Professional Documents
Culture Documents
[]Jon Callas
[]Jon Callas
()
2009
PGP
PGP
PGP
PGP PGP
PDAFTP PGP
3 Fortune(R) 100
84 Fortune(R) 100 66 PGP
PGP
PGP http://www.pgp.com +1 650 319 9000
loveship2002@gmail.com MSNloveship2002@hotmail.com
[]Jon Callas
()
Cryptography
PGP
PGP
PGP
2010.1
ii
[]Jon Callas
()
PGP QQ
208 PDF
2010.1.28
1.
2.
3. PDF/A-1a a PDFb
b
Adobe Reader 7 PDF/A Foxi t Reader
Adobe Reader LE 2.5 mBrain PDF+ 1.7505Adobe Reader LE 1.5 is not support this
document
iii
[]Jon Callas
()
......................................................................................................................................- 1 1.1
1.2
............................................................................................- 1 .............................................................................................................- 1 -
1.3
1.4
...........................................................................- 1 ......................................................................................................- 2 -
1.5
......................................................................................................- 3 1.5.1
....................................................................................................................- 3 -
1.6
.................................................................................................................- 4 -
1.7
..........................................................................................................- 5 .............................................................................................................- 6 2.1
...................................................................................................- 6 2.1.1
......................................................................................................- 6 -
2.1.2
............................................................................................- 8 2.1.3
...................................................................................................- 9 2.2
........................................................................................................................- 9 2.2.1
...............................................................................................- 9 -
2.2.2
........................................................................................................ - 10 -
2.2.3
............................................................................................. - 11 -
2.3
............................................................................................. - 11 ............................................................................................................... - 13 3.1
............................................................................................................... - 13 3.1.1
............................................................................................. - 14 3.1.1.1
................................................................................................. - 14 3.2
3.1.1.2
................................................................................................. - 15 ............................................................................................................... - 19 3.2.1
3.3
........................................................................................................... - 21 3.3.1
........................................................................................................ - 21 3.3.2
3.3.3
.................................................................................................................. - 19 -
3.3.4
........................................................................................................ - 25 ......................................................................................................................... - 28 4.1
...................................................................................................................... - 28 4.1.1
........................................................................................................... - 28 4.1.2
............................................................................................................... - 29 4.1.2.1
4.1.2.2
............................................................................................. - 29 ...................................................................................... - 30 -
4.1.2.3
....................................................... - 31 4.1.3
...................................................................................................................... - 33 4.1.4
...................................................................................................................... - 33 4.1.4.1
................................................................................................. - 34 4.1.4.2
............................................................................... - 35 -
iv
[]Jon Callas
()
4.1.4.3
4.1.4.4
.......................................................................................... - 35 ................................................................................................. - 36 -
4.1.4.5
............................................................................................. - 37 -
4.1.4.6
4.1.4.7
...................................................................................... - 38 ................................................................. - 39 -
4.1.4.8
4.1.4.9
4.1.5
Hash .............................................................................................................. - 46 4.1.5.1
Hash ........................................................................................ - 47 4.1.5.2
4.1.6
4.1.7
Hash ................................................................................................ - 47 -
.............................................................. - 49 ............................................................................................................... - 50 -
4.1.7.1
............................................................................ - 50 4.1.8
........................................................................................................... - 51 4.1.8.1
4.1.8.2
4.1.8.3
4.1.8.4
4.1.9
............................................................................................................... - 53 -
4.1.9.1
4.1.10
4.1.11
4.1.12
4.1.13
4.1.14
............................................................................................................... - 59 ........................................................................................................... - 63 -
......................................................................................................................... - 64 5.1
...................................................................................... - 64 5.1.1
5.2
............................................................................................................... - 64 -
........................................................................................................ - 65 5.2.1
................................................................................................. - 65 5.2.2
........................................................................................................... - 67 5.2.2.1
................................................................................... - 68 5.2.3
5.2.4
5.3
........................................................................................................... - 68 .................................................................................................... - 69 -
........................................................................................................... - 70 5.3.1
............................................................................................. - 70 5.3.1.1
................................................................................................. - 70 -
5.4
5.3.1.2
................................................................................................. - 71 ...................................................................................................................... - 71 -
5.5
5.6
5.7
5.8
Hash ...................................................................................................... - 76 -
[]Jon Callas
()
5.8.2
............................................................................................................... - 76 5.8.2.1
............................................................................ - 76 -
5.9
5.8.2.2
........................................................................ - 77 -
5.8.2.3
5.8.2.4
.......................................................................................... - 77 ...................................................................................... - 77 -
5.8.3
........................................................................................................... - 78 .................................................................................................... - 79 5.9.1
5.9.2
............................................................................................................... - 79 .................................................................................................... - 79 -
5.9.3
............................................................................................................... - 80 -
............................................................................................................... - 81 6.1.1
WinZip................................................................................................................... - 82 -
6.1.2
WinRAR ................................................................................................................. - 83 6.1.3
7Zip....................................................................................................................... - 84 6.1.4
UHARC .................................................................................................................. - 85 6.2
............................................................................................................... - 85 -
6.3
6.2.1
6.2.2
Foxmail.................................................................................................................. - 86 -
........................................................................................................ - 87 6.3.1
O&O Soft SafeErase................................................................................................. - 88 6.3.2
East-Tec DisposeSecure............................................................................................ - 88 -
6.3.3
Linux ............................................................................................ - 89 6.4
........................................................................................................ - 95 -
6.4.1
6.4.2
6.4.3
PGP ....................................................................................................................... - 97 -
6.4.4
6.4.5
6.4.6
The GNU Privacy Guard ........................................................................................... - 98 PGP ................................................................................................................... - 100 7.1
7.2
................................................................................................................................................ - 102 -
vi
[]Jon Callas
()
John Roberts
1.1
PGP
1.2
0 1
1.3
b
30 3000
c PGP
d
lim
-1-
[]Jon Callas
()
1.4
3
3
340,282,366,920,938,463,463,374,607,431,768,211,456 2 128
-2-
[]Jon Callas
()
1.5
Cryptography
(hidden writing)
(plaintext)ciphertext
cipher
keyencryptingdecryptingb
codes
A 49
Unicode cCodebooksd
cryptanalysis
cryptographycryptology
1.5.1
steganographyecovered writing
b
F(x,y)=G,F G , 2 F 2 x y
2 .
c
Uni code
http://www.unicode.org
d
-3-
[]Jon Callas
()
1024
1024 64K
Peter Wayner
Internet
a
Internet
steganalysis
b
PGP
c
PGP PGP
PGP 2005 2000
PGP
1.6
Phil Zimmermann PGP PGP
PGP dPGP
e PGP OReilly 1995
f
ORC
Google
[]Jon Callas
()
OpenPGPOPGPMIMEa
1.7
Paulina Borsook Olivia Dillan Will Price
Barbara Jurin Phil Zimmermann
Tom Stoppard
-5-
[]Jon Callas
()
2
.
