Está en la página 1de 29

BI BO CO MN BO MT MNG

GIO VIN HNG DN: PHAN TH THANH NGA SINH VIN THC HIN: 0812585-PHAN TH L 0812680-NGUYN TH T UYN

Ni dung chnh

Khi nim m ha MD5 Khi nim c im ng dng Thut ton Kh nng b tn cng
SHA SHA1 SHA2

M ha l g?

M ha l phng php bin thng tin t nh dng bnh thng sang dng thng tin khng th hiu c nu khng c phng tin gii m. V sao chng ta cn phi m ha? Nhu cu ring t, tnh bo mt Ton vn ca thng tin. Tnh xc thc ca thng tin. Tnh khng chi b.

M ha cng l nn tng ca ch k in t, h thng PKI(Public Key Infastructure).


Phng php m ha bng MD5 v SHA s dng hm bm 1 chiu Hash

MD5
MD5 l g?

Trong mt m hc, MD5 (Message-Digest algorithm 5) l mt b to Hash mt m c s dng ph bin vi gi tr Hash di 128-bit . L mt chun Internet (RFC 1321) MD5 c dng trong nhiu ng dng bo mt, v cng c dng ph bin kim tra tnh ton vn ca tp tin. Mt bng bm MD5 thng c din t bng mt s h thp lc phn 32 k t. Cc chng trnh m ho MD5 thng c gi l MD5Sum.

MD5
MD5 l g?

MD5 c thit k bi Ronald Rivest vo nm 1991 thay th cho hm bm trc , MD4. Vo nm 1996, ngi ta pht hin ra mt l hng trong MD5; trong khi vn cha bit n c phi l li nghim trng hay khng, nhng chuyn gia m ha bt u ngh s dng nhng gii thut khc, nh SHA-1 (khi cng b xem l khng an ton). Trong nm 2004, nhiu l hng hn b khm ph khin cho vic s dng gii thut ny cho mc ch bo mt ang b t nghi vn.

MD5
c im ca MD5

Vic tnh MD n gin, c kh nng xc nh c file c kch thc nhiuGb. Khng c kh nng tnh ngc khi tm ra MD. L 1 dng hash ca file. Khi dng MD5 Checksum trn 1 file s sinh ra 1 chui MD5 duy nht ng vi tng file, 2 file trng nhau v ni dung s c chung 1 chui MD5, khc nhau d ch 1 bit s c 2 chui MD5 khc nhau. V d :

love is blue 03d4ad6e7fee3f54eb46b5ccde58249c love is Blue 82b76f8eeb4a91aa640f9a23016c7b1c

MD5
ng dng:
Bo ton thng tin:

MD5 c dng rng ri trong cc phn mm trn ton th gii m bovic truyn tp tin c nguyn vn. Cc nh pht trin ng dng thng dngMD5 trong vic cho php download file. V d, my ch tp tin thng cung cp mt checksum MD5 c tnh ton trc cho tp tin, ngi dng c th so snh vi checksum ca tp tin ti v, kim tra xem file down v c trng vi file gc hay khng.

MD5
ng dng:
Bo mt:

MD5 c dng m ha mt khu.Mc ch ca vic m ha ny l bin i mt chui mt khu thnh mt on m khc, sao cho t on m khng th no ln tr li mt khu. C ngha l vic gii m l khng th hoc phi mt mt khong thi gian v tn ( lm nn lng cc hacker).

Qu trnh chng thc ca mt User vi Webserver

MD5

V c bn MD5 khng th gii m li c. Nhng ti sao trn mng c rt nhiu trang web gii m MD5 ?!? Tht ra th nhng trang web ny h cng khng th gii m c MD5 m l h tra nhng password c lu tr t trc. V d: Gi s c Password l: 12345. Password ny sau khi m ha s thnh chui MD5: 827ccb0eea8a706c4c34a16891f84e => Sau h lu vo CSDL. Khi bn mun gii m chui 827ccb0eea8a706c4c34a16891f84e th h s tra vo CSDL v cho ra password l : 12345 Mt s trang web c th lm vic ny l: + http://www.md5.net/ + http://md5.gromweb.com

MD5
Thut ton:

MD5 bin i mt thng ip c chiu di bt k thnh mt khi c kch thc c nh 128 bit. Thng ip a vo s c ct thnh cc khi 512 bits. Thng ip c a vo b m chiu di ca n s chia ht cho 512. B m hot ng nh sau: Trc tin n s chn bit 1 vo cui thng ip. Tip l hng lot bit zero cho ti khi chiu di ca n nh hn bi s ca 512 mt khong 64 bit. Phn cn li s c lp y bi mt s nguyn 64 bit biu din chiu di ban u ca thng ip.

