Paunonzwa izwi rekuti "cryptography," vamwe vanhu vanoyeuka password yavo yeWiFi, padlock yegirinhi padyo nekero yewebhusaiti yavanofarira, uye kuti zvakaoma sei kupinda email yemumwe munhu. Vamwe vanorangarira nhevedzano yekusagadzikana mumakore achangopfuura nekuudza zvipfupiso (DROWN, FREAK, POODLE...), marogo anoyevedza uye yambiro yekukurumidza kugadzirisa browser yako.
Cryptography inovhara zvese, asi essence of mune imwe. Pfungwa ndeyokuti pane mutsara wakanaka pakati pezvakareruka uye zvakaoma. Zvimwe zvinhu zviri nyore kuita, asi zvakaoma kudzorera pamwechete, sekutyora zai. Zvimwe zvinhu zviri nyore kuita asi zvakaoma kudzoka kana chikamu chidiki, chakakosha, chakakosha chisipo: semuenzaniso, kuvhura gonhi rakakiiwa kana "chikamu chakakosha" chiri kiyi. Cryptography inodzidza aya mamiriro uye kuti anogona kushandiswa sei mukuita.
Mumakore achangopfuura, kuunganidzwa kwekurwiswa kwekriptographic kwachinja kuita zoo yemalogo anopenya, akazadzwa nemafomula kubva pamapepa esainzi, uye akapa manzwiro ekusuwa ekuti zvese zvaputsika. Asi kutaura zvazviri, kurwiswa kwakawanda kwakavakirwa pamitemo mishoma yakajairika, uye mapeji asingaperi emafomura anowanzo kubikwa kune pfungwa dziri nyore kunzwisisa.
Mune ino nhevedzano yezvinyorwa, isu tichatarisa mhando dzakasiyana dzekriptographic kurwisa, nekusimbisa pamisimboti yekutanga. Mukutaura kwakawanda uye kwete chaizvo muhurongwa uhu, asi isu tichavhara zvinotevera:
- Mazano ekutanga: brute force, frequency analysis, interpolation, downgrading uye cross-protocols.
- Branded vulnerabilities: FREAK, MHOSVA, POODLE, DROWN, Logjam.
- Advanced Strategies: oracle kurwisa (Vodenet kurwisa, Kelsey kurwisa); kusangana-mukati-yepakati nzira, kurwisa kwekuzvarwa, kurerekera kwenhamba (differential cryptanalysis, integral cryptanalysis, nezvimwewo).
- Side channel kurwisa uye hama dzavo dzepedyo, kukundikana kuongorora maitiro.
- Kurwiswa paruzhinji kiyi cryptography: cube mudzi, kutepfenyura, meseji inoenderana, Coppersmith kurwiswa, Pohlig-Hellman algorithm, nhamba sieve, Wiener kurwisa, Bleichenbacher kurwisa.
Ichi chinyorwa chinovhara izvo zviri pamusoro kusvika pakurwisa kwaKelsey.
Basic Strategies
Kurwiswa kunotevera kuri nyore mupfungwa yekuti vanogona kutsanangurwa zvakakwana pasina ruzivo rwehunyanzvi. Ngatitsanangure rudzi rwega rwega rwekurwisa nenzira yakapfava, pasina kupinda mumienzaniso yakaoma kana kesi dzepamusoro dzekushandisa.
Kumwe kwekurwiswa uku kwave kusingachashandi uye hakuna kushandiswa kwemakore mazhinji. Vamwe ndevechinyakare vachiri kugara vachiverevedza vasingafungiri vanogadzira cryptosystem muzana ramakore rechi21. Iyo nguva yemazuva ano cryptography inogona kutorwa seyakatanga nekuuya kweIBM DES, yekutanga cipher iyo yakamirisana nekurwiswa kwese kwechinyorwa ichi.
