
8f88af210cb7c81984c1c0b7b2f5cd51.ppt
- Количество слайдов: 86
ﺭﻣﺰﻧگﺎﺭﻱ ﻭ ﺍﻣﻨﻴﺖ ﺷﺒکﻪ ﺑﻬﺮﻭﺯ ﺗﺮﻛﻼﺩﺍﻧﻲ ladani@eng. ui. ac. ir 1
ﻓﻬﺮﺳﺖ ﻣﻄﺎﻟﺐ ﻣﻔﺎﻫﻴﻢ، ﺗﻌﺎﺭﻳﻒ ﻭ ﺍﺻﻄﻼﺣﺎﺕ ﺭﻣﺰﻧگﺎﺭﻱ ﻣﺘﻘﺎﺭﻥ ﺭﻣﺰﻧگﺎﺭﻱ ﻧﺎﻣﺘﻘﺎﺭﻥ )کﻠﻴﺪ ﻋﻤﻮﻣﻲ( Hash & MAC ﻣﺪﻳﺮﻳﺖ کﻠﻴﺪ ﺯﻳﺮﺳﺎﺧﺖ کﻠﻴﺪ ﻋﻤﻮﻣﻲ 2
ﺍﺻﻄﻼﺣﺎﺕ Security Architecture Requirements & Policies Information Security Features or Services Attackers/Intruders/ Malfeasors Security Mechanisms 3
ﺳﺮﻭﻳﺴﻬﺎﻱ ﺍﺳﺎﺳﻲ ﺍﻣﻨﻴﺖ ﺣﻔﺎﻇﺖ ﺍﺯ ﺷﺒﻜﺔ ﺧﻮﺩﻱ پﻴﻜﺮﺑﻨﺪﻱ ﻭ ﺑﻜﺎﺭگﻴﺮﻱ ﺍﻣﻦ ﺳﻴﺴﺘﻢ ﻋﺎﻣﻞ ﻣﺤﺎﻓﻈﺖ ﺷﺒﻜﻪ ﺑﻪ ﻛﻤﻚ ﺩﻳﻮﺍﺭﺓ آﺘﺶ ﺍﺭﺗﺒﺎﻁ ﺍﻣﻦ ﺑﻴﻦﺷﺒﻜﻪﺍﻱ ﺍﺭﺗﺒﺎﻁ ﺍﻣﻦﺳﺎﺯﻱ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺑﻪ ﻛﻤﻚ ﺭﻭﺵﻫﺎﻱ ﺭﻣﺰﻧگﺎﺭﻱ ﻣﺪﻳﺮﻳﺖ ﺍﻣﻨﻴﺖ 4
ﺍﻣﻨﻴﺖ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ ﺣﻔﺎﻇﺖ ﺷﺒﻜﻪ Virtual Private Network 5
ﺍﻣﻨﻴﺖ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ ﺣﻔﺎﻇﺖ ﺷﺒﻜﻪ ﺣﻔﺎﻇﺖ ﺍﺯ ﺷﺒﻜﻪ ﺍﻣﻨﻴﺖ ﺍﺭﺗﺒﺎﻃﺎﺕ SET, PEM, S-HTTP Kerberos, … SSL, TLS Application Presentation Session Application Proxy Circuit Proxy Transport IPSec PPTP Network Packet Filtering Datalink Physical 6
Model for Network Access Security 7
Model for Network Security 8
ﺭﻣﺰﻧگﺎﺭﻱ ﻣﺘﻘﺎﺭﻥ 9
ﺗﻌﺎﺭﻳﻒ Plaintext : • ﻣﺘﻦ ﻭﺍﺿﺢ Ciphertext: • ﻣﺘﻦ ﺭﻣﺰﺷﺪﻩ Encryption/Encode/Encipher • Decryption/Decode/Decipher • C=E(P) P=D(C) P=D(E(P)) • 10
ﺭﻣﺰﻫﺎﻱ کﻼﺳﻴک )ﺩﻭ ﺭﻭﺵ پﺎﻳﻪﺍﻱ( • ﺍﺯ ﺯﻣﺎﻥ ﺟﻨگ ﺟﻬﺎﻧﻲ ﺩﻭﻡ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲ گﺮﻓﺘﻨﺪ • ﺍﻧﺠﺎﻡ ﺩﺍﺩﻥ ﺑﺎ ﺩﺳﺖ ﻗﺒﻞ ﺍﺯ ﺑﻪ ﻭﺟﻮﺩ آﻤﺪﻥ ﺳﻴﺴﺘﻢ ﻫﺎﻱ کﺎﻣپﻴﻮﺗﺮﻱ ﺍﻣﺮﻭﺯﻱ • ﺟﺎﻧﺸﻴﻨﻲ – ﺟﺎﻧﺸﻴﻨﻲ ﻳک ﺣﺮﻑ ﺑﺎ ﺣﺮﻑ ﺩﻳگﺮ – ﺗک ﺍﻟﻔﺒﺎﻳﻲ – چﻨﺪ ﺍﻟﻔﺒﺎﻳﻲ 11 • ﺟﺎﻳگﺸﺘﻲ – ﺟﺎﺑﺠﺎﻳﻲ ﺑﻴﻦ ﺣﺮﻭﻑ ﻣﺘﻦ ﺍﺻﻠﻲ – ﻫﺪﻑ ) diffusion ﺩﺭﻫﻤﺮﻳﺨﺘگﻲ( ﺑﻴﺸﺘﺮ ﺍﺳﺖ
ﺟﺎﻧﺸﻴﻨﻲ ﺳﺰﺍﺭ- ﺗک ﺍﻟﻔﺒﺎﻳﻲ send another catapult abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz K=y C = P + K (mod 26) r rdmc zmnsqds bzszotks • ﺑﻪ ﺧﺎﻃﺮ ﺳپﺎﺭﻱ آﺴﺎﻥ ﻫﺎ ﺑﻪ آﺴﺎﻧﻲ pattern • ﻣﺸﺎﻫﺪﻩ ﺭﻣﺰ ﺟﺎﻧﺸﻴﻨﻲ ﺗک ﺍﻟﻔﺒﺎﻳﻲ 12
ﺭﻣﺰﻧگﺎﺭﻱ ﻣﺘﻘﺎﺭﻥ • ﺩﻭ ﻃﺮﻑ ﺑﻪ ﺩﻧﺒﺎﻝ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﻣﺤﺮﻣﺎﻧﻪ ﻫﺴﺘﻨﺪ. – ﺍﺭﺗﺒﺎﻁ ﺑﺮ ﺭﻭﻱ ﻣﺤﻴﻂ ﻧﺎ ﺍﻣﻦ ﺍﻧﺠﺎﻡ ﻣﻴپﺬﻳﺮﺩ. ﺑﺮﺍﻱ ﺗﺒﺎﺩﻝ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﻣﺨﻔﻲ ﻧﻴﺎﺯ ﺑﻪ کﺎﻧﺎﻝ ﺍﻣﻦ ﺍﺳﺖ. • ﻃﺮﻓﻴﻦ پﻴﺎﻣﻬﺎﻱ ﺧﻮﺩ ﺭﺍ ﺭﻣﺰ ﻣﻴکﻨﻨﺪ. – ﺭﻣﺰ ﻧگﺎﺭﻱ ﻣﺘﻘﺎﺭﻥ: کﻠﻴﺪ ﻣﺨﻔﻲ 31 ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰ ﻧگﺎﺭﻱ آﻨﻬﺎ ﺗﺎﺑﻊ ﺍﻃﻼﻋﺎﺕ ﻣﺨﻔﻲ ﺍﺳﺖ کﻪ ﻓﻘﻂ ﺧﻮﺩ ﺍﺯ آﻨﻬﺎ ﻣﻄﻠﻊ ﻣﻴﺒﺎﺷﻨﺪ.
