae 5. Cey ec, 6, oe 5, ooy 6 e aec pa. pooee oo poecca oae, o 2, 3 ayc pa, o ec yeaec o 0, o cooae o aeo pee. Ec o o poa eoo paa Mepa-Xeaa, op ec, oye ae p o eca 70, pae 110101.

He cepxopacae, opae, pa peca coo pyy poey - cpoo a o pa x e aeo. Ece ec cocoo opee, ae pee ayc pa, ec eoeca poepa oox pee, oa e aeec a paoe. Ca cp aop, pa o ae pay pcy, ee coeay acoc o ca o ox peeo. oae oceoaeoc eco ee o e, a peee cae oe pyee. o aoo pyee cepxopacaeo paa, e, ec oae o pee oceo a eoc, oc pee yec a oy oepa.

Aop Mepa-Xeaa ocoa a o coce. ap ec oceoaeoc eco poe cepxopacaeo paa. Op - o oceoaeoc eco poe opao o paa c e e peee. Mep Xea, coy oyy apey, papaoa coco p e opaoa poe cepxopacaeo paa poey opaoo paa.

Coaue ompmoo a u apmoo Paccop paoy aopa, e yyc eop ce : o oy opay oceoae oc paa, oe cepxopacay oceoaeoc paa, apep, {2,3,6,13,27,52}, yo o oy m ce ae a co n. aee oy oo oe cy cex ce oceo a eoc, apep, 105. Moe oe ao poc co c oye, apep, 31. Hop ao oceoaeoc paa ye 2*31 mod 105 = 3*31 mod 105 = 6*31 mod 105 = 13*31 mod 105 = 27*31 mod 105 = 52*31 mod 105 = oo - {62,93,81,88,102,37}.

Cepxopacaa oceoaeoc paa ec ap o, a opaa oceoae oc paa - op.

upoaue poa cooee caaa paaec a o, pae o e cy eeo oceo a eoc paa. ae, ca, o ea yaae a pcyce ea oceoaeoc, a o - a eo ocyce, ce oe eca pao - o ooy aoo oa cooe.

Hapep, ec cooee apo e a 011000110101101110, poae, coy ee peyy oceoaeoc paa, ye pocxo cey opao :

cooee = 011000 110101 011000 cooecye 93 81 = 110101 cooecye 62 93 88 37 = 101110 cooecye 62 81 88 102 = poeco ye oceoaeoc 174,280, eupupoaue ao oyae aoo cooe ae ap : opay cepxopacay oc e oaeoc, a ae ae n m, cooae pepae ee opay oceoaeoc paa. eppoa cooe oyae oe caaa opee n-1, aoe o n(n-1)1 (mod m). aoe aee poeca yoaec a n-1 mod m, a ae paeec c oo apoo a, o oy ae opoo eca.

B ae pepe cepxopacaa oceoaeoc - {2,3,6,13,27,52), m pao 105, a n - 31. po eco cy 174,280,333. B o cyae n-1 pao 61, ooy ae poeca o yo e a 61 mod 105.

174*61 mod 105 = 9 = 3 6, o cooecye 280*61 mod 105 = 70 = 2 3 13 52, o cooecye 333*61 mod 105 = 48 = 2 6 13 27, o cooecye Pacpoa op eco ec 011000 110101 101110.

pamuecue peauauu oceoaeoc ec eeo epyo pe aay paa, ae ec oceoae oc e ec cepxopacae. Peae pa o coepa e eee 250 eeo. a aoo ea cepxopacae oceoaeoc oa e-o ey 200 400 a, a a oy oa o 100 o 200 o. oye x ae paece peaa coy eepaop cyao oceoaeoc.

Bcpa ooe pa p oo pyo c ecoeo. Ec oep oe poep o apao ceyy, poepa cex oox apao paa opeye ce 10 e. ae o a, paoax apaeo, e ycee pe y aay o pepae coa cepxoy e y.

eonacocm emoa paa Boa poccey, ocoay a poee paa, e o a, a apa popao. Ca aa pacp ece opoo eca [725]. ae ap oaa, o opeeex oco ecax pa oe oa [1415, 1416]. pye oce - [1428, 38, 754, 516, 488] - o o e o oa ccey Mapa-Xeaa oe cyae. Haoe ap e (Zippel) [1418, 1419, 1421] oapy cae eca peopaoa, o ooo occao cepxopacay oceoaeoc paa o opao. Toe oaaeca xo a pa o , o x xop o oop oo a [1233, 1244]. Ha oepe, e oaac peya, cpe o poeocppoao o ca a oepe Apple II [492, 494].