Simple brute force
Iyo encryption scheme ine zvikamu zviviri: 1) iyo encryption basa, iyo inotora meseji (plaintext) yakasanganiswa nekiyi, uyezve inogadzira iyo encrypted meseji - ciphertext; 2) decryption basa rinotora ciphertext nekiyi uye rinoburitsa zviri pachena. Zvese encryption uye decryption inofanirwa kuve nyore kuverengera nekiyi-uye yakaoma kuverengera pasina iyo.
Ngatifungei kuti tinoona ciphertext toedza kuinyora pasina rumwe ruzivo (iyi inonzi ciphertext-chete kurwisa). Kana isu neimwe nzira tikawana kiyi chaiyo nemashiripiti, tinogona kuona zviri nyore kuti ndeyechokwadi kana mhedzisiro iri meseji inonzwisisika.
Ziva kuti pane fungidziro mbiri dzakajeka pano. Kutanga, isu tinoziva maitiro ekuita decryption, ndiko kuti, kuti cryptosystem inoshanda sei. Iyi ifungidziro yakajairwa pakukurukura cryptography. Kuvanza ruzivo rwekuitwa kwe cipher kubva kune vanorwisa kunogona kuita sechimwe chiyero chekuchengetedza, asi kana munhu anorwisa angoona izvi, chengetedzo iyi yekuwedzera inorasika chinyararire uye isingachinjike. Ndizvo zvinoita : Iyo system inowira mumaoko emuvengi haifanire kukonzera kusagadzikana.
Chechipiri, isu tinofungidzira kuti kiyi chaiyo ndiyo chete kiyi inotungamira kune inonzwisisika decryption. Ukuwo fungidziro ine musoro; inogutsikana kana ciphertext yakarebesa kupfuura kiyi uye ichiverengwa. Izvi zvinowanzoitika munyika chaiyo, kunze kana (kana usingade kuti isu tasvetuka tsananguro, ndapota ona Theorem 3.8 ).
Zvichipa zviri pamusoro, zano rinomuka: tarisa ese anokwanisika kiyi. Izvi zvinonzi brute force, uye kurwiswa kwakadaro kunovimbiswa kushanda kune ese anoshanda ciphers - pakupedzisira. Semuyenzaniso, brute simba rakakwana kuti hack , cipher yekare apo kiyi iri bhii rimwe chete rearufabheti, zvichireva makiyi anongopfuura 20 anobvira.
Nehurombo kune cryptanalysts, kuwedzera kiyi saizi dziviriro yakanaka kubva kune brute force. Sezvo saizi yekiyi ichiwedzera, nhamba yemakiyi anobvira anowedzera zvakanyanya. Nemakiyi saizi emazuva ano, simba rakapusa harigoneki zvachose. Kuti tinzwisise zvatiri kureva, ngatitorei inokurumidza kuzivikanwa supercomputer kubva pakati pa2019: kubva kuIBM, iine peak performance yeanosvika zana nenomwe mashandiro pasekondi. Nhasi, iyo yakajairwa kiyi kureba ndeye 1017 bits, zvinoreva 128 inogoneka musanganiswa. Kutsvaga kuburikidza nemakiyi ese, iyo Summit supercomputer inoda nguva ingangoita 2128 nguva yezera reUniverse.
Simba routsinye rinofanira kurangarirwa sechishuvo chenhau here? Kwete zvachose: chinhu chinodiwa mu cryptanalysis cookbook. Kashoma kuti maciphers aite utera zvekuti anogona kungotyorwa nekurwisa kwakangwara, pasina kushandisa simba kune imwe nhanho kana imwe. Mazhinji ma hacks akabudirira anoshandisa algorithmic nzira yekunetesa chinongedzo cipher kutanga, uyezve kuita hutsinye kurwisa simba.
Frequency analysis
Mazhinji magwaro haana gibberish. Semuenzaniso, muzvinyorwa zveChirungu mune mavara akawanda 'e' uye zvinyorwa 'the'; mumabhinari mafaira, kune akawanda zero byte sepadding pakati pezvidimbu zveruzivo. Frequency analysis ndeyekurwiswa kupi zvako kunotora mukana weiyi chokwadi.