Adversary EVE Bob ﻣﺤﺮﻣﺎﻧگﻲ . . . 1 ﺷﺒکﻪ ﻧﺎﺍﻣﻦ 01 10 Alice 41 کﻠﻴﺪ ﻣﺘﻘﺎﺭﻥ ﺑﻪ ﻃﻮﺭ ﺍﻣﻦ ﻣﻨﺘﻘﻞ ﻣﻴﺸﻮﺩ
ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﻫﺎﻱ ﻣﺘﻘﺎﺭﻥ • ﺭﻣﺰﻫﺎﻱ ﻣﺘﻘﺎﺭﻥ ﺭﺍ ﻣﻲ ﺗﻮﺍﻥ ﺑﺎ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﺗﻮﻟﻴﺪ کﺮﺩ – ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﻬﻢ : • ﺭﻣﺰﻫﺎﻱ ﻗﻄﻌﻪ ﺍﻱ )ﻗﺎﻟﺒﻲ( – پﺮﺩﺍﺯﺵ پﻴﻐﺎﻡ ﻫﺎ ﺑﺼﻮﺭﺕ ﻗﻄﻌﻪ ﺑﻪ ﻗﻄﻌﻪ – ﺳﺎﻳﺰ ﻣﺘﻌﺎﺭﻑ ﻗﻄﻌﺎﺕ 46، 821 ﻳﺎ 652 ﺑﻴﺖ • ﺭﻣﺰﻫﺎﻱ ﺩﻧﺒﺎﻟﻪ ﺍﻱ – پﺮﺩﺍﺯﺵ پﻴﻐﺎﻡ ﻫﺎ ﺑﺼﻮﺭﺕ پﻴﻮﺳﺘﻪ 51
ﺭﻣﺰﻫﺎﻱ ﻗﻄﻌﻪ ﺍﻱ ﻣﺘﻦ ﻭﺍﺿﺢ )ﺗﻘﺴﻴﻢ ﺷﺪﻩ ﺑﻪ ﻗﻄﻌﺎﺕ( ﻗﻄﻌﺎﺕ ﺧﺮﻭﺟﻲ 61
ﺍﺻﻮﻝ ﺭﻣﺰﻫﺎﻱ ﻗﻄﻌﻪ ﺍﻳﻲ • ﻧگﺎﺷﺖ ﻗﻄﻌﺎﺕ ﻣﺘﻦ ﻭﺍﺿﺢ ﺑﻪ ﻗﻄﻌﺎﺕ ﻣﺘﻦ ﺭﻣﺰﺷﺪﻩ ﺑﺎﻳﺪ ﺑﺮگﺸﺖ پﺬﻳﺮ )ﻳﻚ ﺑﻪ ﻳﻚ( ﺑﺎﺷﺪ. • ﺍﻟگﻮﺭﻳﺘﻢ ﻗﻄﻌﺎﺕ ﻭﺭﻭﺩﻱ ﺭﺍ ﺩﺭ چﻨﺪ ﻣﺮﺣﻠﻪ ﺳﺎﺩﻩ ﻭ ﻣﺘﻮﺍﻟﻲ پﺮﺩﺍﺯﺵ ﻣﻴکﻨﺪ. ﺑﻪ ﺍﻳﻦ ﻣﺮﺍﺣﻞ ﺩﻭﺭ ﻣﻴگﻮﻳﻴﻢ. • ﻫﺮ ﺩﻭﺭ ﻋﻤﻮﻣ ﻣﺒﺘﻨﻲ ﺑﺮ ﺗﺮﻛﻴﺐ ﺍﻋﻤﺎﻝ ﺳﺎﺩﻩ ﺍﻱ ﻫﻤچﻮﻥ ﺟﺎﻳگﺰﻳﻨﻲ ﻭ ﺟﺎﻳگﺸﺖ ﺍﺳﺘﻮﺍﺭ ﺍﺳﺖ. 71
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺭﻣﺰﻫﺎﻱ ﻗﻄﻌﻪ ﺍﻱ آﻤﺮﻳکﺎ • ﺭﻣﺰﻫﺎﻱ ﻗﻄﻌﻪ ﺍﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ – ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰگﺬﺍﺭﻱ ﺩﺍﺩﻩ DES – ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰگﺬﺍﺭﻱ پﻴﺸﺮﻓﺘﻪ AES • ﺗﺤﺖ ﻧﻈﺎﺭﺕ ) National Institute of Science and Technology (NIST 81
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰگﺬﺍﺭﻱ ﺩﺍﺩﻩ DES • ﻣﺮﻭﺭ – ﺩﺭ ﺳﺎﻝ 4791 ﺗﻮﺳﻂ IBM ﺗﻮﻟﻴﺪ ﺷﺪ • پﺲ ﺍﺯ ﺍﻧﺠﺎﻡ ﺗﻐﻴﻴﺮﺍﺗﻲ ﺗﻮﺳﻂ ،NSA ﺩﺭ ﺳﺎﻝ 6791 NIST آﻦ ﺭﺍ پﺬﻳﺮﻓﺖ. – ﺍﺳﺎﺱ ﺍﻟگﻮﺭﻳﺘﻢ ﺗﺮﻛﻴﺒﻲ ﺍﺯ ﻋﻤﻠﻴﺎﺕ ﺟﺎﻳگﺰﻳﻨﻲ ﻭ ﺟﺎﻳگﺸﺖ ﻣﻲﺑﺎﺷﺪ. – ﻣﺸﺨﺼﺎﺕ: • ﻃﻮﻝ ﻛﻠﻴﺪ 65 ﺑﻴﺖ • ﻃﻮﻝ ﻗﻄﻌﻬﻬﺎﻱ ﻭﺭﻭﺩﻱ ﻭ ﺧﺮﻭﺟﻲ : 46 ﺑﻴﺖ • ﺗﻌﺪﺍﺩ ﺩﻭﺭﻫﺎ: 61 ﺩﻭﺭ – ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰگﺬﺍﺭﻱ ﻭ ﺭﻣﺰگﺸﺎﻳﻲ ﻋﻤﻮﻣﻲ ﻫﺴﺘﻨﺪ, ﻭﻟﻲ ﻣﺒﺎﻧﻲ ﺭﻳﺎﺿﻲ ﻭ ﺍﺻﻮﻝ ﻃﺮﺍﺣﻲ آﻨﻬﺎ ﻓﺎﺵ ﻧﺸﺪ. – ﺩﺭ گﺬﺷﺘﻪ ﺑﺴﻴﺎﺭ پﺮ ﺍﺳﺘﻔﺎﺩﻩ ﺑﻮﺩ. ﺗﺸﺮﻳﺢ ﻧﺤﻮﻩ ﻋﻤﻠکﺮﺩ DES 91
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰگﺬﺍﺭﻱ ﺩﺍﺩﻩ DES ﻗﻄﻌﻪ 46 ﺑﻴﺘﻲ ﻣﺘﻦ ﻭﺍﺿﺢ ﺯﻳﺮ کﻠﻴﺪ ﺩﻭﺭ ﺗﻮﻟﻴﺪ ﺯﻳﺮ کﻠﻴﺪﻫﺎﻱ 84 ﺑﻴﺘﻲ ﺍﺯ کﻠﻴﺪ ﺍﺻﻠﻲ 65 ﺑﻴﺘﻲ ﺑﺮﺍﻱ ﻫﺮ ﺩﻭﺭ 1 ﺩﻭﺭ 2 ﺩﻭﺭ 51 ﺩﻭﺭ 61 02 کﻠﻴﺪ 65 ﺑﻴﺘﻲ ﻗﻄﻌﻪ 46 ﺑﻴﺘﻲ ﻣﺘﻦ ﺭﻣﺰﺷﺪﻩ
One Feistel round ﺗﻮﺳﻂ ﺯﻣﺎﻧﺒﻨﺪﻱ کﻠﻴﺪ ﺗﻮﻟﻴﺪ . ﻣﻴﺸﻮﺩ Li (32 bit) Ri (32 bit) Ki (48 bit) “round key” f “round function” Li+1 Ri+1 21
DES ﺭﻣﺰ Feistel ﺳﺎﺧﺘﺎﺭ X (64) Initial Permutation (32) F + F (48) K 2 F + K 1 F (48) K 3 (56) K … + (48) Key Scheduler + (48) K 16 Initial Permutation-1 Y (64) 22
DES ﺗﺎﺑﻊ ﺩﻭﺭ 32 expansion 48 Ki کﻠﻴﺪ ﺩﻭﺭ 48 6 to 4 6 to 4 S-box S-box 32 permutation 23
DES ﺗﺎﺑﻊ ﺩﻭﺭ + + + + + + + + + + + + S 1 S 2 S 3 S 4 S 5 S 6 S 7 S 8 P 24
Key-schedule Permuted choice 48 bits Di-1 (28 bit) ﺷﻴﻔﺖ ﺑﻪ چپ PC 2 Ki Ci-1 (28 bit) Ci (28 bit) Di (28 bit) 25
ﺯﻣﺎﻧﺒﻨﺪﻱ کﻠﻴﺪ K (56) Permuted Choice 1 (28) Left shift(s) (28) K 1 (48) Permuted Choice 2 Left shift(s) (48) Left shift(s) Permuted Choice 2 … K 2 (28) • ﻫﺮ ﺑﻴﺖ کﻠﻴﺪ ﺣﺪﻭﺩ ﺩﺭ 41 ﺩﻭﺭ ﺍﺯ 61 ﺩﻭﺭ . ﺍﺳﺘﻔﺎﺩﻩ ﻣﻴﺸﻮﺩ 26
ﻳک S-Box ﺍﺯ DES ﺷﻤﺎﺭﻩ ﺳﺘﻮﻥ 51 41 31 21 11 01 9 8 7 6 5 4 3 2 1 0 ﺷﻤﺎﺭﻩ ↓ﺳﻄﺮ 7 0 9 5 21 6 01 3 8 11 51 2 1 31 4 41 0 8 3 5 9 11 21 6 01 1 31 2 41 4 7 51 0 5 01 3 7 9 21 51 11 2 6 31 8 41 1 4 2 31 6 0 01 41 3 11 5 7 1 9 4 2 8 21 51 3 72
