A look at the wide range of encryption algorithms in the world allows you not only to select the one you need for your given algorithm, but also to evaluate the cost of its implementation and the possibility of identifying a hacker.

Encryption is a method of protecting information

Since then, there has been no greater value in the information. The twentieth century is the century of computer science and informatization. Technology makes it possible to transmit and save more and more information. This is a good thing and a gateway. Information is becoming increasingly diluted for a variety of reasons:

growing obligations of data that are stored and transmitted;

an expanded number of contributors who can access EOM resources, programs and data;

Complicated operating modes of computing systems

Therefore, the problem of protecting information from unauthorized access (UND) during transmission and storage is becoming increasingly important. The essence of this problem is the constant struggle of the fakivists against the security of information with their “opponents”.

Characteristics of warehouse encryption algorithms

Information security - a set of approaches, methods and features that will ensure:

• connection of NSD to EOM resources, data programs;
• verification of the integrity of information;
• disabling unauthorized copyrighted programs (protection of programs from copying).

There is an obvious trend before the transition to digital methods of transmission and saving information allows us to establish unified methods and algorithms for the protection of discrete (text, fax, telex) and continuous (word) information.

The tested method for protecting information from NSD is encryption (cryptography). Encryption is the process of converting plaintext data into encrypted data (ciphertext) or encrypting data under the protection of certain rules using keys. In English literature, enciphering/deciphering is enciphering/deciphering.

For additional cryptographic methods you can:

encryption of information;

implementation of electronic signature;

distribution of encryption keys;

protection against erratic and unnecessary changes in information.

Prior to encryption algorithms, the following songs are presented:

• high level of protection of data from decryption and possible modification;
• Theft of information must rely only on known keys and not depend on the known algorithm (Kirkhoff's rule);
• A small change in the output text or the key can lead to a significant change in the cipher text (the “crash” effect);
• the area of ​​the key value is responsible for the clumsiness of decrypting the data by brute force over the key value;
• economical implementation of the algorithm for sufficient speed code;
• The risk of decrypting data without knowing the key may overestimate the security of the data.

Retellings of the old lady...

Boris Obolikshto

Cryptology is an old science and is based on the discourse about Julius Caesar (100 - 44 BC. Caesar's cipher, also known as the cipher of cyclic substitutions, is used to replace the skin letter of The alphabet has a fixed number of letters removed from it. It is considered cyclical, so that after Z follows A. Caesar replacing the letter with a letter that was removed from the exit by three.
Today in cryptology it is customary to operate with symbols in the form of letters and in the form of numbers that are related to them. Thus, in the Latin alphabet, numbers from 0 (type A) to 25 (Z) can be modified. Based on the number that represents the output symbol, x, and the encoded symbol, y, we can write a rule for defining a substitution cipher:

y = x + z (mod N), (1)

de z- Secret key, N- the number of symbols in the alphabet, and addition modulo N is an operation similar to initial addition, with the exception that the initial addition gives a result greater than equal to N, then the values ​​of the sum The surplus from the subdivision for N is considered.

The Caesar cipher in the accepted values ​​confirms the value of the secret key z = 3 (and in Caesar Augustus z = 4). Such ciphers can be broken very easily without knowing the value of the key: all you need to know is the encryption algorithm, and the key can be found by simple brute force (the so-called force attack). Cryptology consists of two parts - cryptography, which includes methods of encryption and/or authentication, and cryptanalysis, which examines methods of decryption and replacement of cryptograms. For many centuries, the instability of the first ciphers gave rise to an atmosphere of secrecy around the work of the cryptographer and suppressed the development of cryptology as a science.

This is how “pre-scientific” cryptography is called, and over two thousand years, it has instinctively “drawn up” a number of useful solutions. The simplest thing to do is to substitute the alphabetical order. It is also bad to rearrange the characters in the designated places (rearrangement ciphers).

The first systematic approach to cryptography is the work of the great architect Leon Battista Alberta (1404 – 1472). The period until the middle of the 17th century saw the infestation of cryptography and cryptanalysis robots. Intrigues around ciphers in Europe were completely successful at that time. Unfortunately, given the magazine's resources, we have chosen only one nickname from the school - François Viet (1540 - 1603), who at the court of King Henry IV of France was so successful in cryptanalysis (they also did not wear this proud name) that the Spanish king Philip II said to the Pope that the French were using black magic. But everything happened without bloodshed - at this hour, soldiers from the Argenti family, who today would be called cryptanalysts, were already serving at the Pope’s court.

It can be confirmed that over the centuries, the decryption of cryptograms has been supplemented by frequency analysis of the appearance of nearby symbols and their identification. The likelihood of each letter appearing in a text varies greatly (for Russian language, for example, the letter “o” appears 45 times more often than the letter “f”). This, on the one hand, serves as the basis for both the decryption of keys and the analysis of encryption algorithms, and on the other hand, the reason for the significant supernaturalism (in the information sense) of the natural text. Even a simple substitution allows you to capture the frequency of a symbol’s appearance - how difficult it is to erase in Russian text the symbols similar to the letters “o”, “e”, “a”, “i”, “t”, “n”. However, the theory of information and the world of supermundaneity have not yet been created, and to combat the cryptographer's enemy - frequency analysis - RANDOMIZATION is introduced. Its author is Karl Friedrich Gauss (1777 - 1855), with mercy, having created a code that cannot be broken.

There is a noteworthy feature in the history of cryptology that we are guilty of missing - the Dutchman Auguste Kerkhoff (1835 - 1903). The miracle “Kerkhoff's rule” follows: the strength of the cipher may depend only on the secrecy of the key. The medical hour, once this rule has been formulated, can be recognized to the greatest extent possible (the development of a systematic theory is still a century away!). This rule is important that the encryption algorithm is not secret, which means that the advantages and disadvantages of the algorithm can be discussed.

XX century – from intuition to science

The remaining name, as we are known in pre-scientific cryptology, is AT&T engineer Gilbert Vernam. In 1926, the Russians discovered a truly unbreakable cipher. The idea behind the cipher is to select a new value z for the skin symbol (1). In other words, the secret key is subject to abuse only once. Since such a key is chosen randomly, then, since it was successfully completed by Shannon through 23 years, the cipher is unbreakable. This cipher is the theoretical framework for the rise of the so-called “cipherpads,” which began to be widely used during the Second World War. The encryption pad contains no one-time keys, which are sequentially selected during encrypted messages. Vernam's proposition, prote, does not depend on the secret communication: instead of the method of transmitting the secret information, it is now necessary to know the method of transmitting the secret key, which is exactly the same as before, in order to replace the same symbols as in open text.

In 1949, Claude Shannon's article "Theories of communication in secret systems" gave birth to scientific cryptology. Shannon showed that for a given “fallacy cipher” there are a number of signs in the ciphertext that a cryptanalyst with limited resources can retrieve the key (and crack the cipher),

H (Z)/(rlog N), (2)

de H(Z) is the entropy of the key, r is the supermundaneity of the open text, and N- Volume of the alphabet.

For the efficiency with which archivers compress text files, we are well aware of the great supernaturalism of the original text - and even their work lies in a reduced supernaturalism (and only those in the part that are most gets tired easily). With a plain text strength of the order of 0.75 and a 56-bit key value (such as the one transmitted by DES), 11 ciphertext characters are sufficient to update the key with limited cryptanalyst resources.

Strictly apparent, the relationship (2) has not been brought to a sufficient cipher, but it is true for all known cases. From (2) comes a miraculous conclusion: the work of a cryptanalyst can be made more difficult not only by the thoroughness of the cryptosystem, but by the reduced supernaturalism of the hidden text. Moreover, if the confidentiality of the secret text is reduced to zero, a short key will yield a cipher that cannot be cracked by a cryptanalyst.

Before encrypting the information, follow statistical encoding (squeezing, archiving). When the amount of information and its supernumeracy change, entropy increases (the average amount of information that falls on one character). Since a written text will have daily letters and words that are repeated, decryption (cryptanalysis) is important.

Classification of encryption algorithms

1. Symmetrical (with a secret, single key, single-key, single-key).
1.1. Streams (encryption of data stream):

with a one-time or unshared key (infinite-key cipher);

with an end key (Vernam system);

based on a pseudo-pad number generator (PSN).

1.2. Blocks (data encrypted side by side):
1.2.1. Cipher permutation (P-blocks);
1.2.2. Replace ciphers (substitution, S-boxes):

• monoalphabetic (Caesar code);
• polyalphabetic (Vigener cipher, Jefferson cylinder, Whetstone disk, Enigma);

1.2.3. warehouses (table 1):

• Lucipher (IBM, USA);
• DES (Data Encryption Standard, USA);
• FEAL-1 (Fast Enciphering Algoritm, Japan);
• IDEA/IPES (International Data Encryption Algorithm/
• Improved Proposed Encryption Standard, Ascom-Tech AG (Switzerland);
• B-Crypt (British Telecom, UK);
• GOST 28147-89 (SRSR); * Skipjack (USA).

2. Asymmetric (with a private key, public-key):

• Diffie-Hellman DH (Diffie, Hellman);
• Rivest-Shamir-Adleman RSA (Rivest, Shamir, Adleman);
• El Gamal ElGamal.

In addition, there is a subset of encryption algorithms based on ciphers and codes. Ciphers work from fixed bits, letters, and symbols. Codes operate with linguistic elements (words, phrases).

Symmetric encryption algorithms

Symmetric encryption algorithms (or cryptography with secret keys) are based on the fact that the sender and the information holder use the same key. This key must be kept in a secret place and transmitted in a way that avoids any re-storage.

The exchange of information takes place in 3 stages:

The director transfers the owner's key (if there are multiple subscribers, each pair of subscribers receives their own key, which is substituted for the keys of other pairs);

The directory, using the key, encrypts the message, which overpowers the owner;

A unique key will be created for each day and each session, which will enhance the security of the system.

Exact ciphers

With stream ciphers, when a data stream is encrypted, the bit of output information is encrypted independently from others, subject to additional encryption.

Gamuvannya – placing on the open data a cipher (either a pseudo-padded sequence of ones and zeros) following the previous rule. This is called “as it turns off”, also called modulo 2, and is implemented in assembly programs using the XOR command. For decryption, the same noise is superimposed on the encrypted data.

With a one-time password of a different size, the data that must be encrypted cannot be encrypted by an evil code (the so-called cryptosystem with a one-time or unshared key). In this case, “never-ending” means that the din is not repeated.

Some stream ciphers have a short key. Thus, the Vernam system for the telegraph uses a paper ring to eliminate noise. Of course, the strength of such a cipher is not ideal.

It is clear that the exchange of keys based on the information that is encrypted is not always straightforward. That's why it's more common to use vikoryst's din, using the additional help of a pseudo-number generator (PSN). In this field, the key is the number that generates (cob values, initialization vector, initializing value, IV) to start the PNG generator. The PSC generator has a period, after which the sequence is repeated. Obviously, the pseudo-fall period is responsible for over-exposure to the majority of the information that is encrypted.

The PSC generator is important because the preservation of fragments in its output allows you to recreate missing parts and the entire sequence with a known algorithm, rather than an unknown cob value.