Bapuam paa oce cp opao cxe Mepa-Xeaa o peoeo oeco pyx cce a pe paa: ecoo oceoaex pao, pa p-apa (Graham-Shamir), pye.

Bce o poaapoa oa, a pao, c cooae ox ex e popa e cx eoo, x oo cee co copocoo occe popa [260, 253, 269, 921, 15, 919, 920, 922, 366, 254, 263, 255]. Xopo oop x cce x poaa oo a [267, 479, 257, 268].

peoe pye aop, coye oxoe e, o ce o oe oa.

poccea Lu-Lee [990, 13] a oaa [20, 614, 873], ee oa [507] ae oaaac eeo aco [1620]. Bcp pocce Goodman-McAuley pee [646, 647, 267, 268]. poccea Pieprzyk [1246] a oaa aao opao. poccea Niemi [1169], ocoaa a oyx paax, oaa [345, 788]. Ho, ooca pa [747] oa ee e oa, o e o ce. py apao ec [294].

Xo apa aopa paa acoee pe eoace - aop paa Char-Rivest [356], e cop a "ceapoaoe cpe" [743] - oeco eoxox ce eae eo aoo eee oe, e pye paccopee ec aop. Bapa, aa Powerline System (ccea epoa) eeoace [958]. oee oo, ya eoc c oopo a ce ocae apa, o ep yco oa apao, o oy, eocopoo.

amem Opa aop Mepa-Xeaa aaeoa Coeex aax [720] ocao pe (c. 18th). Public Key Partners (PKP) oya e a ae ece c py aea popa c op a (c. pae 25.5). Bpe ec aea CA cee 19 ayca 1997 oa.

Ta. 19-1.

ocpae ae a aop paa Mepa Xeaa Cpaa Hoep aa oye e 871039 5 ape 1979 oa Hepa 7810063 10 ape 1979 oa Beopa 2006580 2 a 1979 oa epa 2843583 10 a 1979 oa e 7810478 14 a 1979 oa pa 2405532 8 1979 oa epa 2843583 3 ap 1982 oa epa 2857905 15 1982 oa aaa 1128159 20 1982 oa Beopa 2.006580 18 ayca 1982 oa eap 63416114 14 ap 1983 oa a 1099780 28 cep 1985 oa 19.3 RSA Bcope oce aopa paa Mepa oc ep ooe aop c op o, o op oo cooa poa pox oce : RSA [1328, 1329]. cex peoex a o aopo c op a RSA poe ceo o peaoa. (Map apep (Martin Gardner) oyoa paee ocae aopa coe ooe "Maeaece p" Scientific American [599].) O ae ec ca oyp. Haa ec pex opeaee - Poa Peca (Ron Rivest), A apa (Adi Shamir) eoapa aa (Leonard Adleman) - o aop oe o po oco ecoy poaay. Xo poaa oaa, opoep eoacoc RSA, o, o cy, oocoae ypoe oep aopy.

eoacoc RSA ocoaa a pyoc paoe a oe ox ce. Op ap c y yx ox (100 - 200 papo ae oe) pocx ce. peoaae c, o occaoee opoo eca o poecy opoy y aeo paoe a oe yx ox ce.

eepa yx e coyc a ox cyax pocx ca, p q. acao eoacoc pae p q pao . Paccaec poeee:

n = p q ae cya opao paec poa e, ao o e (p-1)(q-1) c ao po c ca. Haoe pacpe aop a coyec ce a eppo a d, aoo o ed = 1 (mod (p-1)(q-1)) py coa d = e-1 mod ((p-1)(q-1)) ae, o d n ae ao poce ca. ca e n - o op , a co d - ap.

a pocx ca p q oe e y. O o opoe, o e o pacp.

poa cooe m oo caaa paaec a poe o, ee n ( ox a x paec caa oa cee ca 2, ea n). To ec, ec p q - 100-pape poce ca, o n ye coepa ooo 200 papo, a o cooe mi oe ooo 200 papo y. (Ec yo apoa cpoaoe co oo, x oo oo eco y c e a, o apapoa, o o cea yy ee n. apoaoe cooee c ye coco o o ci o e cao . opya poa a ci = mie mod n pacpo cooe oe a apoa o ci ce mi = cid mod n Ta a cid = (mie)d = mied = mik(p-1)(q-1) 1 = mimik(p-1)(q-1) = mi*1 = mi;

ce (mod n) opya occaaae cooee. o ceeo 17-.

