7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 1/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 2/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 3/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 4/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 5/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 6/40
= c1
= c2
= c3
= c4
= c5
= c2
= c3
= c4
n
n
n.
0010
00000010).
K.
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 7/40
M
n
K k
E (M, K ) : {0, 1}n × {0, 1}k → {0, 1}n
C
D(C, K ) = E −1(C, K ) : {0, 1}m × {0, 1}k → {0, 1}n
M
{0, 1}n {0, 1}n
K
{0, 1}n 2n!
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 8/40
n = 64
k = 64
48
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 9/40
n
M = m0m1 . . . mn−1
n
R0 = m0m1 . . . mn/2−1
L0 = mn/2mn/2+1 . . . mn−1
F
K i
K
K i
F
Li+1 = Ri
Ri+1 = L1 ⊗ F (K i, , Ri)
i = 0, ...r
r
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 10/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 11/40
r
C
n
C = c0c1 . . . cn−1 = Lr−1Rr−1
Lr−1 = c0c1 . . . cn/2−1 = Rr−2 = Lr−3 ⊗ F (K r−3, Rr−3) = . . .Rr−1 = cn/2 . . . cn−1 = Lr−2⊗F (K r−2, Rr−2) = Rr−3⊗F (K r−2, Lr−3⊗F (K r−3, Rr−3)) =
. . .
R0
L0 M
K 0, . . . , K r−2
K
r = 16
Ri Li 64/2 = 32
K i
48
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 12/40
K i
E.
M
E (M )
M = 10110110100001100110010101111010
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 13/40
K = 111010001110001101100011011011011011011000101101
K ⊗E (R) = 101100011110001101101100110110010111110010011000
S i
i
B
S i(B)
B = b0b1b2b3b4b5
b0b5 22 = 4
0 3
(24 = 16
0
15
4× 16
0
15
24 = 16
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 14/40
101100
2
10 = 2
0110 = 6)
S i(7) = 2
0010
P (L)
P (L) 16
7
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 15/40
F (R, K i) = P (S (E (R) ⊕K i)
F
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 16/40
k
j , j = 1 . . . 16
k
j = k16− j+1 ki
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 17/40
1/2
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 18/40
256
C 0
D0
C 0
D0
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 19/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 20/40
256
28
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 21/40
(R)
R
R
R = R ⊕ R
E
E (R) = E (R ⊕ R) = E (R) ⊕E (R) = A ⊕ A = A
(A ⊕K i) ⊕ (A ⊕K i) = A ⊕A ⊕ (K i ⊕ K i) = A ⊕A ⊕ 0 = A ⊕A = A
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 22/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 23/40
(B, B)
B = B⊕B
S (B) = S (B)⊕S (B)
i
j
1
0, 1, 2, 4, 8
10
14
64
∼ 22 %
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 24/40
(a, b)
(b, a)
52
8, 16, 6, 2, 12, 6, 8, 6
1, 2, 3, 4, 7, 8, 13, 15
E (R) = 1
E (R) = 53
K 1
B1 = E (R1) ⊕ K 1
B
1 = E (R
1) ⊕ K 1
B = B ⊗B
1 = E (R)1 ⊕ E (R)1 = E (R) = 52
B1 = E (R1)⊕K 1
K 1 = B1⊕E (R1)
K 1 = B
1⊕E (R
1)
B = 13
E (R1) E (R
1)
B1 B
1
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 25/40
1⊕ 6 = 7 53 ⊕ 6 = 51
1 ⊕ 16 = 17 53⊕ 16 = 37
1 ⊕ 22 = 23 53⊕ 22 = 35
1 ⊕ 28 = 29 53⊕ 28 = 41
1 ⊕ 34 = 35 53⊕ 34 = 23
1 ⊕ 36 = 37 53⊕ 36 = 17
1 ⊕ 40 = 41 53⊕ 40 = 29
1 ⊕ 50 = 51 53 ⊕ 50 = 7
{7, 17, 23, 29, 35, 37, 41, 51}
21 ⊕ 1 = 20 33 ⊕ 1 = 32
21 ⊕ 2 = 23 33 ⊕ 2 = 35
21 ⊕ 21 = 0 33 ⊕ 21 = 52
21 ⊕ 33 = 52 33 ⊕ 33 = 0
21 ⊕ 53 = 32 33 ⊕ 53 = 20
21 ⊕ 54 = 35 33 ⊕ 54 = 23
{20, 23, 0, 52, 32, 35}.
{7, 17, 23, 29, 35, 37, 41, 51} ∩ {20, 23, 0, 52, 32, 35} = {23, 35}
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 26/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 27/40
(R0)
R = 60 00 00 00
1
0
001100 = 12
12
14/64
P (L) = P (1400...) = 0080 82 00
L0)
L0⊕00808200 = R1 = 0
L0 = 008082 00
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 28/40
R0L0
L0 = 00 80 82 00R0 = 600000 00L1 = 60 00 00 00R1 = 000000 00
L2 = R1 = 00 00 0000R2 = L1 ⊕ 0 = 60 00 0000
M = M ⊕ M
= 00 80 82 00 60 00 00 00
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 29/40
(C, C )
0000000060000000
14
64
64/14
K 1
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 30/40
S 2 S 8
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 31/40
28 = 256
256
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 32/40
256
28
23 1
27 1
16
215 110486
226 2−24
234 2−32
235 2−32
242 2−40
243 2−40
250
2−48
251 2−48
257 2−56
257
247
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 33/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 34/40
243
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 35/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 36/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 37/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 38/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 39/40
7/21/2019 Criptoanalisis
http://slidepdf.com/reader/full/criptoanalisis-56da7d4e4ef2e 40/40