Kalil GibranSand and Foam
3000
?
2.1
2.1.1
48
26.7a 13.3
2004 670
b
50 2004 29
2004 6 14500
2003 11
a
Sma rtPhonePDAPocketPC
b
2004 CSI/FBI
c
4
d
2004 11.8 Fi tzgerald, Mi chael CIO How to Stop a Laptop Thief
http://cio.idg.com.a u/index.php/id;1973406143;fp;4;fpid;18
-6-
[]Jon Callas
()
2004 5 a
2004 5 100 Drug Enforcement AdministrationDEA
b
400 2
DEA FBI
2004 3
c Blue Shield Cigna
100000 The Alameda
Alliance for Health
2004 2 Fargod
e
2004 1 GMAC 200000
2 f g
2003 12 43000 Rhode
CEO IT
h
i
2000 9 Qualcomm CEOIrwin Jacobs
20
j
a
2004 10 Becker, Da vid CNet UCLA laptop theft exposes ID info UCLA
http://news.com.com/UCLA+laptop+theft+exposes+ID+info/2100-1029_3-5230662.html
b
2004 6 7 Missing: A Laptop of DEA Informants DEA
http://www.msnbc.msn.com/id/5092991/site/news week/
c
2004 5 La za rus , Da vid Window smashed, data los t
http://www.sfga te.com/cgi-bin/a rti cle.cgi ?file=/chroni cle/a rchi ve/2004/05/12/BUG8O6JPV71.DTL&type=business
d
e
2004 4 16 La za rus, Da vid,Ca r thief whisks o Wells data Wells
http://sfga te.com/cgi-bin/a rti cle.cgi?f=/c/a/2004/04/16/BUGH865O141.DTL
f
g
2004 3 25 McDougall , Paul Laptop Theft Puts GMAC Cus tomers Data At Risk GMAC
[]Jon Callas
()
2.1.2
,
a
2004 8 Berkeley ,
2001 In-Home Supportive ServicesIHSS 140
b
2004 2 Windows 2000 Windows NT 600MB
c
2003 8 Berkeley Bancroft
17000
12 d
2002 2 Jeremiah Jacks Guess.com
e 20000 Guess.com
Federal Trade CommissionFTC
20
f
b
2004 10 20 Cl aburn, Thomas Break-In At Berkeley Ma y Ha ve Compromised Data Of 1.4 Million
Californians 140
http://informa tionweek.securi typipeline.com/news/50900323
c
2004 2 12 Lemos , Robert CNet Mi crosoft Probes Windows Code Leak windows
http://news.com.com/2100-7349_3-5158496.html
d
2003 11 23 La za rus , Da vid Online brea ch a t Bancroft (Bancroft )
http://www.sfga te.com/cgi-bin/a rti cle.cgi ?file=/chroni cle/a rchi ve/2003/11/23/BUG5D37C7T1.DTL
e
2002 3 2 Poulsen, Kevin Guesswork Pla gues Web Hole Reporting
http://www.securi tyfocus.com/news/346
f
2003 6 30 Poulsen, Kevin PetCo Pl ugs Credit Ca rd LeakPetCo
http://www.securi tyfocus.com/news/6194
g
h
http://www.pri va cyri ghts .org/a r/idtheftsurveys .htm
-8-
()
[]Jon Callas
2003 33 2006 40
2.1.3
iTunes
i
i i
i
!
CCTV i
IC IC
2.2
2.2.1
European Union Privacy DirectiveEUDPD bData Protection
DirectiveDPD
DPD 8 7
Personal Information
Protection and Electronic Documents ActPIPEDA 2 c
d
i Tunes Mp3
http://www2.echo.lu/legal/en/dataprot/di recti v/di recti v.html
http://europa.eu.int/comm/jus ti ce_home/fs j/pri va cy/ DPD
http://www.dss .sta te.ct.us/digi tal/eupri v.html
c
http://www.pri vcom.gc.ca /fs -fi /02_05_d_15_e.asp
http://www.pri vcom.gc.ca /informa tion/02_06_01_e.asp http://laws .justi ce.gc.ca/en/P-21/index.html
d
http://austlii .edu.au/graham/PLPR_aus tralian_guide.html
b
-9-
[]Jon Callas
()
aHHS HIPAA
2.2.2
2Basel II
Financial Services Providers FSPsBasel II FSP
SOXSarbanes-Oxley Act
SOX 404
SOX 404 IS017799 the Business Security
Alliancethe Information Security Governance Task Force
the Federal Information Security Management Act FISMA
a
internet i i I
b
PIPA http://www.pri va cyexchange.org/japan/japa nmain.html
- 10 -
[]Jon Callas
()
Sarbanes-Oxley
ISO17799 FISMA
GLBGramm-Leach-Bliley)
GLB
The Federal Financial Institutions Examination CouncilFFIEC
FFIEC FFIEC
2.2.3
California Senate Bill 1386CA SB
the Database Security Breach Notication Act SB1386
CA SB1386
SB1386
SB1386 2005
a SB1386
23
SB1386
2.3
90
75 .
,
- 11 -
[]Jon Callas
()
a 1990 2000
2000
Wassenaar Agreement
2006
PGP
7 b
2
, .
WiFi Wapi
- 12 -
[]Jon Callas
()
Kahn
Kahn The Codebreakers
b
Kahn
3.1
3
2 3
2 3
c
Jtwo O
2 CTHCH
SHf
D. Kahn,The Codebreakers : The Story of Se cret Wri tingSi mon & Schus ter 1996 ,
ISBN 0-684-83130-9 (1967 ).
cipher 15 al-Qalqashandi 14
b
S. Singh The Code Book: The Evolution of Secrecy from Ma ry, Queen of Scots , to Quantum Cryptography Ma ry
, Doubleda y 1999 ,ISBN 0-385-49531-5.
c
d
.
- 13 -
[]Jon Callas
()
3.1.1
26 26 2 01
3.1.1.1
(1) .
(2) .
A
51325 56B 71931 42
(3) .
ABAUIYABB YGG
(4) .
13
3 A D B E ......W Z X A Y B Z C
ROT13 UNIX A N B
O 13 ROT13 Vsenet
26
1401 Duchy Mantua
- 14 -
[]Jon Callas
()
1854
Huffman
20
20
3.1.1.2
2
10
CRYPTOGRAP
HYHASALONG
ANDFASCINA
TINGHISTOR
Y
Julius Caesar
3 A D
B E ......W Z X A Y B Z C
3
a 26 27 1
ADFGVX
George Painvin
Caesa r JU
- 15 -
[]Jon Callas
()
Bruce Schneier a 2
Robert Morris Sr 2
3 Bruce
b
Gregg Gregg
c
ETAOIN SHRDLU
1.
