Intro To Crypto

An Introduction to Cryptography
[]Jon Callas

An Introduction to Cryptogra phy
[]Jon Callas
()
2009
IDEA Ascom Tech AG 5,214,703

CAST Northern Telecom,
LtdPGP 10/655,563
Conventional
Block CipherWide-blocksize block CipherPGP
PGPPGP Pretty Good Privacy Pretty Good PGP
PGP Mark Adler Jean-Loup Gailly Zip
PGP
PGP
PGP
PGP PGP
PDAFTP PGP
3 Fortune(R) 100
84 Fortune(R) 100 66 PGP
PGP
PGP http://www.pgp.com +1 650 319 9000
loveship2002@gmail.com MSNloveship2002@hotmail.com
[]Jon Callas
()
PGP PGP Desktop 9.9.0 Jon Callas 2006

An Introduction to CryptographyIntro To Crypto.pdf(CRC-32:79EE7FEF)
Cryptography
Jon Callas An Introduction to Cryptography Bruce

Schneier Jon Callas
PGP
PGP
PGP
2010.1
ii
[]Jon Callas
()
PGP QQ
208 PDF
2009.4.9 ( CRC-32:4A1CA0ACPDF/A-1a CRC-32:2F53EF59)
2010.1.28
1.
2.
3. PDF/A-1a a PDFb
ISO 19005-1 A (PDF/A-1a) B PDF

PDF/A-1a
b
Adobe Reader 7 PDF/A Foxi t Reader
Adobe Reader LE 2.5 mBrain PDF+ 1.7505Adobe Reader LE 1.5 is not support this
document
iii
[]Jon Callas
()
......................................................................................................................................- 1 1.1
1.2
............................................................................................- 1 .............................................................................................................- 1 -
1.3
1.4
...........................................................................- 1 ......................................................................................................- 2 -
1.5
......................................................................................................- 3 1.5.1
....................................................................................................................- 3 -
1.6
.................................................................................................................- 4 -
1.7
..........................................................................................................- 5 .............................................................................................................- 6 2.1
...................................................................................................- 6 2.1.1
......................................................................................................- 6 -
2.1.2
............................................................................................- 8 2.1.3
...................................................................................................- 9 2.2
........................................................................................................................- 9 2.2.1
...............................................................................................- 9 -
2.2.2
........................................................................................................ - 10 -
2.2.3
............................................................................................. - 11 -
2.3
............................................................................................. - 11 ............................................................................................................... - 13 3.1
............................................................................................................... - 13 3.1.1
............................................................................................. - 14 3.1.1.1
................................................................................................. - 14 3.2
3.1.1.2
................................................................................................. - 15 ............................................................................................................... - 19 3.2.1
3.3
........................................................................................................... - 21 3.3.1
........................................................................................................ - 21 3.3.2
3.3.3
.................................................................................................................. - 19 -
............................................................................................. - 22 AES ............................................................................................................... - 24 -
3.3.4
........................................................................................................ - 25 ......................................................................................................................... - 28 4.1
...................................................................................................................... - 28 4.1.1
........................................................................................................... - 28 4.1.2
............................................................................................................... - 29 4.1.2.1
4.1.2.2
............................................................................................. - 29 ...................................................................................... - 30 -
4.1.2.3
....................................................... - 31 4.1.3
...................................................................................................................... - 33 4.1.4
...................................................................................................................... - 33 4.1.4.1
................................................................................................. - 34 4.1.4.2
............................................................................... - 35 -
iv
[]Jon Callas
()
4.1.4.3
4.1.4.4
.......................................................................................... - 35 ................................................................................................. - 36 -
4.1.4.5
............................................................................................. - 37 -
4.1.4.6
4.1.4.7
...................................................................................... - 38 ................................................................. - 39 -
4.1.4.8
4.1.4.9
One-Time Pads ...................................................... - 42 One-Time Pads ..................................................................................... - 44 -
4.1.5
Hash .............................................................................................................. - 46 4.1.5.1
Hash ........................................................................................ - 47 4.1.5.2
4.1.6
4.1.7
Hash ................................................................................................ - 47 -
.............................................................. - 49 ............................................................................................................... - 50 -
4.1.7.1
............................................................................ - 50 4.1.8
........................................................................................................... - 51 4.1.8.1
4.1.8.2
4.1.8.3
4.1.8.4
4.1.9
............................................................................................................... - 53 -
4.1.9.1
................................................................................................. - 51 ................................................................................................. - 51 ................................................................................................. - 52 .......................................................................................... - 52 ............................................................................................. - 53 -
4.1.10
4.1.11
4.1.12
...................................................................................... - 53 ...................................................................................... - 54 ............................................................................................. - 55 -
4.1.13
4.1.14
............................................................................................................... - 59 ........................................................................................................... - 63 -
......................................................................................................................... - 64 5.1
...................................................................................... - 64 5.1.1
5.2
............................................................................................................... - 64 -
........................................................................................................ - 65 5.2.1
................................................................................................. - 65 5.2.2
........................................................................................................... - 67 5.2.2.1
................................................................................... - 68 5.2.3
5.2.4
5.3
........................................................................................................... - 68 .................................................................................................... - 69 -
........................................................................................................... - 70 5.3.1
............................................................................................. - 70 5.3.1.1
................................................................................................. - 70 -
5.4
5.3.1.2
................................................................................................. - 71 ...................................................................................................................... - 71 -
5.5
5.6
5.7
5.8
...................................................................................................................... - 72 ............................................................................................................... - 73 ............................................................................................................... - 75 .................................................................................................................. - 76 5.8.1
Hash ...................................................................................................... - 76 -
[]Jon Callas
()
5.8.2
............................................................................................................... - 76 5.8.2.1
............................................................................ - 76 -
5.9
5.8.2.2
........................................................................ - 77 -
5.8.2.3
5.8.2.4
.......................................................................................... - 77 ...................................................................................... - 77 -
5.8.3
........................................................................................................... - 78 .................................................................................................... - 79 5.9.1
5.9.2
............................................................................................................... - 79 .................................................................................................... - 79 -
5.9.3
............................................................................................................... - 80 -
.................................................................................................................................................. - 81 6 ......................................................................................................................... - 81 6.1
............................................................................................................... - 81 6.1.1
WinZip................................................................................................................... - 82 -
6.1.2
WinRAR ................................................................................................................. - 83 6.1.3
7Zip....................................................................................................................... - 84 6.1.4
UHARC .................................................................................................................. - 85 6.2
............................................................................................................... - 85 -
6.3
6.2.1
The Bat .................................................................................................................. - 86 -
6.2.2
Foxmail.................................................................................................................. - 86 -
........................................................................................................ - 87 6.3.1
O&O Soft SafeErase................................................................................................. - 88 6.3.2
East-Tec DisposeSecure............................................................................................ - 88 -
6.3.3
Linux ............................................................................................ - 89 6.4
........................................................................................................ - 95 -
6.4.1
6.4.2
MicroSoft EFS ......................................................................................................... - 95 MicroSoft BitLocker................................................................................................. - 96 -
6.4.3
PGP ....................................................................................................................... - 97 -
6.4.4
6.4.5
TrueCrypt............................................................................................................... - 97 Utimaco SafeGuard ................................................................................................. - 98 -
6.4.6
The GNU Privacy Guard ........................................................................................... - 98 PGP ................................................................................................................... - 100 7.1
7.2
........................................................................................................................... - 100 PGP ................................................................................................................ - 100 -
................................................................................................................................................ - 102 -
vi
[]Jon Callas
()
John Roberts
1.1
PGP
PDF
1.2
0 1
1.3
b
30 3000
c PGP
d
lim
-1-
[]Jon Callas
()
1.4
3
3
340,282,366,920,938,463,463,374,607,431,768,211,456 2 128
-2-
[]Jon Callas
()
1.5
Cryptography
(hidden writing)
(plaintext)ciphertext
cipher
keyencryptingdecryptingb
codes
A 49
Unicode cCodebooksd
cryptanalysis
cryptographycryptology
1.5.1
steganographyecovered writing
Invisible inks fhollow heels in shoes
b
F(x,y)=G,F G , 2 F 2 x y
2 .
c
Uni code
http://www.unicode.org
d
http://www.dtc.umn.edu/reeds j/codebooks .html

e
Neil F. Johnson Sushil Ja jodia , Steganography: Seeing the Unseen,IEEE Computer, 1998
2 , 26-34 , http://www.jjtc.com/pub/r2026a .htmNeil Johns on http://www.jjtc.com/stegdoc/
f
-3-
[]Jon Callas
()
1024
1024 64K
Peter Wayner
Internet
a
Internet
steganalysis

b
transparent Slater 22611 overhaul

15740
PGP
c
PGP PGP
PGP 2005 2000
PGP
1.6
Phil Zimmermann PGP PGP
PGP dPGP
e PGP OReilly 1995
f
An Introduction to Cryptography 1998 PGP 6.0 PGP

PGP PGP
ORC
Google
:Ma naging Gigabytes :Compressing and Indexing Documents

and ima ges Second Edi tion[]Ian H.Wi tten []Alistair Moffat []Ti mothy C.Bell 540
ISBN-13:978-1-55860-570-1
b
Sla ter Slater 1880 http://homepage.usask.ca/rhf330/tele.html .
c
http://www.pgp.com/downloads/sourcecode/ PGP Desktop
PGP PGP GPL- PGP
http://www.pgp.com/company/pgpassurance.html
d
P. R. Zi mmermann The Ocial PGP Users Guide PGP , MIT1995 216 ,
ISBN 0-262-74017-6.
e
P. R. Zi mmermann PGP: Source Code and InternalsPGP, MIT1997 , 933 ,
ISBN 0-262-24039-4. PGP2.6
f
S. Ga rnkelPGP: Pretty Good Pri va cy, OReill y & Associa tes, 1995 ,393 ,ISBN 1-56592-098-8.
-4-
[]Jon Callas
()
OpenPGPOPGPMIMEa
PGP 100 10 PGP

b
1991 1998 2009
1.7
Paulina Borsook Olivia Dillan Will Price
Barbara Jurin Phil Zimmermann
Tom Stoppard
M. Elkins , D. Del Torto, R. Levien, T. Roessler,MIME Securi ty with OpenPGPOpenPGP MIME

http://www.ietf.org/rfc/rfc3156.txt OpenPGP/MIME OpenPGP
OpenPGP
b
-5-
[]Jon Callas
()
2
.
Kalil GibranSand and Foam
3000
?
2.1
2.1.1
48
26.7a 13.3
2004 670
b
PGP Phil Zimmermann 2 Phil Zimmermann