Muenzaniso wepamutemo wecipher ari panjodzi yekurwiswa uku ishanduro iri nyore cipher. Mune ino cipher, kiyi itafura ine mavara ese akatsiviwa. Semuenzaniso, 'g' inotsiviwa na'h', 'o' naj, saka izwi rekuti 'enda' rinove 'hj'. Iyi cipher yakaoma kumanikidza brute nekuti kune akawanda anogoneka ekutarisa matafura. Kana iwe uchifarira masvomhu, iyo inoshanda kiyi kureba ingangoita 88 bits: ndizvo
. Asi frequency analysis inowanzoita kuti basa riitwe nekukurumidza.
Funga nezvemashoko anotevera akagadziriswa nechinyoreso chinotsiva:
XDYLY ALY UGLY XDWNKE WN DYAJYN ANF YALXD DGLAXWG XDAN ALY FLYAUX GR WN OGQL ZDWBGEGZDO
Kubvira Y inowanzoitika, kusanganisira pamagumo emashoko mazhinji, tinogona kufungidzira kuti iyi ndiyo tsamba e:
XDeLe ALe UGLe XDWNKE WN DeAJeN ANF eALXD DGLAXWG XDAN ALe FLeAUX GR WN OGQL ZDWBGEGZDO
Couple XD inodzokororwa pakutanga kwemazwi akawanda. Kunyanya, musanganiswa XDeLe inoratidza zvakajeka izwi these kana there, saka ngatienderei mberi:
TheLe ALe UGLe thWNKE WN heAJeN ANF EALth DGLATWG kune ALe FleAUt GR WN OGQL ZDWBGEGZDO
Ngatirambei tichifunga kuti L ΡΠΎΠΎΡΠ²Π΅ΡΡΡΠ²ck r, A - a zvichingoenda zvakadaro. Zvingangotora mashoma kuyedza, asi zvichienzaniswa neakazara brute simba kurwisa, kurwiswa uku kunodzoreredza zvinyorwa zvepakutanga pasina nguva:
kune zvinhu zvakawanda kudenga nepanyika horatio kupfuura zvinorotwa muhuzivi hwako
Kune vamwe, kugadzirisa "cryptograms" dzakadaro ibasa rinonakidza.
Pfungwa yekudzokororwa kwefrequency yakanyanya kukosha kupfuura yainoratidzika pakutanga. Uye inoshanda kune mamwe akawanda akaoma kunzwisisa ciphers. Munhoroondo yese, akasiyana cipher dhizaini akaedza kurwisa kurwiswa kwakadaro vachishandisa "polyalphabetic substitution". Pano, panguva yekunyorera, tafura yekutsiva tsamba inogadziridzwa nenzira dzakaoma asi dzinofungidzirwa dzinoenderana nekiyi. Ese aya ma<em>cipher aionekwa seakaoma kutyora panguva imwe chete; uye zvakadaro ongororo ine mwero yakazopedzisira yavakunda vese.
Iyo yakanyanya kuda chinzvimbo polyalphabetic cipher munhoroondo, uye pamwe yakakurumbira, yaive Enigma cipher yeHondo Yenyika II. Yakanga yakaoma kana ichienzaniswa nevakaitangira, asi mushure mekushanda nesimba, British cryptanalysts vakaipwanya vachishandisa frequency ongororo. Chokwadi, vaisakwanisa kurwisa zvinoyevedza sezviri kuratidzwa pamusoro; vaifanira kuenzanisa mbiri dzinozivikanwa dzemagwaro akajeka uye ciphertext (inonzi "plaintext attack"), kunyange kunyandura vashandisi veEnigma kuti vanyore mamwe mameseji uye kuongorora mhedzisiro ("yakasarudzwa kurwisa kwemavara"). Asi izvi hazvina kuita kuti magumo emauto evavengi akakundwa uye ngarava dzepasi pemvura dzakanyura zvive nyore.