MD5
Thut ton:
Thut ton chnh ca MD5 hot
Hnh m t qu trnh trong 1 vng.

ng trn mt b 128 bit. Chia nh n ra thnh 4 t 32 bt, k hiu A, B, C, D. Cc gi tr ny l cc hng s c nh. Sau thut ton chnh s lun phin hot ng trn cc khi 512 bit. Qu trnh x l mt khi thng ip gm 4 bc tng t nhau, gi l vng. Mi vng li gm 16 qu trnh tng t nhau da trn hm mt chiu F, php cng module v php xoay tri

Mt thao tc MD5MD5 bao gm 64 tc v th ny, nhm trong 4 vng 16 tc v. F l 1 hm phi tuyt, mt hm c dng trong mi vng. Mi ch ra mt khi tin nhp vo 32 bit v Ki ch mt hng s 32 bit, khc nhau cho mi tc v. <<<<s ch s xoay bit v tri s n v, s thay i ty theo tng tc v. ch cng thm vi modulo 232.

MD5

Hm bm MD5 (cn c gi l hm tm tt thng ip - message degests) s tr v mt chui s thp lc phn gm 32 s lin tip. Di y l cc v d m t cc kt qu thu c sau khi bm. MD5("The quick brown fox jumps over the lazy dog") = 9e107d9d372bb6826bd81d3542a419d6 Thm ch ch cn mt thay i nh cng lm thay i hon ton kt qu tr v: MD5("The quick brown fox jumps over the lazy cog") = 1055d3e698d289f2af8663725127bd4b Ngay c mt chui rng cng cho ra mt kt qu phc tp: MD5("") = d41d8cd98f00b204e9800998ecf8427e

MD5

Ngi ta cho rng kh tm c 2 thng ip c cng m s l khong 2^64 bc tnh, v kh tm c mt thng ip vi m s cho trc l 2^128 bctnh.

Vi bt k gi tr x, khng th tnh c y x sao cho H(y) = H(x). Khng th tnh c mt cp (x, y) sao cho H(x) = H(y).

Do MD5 c s dng rng ri trong cc ng dng, web, bo mt, v chng thc Tuy nhin mt mc no th md 5 vn c th crack c

MD5
Kh nng b tn cng

V MD5 ch d qua d liu mt ln, nu hai tin t vi cng bng bm c xy nn, th cng mt hu t c th cng c thm vo khin cho ng d xy ra. Tc l hai d liu vo (input) X v Y hon ton khc nhau nhng c th ra (output) c mt md5 hash ging nhau . Tuy nhin xc sut xy ra iu ny l kh nh. V nhng k thut tm ng hin nay cho php cc trng thi bm trc c xc nh mt cch ngu nhin, c th tm thy xung t i vi bt k tin t mong mun no; c ngha l, i bt k mt chui cc k t X cho trc, hai tp tin ng c th c xc nh m u bt u vi X.

CC GII PHP THAY TH TNG T

Bt c thut ton m ha no ri cng b gii m. Vi MD5, ngay t nm1996, ngi ta tm thy l hng ca n. Mc d lc cn cha r rng lm nhngcc chuyn gia m ha ngh n vic phi a ra mt thut gii khc, nh l SHA1,SHA-2,....

SHA
SHA l g?

SHA (Secure Hash Algorithm hay thut gii bm an ton) l nm thut gii c chp nhn bi FIPS (Federal Information Processing Standards) dng chuyn mt on d liu nht nh thnh mt on d liu c chiu di khng i vi xc sut khc bit cao. Nm thut gii SHA l SHA-1 (tr li kt qu di 160 bit), SHA-224 (tr li kt qu di 224 bit), SHA-256 (tr li kt qu di 256 bit), SHA-384 (tr li kt qu di 384 bit), v SHA-512 (tr li kt qu di 512 bit).

SHA
SHA l g?

Thut gii SHA l thut gii bm mt c pht trin bi cc an ninh quc gia M (National Security Agency hay NSA) v c xut bn thnh chun ca chnh ph M bi vin cng ngh v chun quc gia M (National Institute of Standards and Technology hay NIST). Bn thut gii sau thng c gi chung l SHA-2.

SHA
c im ca SHA

Cho mt gi tr bm nht nh c to nn bi mt trong nhng thut gii SHA:


1) Vic tm li c on d liu gc l khng kh thi. 2) Vic tm c hai on d liu nht nh c cng kt qu bm to ra bi mt trong nhng thut gii SHA l khng kh thi.

Bt c thay i no trn on d liu gc, d nh, cng s to nn mt gi tr bm hon ton khc vi xc sut rt cao."

SHA
ng dng:

SHA dng chuyn mt on d liu nht nh thnh mt on d liu c chiu di khng i vi xc sut khc bit cao v c s dng vi mc ch bo ton thng tin. SHA c dng m ha mt khu.Mc ch ca vic m ha ny l bin i mt chui mt khu thnh mt on m khc, sao cho t on m khng th no ln tr li mt khu.