cPhil Zimmermann
2005 International Data CorporationIDC
d
50 2004 29
2004 6 14500
2003 11
a
Sma rtPhonePDAPocketPC
b
2004 CSI/FBI
c
4
d
2004 11.8 Fi tzgerald, Mi chael CIO How to Stop a Laptop Thief
http://cio.idg.com.a u/index.php/id;1973406143;fp;4;fpid;18
-6-
[]Jon Callas
()
2004 5 a
2004 5 100 Drug Enforcement AdministrationDEA
b
400 2
DEA FBI
2004 3
c Blue Shield Cigna
100000 The Alameda
Alliance for Health
2004 2 Fargod
e
2004 1 GMAC 200000
2 f g
2003 12 43000 Rhode
CEO IT
h
2003 11 Fargo Wells
i
2000 9 Qualcomm CEOIrwin Jacobs
20
j
a
2004 10 Becker, Da vid CNet UCLA laptop theft exposes ID info UCLA
http://news.com.com/UCLA+laptop+theft+exposes+ID+info/2100-1029_3-5230662.html
b
2004 6 7 Missing: A Laptop of DEA Informants DEA
http://www.msnbc.msn.com/id/5092991/site/news week/
c
2004 5 La za rus , Da vid Window smashed, data los t
http://www.sfga te.com/cgi-bin/a rti cle.cgi ?file=/chroni cle/a rchi ve/2004/05/12/BUG8O6JPV71.DTL&type=business
d
e
2004 4 16 La za rus, Da vid,Ca r thief whisks o Wells data Wells
http://sfga te.com/cgi-bin/a rti cle.cgi?f=/c/a/2004/04/16/BUGH865O141.DTL
f
g
2004 3 25 McDougall , Paul Laptop Theft Puts GMAC Cus tomers Data At Risk GMAC
http://informa tionweek.securi typipeline.com/news/18402599;jsessionid =YWJ4ORVP2WZQIQSNDBGCKHY

h
2003 11 19 Mea rian, Lucas Ba nk RI cus tomer informa tion stolen along with laptop
http://www.computerworl d.com/securi tytopi cs/securi ty/story/0,10801,88443,00.html
i
2003 12 21 La za rus , Da vid, Wha ts Next for Wells Well
http://sfgate.com/cgi-bin/a rti cle.cgi?file=/chroni cle/a rchi ve/2003/12/21/BUGE73RAKL1.DTL
j
2000 9 18 Qual comm CEO Loses Laptop CEO
-7-
[]Jon Callas
()
2.1.2
,
a

2004 8 Berkeley ,
2001 In-Home Supportive ServicesIHSS 140
b
2004 2 Windows 2000 Windows NT 600MB
c
2003 8 Berkeley Bancroft
17000
12 d
2002 2 Jeremiah Jacks Guess.com
e 20000 Guess.com
Federal Trade CommissionFTC
20
f
FTC 2003 6 Jacks PetCo.com Guess.com

g
Javelin StrategyResearch the Better Business Bureau 2006

Javelin BBB 2005 FTC 2003 h
2003 1010 2006 930

2003 2006 532 566
5249 6383
http://www.wi red.com/news /business/0,1367,38855,00.html

a
b
2004 10 20 Cl aburn, Thomas Break-In At Berkeley Ma y Ha ve Compromised Data Of 1.4 Million
Californians 140
http://informa tionweek.securi typipeline.com/news/50900323
c
2004 2 12 Lemos , Robert CNet Mi crosoft Probes Windows Code Leak windows
http://news.com.com/2100-7349_3-5158496.html
d
2003 11 23 La za rus , Da vid Online brea ch a t Bancroft (Bancroft )
http://www.sfga te.com/cgi-bin/a rti cle.cgi ?file=/chroni cle/a rchi ve/2003/11/23/BUG5D37C7T1.DTL
e
2002 3 2 Poulsen, Kevin Guesswork Pla gues Web Hole Reporting
http://www.securi tyfocus.com/news/346
f
2003 6 30 Poulsen, Kevin PetCo Pl ugs Credit Ca rd LeakPetCo
http://www.securi tyfocus.com/news/6194
g
h
http://www.pri va cyri ghts .org/a r/idtheftsurveys .htm
-8-
()
[]Jon Callas
2003 33 2006 40
2.1.3
iTunes
i
i i
i
!
CCTV i
IC IC
2.2
2.2.1
European Union Privacy DirectiveEUDPD bData Protection
DirectiveDPD
DPD 8 7
Personal Information
Protection and Electronic Documents ActPIPEDA 2 c
d
i Tunes Mp3
http://www2.echo.lu/legal/en/dataprot/di recti v/di recti v.html
http://europa.eu.int/comm/jus ti ce_home/fs j/pri va cy/ DPD
http://www.dss .sta te.ct.us/digi tal/eupri v.html
c
http://www.pri vcom.gc.ca /fs -fi /02_05_d_15_e.asp
http://www.pri vcom.gc.ca /informa tion/02_06_01_e.asp http://laws .justi ce.gc.ca/en/P-21/index.html
d
http://austlii .edu.au/graham/PLPR_aus tralian_guide.html
b
-9-
[]Jon Callas
()
The US Health Insurance Portability and Accountability ActHIPAA

Department of Health and Human ServicesHHS
HIPAA HIPAA P Portability

Privacy
aHHS HIPAA
Personal Information Privacy ActPIPA

5 PIPA
Chief Privacy OfficerCPO 30 6 b
2005 4 1
2.2.2
2Basel II
Financial Services Providers FSPsBasel II FSP
SOXSarbanes-Oxley Act
SOX 404
SOX 404 IS017799 the Business Security
Alliancethe Information Security Governance Task Force
the Federal Information Security Management Act FISMA
a
internet i i I
b
PIPA http://www.pri va cyexchange.org/japan/japa nmain.html
- 10 -
[]Jon Callas
()
Sarbanes-Oxley
ISO17799 FISMA
GLBGramm-Leach-Bliley)
GLB
The Federal Financial Institutions Examination CouncilFFIEC
FFIEC FFIEC
US Federal Drug AdministrationFDA21 21 Code of Federal

Regulations Electronic Records21 CFR CFR 11
Government Paperwork Elimination Act, 21 CFR 11 FDA
11
2.2.3
California Senate Bill 1386CA SB
the Database Security Breach Notication Act SB1386
CA SB1386
SB1386
SB1386 2005
a SB1386
23
SB1386
2.3
90
75 .
,
- 11 -
[]Jon Callas
()
a 1990 2000
2000
Wassenaar Agreement
2006
PGP
7 b
2
, .
WiFi Wapi
- 12 -
[]Jon Callas
()
Sir Leigh Teabing

a
David Kahn The Code breakers: The Story of Secret Writing
Kahn
Kahn The Codebreakers
b
Singh The Code Book
Kahn
3.1
3
2 3
2 3
c
Jtwo O
2 CTHCH
SHf
D. Kahn,The Codebreakers : The Story of Se cret Wri tingSi mon & Schus ter 1996 ,
ISBN 0-684-83130-9 (1967 ).
cipher 15 al-Qalqashandi 14
b
S. Singh The Code Book: The Evolution of Secrecy from Ma ry, Queen of Scots , to Quantum Cryptography Ma ry
, Doubleda y 1999 ,ISBN 0-385-49531-5.
c
d
.
- 13 -
[]Jon Callas
()
3.1.1
26 26 2 01
3.1.1.1
(1) .
(2) .
A
51325 56B 71931 42
(3) .
ABAUIYABB YGG
(4) .
13
3 A D B E ......W Z X A Y B Z C
ROT13 UNIX A N B
O 13 ROT13 Vsenet
26
1401 Duchy Mantua
- 14 -
[]Jon Callas
()
1854
Huffman
Leon Battista 1568

1586
20
20
3.1.1.2
2
10
: Cryptography has a long and fascinating history

:CRYPTOGRAPHYHASALONGANDFASCINATINGHISTORY
:
CRYPTOGRAP
HYHASALONG
ANDFASCINA
TINGHISTOR
Y
:CHATY RYNI YHDN PAFG TSAH OASI GLCS ROIT PGAR

: CHATYRYNIYHDNPAFGTSAHOASIGLCSROITPGAR
Julius Caesar
3 A D
B E ......W Z X A Y B Z C
3
a 26 27 1
ADFGVX
George Painvin
Caesa r JU
- 15 -
[]Jon Callas
()
Bruce Schneier a 2
Robert Morris Sr 2
3 Bruce
b
Gregg Gregg
c
ETAOIN SHRDLU
1.
2.
1 100
1 26 E 1 Q
Bruce Schneier, Applied Cryptography: Protocols, Algori thms , and Source Code in C, second edi tion
C , John Wiley & Sons , 1996; ISBN 0471117099.
b
Bruce
c
e
the Aegea n Pa rk Press http://www.aegeanpa rkpress .com/desc.html
1
1876
- 16 -
[]Jon Callas
()
3.
4.
9001
9049 9964 9001
9049 9964 9000
5.
A.Kerckhoffs 19
Kerckhoffs
a
CIA() Mossad( ) Mossad
(1)
(2)
(3)
(4)
- 17 -
[]Jon Callas
()
(5)
(6)
(7) (Rubber-hose)
#definestructelsereturn
b

David Kahn
Kerckhoffs
PURPLE
C IFThenFor
2003 ISBN 7-302-07195-0

c
1994 RC4
- 18 -
[]Jon Callas
()
Jelerson WheelJWheel a
Thomas Jelerson
3.2
black chamber
18
20
MI-18 Herbert O.Yardley
1929
3.2.1
20
Vigenere 26
FAU
BLC
4 FA YF
EY
CEC
n
26n
Enigma Arthur Scherbius Richard Ritter 1918 dScherbius
Enigma
Enigma Arthur Scherbius
a
Jeerson Wheel http://www.monti cello.org/reports/interes ts/wheel_ci pher.html

paper cups http://www3.brinks ter.com/Redline/crypt/jefferson.asp
b
Ha rperCollins The Ma n Who Broke Napoleons Codes Napoleon , Ma rk Urban ,368 , ISBN: 006018891X.
George Scovell
Scovell
.
c
J. R. Childs General Solution of the ADFGVX Cipher Sys temADFGVX Aegean Pa rk , Book C-88, 245
, ISBN: 0-89412-284-3ADFGVX 6 ADFGVX
2
ADFGVX 6
d
Eni gma Arthur Scherbius Arvid Gerha rd Da mn
- 19 -
[]Jon Callas
()
Enigma
Enigma
Enigma
20 90 Enigma
a
Enigma 3 4
b
NEMA 11
Enigmac
PURPLE d Hagelin M-209 e
Enigma PURPLE Hagelin