DES ﺍﺯ ﺭﺩﻩ ﺧﺎﺭﺝ ﺷﺪﻩ ﺍﺳﺖ • ﺩﺭ ژﺎﻧﻮﻳﻪ 9991 ﺍﻳﻦ ﺍﻟگﻮﺭﻳﺘﻢ ﺗﻮﺳﻂ آﺰﻣﻮﻥ ﺟﺎﻣﻊ ﻓﻀﺎﻱ کﻠﻴﺪ ﺩﺭ 32 ﺳﺎﻋﺖ ﺷکﺴﺘﻪ ﺷﺪ! – ﺑﻴﺶ ﺍﺯ ﻫﺰﺍﺭ کﺎﻣپﻴﻮﺗﺮ ﺑﺮ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﻫﺮ ﻳک ﺑﺨﺶ کﻮچکﻲ ﺍﺯ کﺎﺭ ﺟﺴﺘﺠﻮ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﺍﺩﻧﺪ. • ﺑﻪ ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ ﺍﻣﻦ ﺗﺮ ﺑﺎ ﻃﻮﻝ کﻠﻴﺪ ﺑﺎﻻﺗﺮ ﻧﻴﺎﺯ ﺩﺍﺭﻳﻢ. • DES ﻃﺮﺍﺣﻲ ﺷﻔﺎﻑ ﻭ ﺭﻭﺷﻦ ﻧﺪﺍﺭﺩ. 82
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰگﺬﺍﺭﻱ پﻴﺸﺮﻓﺘﻪ AES • NIST ﺩﺭ ﺳﺎﻝ 7991 ﻣﺴﺎﺑﻘﻪ ﺍﻱ ﺩﻭ ﻣﺮﺣﻠﻪ ﺍﻱ ﺑﺮﺍﻱ ﻃﺮﺍﺣﻲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺟﺪﻳﺪ ﺑﺮگﺰﺍﺭ کﺮﺩ. – ﺗﻤﺎﻡ ﻃﺮﺍﺣﻲ ﻫﺎ ﺑﺎﻳﺪ ﺑﺮ ﺍﺳﺎﺱ ﺍﺻﻮﻝ کﺎﻣﻼ ﺭﻭﺷﻦ ﺍﻧﺠﺎﻡ ﺷﻮﻧﺪ. – ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘﻲ آﻤﺮﻳکﺎ ﺣﻖ ﻫﻴچ گﻮﻧﻪ ﺩﺧﺎﻟﺘﻲ ﺩﺭ ﻃﺮﺍﺣﻲ ﺍﻟگﻮﺭﻳﺘﻢ ﻧﺪﺍﺭﻧﺪ. • ﺩﺭ ﺳﺎﻝ 0002 ﺭﺍﻳﻨﺪﺍﻝ ) (Rijndael ﺑﻪ ﻋﻨﻮﺍﻥ ﺑﺮﻧﺪﻩ ﺍﻋﻼﻡ ﺷﺪ – ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰگﺬﺍﺭﻱ پﻴﺸﺮﻓﺘﻪ AES 92
ﻣﺸﺨﺼﺎﺕ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰگﺬﺍﺭﻱ پﻴﺸﺮﻓﺘﻪ AES • ﻃﻮﻝ ﻛﻠﻴﺪ 821، 291 ﻭ ﻳﺎ 652 ﺑﻴﺖ • ﻃﻮﻝ ﻗﻄﻌﻬﻬﺎﻱ ﻭﺭﻭﺩﻱ ﻭ ﺧﺮﻭﺟﻲ : 821، 291 ﻭ ﻳﺎ 652 ﺑﻴﺖ • ﺗﻌﺪﺍﺩ ﺩﻭﺭﻫﺎ: ﺑﺴﺘﻪ ﺑﻪ ﻃﻮﻝ کﻠﻴﺪ ﻭ ﻃﻮﻝ ﻗﻄﻌﻪ، – ﺑﺮﺍﻱ 821 ﺑﻴﺖ: 9 ﺩﻭﺭ 03
Other Block Ciphers • Blowfish, Twofish – Bruce Schneier et al • CAST – Entrust – S-boxes not fixed • FEAL – more complex per round than DES so fewer rounds FEAL-4 broken with 5 known plaintexts • GOST – Soviet “DES” std with 256 -bit keys, 32 rounds • IDEA – 128 -bit keys, PGP used in early versions • RC 2 – “Ron’s code” (Ron Rivest), variable size key • RC 5 – variable size key • RC 6 – candidate for AES • Skipjack – 80 -bit key, 32 rounds, NSA initially classified 31
ﻣﺪﻫﺎﻱ کﺎﺭﻱ ﺭﻣﺰﻫﺎﻱ ﻗﻄﻌﻪ ﺍﻱ : • ﺑﺮﺧﻲ ﻣﺪﻫﺎﻱ کﺎﺭﻱ – ECB: Electronic Code Book – CBC: Cipher Block Chaining – CTR: Counter Mode – CFB: Cipher Feed Back – OFB: Output Feed Back . . . پﻴﺎﺩﻩ ﺳﺎﺯﻱ CAST-128 ،DES ،AES • ﻣﺪﻫﺎﻱ کﺎﺭﻱ ﺭﺍ ﻣﻲ ﺗﻮﺍﻥ ﺑﺎ . کﺮﺩ 32
2 -CBC ﻣﺪ کﺎﺭﻱ : • ﺭﻣﺰ ﻧگﺎﺭﻱ P 1 P 2 P 3 IV + + + K E K C 1 E K C 2 E PN CN-1 … + K E C 3 CN-1 : • ﺭﻣﺰ گﺸﺎﻳﻲ C 1 K IV D C 2 K D C 3 K CN D K D CN-1 + + P 1 P 2 P 3 PN 33
ﺭﻣﺰﻧگﺎﺭﻱ ﻧﺎﻣﺘﻘﺎﺭﻥ )کﻠﻴﺪ ﻋﻤﻮﻣﻲ( 43
ﻣﺒﺎﻧﻲ ﺭﻣﺰﻧگﺎﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ • ﺭﻣﺰﻧگﺎﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺳﺎﺳ ﺑﺎ ﺍﻧگﻴﺰﻩ ﺭﺳﻴﺪﻥ ﺑﻪ ﺩﻭ ﻫﺪﻑ ﻃﺮﺍﺣﻲ ﺷﺪ: • ﺣﻞ ﻣﺴﺎﻟﻪ ﺗﻮﺯﻳﻊ کﻠﻴﺪ • ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻝ • ﺩﻳﻔﻲ ﻭ ﻫﻠﻤﻦ ﺍﻭﻟﻴﻦ ﺭﺍﻩ ﺣﻞ ﺭﺍ ﺩﺭ 6791 ﺍﺭﺍﻳﻪ ﺩﺍﺩﻧﺪ. 53
ﺭﻣﺰﻧگﺎﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ • • 63 کﻠﻴﺪ ﻫﺎﻱ ﺭﻣﺰگﺬﺍﺭﻱ ﻭ ﺭﻣﺰگﺸﺎﻳﻲ ﻣﺘﻔﺎﻭﺕ ﺍﻣﺎ ﻣﺮﺗﺒﻂ ﻫﺴﺘﻨﺪ. ﺭﺳﻴﺪﻥ ﺑﻪ کﻠﻴﺪ ﺭﻣﺰگﺸﺎﻳﻲ ﺍﺯ کﻠﻴﺪ ﺭﻣﺰگﺬﺍﺭﻱ ﺍﺯ ﻟﺤﺎﻅ ﻣﺤﺎﺳﺒﺎﺗﻲ ﻧﺎﻣﻤکﻦ ﻣﻲ ﺑﺎﺷﺪ. ﺭﻣﺰگﺬﺍﺭﻱ ﺍﻣﺮﻱ ﻫﻤگﺎﻧﻲ ﻣﻴﺒﺎﺷﺪ ﻭ ﺍﺳﺎﺳ ﻧﻴﺎﺯﻱ ﺑﻪ ﺍﺷﺘﺮﺍک گﺬﺍﺷﺘﻦ ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﻧﺪﺍﺭﺩ. ﺭﻣﺰ گﺸﺎﻳﻲ ﺍﺯ ﻃﺮﻑ ﺩﻳگﺮ ﺍﻣﺮﻱ ﺍﺧﺘﺼﺎﺻﻲ ﺑﻮﺩﻩ ﻭ ﻣﺤﺮﻣﺎﻧگﻲ پﻴﺎﻣﻬﺎ ﻣﺤﻔﻮﻅ ﻣﻴﻤﺎﻧﺪ.
ﺭﻣﺰگﺬﺍﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ • ﺑﺮﺍﻱ ﺭﻣﺰ ﻧگﺎﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ گﺎﻣﻬﺎﻱ ﺯﻳﺮ ﺭﺍ ﺑﺮﻣﻴﺪﺍﺭﻳﻢ: ü ﻫﺮ کﺎﺭﺑﺮ ﻳک ﺯﻭﺝ کﻠﻴﺪ ﺭﻣﺰگﺬﺍﺭﻱ ﻭ ﺭﻣﺰ گﺸﺎﻳﻲ ﺗﻮﻟﻴﺪ ﻣﻴکﻨﺪ. ü کﺎﺭﺑﺮﺍﻥ کﻠﻴﺪ ﺭﻣﺰگﺬﺍﺭﻱ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺻﻮﺭﺕ ﻋﻤﻮﻣﻲ ﺍﻋﻼﻥ ﻣﻴکﻨﻨﺪ ﺩﺭﺣﺎﻟﻲ کﻪ کﻠﻴﺪ ﺭﻣﺰ گﺸﺎﻳﻲ ﻣﺨﻔﻲ ﻣﻴﺒﺎﺷﺪ. ü ﻫﻤگﺎﻥ ﻗﺎﺩﺭ ﺑﻪ ﺍﺭﺳﺎﻝ پﻴﺎﻡ ﺭﻣﺰ ﺷﺪﻩ ﺑﺮﺍﻱ ﻫﺮ کﺎﺭﺑﺮ ﺩﻟﺨﻮﺍﻩ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ کﻠﻴﺪ ﺭﻣﺰگﺬﺍﺭﻱ )ﻋﻤﻮﻣﻲ( ﺍﻭ ﻣﻴﺒﺎﺷﻨﺪ. ü ﻫﺮ کﺎﺭﺑﺮ ﻣﻴﺘﻮﺍﻧﺪ ﺑﺎ کﻤک کﻠﻴﺪ ﺭﻣﺰگﺸﺎﻳﻲ )ﺧﺼﻮﺻﻲ( پﻴﺎﻣﻬﺎﻳﻲ کﻪ ﺑﺎ کﻠﻴﺪ ﺭﻣﺰگﺬﺍﺭﻱ )ﻋﻤﻮﻣﻲ( ﺍﻭ ﺭﻣﺰ ﺷﺪﻩ ﺭﻣﺰگﺸﺎﻳﻲ کﻨﺪ. 73
ﺭﻣﺰگﺬﺍﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ 83
ﻣﻘﺎﻳﺴﻪ ﺭﻣﺰﻧگﺎﺭﻱ ﻣﺮﺳﻮﻡ ﻭ ﺭﻣﺰﻧگﺎﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ • ﺭﻣﺰﻧگﺎﺭﻱ ﻣﺮﺳﻮﻡ )کﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻳﺎ کﻠﻴﺪ ﻣﺘﻘﺎﺭﻥ( • ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻛﻠﻴﺪ ﻳکﺴﺎﻥ ﻭ ﻣﺨﻔﻲ ﺑﺮﺍﻱ ﺭﻣﺰگﺬﺍﺭﻱ ﻭ ﺭﻣﺰگﺸﺎﻳﻲ • ﻣﺸﻜﻞ ﻣﺪﻳﺮﻳﺖ ﻛﻠﻴﺪﻫﺎ ü ﻧﻴﺎﺯ ﺑﻪ ﺗﻮﺍﻓﻖ ﺑﺮ ﺭﻭﻱ ﻛﻠﻴﺪ پﻴﺶ ﺍﺯ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ü ﺑﺮﺍﻱ ﺍﺭﺗﺒﺎﻁ n ﻧﻔﺮ ﺑﺎﻫﻢ ﺑﻪ 2/)1 - n(n ﻛﻠﻴﺪ ﺍﺣﺘﻴﺎﺝ ﺩﺍﺭﻳﻢ • ﻋﺪﻡ پﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺍﻣﻀﺎﺀ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ • ﺳﺮﻳﻊﺗﺮ ﺍﺯ ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰگﺬﺍﺭﻱ ﺑﺎ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ 93
ﻣﺤﺮﻣﺎﻧگﻲ ﻭ ﺍﺣﺮﺍﺯ ﻫﻮﻳﺖ ﺑﻪ ﺻﻮﺭﺕ ﻫﻤﺰﻣﺎﻥ ﺭﻣﺰگﺬﺍﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ: ﻣﺤﺮﻣﺎﻧگﻲ ﻭ ﺍﺣﺮﺍﺯ ﻫﻮﻳﺖ ﺑﻪ ﺻﻮﺭﺕ ﻫﻤﺰﻣﺎﻥ 04
ﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﺭﻣﺰگﺬﺍﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ • ﺩﺳﺘﻪ ﺑﻨﺪﻱ ﻛﻠﻲ ﻛﺎﺭﺑﺮﺩﻫﺎ ü ﺭﻣﺰگﺬﺍﺭﻱ/ ﺭﻣﺰ گﺸﺎﻳﻲ : ﺑﺮﺍﻱ ﺣﻔﻆ ﻣﺤﺮﻣﺎﻧگﻲ ü ﺍﻣﻀﺎﺀ ﺭﻗﻤﻲ : ﺑﺮﺍﻱ ﺣﻔﻆ ﺍﺻﺎﻟﺖ پﻴﺎﻡ ﻭ ﻣﻌﻴﻦ ﻧﻤﻮﺩﻥ ﻓﺮﺳﺘﻨﺪﻩ پﻴﺎﻡ )پﻴﻮﻧﺪ ﺩﺍﺩﻥ پﻴﺎﻡ ﺑﺎ ﺍﻣﻀﺎﺀ کﻨﻨﺪﻩ( ü ﺗﻮﺯﻳﻊ ﻛﻠﻴﺪ : ﺑﺮﺍﻱ ﺗﻮﺍﻓﻖ ﻃﺮﻓﻴﻦ ﺭﻭﻱ ﻛﻠﻴﺪ ﻧﺸﺴﺖ ﻣﺨﻔﻲ 14
ﻛﻠﻴﺎﺕ ﺍﻟگﻮﺭﻳﺘﻢ ﺭﻣﺰ ﻧگﺎﺭﻱ RSA • ﻛﻠﻴﺎﺕ ü ﺗﻮﺳﻂ Rivest-Shamir -Adleman ﺩﺭ ﺳﺎﻝ 7791 ﺩﺭ MIT ﺍﺭﺍﺋﻪ ﺷﺪ ü ﻣﺸﻬﻮﺭﺗﺮﻳﻦ ﻭ پﺮﻛﺎﺭﺑﺮﺩﺗﺮﻳﻦ ﺍﻟگﻮﺭﻳﺘﻢ ﺭﻣﺰگﺬﺍﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ü ﻣﺒﺘﻨﻲ ﺑﺮ ﺗﻮﺍﻥ ﺭﺳﺎﻧﻲ پﻴﻤﺎﻧﻪ ﺍﻳﻲ ü ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻋﺪﺍﺩ ﻃﺒﻴﻌﻲ ﺧﻴﻠﻲ ﺑﺰﺭگ ü ﺍﻣﻨﻴﺖ آﻦ ﻧﺎﺷﻲ ﺍﺯ ﺩﺷﻮﺍﺭ ﺑﻮﺩﻥ ﺗﺠﺰﻳﻪ ﺍﻋﺪﺍﺩ ﺑﺰﺭگ، کﻪ ﺣﺎﺻﻠﻀﺮﺏ ﺩﻭ ﻋﺎﻣﻞ ﺍﻭﻝ ﺑﺰﺭگ ﻫﺴﺘﻨﺪ، ﻣﻲ ﺑﺎﺷﺪ. ü ﻣﺴﺘﻨﺪﺍﺕ ﻣﺮﺑﻮﻁ ﺑﻪ آﻦ ﺗﺤﺖ ﻋﻨﻮﺍﻥ PKCS ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺷﺪﻩ ﺍﺳﺖ. 24
ﻧﻤﺎﺩگﺬﺍﺭﻱ RSA • : N پﻴﻤﺎﻧﻪ ﻣﺤﺎﺳﺒﺎﺕ • : e ﻧﻤﺎﻱ ﺭﻣﺰگﺬﺍﺭﻱ • : d ﻧﻤﺎﻱ ﺭﻣﺰگﺸﺎﻳﻲ • : M پﻴﺎﻡ ، ﻋﺪﺩ ﺻﺤﻴﺢ ﻣﺘﻌﻠﻖ ﺑﻪ • ﺗﺎﺑﻊ : RSA • ﺗﺎﺑﻊ ﻣﻌکﻮﺱ: 34 ﺩﺭﻳچﻪ ﺗﺎﺑﻊ ﻫﻤﺎﻥ d ﻣﻴﺒﺎﺷﺪ.