If the PSCH generator is selected, there are a number of options:

Bit-by-bit encryption of the data stream. The digital key is calculated as the cob value of the PNG generator, and the output bit flow is summed modulo 2 with the output information. Such systems have a daily power supply of all kinds of pardons.

Bit-by-bit encryption of the data stream from the gateway (OS) behind the ciphertext. This system is similar to the previous one, except that the ciphertext is rotated as a parameter in the PNG generator. Characteristic of the authorities is the expansion of pardons. The area of ​​widening of the cut lies within the structure of the PSCh generator.

Bit-by-bit encryption of the data stream from the OS behind the output text. The basis of the PSCh generator is the output information. Characteristic is the power of the unrestricted expansion of amends.

Bit-by-bit encryption of the data stream from the OS behind the ciphertext and behind the output text.

Block ciphers

With block encryption, information is divided into blocks of fixed data and encrypted side by side. Block ciphers come in two main types:

permutation ciphers (transposition, permutation, P-blocks);

replace ciphers (substitution, S-boxes).

Rearrangement ciphers rearrange the elements of open data (bits, letters, symbols) in a new order. The ciphers are divided into horizontal, vertical, double shifts, gratings, labyrinths, extinguishers, etc.

Replace ciphers replace elements of the open data with other elements following the same rule. There are simple, folding, pairwise substitution ciphers, alphabetic and column substitution ciphers. Replacement ciphers are divided into two groups:

monoalphabetic (Caesar code);

polyalphabetic (Vigener cipher, Jefferson cylinder, Whetstone disk, Enigma).

In monoalphabetic ciphers, the letter of the output text is replaced by another, and the letter is indicated at the back. For example, in the Caesar code, the letter is replaced by a letter that is removed from it in the Latin alphabet by one position. Obviously, such a cipher can be easily broken. It is necessary to understand how often letters occur in the ciphertext, and compare the result with the frequency of letters known to the skin.

In polyalphabetic substitutions, to replace a given symbol of the output notification, different symbols from a given set appear in the skin. It is clear that this set is not infinite, because through the large number of characters it is necessary to create a new one. What is the weakness of polyalphabetic ciphers?

Current cryptographic systems, as a rule, have different encryption methods (replacement and permutations). Such an encoder is called a product cipher. Vine is a more stable, lower encoder that requires no replacement or permutation.

Block encryption can be implemented in two ways:

Without a turning point (OS). A block of bits (block) of the output text is encrypted simultaneously, and each bit of the output text is added to the bit of the ciphertext. However, there is no mutual flow of blocks, so two new blocks of the output text will be represented by the same ciphertext. Therefore, such algorithms can only be used to encrypt the random sequence of bits (for example, keys). The applications are DES for ECB mode and GOST 28147-89 for simple replacement mode.

With a collar link. Depending on the OS, it is organized as follows: the front encryption block is composed of module 2 and the stream block. In the core of the first block in the OS language, the vicoristic value is initialized. A strike in one bit flows into two blocks – the strike block and the one next to it. Stock - DES yak CBC.

The PSCH generator can become stuck in case of block encryption:

1. Incidental encryption of the data stream. Encryption of the subsequent blocks (substitutions and permutations) is stored in the PSCh generator, covered with a key.
2. Incidental encryption of data flow from the OS. The PSCH generator is controlled by the encrypted output text and both at the same time.

Extend the US federal standard DES (Data Encryption Standard), based on the international standard ISO 8372-87. DES is supported by the American National Standards Institute (ANSI) and recommendations for certification by the American Bankers Association (ABA). DES transmits 4 robot modes:

• ECB (Electronic Codebook) - electronic cipher pad;
• CBC (Cipher Block Chaining) block chain;
• CFB (Cipher Feedback) return link from ciphertext;
• OFB (Output Feedback) output gate.

GOST 28147-89 - national standard for data encryption. The standard includes three algorithms for encrypting (decrypting) data: a simple replacement mode, a decryption mode, a decompression mode without a gateway - and a vibration mode with insertion.

With the help of inserts, you can fix the temporary or permanent modification of the encrypted information. You can revise the insertion either before encrypting (after decrypting) all messages, or immediately after encrypting (decrypting) block by block. In this case, the information block is encrypted with the first sixteen cycles in the simple replacement mode, then added behind module 2 with another block, the result is again encrypted with the first sixteen cycles, etc.

The encryption algorithms of GOST 28147-89 have the advantages of other algorithms for symmetric systems and surpass them with their capabilities. Thus, GOST 28147-89 (256-bit key, 32 encryption cycles) is equal to such algorithms as DES (56-bit key, 16 encryption cycles) and FEAL-1 (64-bit key, 4 encryption cycles) is greater high cryptographic strength for storing a larger key and a greater number of encryption cycles.

It should be noted that the substitution block can be changed for the DES entry, GOST 28147-89, so that it contains an additional 512-bit key.

Gaming algorithms GOST 28147-89 (256-bit key, 512-bit substitution block, 64-bit initialization vector) increase cryptographic strength and B-Crypt algorithm (56-bit key, 64-bit vector initialization).

The advantages of GOST 28147-89 also include the presence of protection due to the imposition of proprietary data (virtuous inserts) and the new encryption cycle for all GOST algorithms.

Block algorithms can be modified and modified. In this case, the gamma vibrates in blocks and is added modulo 2 to the output text. This stock can be called B-Crypt, DES in the CFB and OFB modes, GOST 28147-89 in the gamut modes and gamut with a collar link.

Asymmetric encryption algorithms

In asymmetric encryption algorithms (or secret key cryptography), one key (secret) is used to encrypt information, and another (secret) is used for decryption. These keys are different and cannot be separated from one another.

The information exchange scheme is as follows:

contains the calculations of public and private keys, the secret key is saved in a secret place, so as to remain accessible (informs the directory, customer networking groups, publishes);

The directory, vikoryst and the owner's secret key, encrypts the message that is being abused by the owner;

The user retrieves the information and decrypts his secret key.

RSA

Theft by US patent N 4405829. Released in 1977 by the Massachusetts Institute of Technology (USA). Having removed the name after the first letters of the authors' nicknames (Rivest, Shamir, Adleman). Cryptosity is based on the computational complexity of the task of decomposing a large number into simple multipliers.

ElGamal

Divided in 1985. Titles for the author's nickname - El-Gamal. It is certified in the US standard for digital signature DSS (Digital Signature Standard). Cryptoplasty lies in the computational complexity of the given logarithm of integer numbers in the terminal fields.

Level of symmetric and asymmetric encryption algorithms

In asymmetric systems, it is necessary to immobilize long keys (512 bits or more). A longer key will dramatically increase the encryption time. In addition, key generation was very difficult. Then you can distribute the keys through non-secure channels.

Symmetric algorithms use short keys, i.e., encryption is faster. Such systems also have a folding key tray.

Therefore, when designing a protected system, both symmetric and asymmetric algorithms are often used. Since a system with secure keys allows the distribution of keys from symmetric systems, it is possible to combine asymmetric and symmetric encryption algorithms into the system for transmitting protected information. For the first one, the keys will be released, while the others will be able to encrypt the transmitted information.

Information exchange can be done as follows:

The owner calculates the open and secret key, the secret key is saved in a secret place, so as to remain accessible;

The directory, using the secret key of the owner, encrypts the session key, which is transmitted to the owner by an insecure channel;

The user retrieves the session key and decrypts it, vikoryst and his own secret key;

The directory encrypts the message with a session key and overpowers the host;

The owner takes away the information and deciphers it.

It should be noted that in conventional and military systems, the linking of vicoristics is based on symmetrical algorithms, since there is no strictly mathematical basis for the stability of systems with private keys, as, however, no further development has been achieved.

Verification of the authenticity of information. Digital signature

When transmitting information, it may be secured simultaneously or separately:

• Confidentiality - the attacker is not to blame for the ability to recognize the information that is being transmitted.
• Authenticity, which includes two concepts:

1. integrity (integrity) - information may be protected from epileptic and impure changes;
2. Identification of the sender (verification of authorship) – the owner is responsible for the ability to verify to whom the message was sent.

Encryption can ensure confidentiality and, in some systems, integrity.

The integrity of the notification is verified by the calculations of the control function (check function) in the form of a notification - a small number of days. This control function is responsible for its high degree of changeability due to small changes in notification (deletion, inclusion, rearrangement or reordering of information). The control function is called and classified differently:

message authentication code (Message Authentical Code, MAC);

quadratic congruentical algorithm (Quadratic Congruentical Manipulation Detection Code, QCMDC);

Manipulation Detection Code (MDС);

Message Digest Algorithm (MD5);

control sum;

Block Check Character (BCC);

cyclic redundancy code (CRC, Cyclic Redundancy Check, CRC);

hash function (hash);

It has an insert according to GOST 28147-89;

algorithm reduced to n bits (n-bit Algorithm with Truncation).

When calculating the control function, any encryption algorithm can be used. It is possible to encrypt the checksum itself.

Digital signature (digital addition to the information that is transmitted, which guarantees the integrity of the rest and allows you to verify its authorship) is widely accepted. In the case of a digital signature model based on symmetric encryption algorithms, the digital signature is performed more manually when using secret key systems.

To match the RSA algorithm, you need to compress the hashing function (MD5 - Message Digest Algorithm) to a 256-bit hash (H). The notification signature S is calculated as follows:

d
S = H mod n

The signature is transferred immediately from notifications.

The identification process is based on the hash function of the notification (H") and equalized with

e
H = S mod n

de H- notification hash,

S- yogo signature,

d- Secret key,
e- Unlocked key.

Reversion of authenticity to the standards:

• authentication) - ISO 8730-90, ISO/IES 9594-90 and ITU X.509;
• integrity – GOST 28147-89, ISO 8731-90;
• digital signature – ISO 7498, P 34.10-94 (Russia), DSS (Digital Signature Standard, USA).

ISO- International Organization for Standardization /IOS/,
ITU- Mizhnarodna spilka elektrozvyazku /MCE/.

Implementation of encryption algorithms

Encryption algorithms are implemented in software and hardware. Without purely software implementations of various algorithms. Due to their low cost (they are completely cost-free), as well as the ever-increasing speed of PEOM processors, the simplicity of their work and the safety of their work, they are even more competitive. A widely used program is Diskreet from the Norton Utilities package, which implements DES.

It is impossible not to remember the PGP package (Pretty Good Privacy, version 2.1, by Philip Zimmermann), which comprehensively solves almost all problems depending on the information that is transmitted. The compression of data before encryption, tighter key management, symmetric (IDEA) and asymmetric (RSA) encryption algorithms, calculation of control functions for digital signatures, reliable key generation have been introduced.

Publications to the magazine "Monitor" with report descriptions of various algorithms and related listings give everyone the opportunity to write their own program (or quickly prepare a listing).

Hardware implementation of algorithms is possible using additional specialized microcircuits (crystals for DH, RSA, DES, Skipjack algorithms, GOST 28147-89 are vibrated) or with a wide range of components (through the low cost and high speed of promising digital and signal processors - DSP, Digital Signal Processor).

Among the Russian developments, the following are the payments of “Kripton” (the company “Ankad”) and “Grim” (methodology and algorithms of the company “LAN-Crypto”, technical development of the NEC “ELIPS”).