Mushure mekukunda uku, frequency analysis yakanyangarika kubva munhoroondo yecryptanalysis. Ciphers munguva yemazuva ano yedhijitari akagadzirirwa kushanda nemabits, kwete mavara. Zvinotonyanya kukosha, aya ciphers akagadzirwa nekunzwisisa kwakasviba kwezvakazozivikanwa se : Chero ani zvake anogona kugadzira encryption algorithm iyo ivo pachavo havagone kutyora. Izvo hazvina kukwana kune encryption system zvaiita yakaoma: kuratidza kukosha kwayo, inofanirwa kuongororwa kusinganzwisisike kuchengetedza nevazhinji cryptanalysts vanozoita zvavanogona kupaza cipher.
Maverengero ekutanga
Tora guta rekufungidzira rePrecom Heights, huwandu hwevanhu mazana maviri ezviuru. Imba yega yega muguta ine avhareji ye $200 yezvinhu zvakakosha, asi isingadarike $000. Musika wekuchengetedza muPrecom unodzorwa neACME Industries, iyo inogadzira makiyi ekirasi ekirasi yeCoyoteβ’. Zvinoenderana nekuongorora kwenyanzvi, kukiya kweCoyote-kirasi kunogona kungotyorwa nemuchina wakaoma kwazvo wekufungidzira, kusikwa kwayo kunoda makore mashanu uye madhora zviuru makumi mashanu mukudyara. Guta rakachengeteka here?
Zvingangodaro kwete. Pakupedzisira, tsotsi rinoda chinzvimbo richaonekwa. Achafunga seizvi: βEhe, ndichabhadhara mari yepamberi. Makore mashanu ekumirira murwere, uye $50 000. Asi kana ndapedza, ndichawana upfumi hwose hweguta rino. Kana ndikatamba makadhi angu zvakanaka, mari iyi inozozvibhadharira kakawanda. "
Zvimwe chetezvo mune cryptography. Kurwiswa neimwe cipher kunoenderana nehutsinye mutengo-benefit kuongororwa. Kana chiyero chakanaka, kurwisa hakuzoitiki. Asi kurwiswa kunoshanda vachipokana nevakawanda vangango batwa kamwechete kanenge kanobhadhara, mune iyo nyaya yakanakisa dhizaini yekufungidzira kuti vakatanga kubva pazuva rekutanga. Isu tine chaizvo cryptographic vhezheni yeMutemo waMurphy: "Chero chinogona kutyora hurongwa huchaputsa sisitimu."
Muenzaniso wakapusa weiyo cryptosystem iri panjodzi ye precomputation kurwisa ndeye inogara-kiyi isina cipher. Izvi ndizvo zvakaitika , iyo inongoshandura bhii rega rega rearufabheti mavara matatu kuenda mberi (tafura yakasungwa, saka tsamba yekupedzisira muarufabheti yakavharidzirwa yechitatu). Pano zvakare iyo Kerchhoffs musimboti unouya mukutamba: kana sisitimu yabiwa, inobirwa zvachose.
Pfungwa yacho iri nyore. Kunyangwe novice cryptosystem kuvandudza angangoziva kutyisidzira uye kugadzirira zvakakodzera. Tichitarisa kushanduka kwe cryptography, kurwiswa kwakadaro kwanga kusina kufanira kune akawanda ciphers, kubva kushanduro dzekutanga dzakavandudzwa dzeCaesar cipher kusvika pakudzikira kwepolyalphabetic ciphers. Kurwiswa kwakadaro kwakangodzoka nekuuya kwenguva yemazuva ano yekunyora zvinyorwa.
