Hàm băm mật mã
Hash & MAC
Tham khảo bài giảng ThS. Trần Minh Triết
Tham khảo bài giảng ThS. Trần Minh Triết
Nội dung






 !"#$%!
 !"#$%!
&'(
&'(
)&*
)&*
*+&*
*+&*
Tính toàn vẹn và tính bí mật
,  +-
,  +-
./01"234 156  71 71 8
./01"234 156  71 71 8
9$8:;1719$
9$8:;1719$
<
<
=>??@ 711#$?
=>??@ 711#$?
?+-71

?+-71




A15671<8:%;1719$
A15671<8:%;1719$
5B< 71!;1C
5B< 71!;1C
719$
719$
D;E4
D;E4
,"11"C2!@<82%1F
,"11"C2!@<82%1F
 71!;1C1
 71!;1C1
F
F
Ý tưởng chính của hàm băm mật mã
&G71.2$"0
&G71.2$"0
H3
H3
&95B1E1.34
&95B1E1.34
H
H
.
.

x
x
3I
3I
H
H
.
.
x
x
J3+K
J3+K
x
x
≠
≠
x
x
J
J
L!M?+9NO<+P1QRS
L!M?+9NO<+P1QRS
,719$
,719$
,719$
,719$
"#1T
"#1T
x
x

U
U
x
x
V
V
x
x
W
W
y
y
U
U
y
y
V
V
X<; YZ
X<; YZ
X<;[
X<;[
Hàm băm mật mã H
H
H
<8$;E1"R;\9< 5K Y
<8$;E1"R;\9< 5K Y
L!M?
L!M?
H

H
X
X
n
n
].
].
n
n
[3
[3
'^;11"[
'^;11"[
H
H
.
.
x
x
3+K
3+K
x
x
 Y
 Y
H
H
_
_
H

H
+K95B1NE1S
+K95B1NE1S
Tính “một chiều”
&
&
H
H
" <[!%15B
" <[!%15B
"5KX1QR
"5KX1QR
y
y
`a@Ub∈
`a@Ub∈
n
n
@" <
@" <
O"5BX
O"5BX
x
x


H
H
.
.

x
x
3I
3I
y
y
D;E4
D;E4
c"0]H"04DKX1"[
c"0]H"04DKX1"[
x
x
@ 8"
@ 8"
H
H
.
.
x
x
3I
3I
y
y
)&*]U !M?X1dUea]
)&*]U !M?X1dUea]
f?:$g1$G$C9V
f?:$g1$G$C9V
Wh
Wh

$G$:"1
$G$:"1
12
12
<8C9V
<8C9V
(i
(i
$G$:"1
$G$:"1
V
V
UaU
UaU
.jUa
.jUa
Wa
Wa
38!%15B)&*]U+K1"[
38!%15B)&*]U+K1"[
1QR
1QR
y
y
"5K
"5K
Tính an toàn đối với hiện tượng đụng độ
k <<8O5B
k <<8O5B
x

x
@
@
x
x
J
J
H
H
.
.
x
x
3I
3I
H
H
.
.
x
x
J3
J3
,O !E1>1c"0]H"0=l.V
,O !E1>1c"0]H"0=l.V
mV
mV
3@
3@
71$?l.V

71$?l.V


3
3
c";2$";n
c";2$";n
1"[
1"[
x
x
i
i
+1"[5o1g1
+1"[5o1g1
y
y
i
i
I.
I.
x
x
i
i
3
3
DKXF$
DKXF$
x

x
i
i
@
@
x
x
j
j
@nE1UmV
@nE1UmV


,%1F$
,%1F$
C
C
V
V


I
I
t
t
.
.
t
t
]U3mV l.∼

]U3mV l.∼
t
t
V
V
3
3
A!
A!
t
t
n$n=V
n$n=V
mV
mV
@5B1F$n$n=V
@5B1F$n$n=V


DKXF$@nn?2"E1UmV
DKXF$@nn?2"E1UmV


@;<@
@;<@
nO5BF$1"[E1"1U
nO5BF$1"[E1"1U
Birthday Paradox
D;E4
D;E4

fT
fT
p
p
.
.
n
n
3nO5BV156<p112
3nO5BV156<p112
"1<
"1<
n
n
156
156
fTnV156 Y"1<
fTnV156 Y"1<
n
n