“Krypton” is a single-board device that uses crypto processors (specialized 32-bit microEOMs, also called “blooming”). Bloomings implement the GOST 28147-89 algorithms in hardware, and they are based on RAM for saving keys. Moreover, the cryptoprocessor has three areas for storing keys, which allows for richer key systems.

For greater reliability of encryption, two cryptoprocessors are processed simultaneously, and the 64-bit data block is ensured to be correctly encrypted, so that the information at the output of both bloomings is avoided. Encryption speed – 250 KB/s.

Surrounding two bloomings on the board are reworked:

controller of receipts with the computer bus (for the Kripton-ES payment system you pay for work with the ISA bus);

The BIOS board is used for the interface with the computer and allows for self-testing of the device and the entry of keys into the cryptoprocessor;

Vibration number sensor (DSN) for vibrating encryption keys, vibrating on noise diodes.

The following types of Krypton boards are available:

• "Krypton-ES" is assigned to PEOM series ES 1841-1845;
• "Krypton-3";
• "Krypton-4" (the overall dimensions have been shortened due to the displacement of a number of discrete elements at the base crystal, the exchange speed has been increased and the internal buffer of 8 bytes has been increased);
• "Krypton-IC" is additionally equipped with an IC controller (intelligent card, smart card, smart card).

For devices "Krypton-ES", "Kripton-3", "Kripton-4" the keys are saved as a file on a floppy disk. "Krypton-IK" has the keys on the ICH, which complicates the details and copying.

The "Grim" board uses digital signal processors from Analog Devices ADSP-2105 and ADSP-2101, which provides encryption speeds of 125 and 210 KB/s. The board contains a physical randomizer and ROM with programs for initial testing, checking access rights, and key generation. The keys are saved on a non-standard formatted floppy disk. The board implements GOST 28147-89 and digital signature algorithms.

To protect the information transmitted by communication channels, use channel encryption devices, which are prepared in the form of an interface card or a stand-alone module. Encryption speed for various models is from 9600 bit/s to 35 Mbit/s.

It is important to note that encrypting information is not a panacea. This trace can only be considered as one of the methods of protecting information and compulsorily complying with legislative, organizational and other approaches.

Secret key cryptology

Boris Obolikshto

It would seem that Shannon would cause a collapse in the results of scientific cryptology. Alec died. However, the rapid development of telecommunications, remote access to the EOM in the absence of basic cryptosystems with a secret key, leads to the next stage of cryptology, which is to be considered as Whitfield's statistics. Diffie and Marty E. Hellman, who appeared in the leaf fall of 1976. cryptography." W. Diffie himself dates the publication of the results of the same fate to the fall of 1976; thus, we have from ma to fall the twentieth anniversary of cryptology with a clear key.

One of the problems that traditional cryptography has lost unsolved is the expansion of secret keys. If you want to transmit a “secret” key over an open channel, it would seem to be God’s wish, but if you are satisfied with the utmost secrecy, but still have practical stability, you can come up with a way to exchange keys.

The first to emerge from the expanded methods was an exponential key exchange. The essence of yoga is attack:

• Alice and Bob (it has become a tradition in this field of cryptology) to choose random numbers Xa and Xb consistently.
• Alice gives Bob Ya = aXa (mod q), and Bob Alice - Yb = aXb (mod q).

Here a- this is how the primitive element of the end Galois field GF(q) is called, and its miraculous power for us lies in the fact that its level gives all non-zero values ​​of the field elements. What is the value of the secret key?

Ya = aXaXb (mod q),

As Alice multiplies the number given by Bob to the next step Xa, I see only her, and Bob - the number taken from Alice at the same stage Xb. The fraud cryptanalyst calculates the logarithm of one of the numbers that is transmitted.

The stability of the exponential key exchange is based on the so-called one-sidedness of the reduction function: the computational complexity of removing Ya from Xa at q by adding 1000 bits is approximately 2000 times 1000 bit numbers, And as a turnaround operation, there are approximately 1030 operations. One-way functions that have a similar asymmetry in the computational complexity of the forward and reverse problems play a leading role in secret key cryptography.

Even more useful is the one-way function with a hidden movement (“traphole”). The point is that in order to use the function, you can only open it if you know the “trapdoor” - the secret key. These function parameters include a private key that Alice can transmit to Bob over an unsecured channel; Bob, after removing the secret key, completes the encryption (calculation of the direct function) and transmits the result to Alice through that channel; Alice, knowing the “trapdoor” (secret key), easily calculates the return function, just like a cryptanalyst, not knowing the secret key, can solve a very complex problem.

This function was implemented in 1976 by R.C. Merkle on the basis of a request for packing a backpack. By itself, the knowledge is one-sided: knowing the subset of vantages, the positions at the backpack, it is easy to protect the sum of money, but knowing the sum, it is not easy to determine the subset of vantages. Our series has a one-dimensional variant of the problem: the vector of vectors and the sum of the components of its subvectors. Having realized the “trap”, it was possible to eliminate the so-called Merkle-Hellman backpack system. The first cryptosystem with a secret key earned money and Merkle donated $100 to anyone who could unlock it.

The award went to A. Shamir (Adi Shamir) six years after the publication of his news in 1982 about the discovery of the Merkle-Hellman backpack system with one iteration. At the Crypto"82 conference, L. Adleman demonstrated the unlocking of the backpack system on an Apple II computer. It is important that Shamir, without having developed a method of feral storage - to remove the value of the secret key, will be able to obtain the key without obligatory secret , but it allows you to open the cipher. This has one of the biggest disadvantages of secret key cryptography: there is no conclusive proof of the one-sidedness of the encryption algorithms, so no one can guarantee the feasibility of finding a decryption method , of course, and does not require a major turning task, the high foldability of which allows for on the practical strength of the Good cipher, since the discovery of this and other systems will be carried out using light sources (in 1982, A. Shamir was already known as one of the authors of the RSA system), and how can an unambitious hacker give in?

At the end of the day about the backpack system, we also know about one bet, which Merkle bet with the desire to reveal a thoroughly developed system with many iterations worth $1000. I had to pay a quarter of a sum. They took off E. Brickell, opening the 1984 system with forty iterations and one hundred iterations per year of the Cray-1 robot.

Significantly, today the share of the RSA system, named after the first letters of the nicknames of the authors R. Rivest (Ronald Rivest) and those already known to us A. Shamir and L. Adleman, has come to a close. Before speaking, the first systematic contribution to the RSA algorithm was given to Alice and Bob. With this “additional help”, the authors in 1977 described a system based on unilateral powers of the function, decomposed into simple multipliers (multiplying is simple, but decomposing is not).

The development of key cryptology has allowed cryptological systems to become widely commercially available. Any intensive development of cryptography cannot do without overlays. Sometimes we learn about the unacceptability of this or another system of protection. The remaining evil has become the evil of the Kerberos system. The system, disintegrated in the mid-80s, is still popular among the world, and it is an evil response to the restless communists.

With Kerberos, the inconsistency lay not in the encryption algorithm, but in the way the encryption numbers were kept, or in the method of implementation of the algorithm. When in the past fate there was news about bugs in the system of generating random numbers in Netscape software products, discovered by students at Berkeley University, Stephen Lodin discovered a similar rejection in Kerberos. Together with Brian Dole, we decided to find a breach in the Kerberos system. These people in this story are not amateurs. Graduates of Purdue University (Illinois State) worked in the COAST (Computer Operations, Audit and Security Technology) laboratory, professionally occupied with computer security and security by Prof. Spafford, who is also the founder of PCERT (Purdue Computer Emergency Response Team) - the university's "Swedish response" program on computer IR. PCERT, in turn, is a member of a similar international organization FIRST (Forum of Incident Response Teams). As a matter of fact, the sappers have known the difference, and this gives us hope that the users of cryptosystems will not be deprived of reliable information once deficiencies are identified.

Characteristic is the replacement of the first beast to the press (from February 16, 1996), as in the name of the first generation, having created prof. Spafford. In addition, with information about the unreliability of the password system and the power of the evil stretch of five hulls, there is a question about the blocking of further expansion of technical information until the vendors will not make adjustments, prevent unauthorized access.

The pardons and our penalties did not escape either. Fortunately, in our area there are professionals who can quickly identify and show the weak points of the system to the defense. Not even a month has passed since the representatives of the Kiev LLC "Fontronik" P.V. Leskovim and V.V. Tetanin demonstrated some of the most popular banking systems: the hour for decrypting ciphertexts became less than 6 hours, and the hour required for uncontrolled destruction of the integrity of a document (bypassing the authentication system) became less than 5 hours vilin. And here we, the reader, will also have to check until the developers make the necessary changes. And then we can publish a report about how and what was collected.

Literature:

1. Vodolazsky V. Commercial encryption systems: basic algorithms and their implementation. Part 1. // Monitor. – 1992. – N 6-7. - With. 14 – 19.
2. Ignatenko Yu.I. How can you make money like this? // Light PC. – 1994. – N 8. – p. 52 – 54.
3. Kovalevsky St., Maksimov St. Cryptographic methods. // ComputerPres. – 1993. – N 5. – p. 31 – 34.
4. Maftik S. Mechanisms of protection in EOM boundaries. - M: Mir, 1993.
5. Spesivtsev A.V., Wegner V.A., Krutyakov A.Yu. and Protect information in personal AOM. - M.: Radio and connection, 1992.
6. Xiao D., Kerr D., Mednik S. Zakhist EOM. - M: Mir, 1982.
7. Shmelova A. Grim – what is it? // Hard "n" Soft. – 1994. – N 5.
8. GOST 28147-89. Information processing systems. Cryptographic protection. Algorithm for cryptographic re-invention.

Good morning, dear fellow. Here we will talk about topics such as: Encryption algorithms, Symmetric encryption algorithm.

Most protection features are based on a variety of cryptographic ciphers and procedures encryption and decryption.

Up to standard encryption GOST 28147-89 under the cipher understands the totality of the transformation of anonymous confidential data into anonymous encrypted data, which is specified by the key and the cryptographic transformation algorithm.

The key is the specific secret state of certain parameters of the algorithm cryptographic transformation of data, This will ensure the selection of at least one option out of all possible for this algorithm. U symmetric cryptoalgorithms To encrypt and decrypt the message, the same block of information (key) is used. However, the algorithm in full on the data may be visible to third parties, but may not be stored in the secret key, which is the sole responsibility of the manager and the owner. Symmetrical cryptoalgorithms convert a small block of data (1 bit or 32-128 bits) separately from a secret key in such a way that the message can be read without knowing the secret key.

Symmetric encryption algorithm.

Symmetric cryptosystems are allowed on the basis symmetric cryptoalgorithms encode and decode files from a long time ago. Depends on the size of the information block symmetric cryptoalgorithms divided into block ciphers and stream ciphers.

For block ciphers, the unit of encryption is a block of many bytes. The result of encryption is stored in the output bytes of this block. Block encryption stalls during batch transmission of information and file encoding. Block ciphers encrypt entire blocks of information (from 4 to 32 bytes) as a whole - this significantly increases the resistance to brute-force attacks and allows you to use different mathematical algorithms and re-creation.

For stream ciphers, the encryption unit is one bit or one byte. The result should be stored in the encrypted input stream that passed earlier. This encryption scheme is used in systems for transmitting information flows, especially when the transmission of information begins and ends at certain times.