Kudzoka uku kunokonzerwa nezvinhu zviviri. Chekutanga, yakakwana yakaoma cryptosystems pakupedzisira yakaonekwa, uko mukana wekushandiswa mushure mekubira wakanga usiri pachena. Chechipiri, cryptography yakapararira zvekuti mamirioni evasina basa vakaita sarudzo zuva rega rega nezvekupi uye ndezvipi zvikamu zvecryptography yekushandisa zvakare. Zvakatora nguva nyanzvi dzisati dzaona njodzi uye dzakasimudza alarm.
Rangarira precomputation kurwisa: pakupera kwechinyorwa isu tichatarisa maviri chaiwo-ehupenyu cryptographic mienzaniso kwaakaita basa rakakosha.
Kududzira
Heino mutikitivha ane mukurumbira Sherlock Holmes, achiita kurwisa kwaasina nhamo Dr. Watson:
Ndakabva ndangofunga kuti mabva kuAfghanistan... Murangariro wangu wakaita seizvi: βMurume uyu ndichiremba nemhando, asi ane simba rehondo. Saka, chiremba wemauto. Achangosvika kubva kunzvimbo dzinopisa - chiso chake chakasviba, asi uyu hausi iwo mumvuri wechisikigo weganda rake, sezvo mawoko ake akanyanya kuchena. Chiso haggard - zviri pachena, akatambura zvakanyanya uye akatambura nehurwere. Akakuvadzwa muruoko rwake rworuboshwe - anoibata asingafambi uye zvishoma zvisiri izvo. Ndekupi munzvimbo dzinopisa chiremba wemauto wechiRungu angashingirira kuoma uye kukuvadzwa? Hongu, muAfghanistan. " Chitima chepfungwa chese hapana kana chechipiri. Uye saka ndati wabva kuAfghanistan, uye wakashamisika.
Holmes aikwanisa kutora ruzivo rudiki kubva pachikamu chega chega cheuchapupu. Aigona bedzi kusvika mhedziso yake kupfurikidza nokudzirangarira dzose pamwe chete. Kurwiswa kwekududzira kunoshanda zvakafanana nekuongorora magwaro akajeka anozivikanwa uye ciphertext pairs zvichibva pakiyi imwechete. Kubva pavaviri vega ega, zvinoonekwa zvega zvega zvinotorwa izvo zvinobvumira mhedziso yakajairika nezvekiyi inotorwa. Zvese izvi mhedziso hadzina kujeka uye dzinoita senge dzisingabatsiri kudzamara dzangoerekana dzasvika kune yakakosha misa uye dzinotungamira kune imwe chete mhedziso inogoneka: kunyangwe inoshamisa sei, inofanira kunge iri yechokwadi. Mushure meizvi, kana kiyi inoburitswa, kana iyo decryption process inonatswa zvekuti inogona kudzokororwa.
Ngatienzanisire nemuenzaniso uri nyore kuti kududzira kunoshanda sei. Ngatitii tinoda kuverenga dhayari remuvengi wedu, Bob. Anonyora nhamba yega yega mudhayari rake achishandisa nzira yakapfava yaakadzidza nezvayo kubva pakushambadza mumagazini "A Mock of Cryptography." Iyo sisitimu inoshanda seizvi: Bob anosarudza nhamba mbiri dzaanoda: ΠΈ . Kubva zvino zvichienda mberi, kunyora chero nhamba , inoverenga . Somuenzaniso, kana Bob akasarudza ΠΈ , ipapo nhamba ichave yakanyorwa se .
Ngatitii musi wa28 Zvita takaona kuti Bob akanga achikwenya chimwe chinhu mudhayari rake. Kana apedza, tichaitora chinyararire toona iyo yekupedzisira yekupinda:
Zuva:
235/520Dear Diary,
Nhasi raive zuva rakanaka. Kuburikidza
64nhasi ndinofambidzana naAlisa, anogara mufurati843. Ndinonyatsofunga kuti angadaro26!