2.
1 100
1 26 E 1 Q
Bruce Schneier, Applied Cryptography: Protocols, Algori thms , and Source Code in C, second edi tion
C , John Wiley & Sons , 1996; ISBN 0471117099.
b
Bruce
c
e
the Aegea n Pa rk Press http://www.aegeanpa rkpress .com/desc.html
1
1876
- 16 -
[]Jon Callas
()
3.
4.
9001
9049 9964 9001
9049 9964 9000
5.
A.Kerckhoffs 19
Kerckhoffs
a
(1)
(2)
(3)
(4)
- 17 -
[]Jon Callas
()
(5)
(6)
(7) (Rubber-hose)
#definestructelsereturn
b
David Kahn
Kerckhoffs
PURPLE
C IFThenFor
[]Jon Callas
()
Jelerson WheelJWheel a
Thomas Jelerson
3.2
black chamber
18
20
MI-18 Herbert O.Yardley
1929
3.2.1
20
Vigenere 26
FAU
BLC
4 FA YF
EY
CEC
n
26n
Enigma Arthur Scherbius Richard Ritter 1918 dScherbius
Enigma
Enigma Arthur Scherbius
a
[]Jon Callas
()
Enigma
Enigma
Enigma
20 90 Enigma
a
Enigma 3 4
b
NEMA 11
Enigmac
PURPLE d Hagelin M-209 e
Lorenz Colossus
g
Colossus 50
Alan Turing Tony Sale Bletchley Park Tony Sale the Bletchley Park
a
BletchleyPa rk.net Eni gma http://www.bletchleypa rk.net/s tationx/enigma.html Ha rtmut Petzold The Eni gma rotor-type
cipheri ng machine of the German Armed Forces Enigma
http://www.deutsches-museum.de/ausstell /meister/e_eni gma .htm
b
NEMA Neue Ma chineNeue New Ma chine
c
Eni gma Mi chael Apted, Tom Stoppa rd Robert Ha rris
http://imdb.com/ti tle/tt0157583/
Enigma Bletchley Pa rk Trus t
Mi ck Jagger
d
Fra nk B. Rowlett The Story Of Ma gic, Memoi rs of an Ameri can Cryptologi c Pioneer
[]Jon Callas
()
11 NEMA Enigma 90
3.3
1975
1975 DESthe Data Encryption Standard
3.3.1
20 70
Ralph MerkleWhitfield diffe Martin Hellman
Ralph Merkle 3
diffe-Hellman 3 Ron RivestAdi Shamir
Len Adelman RSA d
2
d
GCHQ RSA
CESG non-secret encryption
Bruce Schneier Non-Secret Encrypti on, Crypto-Gra m of Ma y 1998
1998 5 http://www.s chneier.com/crypto-gra m-9805.html .
b
- 21 -
[]Jon Callas
()
public-keysecret-keyprivate-Key
, 2 P
, Pu (public,) Pr (private,
) Public -key (P ) Secret-key
S
public
private
secret
2 original cryptography
symmetric-key cryptography ()asymmetric
cryptography for public-key cryptography
2 ,
391 17
23 PGP
a
3.3.2
1975 the Data Encryption StandardDES
1973 ,
1974 IBM Luciferb.
DES the National Security AgencyNSA DES
8 (64-bitc) 7 (56-bit)(
data structuresS-boxes) NSA DES
1977 Government Federal Information Processing Standard ,FIPS), FIPS-46
DES
NSA DES 64-bit 56-bit
DES
NSA DES DES
d
backdoor
c
1 8 2
00101010 11111111 10 255 00000000 256 As cill
256 256 16 2
d
NSA DES DES Walter Tuchman NSA
b
- 22 -
[]Jon Callas
()
DES
()
19 Auguste Kerckhos Kerckhos
a
DES Kerckhos 1991
DES DES
b
DES
b
Eli Biham Adi Shami r,
Dierential Cryptanal ysis of DES-like Cryptos ys temsDES , Journal
of Cryptology, 4 3-72, IACR, 1991 Di erential Crypta nal ysis of the Da ta Encryption StandardDES
Springer, 188 , ISBN 0-38797-930-1.
c
Triple
d
meet-in-the-middle
- 23 -
[]Jon Callas
()
3.3.3 AES
90 NIST DES
1997 1 NIST DES
a
128bit
128bit 128192256bit
DES 5 2003
25 50
DES
NIST 5 AES
NIST
AES
DES IBM
MARS IBM
IBM
Daemen, Ri jmen, The Design of Ri jndael: AES - The Adva nced Encryption Standa rd (Informa tion Securi ty and Cryptography)
Ri jndael AES-, Springer-Verlag, 2002.
b
NIST AES http://cs rc.nis t.gov/CryptoToolki t/aes/ AES
http://csrc.nist.gov/CryptoToolki t/aes/pre -round1/aes _9709.htm
c
128-bi t 128-bit
Bruce Schneier Blowfish 448-bi t Schneier 128
SSL RC4 2048-bi t 600-bi t
128-bi t 128bi t
()
- 24 -
[]Jon Callas
()
a
NSA
Rijndael Rijndael
Twofish Twofish
15 Rijndael Rijndael OpenPGP
e Twofish PGP
NIST 1999 AES 5
AES NIST
2000 3
AES
NIST Rijndael AES
Rijndael
2 AES
NSA
AES 5
Kerchos
AES NIST hash
f
3.3.4
19 80 90
a
Flemish Ri jndael R ij
rain-doll rhine-doll rain-doll rhine-doll
rain-doll
c
Twofish
d
Serpent
e
Peter Gutmann The Crypto Ga rdening Guide and Planting Tips 2003 2
http://www.cs .auckland.a c.nz/pgut001/pubs/crypto_guide.txt Peter Gutmann
PGP 2
.