Characteristic of rice symmetric block algorithms It is believed that in the course of their work they will transform the block of input information of the fixed date and select the resulting block of the same process, otherwise it is not available for reading by third parties, as they do not write the key. Thus, the scheme of a symmetric block cipher can be described by the functions:

Function

C = EK (M),
M = DK(C),
de M - output (output) data block;
C – encryption of the data block.

Key Before is a parameter symmetric block cryptoalgorithm And there is a block of double information of a fixed size. The output encryption blocks of data can also be equal to the fixed capacity (but not necessarily equal to the depth of the key).

The technique of creating lanyards from bytes encrypted with block algorithms allows them to encrypt uninterrupted information packets. The presence of statistical correlation between the bits of the output stream of the block cipher is analyzed to calculate the checksums of data packets and hashed passwords. To date, a number of strong block ciphers have been released.

Crypto algorithm It is important to be ideally secure, since reading an encrypted block of data requires searching through all possible keys until the decrypted message becomes clear. In this case, the strength of the block cipher only lasts until the key is reached and grows exponentially with its growth.

Ideally stable cryptoalgorithms will satisfy another important person. When you see the output and encrypted value block of the key that was created during the transformation, you can only find out how to completely enumerate its value.

Situations in which part of the output text is visible to third parties are often dealt with. This may include standard writing in electronic forms, fixed headers of file formats, which are often condensed in the text of long words or sequence of bytes. This means that the most important feature is not over-worldly and is also difficult to use with strong block ciphers.

According to Claude Shannon, in order to obtain strong block ciphers, it is necessary to overcome two fundamental principles: dispersion and mixing.

Note

Rossiyuvannyaє increased flow of one character of the open text onto many characters of the ciphertext, which allows us to capture the statistical power of the open text.

Note

Stirring transmits a series of such encryption processes that complicate the updating of the interconnection of statistical authorities of open and cipher texts. However, the cipher must not only complicate the decryption process, but also ensure the ease of encryption and decryption for a known user of the secret key.

In a broader way to achieve the effects of diffusion and mixing and vicorization of a warehouse cipher, such that it is possible to implement a similar sequence of simple ciphers, which can be used to extract their contributions from the overall no mixing.

In warehouse ciphers, as simple ciphers, simple permutations and substitutions are most often exploited. When permuting, simply shuffle the characters of the hidden text, and the specific type of shuffling is indicated by the secret key. When substituting the symbol in the open text, replace it with another symbol from the same alphabet, and the specific type of substitution is also indicated by the secret key. In a modern block cipher, the blocks of plaintext and ciphertext and double sequences are made up of 64 bits. In principle, the skin block can take 2 to 64 levels of value. Therefore, substitutions are added to the great alphabet, which allows up to the 2nd level of 64 “characters”.

With a large number of simple permutations and substitutions secured with a long secret key, it is possible to obtain a very strong cipher with a lot of modifications and mixing.

All activities to be carried out blocking cryptoalgorithm above data, based on the fact that the block that can be recreated can be represented by an integer non-negative number in the range corresponding to its digit capacity. For example, a 32-bit block of data can be interpreted as a number in the range 0 – 4294967295. In addition, a block with a capacity of two can be interpreted as a collection of several independent unknown numbers smaller range (values ​​larger than a 32-bit block You can also enter two independent 16-bit numbers in the range 0 - 65535, or four independent 8-bit numbers in the range 0 - 255).

On these numbers, the block crypto-algorithm works according to the following scheme:

1. Mathematical functions:
- Added X '= X + V;
– “what does ABO turn on” X' = X xor V;
– multiplying modulo 2N + 1 X' = (X * V) mod (2N + 1);
– multiplying modulo 2N X' = (X * V) mod 2N.
2. Bitovi destruction:
– arithmetic zsuv to the left X' = X shl V;
– arithmetic right-handed zsuv X' = X shr V;
- cyclical swivel to the left X' = X rol V;
- Cyclic collapse to the right X' = X ror V.
3. Table substitutions:
– S-box (English substitute) X' = Table.

How parameter V can be used in the following way:

• fixed number (for example, X' = X + 125).
• a number that can be extracted from the key (for example, X' = X + F(K)).
• the number that is taken from the independent part of the block (for example, X2' = X2 + F(X1)).

Note

The remaining option is illustrated in a scheme called the Feistel framework (in the name of its creator).

Merezh Feistel.

The sequence of operations performed on the block by combinations of reinsurance options V and the functions themselves F and become subordinate features of a particular symmetric block cryptoalgorithm.

A characteristic feature of block algorithms is the large and indirect use of the key material. This is obvious to us in advance of the impossibility of reverse decoding of the key when seeing the output and encrypted texts. For the best results, in most of the changes, it is not the actual meaning of the key or its part that is determined, but rather the action that is irrevocable on the material of the key. Moreover, in such transformations one and the same block or key element is highly victorious. This allows the function of value X to be used as a non-reversible function for key K.

The Feistel measure is a scheme (method) of reverse transformations of text, in which the meanings calculated in one part of the text are superimposed on other parts. The Feistel measure is a modification of the method of mixing the flow part of the block that is being encrypted with the result of the action, calculated as another independent part of the same block. This technique will provide important information about the richness of the key and the material of the output block of information. Often the structure of the barrier is constructed in such a way that the same algorithm is used for encryption and decryption - the importance lies only in the order of the key material.

Based on Feistel's measure, the American data encryption standard DES and our GOST 28147-89 were created.

Hour of living information

§ When retrieving the encrypted information for different types of encryption algorithms, you can identify the frequency of appearance of symbols and compare them with the frequency of appearance of symbols or combinations (bigs, trigrams, etc.). This, with your own knowledge, can lead to unambiguous deciphering (uncrying) of several sections of the encrypted message.

§ The presence of possible words. These words or expressions can be seen in the copied text (for example, for the English text – “and”, “the”, “are” etc.).

§ There are methods that allow you to create encrypted messages that are practically unsuitable for statistical analysis and analysis using data from data sources. To lie down before them.

§ Rossiyuvannya. Injecting one symbol of an open message is expanded into many symbols of an encrypted message. This method aims to increase the number of data points per hour of decryption, so it will help capture the statistical structure of the open message.

§ Lost. Development of the principle of development. Each input of one key character is expanded to cover all the characters of the encrypted

information.

§ Mixing. It is based on a number of special transformations of the output information, as a result of which the possible sequences will appear in all possible areas of information. The development of this method was the creation of warehouse encryption algorithms, which are formed from a sequence of simple permutation and substitution operations.

Examples of these methods include DES encryption standards and GOST 28147-89.

There are two main types of encryption algorithms:

§ symmetric encryption algorithms;

§ Asymmetric encryption algorithms.

Symmetric encryption.

Symmetric encryption algorithms are based on the fact that both the encryption of the message and the decryption of the same key are used (Fig. 1).

One of the main advantages of symmetric methods is the speed of encryption and decryption, but the main disadvantage is the need to transfer the secret value of the key to the owner.

The problem inevitably arises: how to transfer the key and not allow the evildoers to steal it.

Advantages of cryptography With symmetric keys:

· High productivity.

· High durability. For other equal minds, the strength of a cryptographic algorithm is determined by the size of the key. When the key reaches 256 bits, it is necessary to perform 1077 searches for its purpose.

The shortcomings of cryptography With symmetrical keys.

§ Key distribution problem. Since the same key is used for encryption and decryption, reliable mechanisms are required for their distribution (transfer).

§ Scalability. The fragments and the directory, and maintaining a single key, the number of necessary keys grows with geometric progression depending on the number of participants in the communication. To exchange messages between 10 accounts you need 45 keys, and for 1000 accounts you need 499,500.

§ Obmezhene vikoristannya. Secret key cryptography is used to encrypt data and prevent access to it, thereby helping to ensure such information security as authenticity and

invisibility.

Asymmetric encryption

Asymmetric encryption algorithms (secret key cryptography) transmit two different keys. First key - vkrity. Wine expands absolutely freely, without the need for unnecessary entries. Other, closure the key is kept secret.

If you are aware, it is encrypted using one of these keys, or it can be decrypted using another paired key. As a rule, the sender uses the owner's private key, and the owner uses his own special private key.

In the asymmetric encryption transfer scheme, the keys are similar to a single source master key. If two keys are formed on the basis of one, they belong to the mathematical sense; however, due to the computational complexity of the calculations, calculations cannot be made from them on the basis of anything else. After two keys have been generated (both open and special, closed), the master key is found, and thus an attempt is made to renew the meanings of similar keys.

The asymmetrical scheme is ideally connected to a variety of remotely accessible communication channels (for example, the Internet). Any subscriber can freely send the secret key to his partner during the negotiations, and the other one, in the role of the message manager, will use this key when encrypting the message, which is enforced (Fig. 2). This message can be decrypted with its own special key without the knowledge that overrides the previously valid secret key. A thief who has stolen such a key can quickly deal with it using only one method - transferring the encrypted information to the rightful owner of the key.

However, asymmetric schemes require a lot of time spent on encryption and decryption, which does not allow them to quickly exchange various messages online. Implementation of asymmetric encryption methods will require a lot of CPU time. Therefore, in its pure appearance, cryptography with private keys does not stagnate in world practice.

Small 2. Asymmetric encryption scheme

It is impossible to differentiate between symmetric and asymmetric encryption algorithms. It is known that symmetric cryptographic algorithms produce less keys and work faster.

Cryptography with secret keys and cryptography with private keys pose completely different problems. Symmetric algorithms are better suited for data encryption; asymmetric algorithms are implemented in most edge cryptographic protocols.

The greatest expansion has emerged in methods that combine the advantages of both schemes. The operating principle of the combination schemes is that a symmetric (session) key is generated from the first communication session. Then this key is encrypted and transferred using an additional asymmetric scheme. After the ongoing conversation session is completed, the symmetric key is deleted.

Among the most powerful encryption methods, you can see the following main methods:

Replacement or substitution algorithms - characters of the output text are replaced with characters of another (or the same) alphabet, leading to a previously designated scheme, which will be the key to this cipher. In addition, this method is practically not used in modern cryptosystems due to its extremely low cryptographic strength.

Rearrangement algorithms - the symbols of the original text are replaced by the principle, which is the secret key. The permutation algorithm itself has low cryptographic strength, but can be included as an element in many modern cryptosystems.

Gaming algorithms - the symbols of the output text are formed from the symbols of the song and the subsequent sequence. The most common application is the encryption of files “name of the account manager.pwl”, in which the Microsoft Windows 95 operating system saves passwords for the peripheral resources of this account manager (passwords for entering NT servers, passwords for DialUr access to the Internet etc.) . When a user enters their password when logging into Windows 95, a gamma is generated from it using the RC4 encryption algorithm (always the same one), which is used to encrypt the edge passwords. The simplicity of password selection is determined by the fact that Windows will always give preference to the same range.

Algorithms that are based on complex mathematical transformations of the output text following a certain formula. There are many of them who are vikorists of unvirtuous mathematical works. For example, the RSA encryption algorithm, which is widely abused on the Internet, is based on the power of prime numbers.

Combined methods. Sequentially encrypting the output text using two or more methods.