RSA Key generation 44
RSA Encryption and Decryption 45
ﻗﺮﺍﺭﺩﺍﺩﻫﺎ ﻭ پﺮﺗکﻞ RSA • ﻫﻢ ﻓﺮﺳﺘﻨﺪﻩ ﻭ ﻫﻢ گﻴﺮﻧﺪﻩ ﻣﻘﺪﺍﺭ N ﺭﺍ ﻣﻲﺩﺍﻧﻨﺪ • ﻓﺮﺳﺘﻨﺪﻩ ﻣﻘﺪﺍﺭ e ﺭﺍ ﻣﻲﺩﺍﻧﺪ ü کﻠﻴﺪ ﻋﻤﻮﻣﻲ : ) (N , e • ﺗﻨﻬﺎ گﻴﺮﻧﺪﻩ ﻣﻘﺪﺍﺭ d ﺭﺍ ﻣﻲﺩﺍﻧﺪ ü کﻠﻴﺪ ﺧﺼﻮﺻﻲ : ) (N, d • ﻧﻴﺎﺯﻣﻨﺪﻳﻬﺎ: ü ﻣﺤﺎﺳﺒﻪ Me ﻭ Cd آﺴﺎﻥ ﺑﺎﺷﺪ ü ﻣﺤﺎﺳﺒﻪ d ﺑﺎ ﺩﺍﻧﺴﺘﻦ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻏﻴﺮﻣﻤﻜﻦ ﺑﺎﺷﺪ 64
-ﻣﺜﺎﻝ RSA p = 17, q = 11, n = p*q= 187 (n) = 16*10 =160, pick e=7, d. e=1 mod (n) d = 23 47
Hash & MAC 48
ﺍﺣﺮﺍﺯ ﺗﻤﺎﻣﻴﺖ پﻴﺎﻡ چﻴﺴﺖ؟ • ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ: – ﺗﻤﺎﻣﻴﺖ پﻴﺎﻡ؛ ﻳﻌﻨﻲ پﻴﺎﻡ ﺩﺭﻳﺎﻓﺘﻲ ﺩﺳﺘکﺎﺭﻱ ﻧﺸﺪﻩ ﺍﺳﺖ: – ﺑﺪﻭﻥ ﺗﺼﺤﻴﺢ، – ﺑﺪﻭﻥ ﺩﺭﺝ، – ﺑﺪﻭﻥ ﺣﺬﻑ – پﻴﺎﻡ ﺍﺯ ﺟﺎﻧﺐ ﻓﺮﺳﺘﻨﺪﻩ ﺍﺩﻋﺎ ﺷﺪﻩ ﺍﺭﺳﺎﻝ ﺷﺪﻩ ﺍﺳﺖ 94
Adversary EVE Bob 1. . 01 10 1 . ﻣﺤﺮﻣﺎﻧگﻲ Shared Network ﺗﻤﺎﻣﻴﺖ پﻴﺎﻡ Alice 50
کﺪ ﻫﺎﻱ ﺍﺣﺮﺍﺯ ﺗﻤﺎﻣﻴﺖ پﻴﺎﻡ • ﺗﻮﻟﻴﺪ ﻳک ﺑﺮچﺴﺐ ﺑﺎ ﻃﻮﻝ ﺛﺎﺑﺖ: – – ﻭﺍﺑﺴﺘﻪ ﺑﻪ پﻴﺎﻡ ﻟﺰﻭﻣ ﺑﺮگﺸﺖ پﺬﻳﺮ ﻧﻴﺴﺖ ﻧﻴﺎﺯﻣﻨﺪ ﻳک کﻠﻴﺪ ﻣﺨﻔﻲ ﻣﺸﺘﺮک ﺑﻴﻦ ﻃﺮﻓﻴﻦ آﻨﺮﺍ ﺑﻪ ﺍﺧﺘﺼﺎﺭ MAC ﻣﻴﻨﺎﻣﻨﺪ. ﻧﺎﻡ ﺩﻳگﺮ “ ”Cryptographic Checksum • ﺍﻳﻦ ﺑﺮچﺴﺐ ﺭﺍ ﺑﻪ پﻴﺎﻡ ﺍﺿﺎﻓﻪ ﻣﻴکﻨﻨﺪ • گﻴﺮﻧﺪﻩ ﺧﻮﺩ ﺑﺮچﺴﺐ پﻴﺎﻡ ﺭﺍ ﻣﺤﺎﺳﺒﻪ ﻧﻤﻮﺩﻩ ﻭ ﺑﺎ ﺑﺮچﺴﺐ ﺍﺭﺳﺎﻟﻲ ﻣﻘﺎﻳﺴﻪ ﻣﻴکﻨﺪ. • ﺍﺯ ﺗﻤﺎﻣﻴﺖ پﻴﺎﻡ ﻭ ﻫﻮﻳﺖ ﻓﺮﺳﺘﻨﺪﻩ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻣﻴﺸﻮﺩ. 15
کﺪ ﻫﺎﻱ ﺍﺣﺮﺍﺯ ﺗﻤﺎﻣﻴﺖ پﻴﺎﻡ ﺗﻤﺎﻣﻴﺖ 25
کﺪ ﻫﺎﻱ ﺍﺣﺮﺍﺯ ﺗﻤﺎﻣﻴﺖ پﻴﺎﻡ ﻣﺤﺮﻣﺎﻧگﻲ ﻭ ﺗﻤﺎﻣﻴﺖ 35
ﺗﻮﺍﺑﻊ ﺩﺭﻫﻢ ﺳﺎﺯ • • 45 ﺗﺎﺑﻊ ﻳﻚﻃﺮﻓﻪ، ﻃﻮﻝ ﻭﺭﻭﺩﻱ ﻣﺘﻐﻴﺮ ﻃﻮﻝ ﺧﺮﻭﺟﻲ ﺛﺎﺑﺖ )ﻧگﺎﺷﺖ ﺍﺯ ﻓﻀﺎﻱ ﺑﺰﺭگﺘﺮ ﺑﻪ ﻓﻀﺎﻱ ﻛﻮچﻜﺘﺮ( ﺩﺭ ﺣﺎﻟﺖ کﻠﻲ، کﻠﻴﺪﻱ ﺩﺭ کﺎﺭ ﻧﻴﺴﺖ!