f
Hash http://www.nist.gov/hash-function
b
- 25 -
[]Jon Callas
()
DES
DES
Martind Hellman Kahn the Codebreakers
PGP
1998 2000 PGP
1999
2000
a
[]Jon Callas
()
- 27 -
[]Jon Callas
()
Willa Cather
PGP
4.1
4.1.1
xy z x y z
xy Alice a Bob
Alice Bob A B
2 Ron Rivest RSA
Alice Lewis Carroll Alice Carroll
Carol Charlie
DaveDeliaDoris
Eve Mallory Alice
Bob Bob Alice
Victorian Bob Alice
AliceBob EveMallory
Alice
Bob
Carol
John Gordon The Ali ce a nd Bob After Dinner Speech Alice Bob, Zuri ch Semina r , 1984 4
http://downlode.org/etext/alicebob.html
- 28 -
Dave
[]Jon Callas
()
Eve
Mallory
Trent
Walter
Alice Bob
Peggy
Victor
4.1.2
aentropy
b
4.1.2.1
a
b
shang
a b b a a b ab
- 29 -
[]Jon Callas
()
(1)
2256
(2)
4.1.2.2
101110100101010101
(3)
One-Time Pads
DES
DES
PGP
PGP
- 30 -
[]Jon Callas
()
4.1.2.3 a
Random.org
1Random.org
[]Jon Callas
()
a
b
c
http://www.random.org/bitmaps/
http://en.wikipedia.org/wiki /Mersenne_twister
PHP http://cod.i fies.com/2008/05/php-rand01-on-windows -openssl-rand-on.html
- 32 -
[]Jon Callas
()
32 32
/dev/random MD5
/dev/random
/dev/random /dev/random
/dev/urandom
MD5
MD5
/dev/urandom /dev/random
4.1.3
PGP
1. raw keys
2. Derived keys
Actual key
3. Structured keys RSA
4.1.4
PGP
reverse-engineer systems
2
- 33 -
[]Jon Callas
()
1 2
2
block size.
4.1.4.1
2048-bit 2048-bit256 a
64-bit
128-bit (8 16 )AES 128-bit AES
Twofish Triple-DESCAST IDEA 64-bit
stream ciphers 1-Bit SSL b RC4
Caesar Enigma
16
d
2
Chaining
initialization
a
Bi t byte 8 20488256
SSL (Secure Socket La yer)SSL TCP/IP SSL
SSL SSL Record Protocol TCP
SSL SSL Handshake Protocol SSL
http://baike.baidu.com/view/16147.htm
c
WEP WEP
WEP
- 34 -
[]Jon Callas
()
vector IVaIV
IV
2
( IV)
PGP PGP
b
128-bit16 2128
d
295,147,905,179,352,825,856 256Eb
128-bit 256-bit
4.1.4.2
4.1.4.3
e
p qn = p q n
hash
p q n p
a
b
Shai Halevi Phillip Rogawa y A Pa rallelizable Enciphering Mode ,
http://eprint.ia cr.org/2003/147
232 834359738368byte32Gb k/M/G/T/P/E/Z/Y 1000 1024B byte
1000 1024 1000 1024
d
hash bi rthda y atta cks
e
,RSA , 200 , 100
,,,, ,
c
- 35 -
[]Jon Callas
()
q 2 1000-bit n
p q 500-bit
2
RSA ( Ron RivestAdi Shamir Len Adleman
)
Rabin ( Michael Rabin)RSA Rabin RSA
p q Rabin
Rabin RSA aRabin
b
RSA RSA
4.1.4.4
Die-Hellman Whiteld
Die Martin Hellman Die-Hellman m = g x x
Die-Hellman Die-Hellman
c
ephemeral
Die-Hellman Elgamal Taher Elgamald
Elgamal Die-Hellma RSA
Die-Hellma PGP Elgamal (DSS Elgamal
)
12
e
11 3 2 14
200 100 f 12 24
100 0
g
- 36 -
[]Jon Callas
()
12 4
12 4 : [12,4,8]
[1, 5,9][2,6, 10] [3, 7, 11]
( ) g x mod pg x
p mod b
a
: 5
5
5 mod 111 p 1000-bit
1000-bit
c
RSA
Diffe-Hellman d
15 20
4.1.4.5
bit
128-bit 128-bit
128-bit 1
e 1
f
256-bit AES
g
DES 5 20 AES
50
2 NIST
a
Mod 7 mod 31 7 3 2 1.
Ca esar the shift-by-N c = p + k(mod 26)
c p
c
d
Certi com
http://www.certi com.com/i ndex.php?a ction=ecc_tutorial ,home
e
f
CPU GPU
g
- 37 -
()
[]Jon Callas
56
Hash
80
112
160
MAC
64
60
RSA/DSA
512
1024
160
128
192
256
256
384
512
256
384
512
2048
3072
7680
15360
224
256
384
512
4.1.4.6
1.
2.
3.
600RMB 30 RMB
3 RMB
100
30%
56-64-Bit
64-Bit
112-Bit
>40
128-Bit
>50
128-Bit
>50
128-Bit
>65
>128-Bit
- 38 -
1
2 32
[]Jon Callas
()
100
>128-Bit
a
18 5 b 50 1010 c
50
30 2000
2025 2075
4.1.4.7
PGP 15,000-bit ; 4096-bit
128-bit
2050 109-bit 4047-bit RSA/DSA 206-bit
44.4 DES 1982
128-bit
a
b
2009.8 4
18 18
5012
100
2 18 =2 3 =10822639409.68091010
d
Arjen K. Lens tra Eri c R. Verheul Selecting Cryptographi c Key Sizes
, Journal of Cryptology Volume 14,
Number 4, 4 4 255 293 , 2001 http://www.keylength.com/
f
Bruce SchneierJohn KelseyDoug WhitingDa vid Wa gnerChris Hall Niels Ferguson Twosh: A New Block Ci pher
, http://www.schneier.com/twofish.html 128-bi t 192 256-bi t 128-bi t
- 39 -
[]Jon Callas
()
1024-bit 2001
Intel Pentium4 2G Hz
512MB DDR400
IDE 7200 FAT32
Benchmark
3
AES
Twofish
31.0
29.6
30.3
Serpent
19.3
19.5
19.4
AES-Twofish
17.0
14.1
15.6
Serpent-AES
12.8
11.6
12.2
Twofish-Serpent
12.1
11.5
11.8
Serpent-Twofish-AES
9.1
8.4
8.8
AES-Twofish-Serpent
9.1
8.4
8.8
2003 2009 6
: Mobile DualCore Intel Core 2 Duo T7100, 2000 MHz (10 x 200) 1800 MHz
Intel GM965 (Centrino (Santa Rosa) )
2GB Kingston DDR2 677 2X1GB
HitachiI Travelstar 5K500.B 320 GB 5400 RPM SATA2
TrueCrypt 6.1a
10MB
4
AES
131
131
131
Twofish
114
119
116
Serpent
58.9
59.7
59.3
- 40 -
[]Jon Callas
()
AES-Twofish
60.2
56.8
58.5
Twofish-Serpent
Serpent-AES
38.2
39.8
40.2
40.5
39.2
40.1
AES-Twofish-Serpent
Serpent-Twofish-AES
29.9
30.1
30.6
22
30
24.6
10
10
10
2009 CPU CPU a
b c
3G 2.4G WiFiWapi d
1G Hz III
b
Windows Mobile SymbianLinux
Windows Mobile Symbian
c
Nokia E71E66 E63 XTS AES 128-bi t
WEP
WAPI
IEEE 802.11i
AP MT AP MT AS MT
Ra dius MT AP
AP
Ra dius
AS
AP Ra dius
AP MT
64 bi t RC4
192 ECC192
64-bi t RC4
128-bi t SMS4
128-bi t AES 128-bi t RC4
- 41 -
()
[]Jon Callas
One-Time Pads 5 6
One-Time Pads 26 27
0 26 27 1
100 1000
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
6One-Time Pads
1 200
17
3
23
16
14
11
0
15
7
17
10
16
22
21
9
5
6
8
18
11
12
23
18
19
14
16
11
22
17
6
10
13
23
25
23
1
11
0
15
4
10
11
12
24
2
5
6
24
26
19
2
21
22
26
17
2
10
5
0
15
11
10
8
7
3
9
6
One-Time Pads
Leo Ma rks, Between Silk Cyanide:
A Codemakers Wa
r
, 1941-1945,, 624 , ISBN: 0-684-86422-3
(), 0-684-86780-X () Leo Ma rks
Cha ri ng 84 . (The Las t Temptati on of Chris t
) 22 SOE
the dot-com
Ma rks
Ma rks
Ma rks one-time pads (
)
- 42 -
()
[]Jon Callas
18
19
19
26
11
14
24
12
19
18
9
20
3
7
14
7
16
4
4
8
17
1
6
11
1
25
16
0
1
N
1.