Sezvo isu takanyanya kukoshesa kutevera Bob pazuva rake (tine makore gumi nemashanu mune ino mamiriro), zvakakosha kuziva zuva pamwe nekero yaAlice. Neraki, tinoona kuti Bob's cryptosystem iri panjodzi yekurwiswa kwekupindira. Tingasaziva ΠΈ , asi isu tinoziva zuva ranhasi, saka tine maviri akapfava-ciphertext peya. Zvikuru, tinoziva izvozvo encrypted in uye - mukati . Izvi ndizvo zvatichanyora pasi:
Sezvo isu tine makore gumi nemashanu, isu tatoziva nezve hurongwa hwemaviri equation ane maviri asingazivikanwi, ayo mumamiriro ezvinhu aya akakwana kuwana. ΠΈ pasina matambudziko. Imwe neimwe plaintext-ciphertext pair inoisa chinosungirwa pakiyi yaBob, uye zvisungo zviviri izvi pamwechete zvinokwana kudzoreredza kiyi yacho. Mumuenzaniso wedu mhinduro ndeyokuti ΠΈ (pa , kuti 26 mudhayari inoenderana neshoko rekuti 'iye', kureva, "mumwechete" - approx. nzira).
Kurwiswa kweinterpolation, hongu, hakungogumiri pamienzaniso yakapfava yakadaro. Yese cryptosystem inodzikisira kune inonzwisiswa masvomhu chinhu uye runyoro rwemaparamita ari panjodzi yekurwiswa kwekududzira-kana zvakanyanya kunzwisiswa chinhu, inowedzera njodzi.
Vatsva vanowanzonyunyuta kuti cryptography βunyanzvi hwokugadzira zvinhu zvakashata sezvinobvira.β Interpolation kurwiswa zvimwe ndiko kukonzeresa. Bob anogona kushandisa yakanakisa dhizaini yemasvomhu kana kuchengeta zuva rake naAlice pachivande - asi maiwe, kazhinji haugone kuva nazvo nenzira mbiri. Izvi zvichanyatsojeka kana tazosvika kune iyo yeruzhinji kiyi cryptography.
Cross protocol/downgrade
In Now You See Me (2013), boka revanyengeri vanoedza kubira inishuwarenzi ine huwori magineti Arthur Tressler kubva muhupfumi hwake hwese. Kuti vawane mukana kubhengi rebhangi raArthur, vanyengeri vanofanira kupa zita rake rekushandisa nepassword kana kuti kumumanikidza kuti azvionere pachake kubhangi uye kutora chikamu muchirongwa.
Zvose zvingasarudzwa zvakaoma zvikuru; Vakomana vanoshandiswa kuita pachikuva, uye kwete kutora chikamu mumabasa ehungwaru. Saka vanosarudza yechitatu inogoneka sarudzo: wavanofambidzana navo anodana bhangi uye anonyepedzera kuva Arthur. Bhangi rinobvunza mibvunzo yakawanda kuti ione kuti ndiani, sezita rababamukuru uye zita rekutanga chipfuyo; magamba edu pamberi . Kubva panguva ino zvichienda mberi, yakanakisa password kuchengetedza hakusisina basa.
(Maererano nengano yemumaguta yatakazviongorora isu pachedu uye yatakasimbisa, munyori wekunyora tsamba Eli Beaham akambosangana nemutengi webhangi uyo akaomerera pakubvunza mubvunzo wekuchengetedza. Mutauri wacho paakabvunza zita rambuya vake amai vake, Beaham akatanga kutaura kuti: βCapital X, diki y, vatatu ... ").
Izvo zvakafanana mu cryptography, kana maviri cryptographic mapuroteni akashandiswa mukufanana kuchengetedza chinhu chimwe chete, uye imwe haina kusimba kupfuura imwe. Iyo inokonzeresa sisitimu inova panjodzi yekuyambuka-protocol kurwisa, uko kune isina kusimba protocol inorwiswa kuitira kuti isvike kumubairo pasina kubata iyo yakasimba.