ﺗﻮﺍﺑﻊ ﺩﺭﻫﻢ ﺳﺎﺯ ﻭ ﺭﻣﺰ ﻧگﺎﺭﻱ ﻣﺘﻘﺎﺭﻥ: ﺗﻤﺎﻣﻴﺖ ﺍگﺮ پﻴﺎﻡ ’ M ﺭﺍ ﺑﺘﻮﺍﻥ ﻳﺎﻓﺖ ﺑﻄﻮﺭﻳکﻪ )’ ) H(M) = H(M ﺗﺼﺎﺩﻡ ﺿﻌﻴﻒ( M ﺭﺍ ﻣﻴﺘﻮﺍﻥ ﺗﻮﺳﻂ ’ M ﺟﻌﻞ ﻧﻤﻮﺩ 55
ﺗﻮﺍﺑﻊ ﺩﺭﻫﻢ ﺳﺎﺯ ﻭ ﺭﻣﺰ ﻧگﺎﺭﻱ ﻣﺘﻘﺎﺭﻥ: ﻣﺤﺮﻣﺎﻧگﻲ ﻭ ﺗﻤﺎﻣﻴﺖ 65
ﺗﻮﺍﺑﻊ ﺩﺭﻫﻢ ﺳﺎﺯ ﻭ ﺭﻣﺰ ﻧگﺎﺭﻱ ﻧﺎ ﻣﺘﻘﺎﺭﻥ: ﺍﻣﻀﺎﺀ 75
ﺳﺎﺧﺘﺎﺭ ﺩﺭﻭﻧﻲ ﺗﺎﺑﻊ ﺩﺭﻫﻢ ﺳﺎﺯ: ﺍﻳﺪﻩ ﺍﺳﺎﺳﻲ • ﺍﻋﻤﺎﻝ ﻣکﺮﺭ ﻳک ﺗﺎﺑﻊ ﻓﺸﺮﺩﻩ ﺳﺎﺯ • ﺍگﺮ ﺗﺎﺑﻊ ﻓﺸﺮﺩﻩ ﺳﺎﺯ ﻣﻘﺎﻭﻡ ﺩﺭ ﺑﺮﺍﺑﺮ ﺗﺼﺎﺩﻡ ﺑﺎﺷﺪ، ﺗﺎﺑﻊ ﺩﺭﻫﻢ ﺳﺎﺯ ﻧﻴﺰ ﻫﻤﻴﻦ گﻮﻧﻪ ﺧﻮﺍﻫﺪ ﺑﻮﺩ. • ﺗﻮﺍﺑﻊ ﻣﻌﺮﻭﻓﻲ ﻣﺎﻧﻨﺪ ) (Ralph Merkle • 5 MD 5: Message Digest • 1 - SHA-1: Secure Hash Algorithm ﺍﺯ ﻫﻤﻴﻦ ﺍﻳﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻴکﻨﻨﺪ. 85
ﺳﺎﺧﺘﺎﺭ ﺩﺭﻭﻧﻲ ﺗﻮﺍﺑﻊ ﺩﺭﻫﻢ ﺳﺎﺯ-2 پﻴﺎﻡ • پﻴﺎﻡ ﺑﻪ ﻗﻄﻌﺎﺕ Yi ﺗﻘﺴﻴﻢ ﺷﺪﻩ ﺍﺳﺖ. • IV ﻳک ﺭﺷﺘﻪ ﺛﺎﺑﺖ ﻣﻴﺒﺎﺷﺪ. CV 0=IV )1 - CVi= f(CVi-1, Yi Hash = CVL 95
1 - HMAC • HMAC ﻳک ﺍﻟگﻮﺭﻳﺘﻢ ﺍﺣﺮﺍﺯ ﻫﻮﻳﺖ پﻴﺎﻡ ﺍﺳﺖ • HMAC ﺍﺳﺎﺳ ﺭﻭﺷﻲ ﺑﺮﺍﻱ ﺗﺮکﻴﺐ کﺮﺩﻥ کﻠﻴﺪ ﻣﺨﻔﻲ ﺑﺎ ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ ﺩﺭﻫﻢ ﺳﺎﺯ ﻓﻌﻠﻲ ﻣﻴﺒﺎﺷﺪ. • ﺑﺮﺍﻱ ﺗﻮﻟﻴﺪ چکﻴﺪﻩ پﻴﻐﺎﻡ، ﺍﺯ ﺗﻮﺍﺑﻊ ﺩﺭﻫﻢ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺍﺳﺖ – ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻫﺎﻱ ﻗﻄﻌﻪ ﺍﻱ – ﺑﺪﻟﻴﻞ ﻣﺰﺍﻳﺎﻱ ﻋﻤﻠﻲ ﺗﻮﺍﺑﻊ ﺩﺭﻫﻢ ﺳﺎﺯ 06
پﻴﺎﻡ H[(K+ ipad) || M ] H[(K+ opad) || H[(K+ ipad) || M ]] 61
ﻣﺪﻳﺮﻳﺖ کﻠﻴﺪ 26
ﻣﺪﻳﺮﻳﺖ ﻛﻠﻴﺪ چﻴﺴﺖ؟ ﻣﺪﻳﺮﻳﺖ کﻠﻴﺪ ﻋﺒﺎﺭﺗﺴﺖ ﺍﺯ ﻣﺠﻤﻮﻋﻪ ﺍﻳﻲ ﺍﺯ ﺷگﺮﺩﻫﺎ ﻭ ﺭﻭﻳﻪ ﻫﺎ ﺑﺮﺍﻱ ﺩﺍﻳﺮ ﻧﻤﻮﺩﻥ ﻭ ﻧگﻬﺪﺍﺭﻱ “ﺍﺭﺗﺒﺎﻁ کﻠﻴﺪﻱ” ﺑﻴﻦ ﻃﺮﻓﻴﻦ ﻣﺠﺎﺯ. ● ﺍﺭﺗﺒﺎﻁ کﻠﻴﺪﻱ ﻭﺿﻌﻴﺘﻲ ﺍﺳﺖ کﻪ ﺩﺭ آﻦ ﻃﺮﻓﻴﻦ ﺑﺮﻗﺮﺍﺭ کﻨﻨﺪﻩ ﺍﺭﺗﺒﺎﻁ ﺩﺍﺩﻩ ﻣﻌﻴﻨﻲ ﺭﺍ ﺑﻪ ﺍﺷﺘﺮﺍک ﻣﻴگﺬﺍﺭﻧﺪ کﻪ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰ ﻣﻴﺒﺎﺷﺪ. ● کﻠﻴﺪﻫﺎﻱ ﻋﻤﻮﻣﻲ ﻳﺎ ﺧﺼﻮﺻﻲ، – ﻣﻘﺪﺍﺭﺩﻫﻲ ﻫﺎﻱ ﺍﻭﻟﻴﻪ، – …ﺳﺎﻳﺮ پﺎﺭﺍﻣﺘﺮﻫﺎﻱ ﻏﻴﺮ ﻣﺨﻔﻲ – 36
ﺳﻠﺴﻠﻪ ﻣﺮﺍﺗﺐ کﻠﻴﺪﻫﺎ ﻧﺤﻮﻩ ﻣﺤﺎﻓﻈﺖ ﺑﺎ ﺭﻣﺰﻧگﺎﺭﻱ ﺣﺠﻢ ﺍﻃﻼﻋﺎﺕ ﻧﻮﻉ ﺩﺍﺩﻩ ﻣﺤﺎﻓﻈﺖ ﺑﺎ ﺭﻣﺰﻧگﺎﺭﻱ ﻣﺤﺎﻓﻈﺖ ﻓﻴﺰﻳکﻲ 46 کﻠﻴﺪ ﺟﻠﺴﻪ کﻠﻴﺪ ﺍﺻﻠﻲ
ﻣﺪﻳﺮﻳﺖ کﻠﻴﺪ ﻣﺒﺘﻨﻲ ﺑﺮ کﻠﻴﺪ ﺧﺼﻮﺻﻲ k B KDC ) ) 1( ) k 2( 56 ● 1( k k ● ) )3( B ﻧﻘﻄﻪ ﺑﻪ ﻧﻘﻄﻪ ﻣﺮکﺰ ﺗﻮﺯﻳﻊ کﻠﻴﺪ A A B )3( k A
ﺭﻭﺵ ﻧﻘﻄﻪ ﺑﻪ ﻧﻘﻄﻪ ﻧﻴﺎﺯ ﺑﻪ ﺗﻮﺍﻓﻖ ﺑﺮ ﺭﻭﻱ ﻛﻠﻴﺪ پﻴﺶ ﺍﺯ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﺑﻴﻦ ﻫﺮ ﺩﻭ ﻧﻔﺮ ﻣﻘﻴﺎﺱ پﺬﻳﺮﻱ: ﻣﺸکﻞ ﺍﺻﻠﻲ ﻛﻠﻴﺪ ﺍﺣﺘﻴﺎﺝ ﺩﺍﺭﻳﻢ. 2/)1 - n(n ﻧﻔﺮ ﺑﺎﻫﻢ ﺑﻪ n ﺑﺮﺍﻱ ﺍﺭﺗﺒﺎﻁ – 66 ● ●
ﺭﻭﺵ ﻣﺘﻤﺮکﺰ ﺗﻮﺯﻳﻊ کﻠﻴﺪ ﺑﻪ ﺍﺷﺘﺮﺍک KDC ﻫﺮ کﺎﺭﺑﺮ ﻳک کﻠﻴﺪ ﺍﺻﻠﻲ ﺑﺎ کﺎﺭگﺰﺍﺭ ﺗﻮﺯﻳﻊ کﻠﻴﺪ گﺬﺍﺷﺘﻪ ﺍﺳﺖ. ● ﻳک ﺷﺨﺺ ﺛﺎﻟﺚ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ﺍﺳﺖ. )پﻴﻮﺳﺖ( – KDC ﺍﻳﻦ کﻠﻴﺪﻫﺎ ﺑﺎ ﻳک ﺭﻭﺵ ﺍﻣﻦ )ﻣﺜﻼ ﻣﺮﺍﺟﻌﻪ ﻓﻴﺰﻳکﻲ( ﺗﻮﺯﻳﻊ ﺷﺪﻩ ﺍﻧﺪ. – ﺍﻳﺪﻩ: ﻳک کﻠﻴﺪ KDC ﻫﺮﺑﺎﺭ کﻪ کﺎﺭﺑﺮﻱ ﻗﺼﺪ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﺩﻳگﺮﺍﻥ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺍﺯ – ﺟﻠﺴﻪ ﺩﺭﺧﻮﺍﺳﺖ ﻣﻴکﻨﺪ. 76 ●