Encryption algorithms

Let's take a look at the report on the method of cryptographic data protection

1. Replacement algorithms (substitutions)

2. Permutation algorithm

3. Gamuvannya algorithm

4. Algorithms that are based on mathematical transformations

5. Combined encryption methods

Algorithms 1-4 in “pure form” were used in the past, and these days they are embedded practically in any kind of complex encryption program. The skin from the considered methods implements the powerful method of cryptographic protection of information, which may include transfers and shortcomings, and not their illegal ones. most important characteristic is durability. This means that the ciphertext is subject to a minimal requirement, so that the output text can be revealed through statistical analysis. Thus, the strength of a cipher can be defined as the maximum permissible amount of information encrypted under the same key. When choosing a cryptographic algorithm for a particular development, its strength is one of the initial officials.

All modern cryptosystems are designed in such a way that they can be opened in an efficient way, without exhaustive search of every key space. behind all possible key values. It is clear that the strength of such ciphers is determined by the size of the key that is used in them.

I will give an assessment of the strength of the other encryption methods considered. Monoalphabetic substitution is the weakest cipher, while all statistical patterns of the output text are preserved. Within just 20-30 characters, patterns appear that allow you to open the output text. Therefore, such encryption is important especially for encrypting passwords, short signals and other characters.

The durability of a simple polyalphabetic substitution (from similar systems the substitution behind the Vizhiner table was considered) is estimated at 20n, where n is the number of different alphabets that are selected for replacement. When the Vigner table is selected, the number of different alphabets is determined by the number of letters in the keyword. The complexity of polyalphabetic substitution significantly improves its stability.

The durability of the wash is clearly demonstrated by the long period of use. Nowadays, the reality is that the vicissitudes of uncensored grams are becoming reality, and if this is the case, the theoretical strength of the encrypted text will also be uncensored.

It can be noted that for the reliable closure of large masses of information, the greatest possible modification and complexity of permutations and substitutions are required.

With different combinations of encryption methods, the strength of the cipher is equal to the strength of the other methods. Therefore, encryption is combined with the most advanced method of cryptographic encryption. This very method was the basis for the operation of all known encryption devices.

The DES algorithm has already been confirmed for more than 20 years; during this time, computers have created an inexorable reduction in the speed of calculating, and it is no longer so important to solve the algorithm by exhaustively trying out all possible variants of keys (and in DES it is 8-byte ), which recently seemed completely impossible.

GOST 28147-89 was previously divided by the special services of the Radyansky Union, and is younger for DES by just 10 years; During its development, such a reserve of value was built into it that GOST is the current document.

The strength values ​​of ciphers are considered in possible quantities. They can be implemented by strictly following the rules of cryptographic protection. The main rules of these are: saving keys in a cache, disabling duplication (to re-encrypt the same text using different versions of the same keys) and changing keys frequently.

Visnovok

In addition, this work has provided a comprehensive overview of the most extensive methods of cryptographic information security and implementation. The choice for specific systems may be based on a thorough analysis of the weak and strong sides of these and other methods of protection. The choice of primer or other primer protection system may depend on certain criteria of effectiveness. Unfortunately, there are no consistent methods for assessing the effectiveness of cryptographic systems.

The simplest criterion for such effectiveness is the consistency of the key opening or the tightness of the keys (M). Essentially the same thing as crypto-proofness. For this numerical estimate, one can also estimate the complexity of breaking the cipher by trying all the keys. However, this criterion does not protect other important people from cryptosystems:

· The impossibility of revealing or interpreting modification of information based on the analysis of its structure,

· Thoroughness of vikorist protocols for protection,

· Minimal use of selected key information,

· Minimal complexity of implementation (for a number of machine operations), and flexibility,

· High efficiency.

It is therefore necessary, therefore, to reduce the number of integral indicators in order to protect the important factors. However, in any case, a complex of cryptographic methods is responsible for both reliability, flexibility, and efficiency of discovery, as well as reliable protection from malicious information that circulates in the system.

Practical part:

Zavdannya 1.

1) Save the X field of the username

1.1 Set manually first value

1.2 Vikonuemo Edit->Save->

2) Enter the function value field g =

Fig.1.1 - Formula for the function g (x)

2.1) The meaning of the function is determined

3) Pobudova schedules

3.1) The values ​​​​of Function g are visible

3.2) Select Master Diagram

Fig.1.2 - Master diagram - Graph

Dali -> row

Fig.1.3 - Master diagram - axes signature

X axis values ​​are visible

Pressure of Introduction (enter)

3.3) Giving names to charts

3.4) We see the calculation with the graph formula

3.6) Select the tab -> Grid lines, set

X intermediate lines, Y Main lines -> Further

3.7) Place the graph of the function on the obvious arc -> (Done)

4) The result is negotiable (Fig. 1.4)

Fig.1.4 - Graph of the function g (x)

1.2.

1) Valued in the function table fields of current charts

Fig.1.5 - Signature of functions of future charts

2) Save the X field of the username:

2.1 Set manually first value

2.2 Configurable Edit->Record->Progression (by columns, arithmetic, limit, limit value) at x [-2;2]

3) The correct value of the function is y=2sin(x) – 3cos(x), z = cos²(2x) – 2sin(x).

Fig. 1.6 – Formulas of functions y(x) and z(x)

4) Pobudova schedules

4.1 Visible numbers with Function values ​​y and z

Select Master Diagram

Fig.1.7 - Master diagram - Graph

X axis values ​​are visible

Pressure of Introduction (enter)

4.2) Giving names to charts

4.3) We see the calculation with the graph formula

We press the entry (enter), then we repeat it with another row

4.5) Select the tab -> Grid lines, set

X intermediate lines, Y Main lines -> Further

4.6) Place the graph of the function on the obvious arc -> (Done)

5) The result is negotiable (Fig. 1.8)

Fig. 1.8 – Graphs of functions y(x) and z(x)

Zavdannya 2.

· Creation of the list "Vіddіlu cadіv"

Fig.2.1 List of "Frames"

· Sorting

Fig.2.2 – Sorting by Name field

The result is overwhelming (Fig. 2.3)

Fig.2.3 - The table "Viddil Frames" is sorted

·
Search for information using an additional autofilter (select information about people whose names begin with the letter Litera, in father’s language – “Ivanovich”, with salary Salary);

Fig.2.4 - Autofilter

· Search for information using an advanced filter (find information from the section Viddil1 at vіtsі Вік1і Vik2, and about wives from marriage Viddil2 at vіtsі Vik3);

1) Enter criteria for advanced filter 1

The result is overwhelming (Fig. 2.5)

Fig.2.5 – Extended filter 1

2) Enter the criteria for advanced filter 2.

The result is negotiable (Fig. 2.6)

Fig.2.6 – Extended filter 2

· Suitability of pouches (measure the number and average age of antibacterial agents in the skin);

Fig.2.7 - Pouches

DMIN function - Turns the minimum number of records in a list and database that suits the given minds.

Fig. 2.8 – Analysis of the list for the additional function of DMIN

Zavdannya 3.

We create two linked tables Session(Fig. 3.2) that Students(Fig.3.4)

Fig.3.1 - Table constructor Session

Fig.3.2- Table Session

Fig.3.3 - Table constructor Students

Fig.3.4 - Table Students

1) Vikorist table Students, create three queries, from which the nicknames and names of students of groups 1-E-1, 1-E-2, 1-E-3 will be selected.

Fig.3.5 - Designer Zapitu 1.1

Fig.3.7 - Zapitu1.2 constructor

Fig.3.9 - Designer Zapitu 1.3

2) Vikorist table Students, create two queries, after which from the database there will be, through selection, the names and names of women, and then the nicknames and names of men.

Fig.3.11 - Zapitu 2.1 constructor

Fig.3.13 - Zapitu 2.2 constructor

3) Vicor table Students, create two queries, after which from the database there will be, through selection, the names and names of the women of group 1-E-2, and then the men of group 1-E-1.

Fig.3.15 - Zapitu 3.1 constructor

Fig.3.17 - Constructor - 3.2

4) Vikoristic linked tables Studentsі Sesia, create a query from which the nicknames, names, test numbers and grades in mathematics of students of group 1-E-2 will be selected from the database.

Fig.3.19 - Zapitu 5 constructor

5) Vikoristic linked tables Studentsі Sesia, create a query from which the nicknames, names, enrollment numbers and philosophy ratings of students (persons) of group 1-E-2 will be selected from the database.

Fig.3.21 - Designer Zapitu 8

6) Vikoristic linked tables Studentsі Sesia, Create a query from which the nicknames, names, and enrollment numbers of students will be selected from the database, which will result in a “pass” rating (3) in philosophy.

Fig.3.23 - Designer Zapitu 10

7) Vikoristic linked tables Studentsі Sesia, create a query from the database to select nicknames, names, and study numbers of students who scored “good” (4) simultaneously in two subjects: philosophy and mathematics.

Fig.3.25 - Designer Zapitu 14

8) Vikoristic linked tables Studentsі Sesia, Create a query from which the nicknames, names, and enrollment numbers of students who received a “fail” grade (2) in one of two subjects: mathematics or computer science will be selected from the database.

Fig.3.27 - Designer Zapitu 18

9) Vikoristic linked tables Studentsі Sesia, Create a query from which the nicknames, names, and enrollment numbers of students will be selected from the database, which will determine the “good” grade (4) for all subjects.

Fig.3.29 - Designer Zapitu 22

10) Vikory table Sesia, make a request with them Middle ball for the development of the average student's assessment of the results of several tests. Washed down obov'yazkovo may mistit field Zalikovka, so it will be useful to link a number of tables.

Fig.3.31 - Session table constructor

11) Vikoristic linked tables Students, Session she will wash it down Middle ball, create a query, after which from the database there will be selected titles, names, enrollment numbers, student group numbers, which will result in an average score of 3.25.

Fig.3.33 - Designer Zapitu 25

12) Vikoristic linked tables Students, Session she will wash it down Middle ball, create a query for which math grade, average score, and student Ivanov’s group number will be selected from the database.

Fig.3.35 - Designer Zapitu 29

13) Vikoristic linked tables Students, Session she will wash it down Middle ball, create a query for which nicknames will be selected from the database, the names of students whose average score is less than 3.75.

Fig.3.37 - Designer Zapitu 33

14) Vikorist table Students, indicate the nickname, name and registration number of the student, as we know that she is Viktorivna.

Fig.3.39 - Designer Zapitu 35

Zavdannya 4.

To convert a number from the tens number system to a number system on a different basis, use the following formula:

a) To transfer the entire part, divide it completely onto the base of the system, fixing the excess. If privacy is not equal to zero, you can continue to divide it completely. If the surplus is equal to zero, it is recorded in the return order.

b) To transpose the fractional part of the number її, multiply the base of the number system, fixing the parts of the removed products for your purpose. Whole parts do not share the same fate with the next multiple. Multiplication is carried out until 0 is removed in the fractional part of the work or up to the specified calculation accuracy.

c) Write down in the form of the addition of the translated whole and the translated fractional part of the number.

49812,22₁₀ = 1100001010010100,001₂ 49812,22₁₀ = 141224,160₈

0,

0,

49812.22₁₀ = С294, 385₁₆

0,

Zavdannya 5.

To convert a number into a tenth number system from a number system with a different base, the coefficient of the transferred number is multiplied by the base of the system into a step that corresponds to that coefficient, and the results are added up.