Lorenz
f
Lorenz Colossus
g
Colossus Zuse Konrad Colossus

Lorenz
Colossus Intel Pentium 2Ghz Colossus
ColossusZuse h 2000
20
10 Colossus 60 Bletchley Park 2 Cheltenham i
Colossus 50
Alan Turing Tony Sale Bletchley Park Tony Sale the Bletchley Park
a
BletchleyPa rk.net Eni gma http://www.bletchleypa rk.net/s tationx/enigma.html Ha rtmut Petzold The Eni gma rotor-type
cipheri ng machine of the German Armed Forces Enigma
http://www.deutsches-museum.de/ausstell /meister/e_eni gma .htm
b
NEMA Neue Ma chineNeue New Ma chine
c
Eni gma Mi chael Apted, Tom Stoppa rd Robert Ha rris
http://imdb.com/ti tle/tt0157583/
Enigma Bletchley Pa rk Trus t
Mi ck Jagger
d
Fra nk B. Rowlett The Story Of Ma gic, Memoi rs of an Ameri can Cryptologi c Pioneer
Aegea n Pa rk , Book C-81, 266 , ISBN:0-89412-273-8 Frank B. Rowlett , PURPLE

Rowlett Enigma
PURPLE , PURPLE Rowlett
e
Wa yne G. Ba rker Cryptanal ysis Of The Ha gelin CryptographHagelin Aegean Pa rk , Book C-17, 223 , ISBN:
0-89412-022-0
f
Colossushttp://www.bletchleypa rkherita ge.org.uk/ColRbd.htm
g
Prof. Hors t Zuse,The Life and Work of Konrad Zuse Konrad Zuse http://www.epemag.com/zuse/
h
Zuse Col ossus 60
i
Cheltenham
- 20 -
[]Jon Callas
()
Trusta Heritage Codes and Ciphers Heritage Trust b 10
11 NEMA Enigma 90
3.3
1975
1975 DESthe Data Encryption Standard
3.3.1
20 70
Ralph MerkleWhitfield diffe Martin Hellman
Ralph Merkle 3
diffe-Hellman 3 Ron RivestAdi Shamir
Len Adelman RSA d
2
The Bletchley Pa rk Trust http://www.bletchleypa rk.org.uk/

The Codes and Ciphers Heri tage Trus t http://www.bletchleypa rkheri tage.org.uk/
c
d
GCHQ RSA
CESG non-secret encryption
Bruce Schneier Non-Secret Encrypti on, Crypto-Gra m of Ma y 1998
1998 5 http://www.s chneier.com/crypto-gra m-9805.html .
b
- 21 -
[]Jon Callas
()
public-keysecret-keyprivate-Key
, 2 P
, Pu (public,) Pr (private,
) Public -key (P ) Secret-key
S
public
private
secret
2 original cryptography
symmetric-key cryptography ()asymmetric
cryptography for public-key cryptography
2 ,
391 17
23 PGP
a
1024-bit 300 2048-bit 4096-bit

600 1500
3.3.2
1975 the Data Encryption StandardDES
1973 ,
1974 IBM Luciferb.
DES the National Security AgencyNSA DES
8 (64-bitc) 7 (56-bit)(
data structuresS-boxes) NSA DES
1977 Government Federal Information Processing Standard ,FIPS), FIPS-46
DES
NSA DES 64-bit 56-bit
DES
NSA DES DES
d
backdoor
c
1 8 2
00101010 11111111 10 255 00000000 256 As cill
256 256 16 2
d
NSA DES DES Walter Tuchman NSA
b
- 22 -
[]Jon Callas
()
DES
()
19 Auguste Kerckhos Kerckhos
a
DES Kerckhos 1991
DES DES
b
Eli Biham Adi Shamir DES

differential cryptanalysis DES S-boxes
DES
64-bit DES S-boxes 56-bit DES 56-bit
64-bit DES
1994 DES Don Coppersmith DES S-boxes IBM

DES Coppersmith NSA IBM
Biham Shamir NSA IBM
DES
DES DES 56-bit

DES Triple-DES c 3 DES , 2 3 56-bit d
Triple-DES DES 3 , DES 2 3 Triple-DES
DES
DES 5 FIPS 1983 5
1988 1998 Biham Shamir DES 5 2
DES
Alan Konhei m, S-boxes IBM

S-box NSA
a
Augus te Kerckhos, La Journal Des s ciencesJournal 1883
http://www.peti tcolas.net/fabien/kerckhoffs/ Alors Kerchos
whi te boxeswhi te boxes
b
Eli Biham Adi Shami r,
Dierential Cryptanal ysis of DES-like Cryptos ys temsDES , Journal
of Cryptology, 4 3-72, IACR, 1991 Di erential Crypta nal ysis of the Da ta Encryption StandardDES
Springer, 188 , ISBN 0-38797-930-1.
c
Triple
d
meet-in-the-middle
- 23 -
[]Jon Callas
()
3.3.3 AES
90 NIST DES
1997 1 NIST DES
a
Advanced Encryption StandardAES AES 9

AES
128bit
128bit 128192256bit
Triple DES DES
DES 5 2003
25 50
2 DES Triple DES

2 128-bit 64-bit
c AES
15 AES NIST 3 1998
AES DES DES
DES
NIST 5 AES
NIST
NSA NIST NSA NSA

NSA
NSA
AES
DES IBM
MARS IBM
IBM
Daemen, Ri jmen, The Design of Ri jndael: AES - The Adva nced Encryption Standa rd (Informa tion Securi ty and Cryptography)
Ri jndael AES-, Springer-Verlag, 2002.
b
NIST AES http://cs rc.nis t.gov/CryptoToolki t/aes/ AES
http://csrc.nist.gov/CryptoToolki t/aes/pre -round1/aes _9709.htm
c
128-bi t 128-bit
Bruce Schneier Blowfish 448-bi t Schneier 128
SSL RC4 2048-bi t 600-bi t
128-bi t 128bi t
()
- 24 -
[]Jon Callas
()
a
NSA
1999 NIST 5 3 Triple-DES DES 3

5 3 3 RijndaelbTwofishc
Serpentd 2 MARS RC6
Rijndael Serpent Rijndael
Serpent
Rijndae Twofish Twofish
Rijndael Serpent
Rijndael Rijndael
Twofish Twofish
15 Rijndael Rijndael OpenPGP
e Twofish PGP
NIST 1999 AES 5
AES NIST
2000 3
AES
NIST Rijndael AES
Rijndael
2 AES
NSA
AES 5
Kerchos
AES NIST hash
f
algorithm standardNIST 2 Advanced Hash Standard AHS

2005 10 2006 8
3.3.4
19 80 90
a
Flemish Ri jndael R ij
rain-doll rhine-doll rain-doll rhine-doll
rain-doll
c
Twofish
d
Serpent
e
Peter Gutmann The Crypto Ga rdening Guide and Planting Tips 2003 2
http://www.cs .auckland.a c.nz/pgut001/pubs/crypto_guide.txt Peter Gutmann
PGP 2
.
f
Hash http://www.nist.gov/hash-function
b
- 25 -
[]Jon Callas
()
Steven Levy Cryptoa

DES
the Swiss company Crypto AG

c

DES
Martind Hellman Kahn the Codebreakers

PGP PGP Phil

Zimmermann RSA
PGP
PGP
1998 2000 PGP
1999
2000
a
Steven Levy CryptoDiane Pub Co , 356 , ISBN:

0-75675-774-6.
b
http://www.nap.edu/readingroom/books/crisis/E.txt
c
Crypto AG . http://www.a ci .net/Kalliste/speccoll .htm Der Spiegel
http://jya .com/cryptoa g.htmhttp://jya .com/cryptoa 2.htm Balti more Sun
http://jya .com/nsa-sun.htm The Covert Action Qua rterl yhttp://mediafil ter.org/ca q/cryptogate/
d
Ma rtin Hell man http://www-ee.s tanford.edu/hellman/crypto.html
http://www-ee.s tanford.edu/hell man/breakthrough.html
- 26 -
[]Jon Callas
()
- 27 -
[]Jon Callas
()
Willa Cather
PGP
4.1
4.1.1
xy z x y z
xy Alice a Bob
Alice Bob A B
2 Ron Rivest RSA
Alice Lewis Carroll Alice Carroll
Carol Charlie
DaveDeliaDoris
Eve Mallory Alice
Bob Bob Alice
Victorian Bob Alice
AliceBob EveMallory
Alice
Bob
Carol
John Gordon The Ali ce a nd Bob After Dinner Speech Alice Bob, Zuri ch Semina r , 1984 4
http://downlode.org/etext/alicebob.html
- 28 -
Dave
[]Jon Callas
()
Eve
Mallory
Trent
Walter
Alice Bob
Peggy
Victor
4.1.2
aentropy
b
bit 2 bit 10-bit 1000

30-bit 1000 1000 1000 (1,000,000,000) 1
Donald Knuth John Von Neumann
4.1.2.1
a
b
shang
a b b a a b ab
- 29 -
[]Jon Callas
()
(1)
2256
(2)
4.1.2.2
101110100101010101
(3)
One-Time Pads
DES
DES
PGP
PGP
- 30 -
[]Jon Callas
()
4.1.2.3 a
true random number generators

TRNGsRandom.org
atmospheric noisepseudo-random
number generatorsPRNGs
Random.org
1Random.org
Pseudo-Random vs . True Randomhttp://www.boallen.com/ra ndom-numbers .html

- 31 -
[]Jon Callas
()
Windows PHP rand()
2Wi ndows PHP rand()
Windows PHP rand()

linux Windows
mt_rand() rand() mt_rand() Mersenne Twisterb
PHP cmt_rand() libc rand()
Linux
a
b
c
http://www.random.org/bitmaps/
http://en.wikipedia.org/wiki /Mersenne_twister
PHP http://cod.i fies.com/2008/05/php-rand01-on-windows -openssl-rand-on.html
- 32 -
[]Jon Callas
()
32 32
/dev/random MD5
/dev/random
/dev/random /dev/random
/dev/urandom
MD5
MD5
/dev/urandom /dev/random
Windows /dev/random capicom.dll CAPICOM.Utilities
4.1.3
PGP
1. raw keys
2. Derived keys
Actual key
3. Structured keys RSA
4.1.4
PGP
reverse-engineer systems
2 public-key cipherssymmetric ciphers
2
- 33 -
[]Jon Callas
()
1 2
2
block size.
4.1.4.1
2048-bit 2048-bit256 a
64-bit
128-bit (8 16 )AES 128-bit AES
Twofish Triple-DESCAST IDEA 64-bit
stream ciphers 1-Bit SSL b RC4
Caesar Enigma
Napoleon Enigma WiFi