گﺎﻣﻬﺎﻱ ﺗﻮﺯﻳﻊ کﻠﻴﺪ گﺎﻣﻬﺎﻱ ﺍﺣﺮﺍﺯ ﻫﻮﻳﺖ 86
ﻣﺰﺍﻳﺎﻱ ﺭﻣﺰﻧگﺎﺭﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ . ( ﻧﻴﺴﺖ Encryption ﻧﻴﺎﺯ ﺑﻪ ﻣﺤﺮﻣﺎﻧگﻲ کﻠﻴﺪﻫﺎﻱ ﺭﻣﺰ ﻧگﺎﺭﻱ) ﻧﻴﺎﺯﻱ ﺑﻪ کﺎﺭگﺰﺍﺭ ﺑﺮ ﺧﻂ ﻧﻴﺴﺖ 96 ● ●
ﺷگﺮﺩﻫﺎﻱ ﺗﻮﺯﻳﻊ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ Public Announcement ﺍﻋﻼﻥ ﻋﻤﻮﻣﻲ Public available Directory ﻓﻬﺮﺳﺖ ﺭﺍﻫﻨﻤﺎﻱ ﻋﻤﻮﻣﻲ Public-key authority ﻣﺮﺟﻊ ﻣﻌﺘﺒﺮ کﻠﻴﺪ ﻋﻤﻮﻣﻲ Public-key certificates گﻮﺍﻫﻲ ﻫﺎﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ 07 ● ●
71
گﻮﺍﻫﻲ ﻫﺎﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺗﺒﺎﺩﻝ ﻛﻠﻴﺪ ﺑﺪﻭﻥ ﺗﻤﺎﺱ ﺑﺎ ﻣﺮﺟﻊ گﻮﺍﻫﻲ ﺷﺎﻣﻞ ﻫﻮﻳﺖ ﻓﺮﺩ ﻭ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﻭﺳﺖ ● ● ﺳﺎﻳﺮ ﺍﻃﻼﻋﺎﺕ : – ﺯﻣﺎﻥ ﺍﻋﺘﺒﺎﺭ ﻣﺠﻮﺯ ﻧﻮﻉ ﺍﺳﺘﻔﺎﺩﻩ ● ● ( ﺭﻣﺰ ﺷﺪﻩ CA ﻣﺤﺘﻮﻳﺎﺕ ﻓﻮﻕ ﺑﺎ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻣﺮﻛﺰ ﺻﺪﻭﺭ گﻮﺍﻫﻲ ) ﺍﺳﺖ ﺍﻣﻀﺎﺀ ﻛﻨﻨﺪﻩ گﻮﺍﻫﻲ CA ﻗﺎﺑﻞ ﺗﺎﻳﻴﺪ ﺗﻮﺳﻂ 27 ● ●
73
کﻠﻴﺪ ﺟﻠﺴﻪ + کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺯ آﻨﺠﺎ کﻪ ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺑﺴﻴﺎﺭ کﻨﺪ ﺗﺮ ﺍﺯ ﺍﻟگﻮﺭﻳﺘﻤﻬﺎﻱ ﻣﺮﺳﻮﻡ )کﻠﻴﺪ ﺧﺼﻮﺻﻲ( ﻣﻴﺒﺎﺷﻨﺪ، ﺍﺯ ﺍﻳﻦ کﻠﻴﺪﻫﺎ ﺟﻬﺖ ﺗﻮﺯﻳﻊ کﻠﻴﺪ ﺟﻠﺴﻪ)ﻭ ﻧﻪ ﺭﻣﺰگﺬﺍﺭﻱ( ﺑﻬﺮﻩ ﻣﻴﺒﺮﻳﻢ. 47 ●
ﺍﺷﺘﺮﺍک ﻛﻠﻴﺪ ﺟﻠﺴﻪ ﺑﻨﺎ ﻧﻬﺎﺩﻥ ﺩﻭ ﺟﺎﻧﺒﻪ کﻠﻴﺪ ﺟﻠﺴﻪ ● ﻃﺮﻓﻴﻦ ﺑﻪ ﻃﻮﺭ ﻣﺴﺘﻘﻞ ﺩﺭ ﺍﻧﺘﺨﺎﺏ کﻠﻴﺪ ﺗﺎﺛﻴﺮ گﺬﺍﺭ ﻣﻴﺒﺎﺷﻨﺪ – Diffie-Hellman ﻣﺜﺎﻝ : ﺭﻭﺵ ● ﺗﻮﺯﻳﻊ ﻳک ﺟﺎﻧﺒﻪ کﻠﻴﺪ ﺟﻠﺴﻪ ﻳکﻲ ﺍﺯ ﺩﻭ ﻃﺮﻑ کﻠﻴﺪ ﺭﺍ ﻣﻌﻴﻦ کﺮﺩﻩ ﻭ ﺑﻪ ﺩﻳگﺮﻱ ﺍﺭﺳﺎﻝ ﻣﻴﻨﻤﺎﻳﺪ – Merkle ﻣﺜﺎﻝ : ﺭﻭﺵ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺗﻮﺳﻂ 57 ● ●
ﺯﻳﺮﺳﺎﺧﺖ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻭ گﻮﺍﻫﻲ ﺩﻳﺠﻴﺘﺎﻝ 67
ﻣﺴﺎﻟﻪ ﺗﻮﺯﻳﻊ کﻠﻴﺪ ﻋﻤﻮﻣﻲ 1 ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧگﺎﺭﻳﻲ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺗﺎ ﺣﺪ ﺯﻳﺎﺩﻱ ﻣﺸکﻼﺕ ﺗﻮﺯﻳﻊ کﻠﻴﺪ )ﺧﺼﻮﺻﻲ( ﺭﺍ ﺣﻞ ﺷﺪﻩ ﺍﺳﺖ ﺍﻣﺎ. . . ● ﻳک ﺯﻭﺝ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻭﺧﺼﻮﺻﻲ ﺗﻬﻴﻪ کﻨﺪ ﻭ ﺳﺮﻳﻌ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺭﺍ ﺑﻪ ﻫﻤگﺎﻥ ﺗﺤﺖ ﻋﻨﻮﺍﻥ Scott ﻓﺮﺽ کﻨﻴﺪ – ﻣﻌﺮﻓﻲ کﻨﺪ Bill کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺑﺎ ﺍﻳﻦ کﻠﻴﺪ ﺭﻣﺰ ﻣﻴﺸﻮﺩ Bill ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﺑﺮﺍﻱ – ﺑﺎ ﺩﺍﺷﺘﻦ کﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻣﺘﻨﺎﻇﺮ ﻣﻴﺘﻮﺍﻧﺪ ﺑﻪ ﺍﻃﻼﻋﺎﺕ Scott ﺑﻪ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺩﺳﺘﺮﺳﻲ ﻧﺪﺍﺭﺩ، ﺑﻠکﻪ Bill ﻧﻪ ﺗﻨﻬﺎ – ﺩﺳﺘﺮﺳﻲ پﻴﺪﺍ ﻧﻤﺎﻳﺪ. Bill ﻣﺤﺮﻣﺎﻧﻪ 77