A) 10101001.11001₂ = 1*2^7+1*2^5+1*2^3+1*2^0+1*2^(-1)+1*2^(-2)+1* 2(-5)= 169,78125₁₀

To convert from the two-digit system of numbers in the ranks, it is necessary to divide the two-fold number of right-handed and left-handed people into a triad (three digits) and submit the skin triad with a corresponding big code. If it is not possible to split into triads, it is allowed to add left-hand zeros to the whole record of the number and right-hand to the fractional part of the number. For the return transfer, each digit of the octal number is a subordinate triad of the double code.

Table 5.1 - Translation of numbers

Ten number system	Dual number system	Visemkov number system	Sixteenth number system
Triad (0-7)	Zoshiti (0-15)
				A
				B
				C
				D
				E
				F

B) 674.7₈ = 110111100.111₂=1*2^2+1*2^3+1*2^4+1*2^5+1*2^7+1*2^8+1*2^ (-1) +1*2^(-2) +1*2^(-3)= 443,875₁₀

110 111 100. 111₂

B) EDF,51₁₆ = 111011011111,01010001₂=1*2^0+1*2^1+1*2^2+1*2^3+1*2^4+1*2^6+ +1*2 ^7+1*2^9+ +1*2^10+1*2^11+1*2^(-2) 1*2^(-4) 1*2^(-8)= 3807,31640625₁₀

1110 1101 1111 . 0101 0001₂

Zavdannya 6.

The addition of numbers in the double system is based on a table for adding single-digit double numbers.

0 + 0 = 0 0 + 1 = 1 1 + 0 = 1 1 + 1 = 10
The addition of a large number of double numbers is consistent with this table, with possible transfers from the younger rank to the older ones. The world number system, as well as any other positional system, has powerful rules for adding numbers, which represent the rules for adding numbers with equal orders, which can be added to two numbers that are added. These rules can be seen in Table 6.1. The transfer that appears when adding ten digits to a given digit is indicated by the symbol “↶”. Table 6.1 - Addition in the 8th number system
+
								↶0
							↶0	↶1
						↶0	↶1	↶2
					↶0	↶1	↶2	↶3
				↶0	↶1	↶2	↶3	↶4
			↶0	↶1	↶2	↶3	↶4	↶5
		↶0	↶1	↶2	↶3	↶4	↶5	↶6

The rules for adding the digits of two sixteen numbers, which are found in the same ranks of these numbers, can be found in Table 6.2. The transfer that occurs when adding ten digits to a given category is indicated by the symbol “↶”.

6 8 5 , 3 2 2 A ₁₆ + 1 0 1 0 1 0 0 1 0 , 1 0 ₂ + 4 7 7 , 6₈

D A 4 8 5 , 4 4 6 0 ₁₆ 1 1 0 0 0 0 1 1 0 , 1 1 0 1 0₂6 5 1 , 5 6₈

D A B 0 A , 7 6 8 A₁₆ 1 0 1 1 0 1 1 0 0 1 , 0 1 0 1 0₂ 1 3 5 1 .3 6₈

Table 6.2 - Addition in the 16th numerical system

+

A

B

C

D

E

F

A

B

C

D

E

F

A

B

C

D

E

F

↶0

A

B

C

D

E

F

↶0

↶1

A

B

C

D

E

F

↶0

↶1

↶2

A

B

C

D

E

F

↶0

↶1

↶2

↶3

A

B

C

D

E

F

↶0

↶1

↶2

↶3

↶4

A

B

C

D

E

F

↶0

↶1

↶2

↶3

↶4

↶5

A

B

C

D

E

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

A

B

C

D

E

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

↶7

A

B

C

D

E

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

↶7

↶8

A

A

B

C

D

E

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

↶7

↶8

↶9

B

B

C

D

E

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

↶7

↶8

↶9

↶A

C

C

D

E

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

↶7

↶8

↶9

↶A

↶B

D

D

E

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

↶7

↶8

↶9

↶A

↶B

↶C

E

E

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

↶7

↶8

↶9

↶A

↶B

↶C

↶D

F

F

↶0

↶1

↶2

↶3

↶4

↶5

↶6

↶7

↶8

↶9

↶A

↶B

↶C

↶D

↶E

Zavdannya 7.

Vikorist's table of addition of weighted numbers can be added together. Please calculate the difference between two weighty numbers. We know from the first table. 6.1 digit, which is consistent with the remaining one, and in this row we find the remaining digit of the changed one - it is retouched on the cross of the row and the difference is made. So we will know the remaining figure of the difference. The skin number of differences is similarly estimated.

a) _ 2 5 1 5 1 4 , 4 0₈

5 4 2 5 , 5 5 ₈

2 4 3 0 6 6 , 6 3₈

b) _1 0 1 1 0 1 1 0 0 0 , 1 0 0 0 0₂

1 0 1 0 0 1 0 0 1 , 1 0 0 1 1 ₂

1 0 1 1 0 0 1 0 0 1 1 , 0 0 0 0 1₂

c) _E 3 1 6 , 2 5 0₁₆

5 8 8 1 , F D C₁₆

8 A 9 4, 2 7 4

Zavdannya 8.

The basis for multiplying numbers in the two-digit system is the table for multiplying single-digit two-digit numbers.

0 0 = 0
0 1 = 0
1 0 = 0
1 1 = 1

The multiplicity of large-digit two-digit numbers occurs in
proceed to this table following the basic scheme,
How do you stagnate with the tenth system?

The multiplication table is available, as we can already convert, and each has a positional number system. The dvukovaya has the smallest one, the visimkova (Table 8.1) and tensiya have the wider one. Among the frequently used numerical systems, the largest multiplication table we have looked at is sixteen (Table 8.2).

Table 8.1. – Reproduction in the 8th system

×

a) 1 0 1 0 0 1₂

* 1 1 1 0 1 1 ₂

1 0 1 0 0 1 .

1 0 0 1 0 1 1 1 0 0 1 1₂

b) 1 0 1 1 1 0 0₂

* 1 1 0 1 1 ₂

1 0 1 1 1 0 0 .

1 0 0 1 1 0 1 1 0 1 0 0₂

c) B C D , 5₁₆

*D5A₁₆

9 D 9 3 3 E 2₁₆

Table 8.2 - Reproduction in the 16th system

×

A

B

C

D

E

F

A

B

C

D

E

F

A

C

E

1A

1C

1E

C

F

1B

1E

2A

2D

C

1C

2C

3C

A

F

1E

2D

3C

4B

C

1E

2A

3C

4E

5A

E

1C

2A

3F

4D

5B

1B

2D

3F

5A

6C

7E

A

A

1E

3C

5A

6E

8C

B

B

2C

4D

6E

8F

9A

A5

C

C

3C

6C

9C

A8

B4

D

D

1A

4E

5B

8F

9C

A9

B6

C3

E

E

1C

2A

7E

8C

9A

A8

B6

C4

D2

F

F

1E

2D

3C

4B

5A

A5

B4

C3

D2

E1

Zavdannya 9.

Direct code- a method of representing double numbers from a fixed number in computer arithmetic. When writing a number in a direct code, the most significant digit is a symbolic discharge. If its value is higher than 0, then the number is positive, if 1 is negative.

Return code- a method of calculus mathematics that allows one to subtract one number from another, using only the addition operation on natural numbers. When writing a number for a positive number, the direct code is used, and for a negative number, all digits are replaced with proxies, except for the place value.

Additional code(English) two's complement, inodes two-set) - The most advanced method for representing negative integers in computers. It allows you to replace the add operation with an add operation and run the add operation for signed and unsigned numbers, thereby simplifying the EOM architecture. When writing a number, for a positive number the direct code is used, and for a negative number the additional code is formed by subtracting the return code and adding 1.

Adding numbers to the additional code adds 1 transfer to the sign digit, and the return code is added to the youngest digit of the sum of codes.

If the result of arithmetic operations is the code of a negative number, it is necessary to convert it into a direct code. Change the return code to directly replace the numbers in all digits except the sign on the middle ones. The additional code is converted into a direct additional code 1.

Direct code:

X = 0.10111 1.11110

Y=1.11110 0,10111

Return code:

X = 0.10111 0.10111

Y=1.00001 1,00001

1,11000 1,00111

Additional code:

X = 0.10111 0.10111

Y=1.00010 1,00010

1,11001 1,00110

Direct code:

Return code:

X = 0.110110 0.0110110

Y=0.101110 0,0101110

Additional code:

X = 0.110110 0.0110110

Y=0.101110 0,0101110

Zavdannya 10.

Logical elements

1. The logical element does NOT follow the logical elements. There is one entrance and one exit. The presence of the signal (voltage) is significant through “0”, and the presence of the signal through “1”. The output signal is the same as the input signal. This can be seen from the truth table, which shows the proximity of the output signal to the input signal.

2. The logical element of the ABO is constructed in a more logical manner. There are a number of inputs and one output. The output signal will be the same as the signal at one input.

Mentally designated Truth Table

3. The logical element has the same logical multiplication. The signal at the output of this logical element will be different from that of the signal at all inputs.

Mentally designated Truth Table

F=(A v B) ʌ (C v D)

Table 10.1 - Truth table

A	B	C	D	A	B	C	D	(A v B)	(C vD)	F=(A v B) ʌ (C v D)

In the algebra of logic there are few laws that allow one to carry out equal transformations of logical expressions. Let us inform you about how to break these laws.

1. Law of undergrowth: (A) = A

The additional security includes security restrictions.

2. Displacement (comutative) law:

For logical addition: A V B = B V A

For logical multiplication: A&B = B&A

The result of the operation on the findings is stored in the following order.

3. Associative (associative) law:

For logical addition: (A v B) v C = A v (Bv C);

For logical multiplication: (A&B)&C = A&(B&C).

For new signs, the bows can be placed high or lowered.

4. Divisional (distributive) law:

For logical addition: (A v B)&C = (A&C)v(B&C);

For logical multiplication: (A&B) v C = (A v C)&(B v C).

The meaning of the rule is to hang the bow by the bow.

5. Law of legal inversion (de Morgan's laws):

For logical addition: (Av B) = A & B;

For logical multiplication: (A&B) = A v B;

6. Law of idempotency

For logical addition: A v A = A;

For logical multiplication: A&A=A.

The law means the number of indicators of the stage.

7. Laws of inclusion of constants:

For logical addition: A v 1 = 1, A v 0 = A;

For logical multiplication: A&1=A, A&0=0.

8. The law of propagation: A&A = 0.

It is impossible for super-sensitive expressions to become true at the same time.

9. Law of inclusion of the third: A v A = 1.

10. Law of clay:

For logical addition: A v (A&B) = A;

For logical multiplication: A&(A v B) = A.

11. Law of inclusion (gluing):

For logical addition: (A&B) v (A&B) = B;

For logical multiplication: (A v B)&(A v B) = B.

12. Law of contraposition (inversion rule):

(A v B) = (Bv A).

(A→B) = A&B

A&(AvB)= A&B

The formula has a normal form, since it contains all the signs of equivalence, implication, subordinate sequence, in which the characters of the sequence are considered to be substitutable.

Similar information.

It’s easy to send your money to the robot to the base. Vikorist the form below

Students, post-graduate students, young people, who have a strong knowledge base in their new job, will be even more grateful to you.