WEP (Wired Equivalent Privacy) c
CribsCrib
16
d
2
Chaining
initialization
a
Bi t byte 8 20488256
SSL (Secure Socket La yer)SSL TCP/IP SSL
SSL SSL Record Protocol TCP
SSL SSL Handshake Protocol SSL
http://baike.baidu.com/view/16147.htm
c
WEP WEP
WEP
- 34 -
[]Jon Callas
()
vector IVaIV
IV
2
( IV)
PGP PGP
b
EME EME AES
AES 64-bit NIST AES

128-bit 128-bit 2
2 The Birthday Problem.
2 50%
365 23 64-bit 2
264 232 40 320 c
IV 2006 DVD 47
128-bit16 2128
d
295,147,905,179,352,825,856 256Eb
128-bit 256-bit
4.1.4.2
The factoring familythe logarithm family
4.1.4.3
e
p qn = p q n
hash
p q n p
a
b
Shai Halevi Phillip Rogawa y A Pa rallelizable Enciphering Mode ,
http://eprint.ia cr.org/2003/147
232 834359738368byte32Gb k/M/G/T/P/E/Z/Y 1000 1024B byte
1000 1024 1000 1024
d
hash bi rthda y atta cks
e
,RSA , 200 , 100
,,,, ,
c
- 35 -
[]Jon Callas
()
q 2 1000-bit n
p q 500-bit
2
RSA ( Ron RivestAdi Shamir Len Adleman
)
Rabin ( Michael Rabin)RSA Rabin RSA
Rabin RSA RSA

RSA
p q Rabin
Rabin RSA aRabin
b
RSA RSA
PGP Rabin Rabin

Rabin RSA
4.1.4.4
Die-Hellman Whiteld
Die Martin Hellman Die-Hellman m = g x x
Die-Hellman Die-Hellman
c
ephemeral
Die-Hellman Elgamal Taher Elgamald
Elgamal Die-Hellma RSA
Die-Hellma PGP Elgamal (DSS Elgamal
)
12
e
11 3 2 14
200 100 f 12 24
100 0
g
The network eectfa x eect

Neal R. Wagner The Laws of Cryptography: Rabins Version of RSARabin RSA
http://www.cs .utsa .edu/wagner/laws/Rabin.html Wagner
http://www.cs .utsa .edu/wagner/lawsbookcolor/laws .pdf
c
adj.,,;n.
d
Taher El Ga mal (2 )ElGa mal
Elgamal Taher L. Gamal .
e
24 3 23000200 2600
f
100 100 200 2 0
g
1 2357 1422146
231682418933191011025241242123846
243112609 1
b
- 36 -
[]Jon Callas
()
12 4
12 4 : [12,4,8]
[1, 5,9][2,6, 10] [3, 7, 11]
( ) g x mod pg x
p mod b
a
: 5
5
5 mod 111 p 1000-bit
1000-bit
c
RSA
Diffe-Hellman d
15 20
4.1.4.5
bit
128-bit 128-bit
128-bit 1
e 1
f
256-bit AES
g
DES 5 20 AES
50
2 NIST
a
Mod 7 mod 31 7 3 2 1.
Ca esar the shift-by-N c = p + k(mod 26)
c p
c
d
Certi com
http://www.certi com.com/i ndex.php?a ction=ecc_tutorial ,home
e
f
CPU GPU
g
- 37 -
()
[]Jon Callas
3,000-bit RSA DSA 128-bit 256-bit

2NIST
56
Hash
80
112
160
MAC
64
60
RSA/DSA
512
1024
160
128
192
256
256
384
512
256
384
512
2048
3072
7680
15360
224
256
384
512
256-bit 15,000-bit RSA DSA

512-bit AES

4.1.4.6
1.
2.
3.
600RMB 30 RMB
3 RMB
100
30%
56-64-Bit
64-Bit
112-Bit
>40
128-Bit
>50
128-Bit
>50
128-Bit
>65
>128-Bit
- 38 -
1
2 32
[]Jon Callas
()
100
>128-Bit
a
18 5 b 50 1010 c
50
30 2000
2025 2075
4.1.4.7
PGP 15,000-bit ; 4096-bit
128-bit
2050 109-bit 4047-bit RSA/DSA 206-bit
44.4 DES 1982
128-bit
AES 256-bit AES-256 AES-128 20

AES AES-256
e
AES-256 256-bit
AES-128
256-bit 20
AES-128 AES-256
AES
128-bit AES
AES AES PGP Twofish f
256-bit
a
b
2009.8 4
18 18
5012
100
2 18 =2 3 =10822639409.68091010
d
Arjen K. Lens tra Eri c R. Verheul Selecting Cryptographi c Key Sizes
, Journal of Cryptology Volume 14,
Number 4, 4 4 255 293 , 2001 http://www.keylength.com/
f
Bruce SchneierJohn KelseyDoug WhitingDa vid Wa gnerChris Hall Niels Ferguson Twosh: A New Block Ci pher
, http://www.schneier.com/twofish.html 128-bi t 192 256-bi t 128-bi t
- 39 -
[]Jon Callas
()
1024-bit 2001
PGP BlackBerry 3,000-bit

40MHz 80386 1991 PGP
4096-bit
2048-bit 5
Intel Pentium4 2G Hz
512MB DDR400
IDE 7200 FAT32
Benchmark
3
AES
MB/S MB/S MB/S

33.9
28.6
31.2
Twofish
31.0
29.6
30.3
Serpent
19.3
19.5
19.4
AES-Twofish
17.0
14.1
15.6
Serpent-AES
12.8
11.6
12.2
Twofish-Serpent
12.1
11.5
11.8
Serpent-Twofish-AES
9.1
8.4
8.8
AES-Twofish-Serpent
9.1
8.4
8.8
2003 2009 6
: Mobile DualCore Intel Core 2 Duo T7100, 2000 MHz (10 x 200) 1800 MHz
Intel GM965 (Centrino (Santa Rosa) )
2GB Kingston DDR2 677 2X1GB
HitachiI Travelstar 5K500.B 320 GB 5400 RPM SATA2
TrueCrypt 6.1a
10MB
4
MB/S MB/S MB/S
AES
131
131
131
Twofish
114
119
116
Serpent
58.9
59.7
59.3
- 40 -
[]Jon Callas
()
AES-Twofish
60.2
56.8
58.5
Twofish-Serpent
Serpent-AES
38.2
39.8
40.2
40.5
39.2
40.1
AES-Twofish-Serpent
Serpent-Twofish-AES
29.9
30.1
30.6
22
30
24.6
10
10
10
2009 CPU CPU a
b c
3G 2.4G WiFiWapi d
1G Hz III
b
Windows Mobile SymbianLinux
Windows Mobile Symbian
c
Nokia E71E66 E63 XTS AES 128-bi t
http://nfb.online.nokia.com/Page%20Content/Mobilize%20your%20business/Knowledge%20center/Datasheets/Devi ceMemoryCa rdEn

cryption_Datasheet_Global_Defaul t.pdf
d
Wi Fi Wi reless Authentica tion Pri va cy Infras tructure
Wapi 802.11b
Wapi WAPI
AS AP
AS MT AP
AS MT AP
AP MT AP
MT AP WAPI
WAI WPI WAPI
WEP
WAPI
IEEE 802.11i
AP MT AP MT AS MT
Ra dius MT AP
AP
Ra dius
AS
AP Ra dius
AP MT
64 bi t RC4
192 ECC192
64-bi t RC4
128-bi t SMS4
128-bi t AES 128-bi t RC4
- 41 -
()
[]Jon Callas
4.1.4.8 One-Time Pads

a
One-Time Pads OTP

Major Joseph Mauborgne
AT&T Gilbert Vernam 1917 One-Time Pads b
One-Time Pads 5 6
One-Time Pads 26 27
0 26 27 1
100 1000
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
6One-Time Pads
1 200
17
3
23
16
14
11
0
15
7
17
10
16
22
21
9
5
6
8
18
11
12
23
18
19
14
16
11
22
17
6
10
13
23
25
23
1
11
0
15
4
10
11
12
24
2
5
6
24
26
19
2
21
22
26
17
2
10
5
0
15
11
10
8
7
3
9
6
One-Time Pads
Leo Ma rks, Between Silk Cyanide:
A Codemakers Wa
r
, 1941-1945,, 624 , ISBN: 0-684-86422-3
(), 0-684-86780-X () Leo Ma rks
Cha ri ng 84 . (The Las t Temptati on of Chris t
) 22 SOE
the dot-com
Ma rks
Ma rks
Ma rks one-time pads (
)
PGP Leo Ma rks

Ma rks
b
- 42 -
()
[]Jon Callas
18
19
19
26
11
14
24
12
19
18
9
20
3
7
14
7
16
4
4
8
17
1
6
11
1
25
16
0
1
N
1.
N
2. A 2 C
27 i
i i .i 12 27 27
27
One-Time Pads 17N 1417
143131 27 31274 4 D D
27 27
27
3.
4. One-Time Pads ( 2
)
One-Time Pads
DKJ PBVBNWCITAVP TZKGXHAYUGRPNMDBRPGVLMMVAOWDCJOQSBSNN
DKJ 4 ,11, 10 123 27

27
4+27-17=14
11+27-23=15
14N
10+27-14=23
15O
23W
NOW
55
STOP
STOPSTOPSTOP 100 NYAH NYAH NYAH
- 43 -
[]Jon Callas
()
3
One-Time Pads
One-Time Pads
One-Time Pads 26
a
one-time pads
4.1.4.9 One-Time Pads

one-time pad

one-time pad
Alice
Eve Eve
Alice Bob Eve Bob Hattie Alice

JustinEve
Leo Marks one-time pads
(Flashpaper b)
Alice Bob
c
Alice Justin
one-time
pad
NOW IS THE TIME FOR ALL GOOD CRYPTOGRAPHERS TO COME TO
. flashpaper
c
Ali ce Justin Case
- 44 -
[]Jon Callas
()
Alice Bob a
NSA
10
one-time pads

one-time pad Alice Bob PGP
Eve Eve
one-time pads
One-Time Pads One-Time Pads
One-Time Pads 56Kbps

