wbuzova_umk_met_i_sred_zash_kom_infor_2012
.pdf-,
;
-.
( )
,
.
-
, .
: . -
.
.
:
-;
-.
-
, - -
.
( ) ( - -
) :
-( ) ,
, , , -
k ;
-, : SIG{k , ,
} k ;
.
, SIG{k ,, } - .
1. -
. k -
, > SIG{k , , }
.
k -
. , -
, > SIG{k , , }
k .
k
, . , -
, ,
SIG{k , , } k -
.
41
2. , -
. - , -
,
.
-
. -
,
.
,
,
. -
, , , ,
, ( ).
- ,
.
. -
,
.
3.( ) ( -
) {k , , },
k , .
4., {k , -
}
k.
5.,
{k , } -
.
6.-
-
.
: -
.
(
) , -
. -
, -
. :
-;
-;
-, ( ., ,
);
-( );
-.
42
, , ,
-
.
,
. -
, ,
. -
,
, .
-
.
.
DSA (Digital Signature Algorithm) 1991 -
(National Institute of Standards and Technology - NIST) 1993 . -
DSA .
.
, , ,
-
.
, g , . -
= gx mod p. |
(8.1) |
, g . g,n p -
. .
n . -
, k, -1). -
= gk mod p |
|
b : |
|
= ( + kb) mod (p - 1). |
(8.2) |
: b. k - |
|
. , |
|
y/ab modp = gM mod p . |
(8.3) |
k,
. -
k, . ,
k,
, k.
:
- ( ). g<p - ( ) =gx mod p.
|
|
: |
|
43
k- , -1)
- ( ) =gk mod p
b - ( ), = ( + kb) mod (p - 1)
:
, b mod p = gM mod p.
: 1[151-165], 4[245-262]
: 14[161-182]
:
1.( )?
2.?
3.?
4.?
5.?
9. .
34.10 2001 . -
. .
: -
. . -
. .
2002-07-01. -
( ), -
( ), -
.
,
, -
.
-
,
.
: 34.11-94 -
. . -
.
. -
:
-(appendix): ,
( 148881-1);
-(signature key): ,
-
( 14888-1);
-(verification key): , -
( 14888-1);
44
-(domain parameter): ,
,
( 14888-1);
-(signed message): , -
, ;
-(pseudo-random number sequence): , -
( ) , -
( 2382-2);
-(random number sequence): -
, ( -) -
( 2382-2);
-(verification process): , -
, -
( 14888-1);
-(signature process): ,
, -
, (
14888-1);
-(witness): , -
( ) -
( 14888-1);
-(random number): ,
,
( 2382-2);
-(message): (
9796);
-(hash-code): ,
( 148881-1);
-(hash-function): ,
:
, -
;
, ; -
;
-(digital signature): , -
. -
, -
.
. -
:
-;
-.
45
, -
. ,
-
:
--
,
-, ,
-.
-
9.1.
9.1 -
« », « -
», , , , -
, .
, , .
-
, .
34.11.
.
:
- - , -
> 
.
;
- , J(E) -
, 
;
-m - ;
-q - -
, :
(9.1)
-
, 
, -
qP = ;
-
,
,
256 . 34.11.
46
-
:
- - d , 0 <
d < q;
- - Q
, dP = Q .
-
:
-
t = 1, 2, ...
, B 
31;
-m 
p;
-J(E) 
0 1728.
. -
-
256 .
256 ,
, -
(9.2)
, i = 0, ..., 255 1, 0. ,
,
(9.3)
, 
, ( ) .
(9.4)
(9.5)
512 , -
.
,
512 256 ,
.
.
( )
I.
1 - |
(9.6) |
2 - , -
,
(9.7)
47
= 0, = 1.
3 - ( ) k , -
0 < k < q . (9.8)
4 - C = kP
(9.9)
- x - . r = 0, 3.
5 -
(9.10)
s = 0, 3.
6 - 
, r s , -
-
.
d -
, - 
.
. 
,
( -) II.
1 - 
r s . -
0 < r < q, 0 < s < q , .
.
2 -
(9.11)
3 - 
,
,
(9.12)
= 0, = 1.
4 -
(9.13)
5 -
(9.14)
6 - 
(9.15)
- x - .
7 - R = r , , -
, .
, 
, Q, - -
.
: 4[245-262]
: 14[161-182]
:
1. 34.10?
48
2.?
3.-
?
4.-
?
5.?
10. . -
– . SHA.
P34.11.94. .
– .
(hashing) - -
,
.
, , (hash, hash-block, hash-value) - -
,
.
(hash-function) - ,
, :
-;
-;
-.
SHA. , -
, -
.
SHS (secure hash standard) , 160
. 2002 : ,
SHA-1, ,
256, 384 512 , SHA256/384/512 .
SHA-1 10.1
10.1 - SHA- 1: Fi - , 1 i 4, Wk - 32- -
49
512- ; Ci - , 1 i 4, Ri - -
i
P34.11.94.
34.11.94. -
, 64-
256- . 256- -
.
, Hi = f(Mi,Hi-1) ( - 256- )
:
Mi, Hi-1 -
.
64 Hi-1 -
ECB. 256 S. Hi
, S, Mi, Hi-1 .
-
: Hn - -
, Z - XOR , a L - .
M', -
:
H f (Z M ' , f (L, f (M ' , H n ))) |
(10.1) |
|
10.2 -
34.11-94: , - ; - -
; EK - 28147-89; = const
34.11 – 94. :
{0l}* - ; {01}n - n ;
{0}n - n ; 
- A ; 
- A B mod 2, XOR;
50