Course work

On the topic of:

Data encryption algorithms

Enter

1. Designated structure of encryption algorithms

1.1 Overview of cryptographic methods

2. Symmetric encryption algorithm

2.1 Structure of encryption algorithms

3. Implementation of a symmetric encryption algorithm

Visnovok

List of references

Enter

The problem of information loss in the way of its transformation, which includes reading it to third parties, has plagued the human mind since ancient times.

Why has the problem of using cryptographic methods in information systems become especially urgent?

As far as we know, the form of commerce is potentially similar to cheating - from hanging on the market to counterfeit coins and small penny tokens. Electronic commerce schemes are not to blame. Such forms of attack can be defeated by less than strong cryptography.

Electronic money cannot survive without cryptography. The Internet is gradually transforming into the Information Highway. This is due to the fact that the number of koristuvachs in Merezha is steadily growing like a snow avalanche. Around the basic exchange of information in Merezh, business communications penetrate, which will later entail penniless waste. There have been numerous applications for trading various goods and services on the Internet. This traditional trade is supported by the capabilities of Merezhi, when the buyer can select a product from large catalogs and look at this product (such a service, which is based on the transfer of a trivial image, is becoming increasingly widespread ). This is access to tourist services, if you can find out everything about the place, price and service, look at photographs (nature, restaurants, swimming pools, room furnishings...), book a trip and buy air tickets. There are plenty of such butts, and plenty of them give away pennies.

As for the costs associated with using a credit card, it is somewhat obvious: you need to use the card (and in Russia not everyone knows what it is), and you are afraid that everyone on the Internet will see your code ї credit cards і people clean out your wallet. In reality, the credibility of such fraud is no greater than that of giving you counterfeit money when exchanging currency. That's how they started, before electronic pennies there are no more problems, less than those of the most extreme ones. To carry out the restructuring, Merezha has broken down a number of payment systems. Either it is important to squelch regular credit cards, or they are stored on pure electronic money, so that the file system where records about your account are saved is stolen. There are more than a dozen such systems around the world, and in Russia there are only a handful, the most widespread of which are CyberPlat.

1. Merezha’s business is related to the transfer of special information that cannot be disclosed to third parties.

2. In the hour of expansion, it is necessary to guarantee that all individuals (buyer, seller, bank and payment system) are who they think they are.

These two factors are enough to understand that without cryptography, developments in Merezha are impossible, and the very idea of ​​​​electronic pennies conveys reliable security of information and a guarantee that no one can replace the participant and then steal electronic pennies.

The emergence of new powerful computers, edge and neutron computing technologies, contributed to the discreditation of cryptographic systems that were recently considered unbreakable.

All this is steadily progressing the creation of new cryptosystems and the ongoing analysis of existing ones.

The relevance and importance of the problem of information security is determined by the following factors:

* The current rate of development of information security features is significantly different from the rate of development of information technology.

* The fleet of personal computers is growing at a high rate, which is affecting various spheres of human activity.

1. Designated structure of encryption algorithms

Encryption is a cryptographic method of preserving the confidentiality of information that is most widely abused and protects data from unauthorized access to it. Let's first look at the basic methods of cryptographic information security. In a word, cryptography- The science of protecting information from the use of mathematical methods. The science behind it is cryptography, which is dedicated to the methods of unlocking stolen information. cryptanalysis. The totality of cryptography and cryptanalysis is commonly called cryptology. Cryptographic methods can be classified differently, but most often they are divided into a number of keys that are used in different cryptographic algorithms (see Fig. 1):

1. Without keys, those who do not have any keys.

2. Single-key – they have any additional key parameter – called the secret key.

3. Two-keys, so that you have two keys in your accounts: secret and secret.

Small 1. Cryptoalgorithms

1.1 A look at cryptographic methods

Encryption is the main method of encryption; Let's take a look at his report further.

Let’s say a few words about other cryptographic methods:

1. The electronic signature is verified to confirm the integrity and authorship of the data. Data integrity means that the data was temporarily or permanently changed when stored or transferred.

Electronic signature algorithms use two types of keys:

o the secret key is verified to calculate the electronic signature;

o The unlocked key is checked for verification.

With the use of a cryptographically strong electronic signature algorithm, and with the correct storage and recovery of the secret key (since it is impossible for anyone other than the authority to obtain the key), no one else is able to calculate the correct electronic ID write any electronic document.

2. Authentication allows you to verify that the user (or remote computer) is who you think you are. The simplest authentication scheme is a password - as a secret element, a password is created, which appears to the user at the time of verification. This scheme is made weak, since its strength does not impede special administrative and technical approaches. And based on encryption or hashing (division below), it is possible to create truly powerful authentication schemes for clients.

3. There are various methods of cryptographic control accounting:

o key and keyless heshuvannya;

o calculation of attachments;

o The search for authentication codes will be reported.

In fact, all of these methods vary from data of a sufficient size with the secret key data or without any calculation to calculate a control sum of a fixed size, which clearly corresponds to the output data.

Such cryptographic control is widely used in various methods of information security, for example:

o to confirm the validity of any data in these situations, if the use of an electronic signature is impossible (for example, due to high resource consumption) or is excessive;

o in the electronic signature schemes themselves - “subscribe” means the hash of the data, and if not all the data is included;

o for different authentication schemes for clients.

4. Generators of random and pseudo-digital numbers allow you to create sequences of random numbers, which are widely used in cryptography, for example:

o random numbers of necessary generation of secret keys, which, ideally, would be absolutely random;

o the random numbers are determined by rich electronic signature algorithms;

o Vypadkovy numbers are used in many authentication schemes.

It will never be possible to extract absolutely random numbers – which requires the availability of clear hardware generators. Prote, with the structure of symmetric encryption algorithms, it is possible to create clear generators of pseudo-capacity numbers.

2 Symmetric encryption algorithm

Encryption information - the process of converting confidential information into encrypted information (which is most often called ciphertext or else cryptogram), and by the way. The first part of this process is called encrypted, friend - unencrypted.

You can see the encryption in the form of the following formula:

Z = E k1(M), de:

M(message) - confidential information,

Z(cipher text) - derivation of the ciphertext as a result of encrypting,

E(encryption) - an encryption function that involves cryptographic changes over M,

k1(key) – function parameter E ranks key encrypted

The standard GOST 28147-89 (the standard defines a symmetric encryption algorithm) key indicated by the current order: “A specific secret set of certain parameters for the cryptographic transformation algorithm, which will ensure the selection of one transformation from the totality of all the transformations given to the algorithm.”

The key may belong to a singer or a group of singers and be unique to them. Information encrypted with the vicaries of a particular key can only be decrypted with the vicaries of that key or the key associated with it.

In a similar manner one can detect and decipher:

M" = D k2(C), de:

M"- Information removed as a result of decryption,

D(decryption) – decryption function; So, just like the encryption function, there are cryptographic modifications over the ciphertext,

k2- Decryption key.

To extract the correct encrypted text as a result of decryption (the same one that was used for encryption earlier: M" = M), it is necessary to immediately confine the attacking minds:

1. The decryption function is similar to the encryption function.

2. The decryption key may be similar to the encryption key.

For the presence of the correct key k2 cancel weekend notifications M" = M for further assistance with the correct function D awkward. The word “impossible” in this case means the impossibility of calculating per hour with basic computing resources.

Encryption algorithms can be divided into two categories (div. Fig. 1):

1. Symmetric encryption algorithms.

2. Asymmetric encryption algorithms.

In algorithms symmetric encryption For decryption, the same key is used for encryption, and the key associated with it is therefore easy to match. It remains much less common, especially with current encryption algorithms. Such a key (the key for encrypting and decrypting) is simply called encryption key.

U asymmetric encryption encryption key k1 easy to pay per key k2 in such a manner that it is impossible to count at the gate. For example, the key relationship could be like this:

k1 = ak2 mod p,

de a and p - parameters for the encryption algorithm, which can reach a large scale.

Such key relationships are used in electronic signature algorithms.

The main characteristic of the encryption algorithm is cryptographic strength This characteristic is determined by the hour interval required to crack the cipher.

Symmetrical encryption is less manual because before transmitting encrypted information, it is necessary for the recipient to obtain the key to decrypt the information. Asymmetric encryption does not have such a problem (fragments of the private key can be easily transmitted over time), however, it has its own problems, eliminating the problem of substitution of the private key and greater encryption strength. Most often, asymmetric encryption is paired with symmetric encryption - transferring a symmetric encryption key, in which the main data is encrypted. However, schemes for storing and transferring keys are the subject of a separate article. Here, let me confirm that symmetric encryption is used more often than asymmetric encryption, so the article will be devoted only to symmetric encryption.

There are two types of symmetric encryption:

· Block encryption- information is divided into blocks of a fixed value (for example, 64 or 128 bits), after which the blocks are encrypted step by step. Moreover, in different encryption algorithms or in different modes of the same algorithm, blocks can be encrypted independently of one or the other - if the result of the stream encrypted block of data lies with the value of the previous block or the result is encrypted no to the front block.

· More precise encryption- it is necessary, especially in cases where the information cannot be divided into blocks - for example, any flow of data, any symbol of what may be encrypted and sent somewhere, not including other data sufficient to form a block. Therefore, stream encryption algorithms encrypt data bit by bit or character by character. I would like to say that these classifications do not apply to block and stream encryption, since stream encryption is the encryption of blocks of a single unit.

Let's take a look at what the block symmetric encryption algorithms look like in the middle.

2.1 Structure of encryption algorithms

It is important that most modern encryption algorithms operate in a similar manner: the text that is being encrypted undergoes a process based on the encryption key, which is repeated several times (rounds). In this case, the seemingly repeated re-creation of encryption algorithms is usually divided into several categories. There are also different classifications here, I’ll mention one of them. Also, based on their structure, encryption algorithms are classified as follows:

1. Algorithms for solving the Feistel boundary.

Feistel's measure is based on dividing a block of data into a number of subblocks (usually two), one of which is equipped with a function f() And it is superimposed on one or a number of other subblocks. In Fig. 2 shows the structure of algorithms that are most often narrowed, based on the Feistel measure.

Small 2. Structure of algorithms based on Feistel’s principles.

Additional function argument f(),Dimensions in Fig. 2 yak Ki, called key round. The key to the round is the result of processing the encryption key using the key expansion procedure, which is used to remove the necessary number of keys Ki from the output encryption key to a small size (no sufficient symmetric encryption key is required to be 128 bits in size). In the simplest cases, the key expansion procedure simply splits the key into a number of fragments, which are recovered in encryption rounds; Nowadays, the procedure for extending the key is more often folded, and the keys Ki store the value of the majority of the bits of the output encryption key.

The overlay of a subblocked subblock on a non-blocked one is most often followed by an additional logical operation “which turns on either” - XOR (as shown in Fig. 2). Dosit often replaces XOR here, add modulo 2 n, de n- Size of the subblock in bits. After the subblocks are superimposed, they are replaced in places, so that in the next round the algorithm produces another subblock of data.

This structure of encryption algorithms takes its name from Horst Feistel, one of the developers of the Lucifer encryption algorithm and the DES (Data Encryption Standard) algorithm, which is based on it - the largest (or even widely abused) US encryption standard. These algorithms produce a structure similar to that shown in Fig. 2. Among other algorithms, based on the Feistel method, you can use the official encryption standard GOST 28147-89, as well as other algorithms: RC5, Blowfish, TEA, CAST-128, etc.