N
2. A 2 C
27 i
i i .i 12 27 27
27
One-Time Pads 17N 1417
143131 27 31274 4 D D
27 27
27
3.
4. One-Time Pads ( 2
)
One-Time Pads
14N
10+27-14=23
15O
23W
NOW
55
STOP
STOPSTOPSTOP 100 NYAH NYAH NYAH
- 43 -
[]Jon Callas
()
3
One-Time Pads
One-Time Pads
One-Time Pads 26
a
one-time pads
(Flashpaper b)
Alice Bob
c
Alice Justin
one-time
pad
. flashpaper
c
Ali ce Justin Case
- 44 -
[]Jon Callas
()
Alice Bob a
NSA
10
one-time pads
one-time pad Alice Bob PGP
Eve Eve
one-time pads
One-Time Pads One-Time Pads
One-Time Pads One-Time Pads
One-Time Pads
One-Time Pads
One-Time Pads One-Time Pads
One-Time Pads
One-Time Pads
PGP Phil Zimmermann PGP
one-time pad
128-bit
256 -bit
- 45 -
[]Jon Callas
()
4.1.5 Hash
Hash functions a
hash hash
hash hash
hash 2 hash
hash
100 500
2 1
2 hash
PGP
hash
hash PGP
hash hash
hash
Hash
b
x x=123
- 46 -
[]Jon Callas
()
hash a
hash
2 hash
2 hash
4.1.5.1 Hash
4 hash PGP
7 Hash
Bits
MD5
128
SHA-1
160
RIPE-MD/160
160
SHA-256
256
SHA-512
512
SHA-2 SHA-256
SHA-384
384
4.1.5.2 Hash
(2006 ) hash
b
2004 hash
RSA S Adi Shamir hash
2005 SHA-1c
hash 2 hash
d
combinatoricsPigeonhole Principle
13 12 2
b
hashMD4MD5HAVAL-128 RIPEMD http://eprint.iacr.org/2004/199
c
Finding Collisions in the Full SHA-1 SHA-1 Advances i n Cryptology CRYPTO 2005,
LNCS 3621, Spri nger, 2005, ISBN 3-540-28114-2, 17-36 google
d
- 47 -
[]Jon Callas
()
Alice 1/365a
2
hash hash
bc
23
prob pigeons,holes = 1
holes!
holes pigeons ! holes pigeons
2
2
2004
128-bit hash
6
160-bit hash
2
hash
John Kelsey
a
2 29
8 11 8 3
c
http://mathforum.org/dr.ma th/faq/faq.bi rthda yprob.html
http://ma thworld.wolfra m.com/Bi rthda yProblem.html http://mathworld.wol fram.com/Bi rthda yAtta ck.html
d
NA = 6.0221367 10 23mol1
b
- 48 -
[]Jon Callas
()
4.1.6
2 data integrity
Message Authentication CodesMACsDigital Signatures
hash HMACs
MACs SSL
John Kelsey Bruce SchneierSecond Preimages on n-bi t Hash Functions for Much Less than 2n Work n hash 2
2n http://epri nt.iacr.org/2004/304
b
Mi chael Szydlo Yiqun Lisa Yin,Collision-Resistant usage of MD5 and SHA-1 via Message Preprocessing MD5 SHA-1
http://eprint.ia cr.org/2005/248
c
ta r POSIX 1003.1-1990 PGP Zi p
ta r gnuta r http://www.gnu.org/software/ta r/ POSIX ta r gnuta r
dis t/s rc/ ta r.h ta r
- 49 -
[]Jon Callas
()
hash
2
()
hash
hash hash
Hash
hash
4.1.7
metadata
ISBN a
? 2
4.1.7.1
() Alice
Bob Alice Alice Bob Alice
Bob
Alice
- 50 -
[]Jon Callas
()
()() a
Alice
2
2 OpenPGP X.509 PGP
self-signed certificatesAlice Bob
Alice Bob
3 Charlie OpenPGP third-parties Trusted
Introducers X.509 Charlie Certificate AuthorityCA
4.1.8
4.1.8.1
Bob Alice Alice
4.1.8.2
Bob
Alice Charlie Bob Charlie
Charlie GeoTrust VeriSign CA
Root Certificates)
Alice Jack
112 113
- 51 -
[]Jon Callas
()
2 3
VeriSign
VeriSign
4.1.8.3
cumulative trust
PGP Bob (
b
4.1.8.4
Bridge CAs
Wi ndows IE Internet
2/3
c
PGP 1
d
Ueli Maurer,Modelling a Publi c-Key Infrastructure 1996 (ESORICS
96)Springer-Verla g Computer Science , 1146 , 325-350 , 1996 9
http://citeseer.ist.psu.edu/ma urer96modelling.html
b
- 52 -
[]Jon Callas
()
4.1.9
2 X.509 OpenPGP 2
PGP
X.509 OpenPGP
4.1.9.1
X.509
OpenPGP
OpenPGP X.509
www.pgp.com SSL (www.pgp.com)(
) GeoTrust
OpenPGP ( jon@pgp.com)
PGP
(http://keyserver.pgp.com/) Phil Zimmermann Will Price , Jeff Moss
X.509
jcallas@pgp.com jon.callas@pgp.com
4.1.10
2 OpenPGP a S/MIMEb CMS c
Jon Callas, Lutz Donnerhacke, Hal Finney Rodney Thayer OpenPGP Message Forma tOpen , RFC2440
OpenPGP http://www.ietf.org/rfc/rfc2440.txt
b
TLST. Dierks and C. Allen, The TLS Protocol Version 1.0TLS 1.0, RFC2246
http://www.ietf.org/rfc/rfc2246.txt
c
R. HousleyCryptographi c Message Synta x (CMS), RFC3852http://www.ietf.org/rfc/rfc3852.txt
- 53 -
[]Jon Callas
()
1.