DVD-ROM 4.8GB
DVD-ROM DVD-ROM
One-Time Pads
One-Time Pads
One-Time Pads
One-Time Pads
PGP Phil Zimmermann PGP
one-time pad
Shaw Pygmalion Eliza Higgins

My Fair LadyOne-time pads
128-bit
256 -bit
1943 VENONA 1980 1995 NSA

http://www.nsa .gov/venona/index.cfm
b
- 45 -
[]Jon Callas
()
4.1.5 Hash
Hash functions a
hash hash
hash hash
hash 2 hash
hash Jon Callas Jane Cannoy

hash JC hash bit
hash hash
hash hash hash

hash JC
Jon Callas Jane Cannoy
hash initials lack
hash
100 500
2 1
2 hash
PGP hash hash
PGP
hash
hash PGP
hash hash
hash
Hash
b
x x=123
- 46 -
[]Jon Callas
()
hash a
hash
2 hash
2 hash
4.1.5.1 Hash
4 hash PGP
7 Hash
Bits
MD5
128
MD5 hash PGP PGP5.0

MD5 1996 MD5 MD4 PGP
hash
SHA-1
160
SHA-1 MD5 NIST MD5
RIPE-MD/160
160
RIPE-MD/160 SHA-1 Hash RIPE- MD/160

MD5 Reseaux IP Europens(RIPE) NIST
SHA-1
SHA-256
256
SHA-256 NIST Hash SHA-2

hash
SHA-512
512
SHA-2 SHA-256
SHA-384
384
SHA-384 SHA-512 SHA-384

SHA-256
SHA-512 SHA-224 SHA-256
4.1.5.2 Hash
(2006 ) hash
b
2004 hash
RSA S Adi Shamir hash
2005 SHA-1c
hash 2 hash
d
combinatoricsPigeonhole Principle
13 12 2
PDF CRC-32 79EE7FEF PGP
b
hashMD4MD5HAVAL-128 RIPEMD http://eprint.iacr.org/2004/199
c
Finding Collisions in the Full SHA-1 SHA-1 Advances i n Cryptology CRYPTO 2005,
LNCS 3621, Spri nger, 2005, ISBN 3-540-28114-2, 17-36 google
d
- 47 -
[]Jon Callas
()
hash 16-bit hash 16-bit

2 hash
( hash ) hash 256
1 hash 256
Alice 1/365a
2
hash hash
bc
23
prob pigeons,holes = 1
holes!
holes pigeons ! holes pigeons
Prob pigeons holes Pigeons holes
2
2
1.2 holes holes
n-bit hash 22 160-bit

hash 80-bit 280 2 d
2004
128-bit hash
6
160-bit hash
2

hash

John Kelsey
a
2 29
8 11 8 3
c
http://mathforum.org/dr.ma th/faq/faq.bi rthda yprob.html
http://ma thworld.wolfra m.com/Bi rthda yProblem.html http://mathworld.wol fram.com/Bi rthda yAtta ck.html
d
NA = 6.0221367 10 23mol1
b
- 48 -
[]Jon Callas
()
Bruce Schneier a SHA-1 21062160

260
hash ( AABBCC ABC) 0 4

hash
hash 2005 10 NIST hash
hash 2 2006
8 AES hash
PGP
PGP MD5 1997 PGP 5.0 MD5 SHA-1 MD5
PGP 8.0.3 SHA-256SHA-384
SHA-512 PGP 9.0 SHA-1 SHA-256
4.1.6
2 data integrity
Message Authentication CodesMACsDigital Signatures
hash HMACs
MACs SSL
RSA DSARSA DSA

DSA ECDSA Elgamal
OpenPGP c Elgamal
RSA DSA Elgmal Elgamal

a
John Kelsey Bruce SchneierSecond Preimages on n-bi t Hash Functions for Much Less than 2n Work n hash 2
2n http://epri nt.iacr.org/2004/304
b
Mi chael Szydlo Yiqun Lisa Yin,Collision-Resistant usage of MD5 and SHA-1 via Message Preprocessing MD5 SHA-1
http://eprint.ia cr.org/2005/248
c
ta r POSIX 1003.1-1990 PGP Zi p
ta r gnuta r http://www.gnu.org/software/ta r/ POSIX ta r gnuta r
dis t/s rc/ ta r.h ta r
- 49 -
[]Jon Callas
()
DSA Elgamal Elgamal RSA
hash
2
()
hash
hash hash
Hash
hash
4.1.7

metadata
ISBN a
? 2
OpenPGP Whitfield diffe PGP

OpenPGP
OpenPGP
4.1.7.1
() Alice
Bob Alice Alice Bob Alice
Bob
Alice
- 50 -
[]Jon Callas
()
()() a
Alice
2
2 OpenPGP X.509 PGP

self-signed certificatesAlice Bob
Alice Bob
3 Charlie OpenPGP third-parties Trusted
Introducers X.509 Charlie Certificate AuthorityCA
4.1.8
4.1.8.1
Bob Alice Alice
OpenPGP OpenPGP hash
4.1.8.2
Bob
Alice Charlie Bob Charlie
Charlie GeoTrust VeriSign CA
Root Certificates)
Alice Jack
X.509 SSL Amazon.com

a
112 113
- 51 -
[]Jon Callas
()
2 3
VeriSign
VeriSign
4.1.8.3
cumulative trust
PGP Bob (
b
Charlie Dale)Bob OpenPGP

3 (0 )(1 )(2 ) 2
c
Bob Zelda Alice
, Alice Charlie Dale Alice
Ueli Maurerd PGP PGP
00.51 0.9
0.15
4.1.8.4
Bridge CAs
PGP PGP Global Directory

Alice PGP
PGP PGP 6 2
PGP OpenPGP keys.

keys.pgp.com
OpenPGP ( PGP DesktopPGP Universal Hushmail)
keys.pgp.com pgp.com
Wi ndows IE Internet
2/3
c
PGP 1
d
Ueli Maurer,Modelling a Publi c-Key Infrastructure 1996 (ESORICS
96)Springer-Verla g Computer Science , 1146 , 325-350 , 1996 9
http://citeseer.ist.psu.edu/ma urer96modelling.html
b
- 52 -
[]Jon Callas
()
4.1.9
2 X.509 OpenPGP 2
PGP
X.509 OpenPGP
4.1.9.1
X.509
OpenPGP
OpenPGP X.509
www.pgp.com SSL (www.pgp.com)(
) GeoTrust
OpenPGP ( jon@pgp.com)
PGP
(http://keyserver.pgp.com/) Phil Zimmermann Will Price , Jeff Moss
X.509
jcallas@pgp.com jon.callas@pgp.com
AES-128 AES-128 AES-256

Twofish ? X.509
OpenPGP (DSA RSA)

DSA DSA
Elgamal RSA RSA
4.1.10
2 OpenPGP a S/MIMEb CMS c
Jon Callas, Lutz Donnerhacke, Hal Finney Rodney Thayer OpenPGP Message Forma tOpen , RFC2440
OpenPGP http://www.ietf.org/rfc/rfc2440.txt
b
TLST. Dierks and C. Allen, The TLS Protocol Version 1.0TLS 1.0, RFC2246
http://www.ietf.org/rfc/rfc2246.txt
c
R. HousleyCryptographi c Message Synta x (CMS), RFC3852http://www.ietf.org/rfc/rfc3852.txt
- 53 -
[]Jon Callas
()
PGP NetSharea PGP Virtual

Disk PGP Whole Disk Encryption SSL
VPNb 2
1.
2.
c
3. MAC
MAC
4. OpenPGP CMS
5. AES
6.
7.
8. CMS S/MIME OpenPGP
.
d
4.1.11
1.
CPU ( CPU ) CPU

Intel CPU 4 RING0,RING1,RING2,RING3Windows
RING0 RING3RING0 RING3 RING0
Wi ndows CPU
b
VPN Vi rtual Pri va te Network
Internet
VPN
VPN VPN
c
WinHex Ul traEdi t 16
d
http://baike.baidu.com/view/279751.html
- 54 -
[]Jon Callas
()
2.
3.
4.
5.
6.
7. MACs
8.
4.1.12
PGP
3
0 9 10
1000
a

b
3 6
10 26 52 62 96
c
a
,
,,,
c
- 55 -
[]Jon Callas
()
Top10
1.8 Top10 Top10 1.8
.thomas 0.99
.arsenal 1.11
.monkey 1.33
.charlie 1.39
.qwerty 1.41
.123456 1.63
.letmein 1.76
.liverpool 1.82
.password, 3.780password password
.123 4123 hao123
LockDown.com
PC 348
163 33 62
253 22 23
A 10,000 Passwords/sec Pentium 100 Office

B 100,000 Passwords/sec Pentium 100 Windows Password Cache (.PWL Files)
C 1,000,000 Passwords/sec Pentium 100 ZIP ARJ
D 10,000,000 Passwords/sec PC
E 100,000,000 Passwords/sec PC
F 1,000,000,000 Passwords/sec/
34000 MySpace.com
32
Wired News Counterpane Internet Security Bruce Schneier
8 81 32
1ancheste23nite41ancheste23nite4
Schneier password1abc123myspace1password blink182(
- 56 -
[]Jon Callas
()
) 3.8 12
1 password1
Schneier passwordpassword1
Schneier ()
Schneier
MySpace 34000
Jesper Johansson AusCERT
Johansson
68
EG05p8DVkoS29CI54Bz83PnyD65KxQLjyTh6FjklX0pM1n624Y58n9bPS7lUO5G0
ERA - GUN - zero - five - pen - eight - DOG - VOW - key - orb - SEA - two - nine - CUP - INK - five - four - BIT - zen - eight three - PEN - net - yap - DOG - six - five - KEY - xmas - QUIZ - LEG - jug - yap - TIA - hat - six - FLY - jug - key - leg - XMAS zero - pen - MAN - one - net - six - two - four - YAP - five - eight - net - nine - bit - PEN - SEA - seven - leg - UNIT - ORB five - GUN - zero
l1hQ3TXE69JsDO63ZT059MF2I8e0m41j8ptA3R58FP7Nxm654R8KB39XryOE1NVd
leg - one - hat - QUIZ - three - TIA - XMAS - ERA - six - nine - JUG - sea - DOG - ORB - six - three - ZEN - TIA - zero - five nine - MAN - FLY - two - INK - eight - era - zero - man - four - one - jug - eight - pen - tia - AIR - three - RAT - five - eight FLY - PEN - seven - NET - xmas - man - six - five - four - RAT - eight - KEY - BIT - three - nine - XMAS - rat - yap - ORB ERA - one - NET - VOW - dog
^0^a
- 57 -
[]Jon Callas
()
Daniel V.Klein 40%
130 Daniel V.Klein Klone

kloneklone0klonel klone123dvk dvkdvkdkleinDklein leinad
nielkdvkleindanielkDvkkvDDANIEL-KLEIN(klone)KleinD
16,000
spainspanishspaniard
Bulfinch
2001twelveaaaaaaaaaa
fuckyou
ibmsuxdeadheadqwerty
asdfzxcvbnroygbivooottafagvah
letc/hosts
Klein
66,000
2
O0scholar
sch0larl1scholarscho1ar
Z2S5
dressdresseshousehousesdaisy
daisies Klein
datumdatums
data
sphynx
sphynxssphynges-ed-er-ing
phasephasedphaserphasing
1,000,000
23
michaelmIchael
miChael
michAelMIchael
MiChaelMicHael mIChaelmIcHael
400,000 1,500,000
3,000,000 456
- 58 -
()
[]Jon Callas
( 298 158,404 16,000,000