SHA
SHA-1

Trong mt m, SHA-1 l mt hm bm mt m c thit k bi NSA v c cng b bi NIST l U.S.Federal Information Processing Standard .
Ba thut ton SHA c cu trc khc nhau v c phn bit nh SHA-0 , SHA-1 , v SHA-2 . SHA-1 rt ging vi SHA0, nhng sa cha mt s li trong c t k thut bm SHA ban u. SHA-1 c s dng rng ri trong nhiu ng dng v giao thc an ninh khc nhau, bao gm TLS v SSL, PGP, SSH, S/MIME, v IPSec. SHA-1 c coi l thut gii thay th MD5.

SHA
SHA - 1

Thut tan SHA-1 to ra chui m bm c chiu di c nh 160 bit t chui bit d liu u vo x c chiu di ty . Ngoi nhng c im c bn v cu trc, so vi MD5, SHA-1 c c im : gii thut SHA-1 tnh ton kt qu bm di 160 bit i vi thng ip c di nh hn 2^64 bit.

SHA
SHA - 1

Hin nay, SHA-1 khng cn c coi l an ton bi u nm 2005, ba nh mt m hc ngi Trung Quc pht trin thnh cng mt thut gii dng tm c hai on d liu nht nh c cng kt qu bm to ra bi SHA-1. Mc d cha c ai lm c iu tng t vi SHA-2, nhng v v thut gii, SHA-2 khng khc bit my so vi SHA-1 nn nhiu nh khoa hc bt u pht trin mt thut gii khc tt hn SHA. Mt tiu chun mi bm, SHA-3, hin ang c pht trin trong tng lai.

SHA
L hng ca SHA - 1

SHA-1 sinh ra 1 gi tr bm 160 bt. iu c ngha mi thng ip c bm thnh 1 s 160 bt. Nhng v s c gi tr bm c th c l rt ln nn xc sut tm c ng gi tr bm l rt nh( chnh xc l 280 kh nng). Nu ta thc hin bm 280 vn bn ngu nhin s tm c vn bn c cng gi tr vi vn bn gc, l phng php Brute force.
Cc chuyn gia Trung Quc tm ra ng trong SHA-1 ch vi 269 php ton, nhanh hn khong 2000 ln so vi Brute force

SHA
SHA - 2

SHA-2 bao gm bn gii thut SHA-224, SHA-256, SHA-384 v SHA-512. Ba thut gii SHA-256, SHA-384 v SHA-512 c cng b ln u nm 2001 trong bn phc tho FIPS PUB 180-2. Nm 2004, FIPS PUB 180-2 c b sung thm mt bin th - SHA-224 V gii thut, cc bin th ca SHA-2 khng khc nhau. Mc d chng s dng gi tr bin v hng s cng nh di t, v.v. khc nhau. Mc d Gilbert v Handschuh (2003) nghin cu v khng tm ra im yu ca nhng bin th ny, tuy nhin chng vn cha c kim chng k nh SHA-1.

SHA
Thut ton:
Tng t thut ton MD5

nhng thut ton SHA chia nh n ra thnh 5 t 32 bt, k hiu A, B, C, D, E. Sau thut ton chnh s lun phin hot ng trn cc khi 512 bit. Qu trnh x l mt khi thng ip gm 4 vng con. Mi vng li gm 20 qu trnh tng t nhau.

SHA
SHA-1
Message digest size Message size Block size Colision 160 bit

SHA-224 SHA-256 SHA-384 SHA-512


224 bit <264 256 bit 384 bit 512 bit <2128

<264 512 <269

<264 512 cha

<2128 1024 cha

512 cha

1024 cha

SHA-1 v MD5
SHA-1 c pht trin bi NSA v c yu cu s dng vi thut ton k s. MD5 c pht trin bi Ronald Rivest vo nm 1991(MD2 nm 1989, MD4 nm 1990).

C th thc hin vi input c c C th thc hin vi input c c nh hn 264 bits. nh hn 264 bits. To ra gi tr bm c c 160 bits. C ca khi l 512 bits. To ra gi tr bm c c 128 bits. C ca khi l 512 bits.

Vng lp chnh c 4 vng vi 20 Vng lp chnh c 4 vng vi 16 ton t. ton t. X l ton t khng tuyn tnh trn 3 trong 5 bin a,b,c,d,e. X l ton t khng tuyn tnh trn 3 trong 4 bin a,b,c,d.

SHA-1 v MD5

SHA mnh hn MD5: yu cu 280 php ton tm ra ng trong khi MD5 l 264 php ton SHA-1 thc hin 80 bc bin i v tr v 160 bits hash. MD5 tnh ton 64 bc bin i v tr v 128 bits hash. MD5 thc hin nhanh hn SHA.

Cm n C v cc bn ch theo di