Most of the current encryption algorithms are based on the Feistel network - without any facets of similar structures, among which are the following:

o Algorithms based on the Feistel measure can be constructed in such a way that for encryption and decryption the same code can be used in the algorithm - the difference between these operations can be related to the order of the keys Ki; Such power to the algorithm is most beneficial for its hardware implementation or on platforms with shared resources; As a butt of such an algorithm, GOST 28147-89 can be applied.

o Algorithms based on the Feistel measure are the most advanced - such algorithms are assigned a large number of cryptanalytic investigations, which is an absolute advantage in both the development of the algorithm and its analysis.

The basic and folding structure of the Feistel hem, the butt of which is shown in Fig. 3.

Small 3. Structure of Feistel's mesh.

This structure is called galled or else expanded Feistel's measure and is significantly different from the traditional Feistel's measure. The butt of such a Feistel measure can be the RC6 algorithm.

2. Algorithms based on substitutively-permutable measure (SP-cutting- Substitution-permutation network).

Under the Feistel measure, SP measures produce a block in one round, which is subsequently encrypted. Data processing is carried out mainly before replacements (if, for example, a fragment of the input value is replaced by another fragment, it is transferred to the replacement table, which can be included in the key value Ki) and permutations that lie in the key Ki(A simplified diagram is shown in Fig. 4).

Small 4. Substitutive-permutable border.

However, such operations are typical for other types of encryption algorithms, so, in my opinion, the name “substitution-permutation measure” is too clever.

The SP boundaries are significantly wider than the Feistel boundaries; As a butt SP-merge can be applied using the Serpent or SAFER+ algorithms.

3. Algorithms with structure "square"(Square).

The "square" structure is characterized by not representing the block of data that is encrypted as a two-dimensional byte array. Cryptographic transformations can be applied to large bytes in an array, as well as to rows or columns.

The structure of the algorithm detonated its name for the Square algorithm, Yaki Buvo in 1996 Rotsi Vincent Rijmen) Tu Joan Daemen (Joan Daemen) - the Maybutan authors of the Rijndael algorithm, Yaki, becoming the new US Schiphervannya Standard Aes Idkrit competition. The Rijndael algorithm also has a Square-like structure; In the same way, you can use the algorithms Shark (previously developed by Ridgeman and Damen) and Crypton. There are few algorithms with a “square” structure and their lack of flexibility has prevented the Rijndael algorithm from becoming a new US standard.

Small 5. Rijndael algorithm.

In Fig. 5 shows the operation of the data block, which is compiled by the Rijndael algorithm.

4. Algorithms with a non-standard structure, then algorithms that cannot be classified into each of the listed types. It is clear that the problem can be endless, so it is difficult to classify all possible options for encryption algorithms. As a complement to an algorithm with a non-standard structure, you can introduce the FROG algorithm, which is unique in its structure, which has complex rules that determine the modification of two bytes of data that are encrypted (div. Fig. 6).

Small 6. Modification of two bytes of data that are encrypted.

The boundaries between the described structures are not defined, so algorithms are often narrowed down to be covered by different experts of different types of structures. For example, the CAST-256 algorithm is attributed by its author to the SP-measure, and many experts call it the extended Feistel margin. Another example is the HPC algorithm, called by the author Feistel's measure, as well as expertise that extends to algorithms with a non-standard structure.

3. Zastosuvannya tsimmetric encryption algorithm

cryptography algorithm symmetric encryption

Symmetric encryption methods are manual because to ensure a high level of transmission security, it is not necessary to create the Great Dougen keys. This allows you to quickly encrypt and decrypt large amounts of information. At the same time, both the directory and the content of the information must use the same key, which makes it impossible to authenticate the directory. In addition, in order to begin working with the symmetric algorithm, the parties need to securely exchange a secret key, which is easy to do with special security, but it is even more important if it is necessary to transfer the key through a private link.

The work scheme based on a symmetric encryption algorithm consists of the following stages:

the parties install a security program on their computers that ensures encryption and decryption of data and the initial generation of secret keys;

a secret key is generated and distributed among the participants in the information exchange. Sometimes a transfer of one-time keys is generated. This option for the skin transmission session has a unique key. At the beginning of the skin session, the manager informs the informant about the serial number of the key that is in the possession of his informant;

The directory encrypts information using installed software that implements a symmetric encryption algorithm;

encrypted information is transmitted to the communication channels;

holds decryption information, vikorist and the same key as the directory.

Below is a look at some of the symmetric encryption algorithms:

DES (Data Encryption Standard). The development of IBM has been widely criticized since 1977. At this time, the fragments of the remaining key that are stuck in the new one are too old, and there is not enough to ensure stability until it is removed by exhaustively trying out all possible key values. Because of this algorithm, it has become possible due to the rapid development of computing technology, which has achieved great progress since 1977;

Triple DES. This is a more advanced version of DES, which uses the DES algorithm with three different keys for encryption. Vin is significantly resistant to evil, lower DES;

Rijndael. The algorithm was broken down in Belgium. Works with keys of 128, 192 and 256 bits. At the moment, there are still no claims from cryptography scammers;

Skipjack. The algorithm was created and reviewed by the US National Security Agency. The key value is 80 bits. Encryption and decryption of information is carried out cyclically (32 cycles);

IDEA. The patenting algorithm in the USA and lower European countries. The patent was issued by Ascom-Tech. The Vikorist algorithm cyclically processes information (8 cycles) by applying low mathematical operations;

RC4. A specially designed algorithm for secure encryption of large amounts of information. This is the vikoryst key of a changeover (although there is a necessary step in protecting information) and works significantly better than other algorithms. RC4 is referred to as the so-called stream ciphers.

Subject to US law (according to the International Traffic in Arms Regulation), cryptographic devices, including security software, are subject to security systems.

Therefore, when exporting software products that involve cryptography, the required permission was given to the State Department. In fact, the export of cryptographic products is controlled by the NSA (National Security Agency). The US government is very reluctant to accept such licenses, as this could harm US national security. At the same time, Hewlett-Packard recently approved the export of its Ver Secure cryptographic complex to the UK, Germany, France, Denmark and Australia. Now HP can operate at this end of the system, using the 128-bit Triple DES crypto standard, which is considered absolutely reliable.

VISNOVOK

The choice for specific systems may rely on a thorough analysis of the weak and strong sides of these and other methods of protection. The choice of primer or other primer protection system may depend on certain criteria of effectiveness. Unfortunately, there are no consistent methods for assessing the effectiveness of cryptographic systems.

The simplest criterion for such effectiveness is the reliability of the key opening or the tightness of the keys. Essentially the same thing as crypto-proofness. For this numerical estimate, one can also estimate the complexity of breaking the cipher by trying all the keys.

However, this criterion does not protect other important people from cryptosystems:

* the impossibility of revealing and interpreting modification of information based on the analysis of its structure,

* thoroughness of vikorist protocols for protection,

* minimal coverage of the selected key information,

* minimal complexity of implementation (for a number of machine operations), and flexibility,

* High efficiency.

It is important, of course, to rely on certain integral indicators to ensure significant factors.

To ensure ease of use, ease of use and access to key information, you can use the following indicators – updating the parameters to the exact number of encryption keys.

Often effective when choosing an assessment of a cryptographic system is a combination of expert assessments and simulation modeling.

In any case, a complex of cryptographic methods is required to provide both reliability, flexibility and efficiency of discovery, as well as reliable protection from malicious information that circulates in the Internet.

Elliptic functions also apply to symmetric encryption methods.

Elliptic curves are mathematical objects that mathematicians have been intensively studying since the 17th century. N.Koblitz and V.Miller have independently proponated the system of a cryptosystem with a secret key, which is used to encrypt the power of the additive group at a point on the elliptic curve. These robots formed the basis of cryptography based on the elliptic curve algorithm.

Many investigators and investigators tried the ECC algorithm for value. Today, ECC introduces a shorter and quicker key, which ensures a practical and safe technology that fits into different galuzes. The implementation of cryptography with the ECC algorithm requires additional hardware support as a cryptographic processor. This allows you to immediately exploit cryptographic systems with a private key and create inexpensive smart cards.

List of references

1) Chmora A.L. Today applied cryptography. 2nd view, erased - M: Gelios ARV, 2004. - 256 pp.: ill.

2) A.G. Rostovtsev, N.V. Mikhailova Methods for cryptanalysis of classical ciphers.

3) A. Salomaa Cryptography with a private key.

4) Gerasimenko V.A. Protection of information from automated data processing systems. 1.-M.: Vishcha school. -2004.-400s.

5) Gregory S. Smith. Data encryption program // World PC-2007. -No. 3.

6) Rostovtsev A. G., Mikhailova N. V. Methods for cryptanalysis of classical ciphers. -M: Nauka, 2005. -208 p.

Posted on http://www.allbest.ru/

Similar documents

The history of the emergence of symmetric encryption algorithms. The role of the symmetrical key in the secured level of confidentiality. Diffusion and confusion as ways of transforming bits of data. The encryption algorithms are DES and IDEA, their main advantages and disadvantages.

laboratory robot, dodanii 03/18/2013


Features of data encryption, encryption purposes. The concept of cryptography as a science, the main science. Analysis using the gamut method, substitution and permutation method. Symmetric encryption methods using a private key: advantages and disadvantages.

course work, add 05/09/2012


p align="justify"> The principle of software implementation of classical cryptographic methods. Encryption method using the additional Vigenère table. Created by the text editor "Notepad", which uses encryption methods. Verbal algorithm and program for encryption methods.

course work, add 01/20/2010


History of cryptography. Upgrading encryption algorithms, updating the operating system. Analysis of products in the field of encryption. Improved and sophisticated encryption on elliptic curves. Vickory hash function. Electronic signature.

course work, add 09/18/2016


The emergence of ciphers, the history of the evolution of cryptography. Method of obtaining knowledge of the peculiarities of natural text for encryption purposes. Criteria for identifying naturalness. Method for implementing symmetric encryption algorithms. Cryptosystem with a private key.

abstract, addition 05/31/2013


Cryptography and encryption. Symmetric and asymmetric cryptosystems. Basic daily encryption methods. Encryption algorithms: substitutions (substitutions), permutations, gamification. Combined encryption methods. Software encryptors.

abstract, addition 05/24/2005


Automation of the encryption process using current information technologies. Cryptographic features of the defense. Carrying out cryptographic keys. The evolution of symmetric and asymmetric encryption algorithms. Information encryption programs.

course work, add 02.12.2014


History of symmetric encryption algorithms (encryption with a private key). Standards for cryptographic algorithms. Key number sensors, key switches. Area of ​​interest in cryptanalysis. Electronic signature systems. The gateway of information transformation.

short wikilad, dodanii 06/12/2013


Basic methods of cryptographic information security. The Caesar encryption system is based on a numerical key. Algorithms for double permutations and magic squares. El Gamal encryption scheme. Method of single permutation by key. RSA data encryption cryptosystem.

laboratory robot, add 02/20/2014


A short history of the development of cryptographic methods of protection. The essence of encryption and cryptography using symmetric keys. Description of analytical and additive encryption methods. Methods of cryptography with private keys and digital certificates.