2.
c
3. MAC
MAC
4. OpenPGP CMS
5. AES
6.
7.
8. CMS S/MIME OpenPGP
.
d
4.1.11
1.
VPN
VPN VPN
http://baike.baidu.com/view/19735.htm
c
WinHex Ul traEdi t 16
d
http://baike.baidu.com/view/279751.html
- 54 -
[]Jon Callas
()
2.
3.
4.
5.
6.
7. MACs
8.
4.1.12
PGP
3
0 9 10
1000
a
b
3 6
10 26 52 62 96
c
a
,
,,,
c
- 55 -
[]Jon Callas
()
Top10
1.8 Top10 Top10 1.8
.thomas 0.99
.arsenal 1.11
.monkey 1.33
.charlie 1.39
.qwerty 1.41
.123456 1.63
.letmein 1.76
.liverpool 1.82
.password, 3.780password password
.123 4123 hao123
LockDown.com
PC 348
163 33 62
253 22 23
http://baike.baidu.com/view/218531.htm
- 56 -
[]Jon Callas
()
) 3.8 12
1 password1
Schneier passwordpassword1
Schneier ()
Schneier
MySpace 34000
Johansson
68
EG05p8DVkoS29CI54Bz83PnyD65KxQLjyTh6FjklX0pM1n624Y58n9bPS7lUO5G0
ERA - GUN - zero - five - pen - eight - DOG - VOW - key - orb - SEA - two - nine - CUP - INK - five - four - BIT - zen - eight three - PEN - net - yap - DOG - six - five - KEY - xmas - QUIZ - LEG - jug - yap - TIA - hat - six - FLY - jug - key - leg - XMAS zero - pen - MAN - one - net - six - two - four - YAP - five - eight - net - nine - bit - PEN - SEA - seven - leg - UNIT - ORB five - GUN - zero
l1hQ3TXE69JsDO63ZT059MF2I8e0m41j8ptA3R58FP7Nxm654R8KB39XryOE1NVd
leg - one - hat - QUIZ - three - TIA - XMAS - ERA - six - nine - JUG - sea - DOG - ORB - six - three - ZEN - TIA - zero - five nine - MAN - FLY - two - INK - eight - era - zero - man - four - one - jug - eight - pen - tia - AIR - three - RAT - five - eight FLY - PEN - seven - NET - xmas - man - six - five - four - RAT - eight - KEY - BIT - three - nine - XMAS - rat - yap - ORB ERA - one - NET - VOW - dog
^0^a
- 57 -
[]Jon Callas
()
16,000
spainspanishspaniard
Bulfinch
2001twelveaaaaaaaaaa
fuckyou
ibmsuxdeadheadqwerty
asdfzxcvbnroygbivooottafagvah
letc/hosts
Klein
66,000
2
O0scholar
sch0larl1scholarscho1ar
Z2S5
dressdresseshousehousesdaisy
daisies Klein
datumdatums
data
sphynx
sphynxssphynges-ed-er-ing
phasephasedphaserphasing
1,000,000
23
michaelmIchael
miChael
michAelMIchael
MiChaelMicHael mIChaelmIcHael
400,000 1,500,000
3,000,000 456
- 58 -
()
[]Jon Callas
34
n n
4.1.13
DNA
DNA
- 59 -
[]Jon Callas
()
DNA
1.a
2.b
CCD
3.
3 8
4.
5.a
a
b
c
fi ngerprinting http://baike.baidu.com/view/7245.html?wtp=tt
http://baike.baidu.com/view/1315106.htm
http://baike.baidu.com/view/831985.htm?func=reti tle
- 60 -
[]Jon Callas
()
6.
7. DNA
DNA DNA
DNA
DNA
DNA DNA
DNA DNA
8.
9.
90%~95%
http://baike.baidu.com/view/246859.html
http://www.hudong.com/wi ki/%E9%9D%A2%E9%83%A8%E8%AF%86%E5%88%AB%E7%B3%BB%E7%BB%9F
b
http://baike.baidu.com/view/1888819.html
- 61 -
[]Jon Callas
()
10.
Lumidigm
light printFingerprinting(Face recognition)
a
ISOIEC
ISO/IECTR247222007
ISO/IECTR247222007
ISO/IEC
TH-ID
1
2
[]Jon Callas
()
2008
4.1.14
hash
- 63 -
[]Jon Callas
()
Niels Bohr
5.1
100
bBluetoothc
dfuel cells
5.1.1
b
VoIPVoice over Internet Protocol IP 2.4Ghz
<100m
c
Internet
d
2008 IDFIntel Devel oper ForumIntel
WiFi 2-3
75
e
()
- 64 -
[]Jon Callas
()
5.2
5.2.1
X, Z,
aJohn Hargrave
b.
Alice Bob Trent
Trent Alice Bob(
) Alice KA Bob KB
, Mi ckey Mouse
- 65 -
[]Jon Callas
()
Trent Alice
Alice Alice
- 66 -
()
[]Jon Callas
PGP
PGP
?
PGP
b
9
YES
NO
NO
YES
YES
NO
NO
YES
NO
YES
YES
NO
YES
NO
YES
Hash
NO
NO
YES
NO
NO
YES
YES
NO
5.2.2
Leibniz
Godel Leibniz c
Bob Alice Alice Bob
Alices
1024-bit RSA 160-bit hash d280
Alice Alice
a
- 67 -
[]Jon Callas
()
80-bit Alice
280 Alice
Alice Alice
the Brooklym Bridge 10
5.2.2.1
Alice 80 bits
Alice ?
256 bits 280 2256
a2240
Alice Coyote b
2256
,
5.2.3
Stewart Baker
Grandma picks a bad password, Grandma loses her house
Ali ce ,Ali ce
b
Christopher Moore,Coyote Blue,Perennial Books , ISBN 0-06073-543-0.