) (PKI ﺯﻳﺮ ﺳﺎﺧﺖ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻣﺠﻤﻮﻋﻪ ﺭﺍﻩ ﺣﻠﻬﺎﻳﻲ ﺑﺮﺍﻱ ﻣﺴﺎﻳﻞ ﻣﺮﺗﺒﻂ ﺑﺎ ﺗﻮﺯﻳﻊ ﺍﻣﻦ کﻠﻴﺪ ﻋﻤﻮﻣﻲ PKI ﻭ ﺳﺎﻳﺮ ﻣﻮﺍﺭﺩ ﺍﺯ ﻗﺒﻴﻞ: ● ﺗﻮﻟﻴﺪ کﻠﻴﺪ – ﺗﻮﻟﻴﺪ، ﺍﺑﻄﺎﻝ ﻭ ﺗﺎﻳﻴﺪ گﻮﺍﻫﻲ – ﺍﻋﺘﻤﺎﺩ ﺳﺎﺯﻱ ﺑﻴﻦ ﺍﺷﺨﺎﺹ – 87
) (Certificate گﻮﺍﻫﻲ ﻣﺴﺘﻨﺪ ﺭﺳﻤﻲ ﺑﺮﺍﻱ ﺗﻀﻤﻴﻦ ﺗﻌﻠﻖ ﺷﻨﺎﺳﻪ ﺑﻪ ﻛﻠﻴﺪ ﺍﺳﺖ. گﻮﺍﻫﻲ ﻣﻴﺘﻮﺍﻧﺪ ﺷﺎﻣﻞ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ: کﻠﻴﺪ – ﺷﻨﺎﺳﻪ ﺻﺎﺣﺐ کﻠﻴﺪ – ﻧﻮﻉ کﺎﺭﺑﺮﺩ کﻠﻴﺪ – ﺩﻭﺭﻩ ﺍﻋﺘﺒﺎﺭ ﺳﻨﺪ – ﺍﻃﻼﻋﺎﺗﻲ کﻪ ﻣﻲ ﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﺻﺤﺖ ﺷﻨﺎﺳﻪ ﻭ ﻛﻠﻴﺪ ﺍﺳﺘﻔﺎﺩﻩ ﺷﻮﺩ – 97
چگﻮﻧﻪ ﺑﻪ ﻳک گﻮﺍﻫﻲ ﺍﻋﺘﻤﺎﺩ کﻨﻴﻢ؟ ﺑﺮﺍﻱ ﺍﻳﻨکﻪ ﺑﻪ ﻳگ گﻮﺍﻫﻲ ﺍﻋﺘﻤﺎﺩ کﻨﻴﻢ ﺍﻳﻦ گﻮﺍﻫﻲ ﺑﺎﻳﺪ ﺗﻮﺳﻂ ﺷﺨﺼﻲ کﻪ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ﻣﺎﺳﺖ ﺍﻣﻀﺎﺀ ﺷﺪﻩ ﺑﺎﺷﺪ. ﻣﺒﻨﺎﻱ ﺍﻳﺠﺎﺩ ﺍﻋﺘﻤﺎﺩ ﺳﺮﺍﺳﺮﻱ ﻭﺟﻮﺩ ﻳک ﺷﺨﺺ ﺛﺎﻟﺚ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ﻫﻤگﺎﻥ ﻣﻴﺒﺎﺷﺪ. ﻣﻴﻨﺎﻣﻴﻢ CA ﺍﻳﻦ ﺷﺨﺺ ﺭﺍ ﻣﺮﺟﻊ ﺻﺪﻭﺭ گﻮﺍﻫﻲ 08
ﻣﺪﻝ ﺍﻋﺘﻤﺎﺩ ﻣﺮﺟﻊ ﺻﺪﻭﺭ گﻮﺍﻫﻲ + ﻣﺴﻴﺮ ﺗﺼﺪﻳﻖ گﻮﺍﻫﻲ ● ﺍﻋﺘﻤﺎﺩ ﺩﺍﺭﻧﺪ) (root CA ﻫﻤگﺎﻥ ﺑﻪ ﻳک ﻣﺮﺟﻊ ﺻﺪﻭﺭ گﻮﺍﻫﻲ ﻣﺒﻨﺎ – پﻴﻮﺳﺖ(…, )Verisign, Thawte, Entrust, BT ﺑﻪ ﻋﻨﻮﺍﻥ ﻣﺜﺎﻝ ● ﺑﺎ ﺣﻔﻆ ﺍﻣﻨﻴﺖ ﺩﺭ ﻣﻴﺎﻥ ﺗﻤﺎﻡ کﺎﺭﺑﺮﺍﻥ ﻣﻨﺘﺸﺮ CA ﻓﺮﺽ کﻨﻴﺪ کﻠﻴﺪ ﻋﻤﻮﻣﻲ – ﻣﻴﺸﻮﺩ. ﺑﻪ ﻋﻨﻮﺍﻥ ﻣﺜﺎﻝ: ﺑﺎ ﺭﻭﺷﻬﺎﻱ ﻓﻴﺰﻳکﻲ، ﺩﺭﺝ ﺩﺭ ﺍﺧﺒﺎﺭ. . . ﺍﻣکﺎﻥ پﺬﻳﺮ ﺍﺳﺖ ﺯﻳﺮﺍ ﺍﻳﻦ کﺎﺭ ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﻳک ﻧﻘﻄﻪ ﺍﻧﺠﺎﻡ ﻣﻴﺸﻮﺩ. 18 ● ● 18
ﻣﺪﻝ ﺍﻋﺘﻤﺎﺩ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺷﺨﺺ ﺑﻪ ﻃﻮﺭ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﻣﻀﺎﺀ ﻣﻴکﻨﺪ. CA ● ﻋﻼﻭﻩ ﺑﺮ کﻠﻴﺪ ﺍﻃﻼﻋﺎﺕ ﺟﺎﻧﺒﻲ ﻧﻴﺰ ﺩﺭﺝ ﻣﻴﺸﻮﻧﺪ. – ﺍﺣﺮﺍﺯ ﺷﻮﺩ. CA ﺑﺮﺍﻱ ﺻﺪﻭﺭ گﻮﺍﻫﻲ ﺑﺎﻳﺪ ﻫﻮﻳﺖ کﺎﺭﺑﺮ ﺑﺮﺍﻱ – ﻣﻴﺘﻮﺍﻧﺪ ﻧﻘﺎﻁ ﺩﻳگﺮﻱ ﺭﺍ ﻧﻴﺰ ﺑﻪ ﻋﻨﻮﺍﻥ ﻣﺮﺍﺟﻊ ﺻﺪﻭﺭ گﻮﺍﻫﻲ CA ﻣﻨﺼﻮﺏ ﻧﻤﺎﻳﺪ. 28 ● 28
PKI ﻭﻇﺎﻳﻒ ﺯﻳﺮ ﺳﺎﺧﺖ کﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺑﻄﺎﻝ گﻮﺍﻫﻲ – ) (Backup & Restore ﻧﺴﺨﻬﺒﺮﺩﺍﺭﻱ ﻭ ﺑﺎﺯﻳﺎﺑﻲ ﻛﻠﻴﺪ – ﺍﻧﻜﺎﺭﻧﺎپﺬﻳﺮﻱ ﺍﻣﻀﺎﺀﻬﺎﻱ ﺭﻗﻤﻲ – ﺑﺮﻭﺯآﻮﺭﻱ ﺧﻮﺩﻛﺎﺭ ﺯﻭﺝ ﻛﻠﻴﺪ-گﻮﺍﻫﻲﻬﺎ – ﻣﺪﻳﺮﻳﺖ ﺳﺎﺑﻘﻪ ﻛﻠﻴﺪﻫﺎ – cross-certification پﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ – . ﻧﺮﻣﺎﻓﺰﺍﺭ ﻃﺮﻑ ﻛﺎﺭﻓﺮﻣﺎ ﺑﺮﺍﻱ ﺗﻌﺎﻣﻞ ﺍﻣﻦ ﻭ ﻣﻄﻤﺌﻦ ﺑﺎ ﻣﻮﺍﺭﺩ ﺑﺎﻻ – 38
PKI ﻣﺆﻠﻔﻪ ﻫﺎﻱ 48
85 85
86 86
8f88af210cb7c81984c1c0b7b2f5cd51.ppt