)
34
n n
4.1.13
DNA
DNA
- 59 -
[]Jon Callas
()
DNA
1.a
2.b
CCD
3.
3 8
4.
5.a
a
b
c
fi ngerprinting http://baike.baidu.com/view/7245.html?wtp=tt
http://baike.baidu.com/view/831985.htm?func=reti tle
- 60 -
[]Jon Callas
()
6.
7. DNA
DNA DNA
DNA
DNA
DNA DNA
DNA DNA
8.
9.
90%~95%
http://www.hudong.com/wi ki/%E9%9D%A2%E9%83%A8%E8%AF%86%E5%88%AB%E7%B3%BB%E7%BB%9F
b
- 61 -
[]Jon Callas
()
10.
Lumidigm

light printFingerprinting(Face recognition)
a
ISOIEC
ISO/IECTR247222007
ISO/IECTR247222007
ISO/IEC
TH-ID
1
2
Fa ce Recogni tion/TR Nov 2001

- 62 -
[]Jon Callas
()
2008
4.1.14
hash
OpenPGP "string to key" RFC 2440
- 63 -
[]Jon Callas
()
Niels Bohr
5.1
100

bBluetoothc
dfuel cells
5.1.1
b
VoIPVoice over Internet Protocol IP 2.4Ghz
<100m
c
Internet
d
2008 IDFIntel Devel oper ForumIntel
WiFi 2-3
75
e
()
- 64 -
[]Jon Callas
()
5.2
5.2.1
X, Z,
aJohn Hargrave
b.
Alice Bob Trent
Trent Alice Bob(
) Alice KA Bob KB
(1) Alice KA Bob Trent

(2) Trent KA
(3) Trent Alice KB
(4) Trent Bob
(5)Bob KB Alice Trent Alice
a
John Ha rgra ve The Credi t Ca rd Pra nkhttp://www.zug.com/pranks/credit/
, Mi ckey Mouse
- 65 -
[]Jon Callas
()
Trent Alice
Alice Alice
(1) Trent Alice Trent Bob
(2) Alice( Trent) KA Alice

KA Trent AliceTrent (2)
(3) Bob Trent Alice

( Trent ) Bob Alice
KA Bob
Bob KA KA
(4) Bob Trent Bob
(5) Alice BobTrent

Trent
Bob Alice Carol Trent
(1) Bob Trent Alice KB Trent
(2) Trent KB
(3) Trent Alice
(4) Trent Carol KC Carol
(5) Carol KC Trent Alice
Trent
(
)
Trent Trent 100
Trent
- 66 -
()
[]Jon Callas
PGP
PGP
?
PGP

b

9
YES
NO
NO
YES
YES
NO
NO
YES
NO
YES
YES
NO
YES
NO
YES
Hash
NO
NO
YES
NO
NO
YES
YES
NO
5.2.2
Leibniz

Godel Leibniz c
Bob Alice Alice Bob
Alices
1024-bit RSA 160-bit hash d280
Alice Alice
a
George A. Miller,The Magi cal Number Seven, Plus or Minus Two 2

The Ps ychologi cal Review1956 , 63, 81-97 , Stephen Malinowski
http://www.well .com/s malin/miller.html
b
Jon Callas Bruce
Schneier Why Di gital Si gna tures Are Not Si gna tures 2000 Bruce
http://www.s chneier.com/crypto-gram-0011.html #1
c
Godel http://baike.baidu.com/view/551541.htm
d
0.000001%
- 67 -
[]Jon Callas
()
80-bit Alice
280 Alice
Alice Alice
the Brooklym Bridge 10
5.2.2.1
Alice 80 bits
Alice ?
256 bits 280 2256
a2240
Alice Coyote b
2256
,
5.2.3
Stewart Baker
Grandma picks a bad password, Grandma loses her house
Ali ce ,Ali ce
b
Christopher Moore,Coyote Blue,Perennial Books , ISBN 0-06073-543-0.
- 68 -
[]Jon Callas
()
Alice
5.2.4
DomainKeys
a
Identified MailDKIM Miles Libbey Yahoo! DKIM Yahoo!

b
eBay eBay ( DKIM

)
DKIM DKIM
DKIM
DKIM
OpenPGP S/MIME DKIM
PGP CTO CornerPGP c
DKIM
DKIM
Yahoo! ( eBay
eBay )
DKIM
Miles eBay 20 eBay
eBay eBay
DKIM DKIM
d
DNS
privacy-friendly
DKIM DKIM
DKIM DNS
DNS DKIM DNS
a
b
c
d
DKIM http://www.dkim.org/
Jon Callas,Crypto and Spa m, http://www.pgp.com/libra ry/ctocorner/cryptoandspa m.html

DNS Domain Name Sys tem
www.pgp.com IP
- 69 -
[]Jon Callas
()
DKIM DKIM
5.3
2
PGP
5.3.1
5.3.1.1
/
NSA
DES RSA
Mallory
VLSI
Clipper Capstone
Mallory
IBM
TEMPEST
- 70 -
[]Jon Callas
()
T1
PC-
5.3.1.2
Mallory
Mallory
TEMPEST Mallory
5.4
a
a
TPM TPM TPM
TPM
PC
- 71 -
[]Jon Callas
()
(
)
99.9%
a
CIO 10 100
100
USB
PGP
5.5
DRMDigital Rights Management

b DRM
ERMEnterprise Rights Management
ERM

PC TPM TPM
TPM
TPM
a
Chief Informa tion Offi cer
b
DRM http://baike.baidu.com/view/47310.htm
- 72 -
[]Jon Callas
()
5.6
Stacker DoubleSpace
DoD a 0011
0101 1100 1010 1001 0111
DoD
DoD 1 0 1-0
7 1 0 5
DoD 5220.22-M C DoD 5220.22-M / NISPOM 8-306 .

- 73 -
[]Jon Callas
()
10 5220.22-M C
a.I
a b
ab m
b.II
II
a b
b m
c.
III
a b
d.
Bernoullis
ab c
ab c
e.
abd m
f.
ab c
abd m
g.
h. 0
m, n
j. i c 3
m, n
k.
i.
l. K
(DRAM)
c g
cg m
m.
(EAPROM)
j m
n.
(EEPROM)
h m
o. 6
(EPROM)
l c m
p.
Flash EPROM(FEPROM)
c i m
q./
(PROM)
abc m
abc m
c f m
(NOVRAM)
c g
c g m
(ROM)
DoD 5220.22-M
( 8 ):
http://www.dss.mil/isec/change_ch8.htm
(SRAM)
c g
c fg m
p g
o g
(CRT)
IC
IC
- 74 -
[]Jon Callas
()
5.7
David Chaum blinded signatures
21 21
21
21 PGP
c
Chaum Stefan Brands Digital credentialsd
21
c
Da vid ChaumAchieving Electroni c Pri va cy1992 8 96-101
http://www.chaum.com/a rti cles/Achieving_Electroni c_Pri va cy.htmDa vid Chaum, Securi ty Wi thout Identi ca tion: Transa ction
Sys tems to Make Bi g Brother Obsolete
, 28 10, 1030-1044
; 1985 10 http://www.chaum.com/a rti cles/Securi ty_Wthout_Identi fica tion.htm
d
Stefan Brands Building in Pri va cy, ISBN
0-262-02491-8. PDFhttp://www.credenti ca .com/the_mi t_pressbook.php
- 75 -
[]Jon Callas
()
Brands
Lea Kissner Dawn Song Alice Bob
b 2
5.8
50 5 6
5.8.1 Hash
Hash 2004 2
hash
5.8.2
5.8.2.1
Lea Kissner Dawn SongPri va cy-Preservi ng Set Opera tions,CMU-CS-05-113,2005.6.

http://www.cs .cmu.edu/leak/papers/set-tech-full.pdf the PGP CTO Corner Kissner Song
http://www.pgp.com/libra ry/ctocorner/sets.html
b
- 76 -
[]Jon Callas
()
streams of live data

signcryption systems
5.8.2.2
AES 5 3
Rijndael (AES)Twofish Serpent
side-channel analysis
5.8.2.3
256-bit
, RSA DSA 3,000-bit 128-bit 15,000-bit 256-bit
15,000-bit
512-bit 256-bit
5 50
5.8.2.4
bi-linear maps
hash
- 77 -
[]Jon Callas
()
identity-based encryption systems

hash hash
hash
Jon CallasJohn Doe

2006 John Doe 2106 John Doe
5.8.3
a
Peter Shor
Kelvin 1
Peter Shor
n
http://baike.baidu.com/view/192896.html ?tp=0_11
- 78 -
()
[]Jon Callas
p p1
a (1p)n
5.9
Niels Bohr
c
5.9.1
5.9.2
d Peter Shor
e
a
:5 10 10 9
5 0.1 1-0.1=0.9
5
5 1 0.1 =0.59049
0.15 + 0.95 = 0.5905 1 5 5
1
100000
=1.693508780843 2
5 =
(10.1)
59049
b
,
http://news.mydri vers.com/1/80/80803.htm
c
d
Ja cob Wes t,The Quantum Computer,http://www.cs .caltech.edu/westside/quantum-intro.html A. Ba renco,
A. Ekert, A. Sanpera C.Ma chiavello,A Short Introduction to Quantum Computati on, La Recherche,1996
11 . A. Ba renco http://www.qubit.org/libra ry/intros/comp/comp.html
e
Peter W. Shor,Algori thms for Quantum Computa tion: Discrete Loga rithms and Fa ctoring,1994
- 79 -
[]Jon Callas
()
post-quantum-computing cryptography
hash ,
DNA Leonard Adleman RSA A
DNA DNA
5.9.3
a10
2001
35 124-134 . http://ci teseer.is t.psu.edu/14533.html