Ta. 19-2.

poae RSA Ompm :

n poeee yx pocx ce p q (p q o xpac cepee) e co, ao pocoe c (p-1)(q-1) apm :

d e-1 mod ((p-1)(q-1)) upoaue:

c = me mod n eupupoaue:

m = cd mod n Too ae cooee oe apoao c oo d, a apoao c oo e, ooe o op. yepey ac o eop ce, oaae, oey o aop paoae. B oce o popa o opoc opoo paccope.

opo pep ooo ooe oc paoy aopa. Ec p = 47 q = 71, o n = pq = e e oe e ox oee (p-1)(q-1)= 46*70 = Bepe (cyao) e pa 79. B o cyae d = 79-1 mod 3220 = p ce oo ca cooa pacpe aop a (c. pae 11.3). Oyye e n, coxpa cepee d. Opoc p q. poa cooe m = caaa pae eo a aee o. aeo cya ooy pexyee o. Cooee paaec a ec oo mi:

ml = m2 = m3 = m4 = m5 = m6 = ep o pyec a 68879 mod 3337 = 1570 = cl Bo e e oepa oceyx oo, coae poec cooe :

c = 1570 2756 2091 2276 2423 eppoae yo o aoe e oeee cee, coy eppoa 1019:

15701019 mod 3337 = 688 = ml Aaoo occaaaec ocaac ac cooe.

Annapame peauauu RSA Cyecye oo ya, apaax ey aapax peaa RSA [1314, 1474, 1456, 1316, 1485, 874, 1222, 87, 1410, 1409, 1343, 998, 367, 1429, 523, 772]. Xopo oop ca cya [258, 872]. poae RSA oec o pocxea [1310, 252, 1101, 1317, 874, 69, 737, 594, 1275, 1563, 509, 1223]. ac cco ocyx acoee pe pocxe RSA, [150, 258], pe e 16th. He ce x ocy cooo poae.

Ta. 19-3.

Cyecye pocxe RSA oa Taoa acoa Copoc Taoe Texoo o a oeco epea oax poa pocxey pacopo a 512 512 Alpha Techn. 25 M 13K 0.98 M 2 poa 1024 AT&T 15 M 19K 0.4 M 1.5 poa 298 British Telecom 10 M 5.IK 1 M 2.5 poa 256 ---- Business Sim. Ltd. 5 M 3.8K 0.67 M Bea apa 32 ---- CalmosSyst-Inc. 20 M 2.8K 0.36 M 2 poa 593 CNET 25 M 5.3K 2.3 M 1 po 1024 Cryptech 14 M 17K 0.4 M Bea apa 120 Cylink 30 M 6.8K 1.2 M 1.5 poa 1024 GEC Marconi 25 M 10.2K 0.67 M 1.4 poa 512 Pijnenburg 25 M 50K 0.256 M 1 po 1024 Sandia 8 M IOK 0.4 M 2 poa 272 Siemens 5 M 8.5K 0.03 M 1 po 512 Copocm RSA Aapao RSA pepo 1000 pa eeee DES. Copoc pao cao cpo CC-peaa RSA c 512-o oye - 64 oa ceyy [258]. Cyecy ae pocxe, oope o 1024-ooe poae RSA. B acoee pe papaaac pocxe, oope, coy 512 o oy, pc pyey 1 M/c. Booo, o oc 1995 oy. pooe ae pe RSA eeyax apoax, o peaa eeee.

popao DES pepo 100 pa cpee RSA. ca oy eaeo ec p e e exoo, o RSA oa e oce copoc cepx aopo. B 15- pee pep copoce popaoo poa RSA [918].

Ta. 19-4.