- 68 -
[]Jon Callas
()
Alice
5.2.4
DomainKeys
a
DKIM
DKIM
OpenPGP S/MIME DKIM
PGP CTO CornerPGP c
DKIM
DKIM
Yahoo! ( eBay
eBay )
DKIM
Miles eBay 20 eBay
eBay eBay
DKIM DKIM
d
DNS
privacy-friendly
DKIM DKIM
DKIM DNS
DNS DKIM DNS
a
b
c
d
DKIM http://www.dkim.org/
[]Jon Callas
()
DKIM DKIM
5.3
2
PGP
5.3.1
5.3.1.1
/
NSA
DES RSA
Mallory
VLSI
Clipper Capstone
Mallory
IBM
TEMPEST
- 70 -
[]Jon Callas
()
T1
PC-
5.3.1.2
Mallory
Mallory
TEMPEST Mallory
5.4
a
a
TPM
PC
- 71 -
[]Jon Callas
()
(
)
99.9%
a
CIO 10 100
100
USB
PGP
5.5
ERM
PC TPM TPM
TPM
TPM
a
Chief Informa tion Offi cer
b
DRM http://baike.baidu.com/view/47310.htm
- 72 -
[]Jon Callas
()
5.6
Stacker DoubleSpace
DoD a 0011
0101 1100 1010 1001 0111
DoD
DoD 1 0 1-0
7 1 0 5
[]Jon Callas
()
10 5220.22-M C
a.I
a b
ab m
b.II
II
a b
b m
c.
III
a b
d.
Bernoullis
ab c
ab c
e.
abd m
f.
ab c
abd m
g.
h. 0
m, n
j. i c 3
m, n
k.
i.
l. K
(DRAM)
c g
cg m
m.
(EAPROM)
j m
n.
(EEPROM)
h m
o. 6
(EPROM)
l c m
p.
Flash EPROM(FEPROM)
c i m
q./
(PROM)
abc m
abc m
c f m
(NOVRAM)
c g
c g m
(ROM)
DoD 5220.22-M
( 8 ):
http://www.dss.mil/isec/change_ch8.htm
(SRAM)
c g
c fg m
p g
o g
(CRT)
IC
IC
- 74 -
[]Jon Callas
()
5.7
21 21
21
21 PGP
c
Chaum Stefan Brands Digital credentialsd
21
c
Da vid ChaumAchieving Electroni c Pri va cy1992 8 96-101
http://www.chaum.com/a rti cles/Achieving_Electroni c_Pri va cy.htmDa vid Chaum, Securi ty Wi thout Identi ca tion: Transa ction
Sys tems to Make Bi g Brother Obsolete
, 28 10, 1030-1044
; 1985 10 http://www.chaum.com/a rti cles/Securi ty_Wthout_Identi fica tion.htm
d
Stefan Brands Building in Pri va cy, ISBN
0-262-02491-8. PDFhttp://www.credenti ca .com/the_mi t_pressbook.php
- 75 -
[]Jon Callas
()
Brands
b 2
5.8
50 5 6
5.8.1 Hash
Hash 2004 2
hash
5.8.2
5.8.2.1
- 76 -
[]Jon Callas
()
5.8.2.2
AES 5 3
Rijndael (AES)Twofish Serpent
side-channel analysis
5.8.2.3
256-bit
, RSA DSA 3,000-bit 128-bit 15,000-bit 256-bit
15,000-bit
512-bit 256-bit
5 50
5.8.2.4
bi-linear maps
hash
- 77 -
[]Jon Callas
()
5.8.3
a
Peter Shor
Kelvin 1
Peter Shor
n
http://baike.baidu.com/view/192896.html ?tp=0_11
- 78 -
()
[]Jon Callas
p p1
a (1p)n
5.9
Niels Bohr
c
5.9.1
5.9.2
d Peter Shor
e
a
:5 10 10 9
5 0.1 1-0.1=0.9
5
5 1 0.1 =0.59049
0.15 + 0.95 = 0.5905 1 5 5
1
100000
=1.693508780843 2
5 =
(10.1)
59049
b
,
http://news.mydri vers.com/1/80/80803.htm
c
http://baike.baidu.com/view/946.htm
d
Ja cob Wes t,The Quantum Computer,http://www.cs .caltech.edu/westside/quantum-intro.html A. Ba renco,
A. Ekert, A. Sanpera C.Ma chiavello,A Short Introduction to Quantum Computati on, La Recherche,1996
11 . A. Ba renco http://www.qubit.org/libra ry/intros/comp/comp.html
http://baike.baidu.com/view/18645.htm
e
Peter W. Shor,Algori thms for Quantum Computa tion: Discrete Loga rithms and Fa ctoring,1994
- 79 -
[]Jon Callas
()
post-quantum-computing cryptography
hash ,
DNA Leonard Adleman RSA A
DNA DNA
5.9.3
a10
2001
[]Jon Callas
()
6
a
486 WindowsVista
4 4Gb 1Tb PC DOS 7.0
Windows Linux c
Windows Linux
I love you
Windows Linux
d
MacOS
6.1
a
b
c
d
1:9
Linux http://baike.baidu.com/view/1634.html?wtp=tt
Ma cOS http://baike.baidu.com/view/24778.html
- 81 -
[]Jon Callas
()
56kbps a
6.1.1 WinZip
WinZip e
ZIPCABTARGZIPMIME Windows
, PC Magazine
Zip Zip
WinZip Zip
AES
128-bit AES 256-bit AES
Zip 2.0
Zip 2.0
a
http://baike.baidu.com/view/128147.htm
c
Lossless Compression
http://baike.baidu.com/view/156047.htm
d
Khalio Sa yooo Introducti on to Data Compression
http://www.verycd.com/topi cs/380781/ .
e
Wi nZip http://www.winzip.com/
- 82 -
[]Jon Callas
()
Zip 2.0
WinZip AES Zip 2.0 AES Zip
WinZip
Zip Zip 2.0 WinZip Self-Extractor 2.2 WinZip Self-Extractor
( WinZip ) AES
WinZip AES Zip 2.0 WinZip
6.1.2 WinRAR
WinRAR a WinZip 7ZACEARJBZ2
CABGZISOJARLZHTARUUEZ WindowsNT
RAR
WindowsLinuxFreeBSD
DOSOS/2MacOS X
WinRAR ZIP2.0 RAR AES-128
RAR 8
RAR
127
RAR RAR
128 128MB
WinRAR
RAR RAR 8,589,934,591GB
a
[]Jon Callas
()
WinZip RAR
WinZip WinRAR
WinZip WinRAR WinZipa
6.1.3 7Zip
7-Zip b 2
7z ZIP
30-50% Zip 2-10%7-Zip GNU LGPL
cAES BSD unRAR GNU LGPL unRAR
7z AES-256 16000000000GB
7-Zip AES 10 10
100
11
1
2
2
1
1
1
30
12
14
10
19
20
9
10
26
37
9
4
11
12
46
55
4
4
13
14
64
73
4
13
15
82
22
16
17
91
100
31
40
WinZip
b
7Zi p http://www.7-zip.org/
c
GNU LGPL GNU
GNU
GNU Free Softwa re FoundationInc.59 Temple Pla ce
Suite 330Bos tonMA 02111-1307 USA
- 84 -
[]Jon Callas
()
4 CPU
6.1.4 UHARC
UHARC RAR7z
WinRAR Uharc
Uwe Herklotz ZIPRARACE7-Zip
UHarc UHarc
UHARC
DOS
UHARC
a
RAR ZIP
6.2
MSNQQICQSkype
TCP/IP
IM
IM
SMSb
70
a
http://www.maxi mumcompression.com/index.html
SMS
- 85 -
[]Jon Callas
()
SMS 3
BBS
10
TheBat!