a
http://austlii .edu.au/graham/PLPR_world_wide_guide.html
- 80 -
[]Jon Callas
()
6
a
486 WindowsVista
4 4Gb 1Tb PC DOS 7.0
Windows Linux c
Windows Linux
I love you
Windows Linux
d
MacOS
6.1
a
b
c
d
1:9
Linux http://baike.baidu.com/view/1634.html?wtp=tt
Ma cOS http://baike.baidu.com/view/24778.html
- 81 -
[]Jon Callas
()
56kbps a
6.1.1 WinZip
WinZip e
ZIPCABTARGZIPMIME Windows
, PC Magazine
Zip Zip
WinZip Zip
AES
128-bit AES 256-bit AES
Zip 2.0
Zip 2.0
a
Kbps A kbps 8 kb/s56kbps 8kb
c
Lossless Compression
d
Khalio Sa yooo Introducti on to Data Compression
http://www.verycd.com/topi cs/380781/ .
e
Wi nZip http://www.winzip.com/
- 82 -
[]Jon Callas
()
Zip 2.0
WinZip AES Zip 2.0 AES Zip
WinZip
Zip Zip 2.0 WinZip Self-Extractor 2.2 WinZip Self-Extractor
( WinZip ) AES
WinZip AES Zip 2.0 WinZip
WinZip AES WinZip AES

(128 -bit 256-bitAES ) RFC 2898 (
#5 ) 1000 PBKDF2
WinZip 8-byte Salt 128-bit
AES 16-byte Salt 256-bit
Salt WinZip AES
8-byte salt WinZip 128-bit 40
WinZip AES 2000 Zip 1000

)
256-bit AES 16-byte Salt 128-bit
AES 8-bit Salt
RFC2898 WinZip HMAC-SHA-1
PBKDF2 HMAC-SHA-1
160-bit 128-bit 256-bit
256-bit AES HMAC-SHA-1 160-bit

256-bit 160
RFC2898 B.1.1
6.1.2 WinRAR
WinRAR a WinZip 7ZACEARJBZ2
CABGZISOJARLZHTARUUEZ WindowsNT
RAR
WindowsLinuxFreeBSD
DOSOS/2MacOS X
WinRAR ZIP2.0 RAR AES-128
RAR 8
RAR
127
RAR RAR
128 128MB
WinRAR
RAR RAR 8,589,934,591GB
a
Wi nRAR http://www.ra rlab.com/

- 83 -
[]Jon Callas
()
4GB NTFS ZIP

2GBRAR GB
WinZip RAR
WinZip WinRAR
WinZip WinRAR WinZipa
6.1.3 7Zip
7-Zip b 2
7z ZIP
30-50% Zip 2-10%7-Zip GNU LGPL
cAES BSD unRAR GNU LGPL unRAR
7z AES-256 16000000000GB
7-Zip AES 10 10
100
11
1
2
2
1
1
1
30
12
14
10
19
20
9
10
26
37
9
4
11
12
46
55
4
4
13
14
64
73
4
13
15
82
22
16
17
91
100
31
40
WinZip
b
7Zi p http://www.7-zip.org/
c
GNU LGPL GNU
GNU
GNU Free Softwa re FoundationInc.59 Temple Pla ce
Suite 330Bos tonMA 02111-1307 USA
- 84 -
[]Jon Callas
()
4 CPU
7-Zip 600 MB 1GB 2GB
6.1.4 UHARC
UHARC RAR7z
WinRAR Uharc
Uwe Herklotz ZIPRARACE7-Zip
UHarc UHarc
UHARC
DOS
UHARC
a
RAR ZIP
6.2
MSNQQICQSkype
TCP/IP
IM
IM
SMSb
70
a
http://www.maxi mumcompression.com/index.html
SMS
- 85 -
[]Jon Callas
()
SMS 3
BBS
PKIPublic Key Infrastructure
6.2.1 The Bat

a
10
The Bat Tip of the day

The Chinese word for bat, fu, also
means "happiness". Five bats represent the Five Blessings-longevity, wealth, serenity, virtue, and an easy death
OpenPGP PGP S/MIME TLS

RC2-128-bit3DES-156-bitIDEA-128-bitAES-128-bitAES-256-bit SHA-512
TheBat!
X-Mailer
X-Mailer TheBat!
TheBat! V3 Key PGP
6.2.2 Foxmail
Foxmail b2005 3 16
Foxmail Foxmail5.0
(SSL)
( Unicode)
(SSL) yahoo.com HotmailMSN
(vCard)
Foxmail
FlexcryptcCenturionMail aComodo SecureEmailb
a
b
c
The Ba t http://www.ri tlabs.com/ 30

Foxmail http://www.foxmail.com.cn/Foxmail http://wap.foxmail.com/
Flexcrypt http://www.flexcrypt.com/
- 86 -
[]Jon Callas
()
6.3
IDE SATA SCSI
1.
2.
3.
4.
Flash ROM
SLCSingle Layer Cell MLCMulti-Level Cell SLC

MLC MLC 2bit
SLC MLC
SLC SLC
10 MLC 10 MLC
100 (MTBF)
cd
Centurion http://centurionsoft.com/centurionmail/
Comodo SecureEmail http://www.secure-email.comodo.com/index.html Comodo
c
- 87 -
[]Jon Callas
()
6.3.1 O&O Soft SafeErase

O%O aSafeErase
SafeErase
5 .
(1 )
5
(3 )
1995 1 DoD (US DoD 5220.22-M)'National Industry Security
Program Operating Manual' DoD 5220.22-M E 3
(6 )
BSI BSI IT Baseline Protection ManualBSI IT
3
(7 )
1995 1 DoD 'National Industrial Security Program Operating Manual
' 7 (DoD 5220.22-M ECE) DoD 5220.22-M (E) 3
DoD 5220.22-M (E)
(35 )
b
Peter Gutmann Secure Deletion of Data from Magnetic and Solid-State Memory
35
6.3.2 East-Tec DisposeSecure

East-Tec DisposeSecure
CD
DVD
O&O Soft http://www.oo-softwa re.com/

http://www.cs .auckland.ac.nz/~pgut001/pubs/secure_del.html PDF
http://www.cs .cornell.edu/people/cla rks on/secdg/papers .sp06/secure_deletion.pdf
b
- 88 -
[]Jon Callas
()
Ultimate tool
6.3.3 Linux
Windows Linux
Linux Linux
linux b
DOS Linux
linux
Linux Ubuntu
Shred
shred shred
Shred
rm
rm
(HDD)
Shred :shred [option(s)] file(s)_or_devices(s)

:
-f, force ()
-n, iterations=N N (25)
-s, size=N ( KMC )
-u, remove
-v, verbose
-x, exact - do not round file sizes up to the next full block
-z, zero - add a final overwrite with zeros to hide shredding
-shred
help
version
:
a
b
Eas t-Tec http://www.eas t-tec.com

Ubuntu http://linux.chinaitlab.com/safe/775628.html
- 89 -
[]Jon Callas
()
1) file1file2 file3
shred file1 file2 file3
2) HDD
shred /dev/hda7
3) 20
1.44MB( 1440KB)
shred verbose /dev/fd0

4)
shred verbose /dev/sda5

Ubuntu Nautilus shred nautilus-actions
sudo aptitude install nautilus-actions
Nautilus Actions ConfigurationSystem
->Preference
->Nautilus Actions Configuration
Label: Shred
Tooltip: shred utility to securely erase files
Icon: gtk-dialog-warning
Path: shred
Parameters: -f -u -v -z %M
Conditions Appears if selection containsOnly files

(
)Appears if selection has multiple files or folders
nautilus
- 90 -
[]Jon Callas
()
nautilus -q
nautilus
nautilus shred
Wipe
wipe unix Linux
2.*(Open+Net+Free)BSD aix 4.1 SunOS 5.5.1 Solaris 2.6
Magnetic Force Microscopy (MFM) 2
3 wipe fsync() call / O_SYNC bit
Ubuntu wipe
sudo aptitude install wipe
wipe :wipe [options] path1 path2 pathn
/home/berke/plaintext/(option -r) 34 passes

(FIFO )(
) 10 unlink chmod()(option -c).
(option -f)
wipe -rcf /home/berke/plaintext/
/dev/hda3 IDE (option -q)

passesInode unlink
wipe -kq /dev/hda3
wipe symlink symlink/dev/floppy

/dev/fd0u1440 symlink D
wipe -kqD /dev/floppy
wipe (option r)/var/log /var/log chmod()

(option i)-f
- 91 -
[]Jon Callas
()
wipe -rfi >wipe.log /var/log/*
byte (
) wipe byte -l option b
KM G 29 512 210 1024 Kilo220 (Mage)230(Giga)bytes
1M416K = 1474560 bytes
wipe -Kq -l 1440k /dev/fd0

Ubuntu Nautilus Wipe nautilus-actions
sudo aptitude install nautilus-actions

Nautilus Actions ConfigurationSystem->Preference->Nautilus Actions Configuration
Label: Wipe
Tooltip: Wipe utility to securely erase files
Icon: gtk-dialog-warning
Path: wipe
Parameters: -rf %M
Conditions Appears if selection containsbothAppears if selection has
multiple files or folders nautilus
nautilus -q
nautilus
nautilus wipe
Secure-Delete
swap memory
Secure-Delete Ubuntu
Secure-Delete
sudo aptitude install secure-delete
- 92 -
[]Jon Callas
()
Secure-Delete
srm(Secure remove)
smem(Secure memory wiper) (RAM)
sfill(Secure free space wiper)
sswap(Secure swap wiper) swap
srm - Secure remove
srm unlink
srm getopt option

-fsrm -fsrm ./-f
srm :srm [OPTION] FILE
:
-d, directory ( rm )
-f, force
-i, interactive
-r, -R, recursive
-s, simple pass
-m, medium 7 US DoD passes(0xF6,000,0xFF,random,000,0xFF,random)
-z, zero zero
-n, nounlink unlink
-v, verbose
help
version
:
srm myfile.txt
srm myfile.txt
srm
srm -r myfiles
smem - Secure memory wiper

smem
SDRAM !
Usenix Peter Gutmann Peter
Gutmann
- 93 -
[]Jon Callas
()
smem :smem [-f] [-l] [-l] [-v]