Copoc RSA pax oye p 8-oo o po e (a SPARC II) 512 o 768 o 1024 a poae 0.03 c 0.05 c 0.08 c eppoae 0.16 c 0.48 c 0.93 c oc 0.16 c 0.52 c 0.97 c poepa 0.02 c 0.07 c 0.08 c popae Speedups poae RSA oec aoo cpe, ec pao epee aee e. Tpe aoee ac apaa c 3, 17 65537 (216 1). (ooe pecaee 65537 coep oo e e, ooy oee cee yo o oo 17 yoe.) X.509 coeye [304], PEM peoeye 3 [76], a PKCS #l (c. pae 24.14) - 3 65537 [1345]. He cyecye ax po e eoacoc, cax c cooae aece e oo x pex ae (p yco, o ooee cooe cya ca - c. pae e), ae ec oo o e aee e coy ec eo pyo ooaee.

Oepa c ap o oo ycop p oo aco eope o ocaax, ec coxp a ae p q, a ae ooee ae: d mod (p - 1), d mod (q - 1) q-1 mod p [1283, 1276]. ooee ca oo eo c o apoy opoy a.

eonacocm RSA eoacoc RSA ooc ac o poe paoe a oe ox ce. Texec, o yepee o eoacoc o. peoaaec, o eoacoc RSA ac o poe paoe a oe ox ce. Hoa e o oaao aeaec, o yo pao n a o e, o occao m o c e. oo, o oe op coce o coco poaaa RSA.

Oao, ec o o coco oo poaay oy d, o ae oe cooa paoe a oe ox ce. e co oyc o o.

Tae oo cp RSA, yaa aee (p-1)(q-1). o cpe e poe paoe n a oe [1616].

cepxceo: oaao, o eoope apa RSA ae co, a paoee a oe (c. pae 19.5). ae ae [361, e oaao, o pacpe ae ecox o opa o apoaoy RSA poecy e ee, e eppoae ceo cooe.

Ca oe cpeco cp ec paoee n a oe. o po coe o y op e oy n. o a eppoa d, po oe pao n a oe. Copeeoe cocoe exoo paoe a oe paccapaoc paee 11.4. B acoee pe epe pae o exoo ec co, coepaee 129 ecx p. a, n oo oe oo ae. Peoea o opy opoo a pee paee 7.2.

oeo, poaa oe epepa ce ooe d, oa o e oepe paoe aee. Ho aoe cpe pyo co ae eee eo, e oa pao n a oe.

Bpe o pee oc ae o o, o ae poco coco cp RSA, o oa oo oox ae e oepoc. Hapep, 1993 oy epoe ca Ba ea ( William Payne) peoe eo, ocoa a ao eopee epa [1234]. coae, o eo oaac eeee paoe a oe Cyecye ee o oo ecooca. oco oepx aopo ce pocx ce p q epooc, o pooe, ec p q oaec coca? Hy, o epx, oo cec e pooc aoo co o yoo ya. ae ec o pooe, copee ceo aoe coe ye cpay e oapyeo - poae eppoae e yy paoa. Cyecye p ce, aaex ca apaa (Carmichael), oope e oy oapy opeeee epooce aop o c a pocx ce. O eeoac, o peao pe [746]. eco oop, e o e oecooo.

Bcpmue c pa upomecmo npomu RSA Heoope cp paoa po peaa RSA. O cpa e ca ao aop, a a cpoe a pooo. Bao oa, o cao o cee cooae RSA e oeceae eoac oc. eo peaa.

Ceapu 1: Ee, ocyae c Ac, yaoc epexa cooee c, poaoe c o o RSA op o Ac. Ea xoe poa cooee. Ha e aea, e yo m, oopoo m = cd pacp m oa caaa pae epoe cyaoe co r, eee n. Oa ocae op Ac e. ae oa ce x = re mod n y = xc mod n t = r-1 mod n Ec x = re mod n, o r = xd mod n.

Teep poc Acy oca y ee ap o, a opao pacpoa y. (Aca oa o ca cooee, a e eo x cyy.) He aae, Aca oa pae e ea y. Aca ocae Ee u = yd mod n Teep Ea ce tu mod n = r-1 yd mod = r-1xdcd mod n = cd mod n = m Ea oyae m.

Pages:     | 1 |   ...   | 7 | 8 || 10 | 11 |   ...   | 14 |



2011 www.dissers.ru -

, .
, , , , 1-2 .