156_<12 q
156_<12 q
p
p
.
.
n
n

3rIU
3rIU
DK
DK
≤
≤
We(@<
We(@<
3.np
3.np
3Zsss.sss
Zsss
sss
s
sqqq
sss
s
s
sss
s
ss3.
n
n
np
n
−
=







−
−






−






−=
Birthday Paradox
p
p
.
.
n
n
3
3
n
n

An toàn với hiện tượng đụng độ “yếu”
Weak Collision Resistance
Weak Collision Resistance
;2
;2
x
x
T"5K1QR@" <O5B
T"5K1QR@" <O5B
x
x
J
J
H
H
.
.
x
x
3I
3I
H
H
.
.
x
x
J3
J3
A15671$?O5B1"[E1+K1

A15671$?O5B1"[E1+K1
"[
"[
x
x
E8"5Kqt_2 <o+9O+
E8"5Kqt_2 <o+9O+
="F$1"[
="F$1"[
x
x
+
+
x
x
JE1+Kq
JE1+Kq
,71c"0]H"04l.V
,71c"0]H"04l.V
n
n
3
3
Nhận xét:
Nhận xét:
*+K95B1E1N2!S
*+K95B1E1N2!S
71??+K95B1E1
71??+K95B1E1
Tính chất của hàm băm

*+K71N_?S
*+K71N_?S
"010"00
"010"00
 "5K
 "5K
y
y
@ " < O 5B 1 "[ n  
@ " < O 5B 1 "[ n  
H
H
.
.
x
x
3I
3I
y
y
*+K95B1E14
*+K95B1E14
" <O5B1"[$9
" <O5B1"[$9
x
x
+
+
x
x

J
J
H
H
.
.
x
x
J3I
J3I
H
H
.
.
x
x
3
3
*+K71N_?gVS
*+K71N_?gVS
V
V
;
;
$"010"00
$"010"00
"5K
"5K
x
x

+
+
y
y
I
I
H
H
.
.
x
x
3@" <O5B1"[nJ
3@" <O5B1"[nJ
≠
≠
n
n


H
H
.
.
x
x
J3I
J3I
H
H

.
.
x
x
3
3
Phân loại hàm băm mật mã
Collision Resistant
Collision Resistant
Hash Functions
Hash Functions
(CRHF)
(CRHF)
Collision Resistant
Collision Resistant
Hash Functions
Hash Functions
(CRHF)
(CRHF)
One-Way
One-Way
Hash Functions
Hash Functions
(OWHF)
(OWHF)
One-Way
One-Way
Hash Functions
Hash Functions
(OWHF)

(OWHF)
Manipulation
Manipulation
Detection Codes
Detection Codes
(MDC)
(MDC)
Manipulation
Manipulation
Detection Codes
Detection Codes
(MDC)
(MDC)
Message
Message
Authentication Codes
Authentication Codes
(MAC)
(MAC)
Cryptographic
Cryptographic
Hash Functions
Hash Functions
Sử
Sử
dụng
dụng
khóa
khóa
Không

Không
sử dụng
sử dụng
khóa
khóa
Không
Không
sử dụng
sử dụng
khóa
khóa
Cấu trúc Merkle-Damgård
Khối
Khối
1
1
Khối
Khối
1
1
f
f
f
f
Length
Length
padding
padding
Length
Length

padding
padding
f
f
f
f
Finali-
Finali-
sation
sation
Finali-
Finali-
sation
sation
IV
IV
IV
IV
Hash
Hash
Hash
Hash
Khối
Khối
2
2
Khối
Khối
2
2

f
f
f
f
Khối
Khối
n
n
Khối
Khối
n
n
f
f
f
f
,1?4k$0" 0@/+'1u";
,1?4k$0" 0@/+'1u";
&!_:;E1"#2
&!_:;E1"#2
D;E4)&*]U@'(
D;E4)&*]U@'(
MD5
&'h.010'10h35Bf5
&'h.010'10h35Bf5
k+0_1[+Uiiaq
k+0_1[+Uiiaq
D@$R??!'(
D@$R??!'(
2"6q

2"6q
MD5
Khởi gán các biến:
Khởi gán các biến:


a4Ianevh(VWaU
a4Ianevh(VWaU
U4Ianwx'*cyi
U4Ianwx'*cyi
V4Ianiyc*'xw
V4Ianiyc*'xw
W4IanUaWV(hve
W4IanUaWV(hve