:
-f () no /dev/urandom
-l passes000 pass
-l -l 000 pass
-v
sfill - secure free space wipe
sfill
Usenix Peter Gutmann
Peter Gutmann
Sfill :sfill [-f] [-i] [-I] [-l] [-l] [-v] [-z] directory/mountpoint
:
-f -() no /dev/urandom
-i inode
-I - inode
-l - passes0xff pass
-l -l pass
-v -
-z 0
directory/mountpoint
sswap - Secure swap wiper swap
sswap swap
Usenix Peter Gutmann
Peter Gutmann
Sswap : sswap [-f] [-l] [-l] [-v] [-z] swapdevice
:
-f -() no /dev/urandom
-l - passes0xff pass
-l -l pass
-v
-z - 0
:
sswap swap swap
- 94 -
[]Jon Callas
()
cat /proc/swaps
swap
sudo swapoff /dev/sda3
/dev/sda3 swap
swap sswap
sudo sswap /dev/sda3
swap
sudo swapon /dev/sda3
:DBAN
Darik Boot Nuke (DBAN)DBAN
DBAN
6.4
API
6.4.1 MicroSoft EFS

EFS(Encrypting File System) Windows 2000/XP NTFS
EFS EFS
FEK(File Encryption Key) FEK X
FEK FEK
FEK FEK
EFS /()
EFS
EFS Windows Windows

- 95 -
[]Jon Callas
()
Windows XP Home EFS

EFS SID()
EFS EFS
EFS
EFS EFS
EFS
6.4.2 MicroSoft BitLocker

BitLocker Windows Vista
Windows BitLocker
Windows BitLocker
TPM Windows
(TPM)
TPM BitLocker AES
BitLocker TPM BitLocker TPM
BitLocker BitLocker BitLocker TPM
USB
Windows TPM
Windows TPM Windows

BitLocker TPM
TPM PIN USB
TPM BitLocker TPM
USB
TPM TPM
TPM TPM
TPM (SRK)
TPM TPM
TPM
TPM
BitLocker Windows
TPM TPM
BitLocker TPM U
- 96 -
[]Jon Callas
()
TPM 1.2 TPM
U USB BIOS USB

Windows Vista U U
U
U U
TPM BitLocker SP1 Vista
BitLocker
TPM TPM
TPM
U USB U
TPM+U TPM+PIN TPM+U +PIN
TPM
6.4.3 PGP
PGP(Pretty Good Privacy) aPGP
PGP
PGP PGP Universal Server()PGP Universal Gateway

Email() PGP Desktop Email()PGP NetShare()PGP
Whole Disk Encryption()PGP Desktop Professional()PGP Desktop Storage(
)PGP Desktop Corporate()PGP Mobile
6.4.4 TrueCrypt
TrueCrypt b Windows Vista/XP/2000 Linux,
,,
a
b
PGP http://www.pgp.com/ PGP http://www.pgp.com.cn/

TrueCrypt http://www.truecrypt.org/
- 97 -
[]Jon Callas
()
windows windows PGP
steganography TrueCrypt
6.4.5 Utimaco SafeGuard

Utimaco SafeGuardb SafeGuardEasy PGP
(PBA) USB Token
SafeGuard Easy
SafeGuard Easy
Common Criteria EAL3FIPS 140_2 SC Magazine
SafeGuard Easy FAT-12FAT-16FAT-32HPFSNTFSNTFS5
cAES-256 32 bytes (256 bits)AES-128 16 bytes (128 bits)Rijndael-256 32 bytes (256
bits)DES 7 bytes (56 bits)3DES 21 bytes (168 bits)IDEA 16 bytes (128 bits)Blowfish-8 32 bytes (256 bits)
Blowfish-16 32 bytes (256 bits)STEALTH-40 5 bytes (40 bits)XOR 8 bytes (64 bits)
SafeGuard Easy IBM/Lenovo ThinkPad/ ThinkCentre
CD PDF PDF
6.4.6 The GNU Privacy Guard

d
GnuPG (The GNU Privacy Guard) GNU RFC4880 OpenPGP GnuPG

GnuPG GPG
GnuPG 2 S/MIME
GnuPG GNU
PGP GnuPG 2 1.4.9 2.0.11
Gpg4win Windows GnuPGAegypten

GnuPG 2 S/MIME
GnuPG
PGP PGP PGP 56 7

a
b
c
d
TrueCrypt http://www.truecrypt.org/docs/ http://www.truecrypt.org/downloads

Uti ma co http://www.uti ma co.com/ SAFEGUARD ENTERPRISE SafeGua rdEas y
bi t
The GNU Pri va cy Gua rd http://www.gnupg.org/index.en.html
- 98 -
[]Jon Callas
()
. ElGamal DSARSAAES3DESBlowfishTwofishCAST5MD5SHA-1RIPE-MD-160
TIGER HKP (wwwkeys.pgp.net)
PGP GnuPG
EFSPGP
PGP
- 99 -
[]Jon Callas
()
7 PGP
7.1
a
Philip R. Zimmermann Pretty Good Privacy, . PGP 1991 Internet

, . PGP
, Zimmermann . , ,
, , PGP . 1996 ,
b
, Zimmermann PGP . 1997 12 , Network Associates Inc(NAI),

. 2002 8 , PGP PGP NAI , Zimmermann
. Zimmermann ,
Internet (Stanford Law School's Center for Internet and Society).
PGP , Zimmermann 20 , ,
, .
.
Zimmermann . 2003 ,
Heinz Nixdorf MuseumsForum Wall of Fame, 2001 CRN Industry Hall of Fame. 2000 ,
(InfoWorld) . 1991 (Privacy International)
Louis Brandeis , 1998 (Secure Computing Magazine), 1996
Norbert Wiener . 1995 Chrysler , Electronic
Frontier Foundation , 1996 PC IT , 1996 "".
1994 PGP . 1995 , Newsweek Zimmermann " 50 ", 50
Internet
Zimmermann ,
.
Zimmermann 1978 . , ,
. (Roundtable on Scientific
Communication and National Security), . OpenPGP
, (Computer Professionals for Social Responsibility),
, Anonymizer.com, Hush Communications, Encentuate, and Qualys .
7.2 PGP
PGP , Zimmermann . 80 Boulder,
Zimmermann ,
.
. , , FEMA()
, . .
, 1984 , Zimmermann PGP ,
a
b
http://www.philzimmermann.com/ZH/background/index.html
http://www.philzimmermann.com/EN/news /PRZ_case_dropped.html
- 100 -
[]Jon Callas
()
, . Zimmermann PGP ,
, .
Zimmermann (Union of Concerned Scientists), ,
, , Rocky Flats
. . Zimmermann
. Carl Sagan,
Martin Sheen, Daniel Ellsberg.
80 , Zimmermann (Get Smart on the Arms Race).
, , , (MAD),
, , , , , , , ,
.
- 101 -
[]Jon Callas
()
RSA
DVD
MD5
PDF
PDF
2010.1.27
- 102 -

Intro To Crypto

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Intro To Crypto

Uploaded by

Copyright:

Available Formats

An Introduction to Cryptography

An Introduction to Cryptogra phy

IDEA Ascom Tech AG 5,214,703

PGPPGP Pretty Good Privacy Pretty Good PGP

PGP Mark Adler Jean-Loup Gailly Zip

An Introduction to Cryptogra phy

PGP PGP Desktop 9.9.0 Jon Callas 2006

Jon Callas An Introduction to Cryptography Bruce

An Introduction to Cryptogra phy

2009.4.9 ( CRC-32:4A1CA0ACPDF/A-1a CRC-32:2F53EF59)

ISO 19005-1 A (PDF/A-1a) B PDF

An Introduction to Cryptogra phy

............................................................................................. - 22 AES ............................................................................................................... - 24 -

An Introduction to Cryptogra phy

One-Time Pads ...................................................... - 42 One-Time Pads ..................................................................................... - 44 -

...................................................................................... - 53 ...................................................................................... - 54 ............................................................................................. - 55 -

An Introduction to Cryptogra phy

.................................................................................................................................................. - 81 6 ......................................................................................................................... - 81 6.1

The Bat .................................................................................................................. - 86 -

MicroSoft EFS ......................................................................................................... - 95 MicroSoft BitLocker................................................................................................. - 96 -

TrueCrypt............................................................................................................... - 97 Utimaco SafeGuard ................................................................................................. - 98 -

........................................................................................................................... - 100 PGP ................................................................................................................ - 100 -

An Introduction to Cryptogra phy

An Introduction to Cryptogra phy

An Introduction to Cryptogra phy

Invisible inks fhollow heels in shoes

http://www.dtc.umn.edu/reeds j/codebooks .html

An Introduction to Cryptogra phy

transparent Slater 22611 overhaul

An Introduction to Cryptography 1998 PGP 6.0 PGP

:Ma naging Gigabytes :Compressing and Indexing Documents

An Introduction to Cryptogra phy

PGP 100 10 PGP

1991 1998 2009

M. Elkins , D. Del Torto, R. Levien, T. Roessler,MIME Securi ty with OpenPGPOpenPGP MIME

An Introduction to Cryptogra phy

PGP Phil Zimmermann 2 Phil Zimmermann

An Introduction to Cryptogra phy

2003 11 Fargo Wells

http://informa tionweek.securi typipeline.com/news/18402599;jsessionid =YWJ4ORVP2WZQIQSNDBGCKHY

An Introduction to Cryptogra phy

FTC 2003 6 Jacks PetCo.com Guess.com

Javelin StrategyResearch the Better Business Bureau 2006

2003 1010 2006 930

http://www.wi red.com/news /business/0,1367,38855,00.html

An Introduction to Cryptogra phy

An Introduction to Cryptogra phy

The US Health Insurance Portability and Accountability ActHIPAA

HIPAA HIPAA P Portability

Personal Information Privacy ActPIPA

An Introduction to Cryptogra phy

US Federal Drug AdministrationFDA21 21 Code of Federal

An Introduction to Cryptogra phy

An Introduction to Cryptogra phy

Sir Leigh Teabing

David Kahn The Code breakers: The Story of Secret Writing

Singh The Code Book

An Introduction to Cryptogra phy

An Introduction to Cryptogra phy

Leon Battista 1568

: Cryptography has a long and fascinating history

:CHATY RYNI YHDN PAFG TSAH OASI GLCS ROIT PGAR

An Introduction to Cryptogra phy