X-Mailer
X-Mailer TheBat!
6.2.2 Foxmail
Foxmail b2005 3 16
Foxmail Foxmail5.0
(SSL)
( Unicode)
(SSL) yahoo.com HotmailMSN
(vCard)
Foxmail
FlexcryptcCenturionMail aComodo SecureEmailb
a
b
c
[]Jon Callas
()
6.3
1.
2.
3.
4.
Flash ROM
cd
Centurion http://centurionsoft.com/centurionmail/
Comodo SecureEmail http://www.secure-email.comodo.com/index.html Comodo
c
- 87 -
[]Jon Callas
()
SafeErase
5 .
(1 )
5
(3 )
1995 1 DoD (US DoD 5220.22-M)'National Industry Security
Program Operating Manual' DoD 5220.22-M E 3
(6 )
BSI BSI IT Baseline Protection ManualBSI IT
3
(7 )
1995 1 DoD 'National Industrial Security Program Operating Manual
' 7 (DoD 5220.22-M ECE) DoD 5220.22-M (E) 3
DoD 5220.22-M (E)
(35 )
b
Peter Gutmann Secure Deletion of Data from Magnetic and Solid-State Memory
35
- 88 -
[]Jon Callas
()
Ultimate tool
6.3.3 Linux
Windows Linux
Linux Linux
linux b
DOS Linux
linux
Linux Ubuntu
Shred
shred shred
Shred
rm
rm
(HDD)
[]Jon Callas
()
1) file1file2 file3
2) HDD
shred /dev/hda7
3) 20
1.44MB( 1440KB)
->Preference
->Nautilus Actions Configuration
Label: Shred
Tooltip: shred utility to securely erase files
Icon: gtk-dialog-warning
Path: shred
Parameters: -f -u -v -z %M
nautilus
- 90 -
[]Jon Callas
()
nautilus -q
nautilus
nautilus shred
Wipe
wipe unix Linux
2.*(Open+Net+Free)BSD aix 4.1 SunOS 5.5.1 Solaris 2.6
Magnetic Force Microscopy (MFM) 2
3 wipe fsync() call / O_SYNC bit
Ubuntu wipe
- 91 -
[]Jon Callas
()
byte (
) wipe byte -l option b
KM G 29 512 210 1024 Kilo220 (Mage)230(Giga)bytes
1M416K = 1474560 bytes
Label: Wipe
Tooltip: Wipe utility to securely erase files
Icon: gtk-dialog-warning
Path: wipe
Parameters: -rf %M
Conditions Appears if selection containsbothAppears if selection has
multiple files or folders nautilus
nautilus -q
nautilus
nautilus wipe
Secure-Delete
swap memory
Secure-Delete Ubuntu
Secure-Delete
- 92 -
[]Jon Callas
()
Secure-Delete
srm(Secure remove)
smem(Secure memory wiper) (RAM)
sfill(Secure free space wiper)
sswap(Secure swap wiper) swap
srm - Secure remove
srm unlink
srm myfile.txt
srm
srm -r myfiles
- 93 -
[]Jon Callas
()
- 94 -
[]Jon Callas
()
cat /proc/swaps
swap
/dev/sda3 swap
swap sswap
swap
:DBAN
Darik Boot Nuke (DBAN)DBAN
DBAN
6.4
API
EFS EFS
FEK(File Encryption Key) FEK X
FEK FEK
FEK FEK
EFS /()
EFS
[]Jon Callas
()
EFS
TPM TPM
TPM (SRK)
TPM TPM
TPM
TPM
BitLocker Windows
TPM TPM
BitLocker TPM U
- 96 -
[]Jon Callas
()
TPM
6.4.3 PGP
PGP(Pretty Good Privacy) aPGP
PGP
6.4.4 TrueCrypt
TrueCrypt b Windows Vista/XP/2000 Linux,
,,
a
b
[]Jon Callas
()
steganography TrueCrypt
SafeGuard Easy
SafeGuard Easy
Common Criteria EAL3FIPS 140_2 SC Magazine
SafeGuard Easy FAT-12FAT-16FAT-32HPFSNTFSNTFS5
cAES-256 32 bytes (256 bits)AES-128 16 bytes (128 bits)Rijndael-256 32 bytes (256
bits)DES 7 bytes (56 bits)3DES 21 bytes (168 bits)IDEA 16 bytes (128 bits)Blowfish-8 32 bytes (256 bits)
Blowfish-16 32 bytes (256 bits)STEALTH-40 5 bytes (40 bits)XOR 8 bytes (64 bits)
SafeGuard Easy IBM/Lenovo ThinkPad/ ThinkCentre
CD PDF PDF
GnuPG GNU
PGP GnuPG 2 1.4.9 2.0.11
[]Jon Callas
()
. ElGamal DSARSAAES3DESBlowfishTwofishCAST5MD5SHA-1RIPE-MD-160
TIGER HKP (wwwkeys.pgp.net)
PGP GnuPG
EFSPGP
PGP
- 99 -
[]Jon Callas
()
7 PGP
7.1
a
7.2 PGP
PGP , Zimmermann . 80 Boulder,
Zimmermann ,
.
. , , FEMA()
, . .
, 1984 , Zimmermann PGP ,
a
b
http://www.philzimmermann.com/ZH/background/index.html
http://www.philzimmermann.com/EN/news /PRZ_case_dropped.html
- 100 -
[]Jon Callas
()
, . Zimmermann PGP ,
, .
Zimmermann (Union of Concerned Scientists), ,
, , Rocky Flats
. . Zimmermann
. Carl Sagan,
Martin Sheen, Daniel Ellsberg.
80 , Zimmermann (Get Smart on the Arms Race).
, , , (MAD),
, , , , , , , ,
.
- 101 -
[]Jon Callas
()
RSA
DVD
MD5
2010.1.27
- 102 -