Mune zvimwe zviitiko zvakaoma, hazvina kukwana kungobata sevha uchishandisa isina kusimba protocol, asi inoda kubatanidzwa kusingaite kwemutengi ari pamutemo. Izvi zvinogona kurongeka uchishandisa inonzi downgrade attack. Kuti tinzwisise kurwiswa uku, ngatifungei kuti vanyengeri vedu vane basa rakaoma kupfuura mufirimu. Ngatifungei kuti mushandi webhangi (cashier) naArthur vakasangana nemamiriro ezvinhu asingatarisirwi, zvichikonzera nhaurirano inotevera:
Mbavha: Mhoro? Uyu ndiArthur Tressler. Ndinoda kuseta patsva password yangu.
Cashier: Hukuru. Ndokumbira utarise bhuku rako rakavanzika rekodhi, peji 28, izwi 3. Mameseji ese anotevera achavharwa uchishandisa izwi iri chairo sekiyi. PQJGH. LOTJNAM PGGY MXVRL ZZLQ SRIU HHNMLPPPVβ¦
Mbavha: Hei, hey, mira, mirira. Izvi zvakakodzera here? Hatingangotauri sevanhuwo zvavo here?
Cashier: Handikurudzire kuita izvi.
Mbavha: Ndangoβ¦tarisa, ndave nezuva rakashata, kwakanaka here? Ini ndiri mutengi weVIP uye handisi mumood yekuchera kuburikidza nemabhuku akapusa ekodhi aya.
Cashier: Fine. Kana ukasimbirira, VaTressler. Unodei?
Mbavha: Ndapota, ndinoda kupa mari yangu yese kuArthur Tressler National Victims Fund.
(Pause).
Cashier: Kwakachena here manje. Ndokumbira upe PIN yako yekutengeserana kukuru.
Mbavha: Chii changu?
Cashier: Pakukumbira kwako pachako, kutengeserana kwesaizi iyi kunoda PIN yekutengeserana kukuru. Iyi kodhi yakapihwa iwe pawakavhura account yako.
Mbavha:... Ndakairasa. Izvi zvakakodzera here? Haukwanise here kungobvumidza chibvumirano?
Cashier: Aihwa. Ndine urombo, VaTressler. Zvakare, iyi ndiyo chiyero chekuchengetedza chawakakumbira. Kana uchida, tinogona kutumira PIN kodhi itsva kubhokisi rako retsamba.
Magamba edu anosendeka kuvhiya. Vanoteerera pane akati wandei ekutengeserana kukuru kwaTressler, vachitarisira kunzwa iyo PIN; asi pese painotaudzana kuita macoded gibberish pasati pataurwa chero chinhu chinonakidza. Pakupedzisira, rimwe zuva rakanaka, chirongwa chinoiswa mukuita. Ivo vanomirira nemoyo murefu nguva iyo Tressler anofanirwa kuita kutengeserana kukuru parunhare, anopinda pamutsetse, uyezve ...
Tressler: Mhoro. Ndinoda kupedzisa kutengeserana kure kure, ndapota.
Cashier: Hukuru. Ndokumbira utarise bhuku rako rakavanzika rekodhi, peji...
(Gororo rinodzvanya bhatani; inzwi remuchengeti rinoshanduka kuita ruzha rusinganzwisisike).
Cashier: - #@$#@$#*@$$@#* ichave yakanyorwa nezwi iri sekiyi. AAAYRR PLRQRZ MMNJK LOJBAN...
Tressler: Ndine urombo, handina kunyatsonzwisisa. Zvakare? Papeji ripi? Shoko ripi?
Cashier: Iri ndiro peji @#$@#*$)#*#@()#@$(#@*$(#@*.
Tressler: Chii?
Cashier: Shoko nhamba makumi maviri @$#@$#%#$.
Tressler: Zvakakomba! Zvakwana kare! Iwe neprotocol yako yekuchengetedza imwe mhando yemasekisi. Ndinoziva kuti unogona kungotaura neni zvakajairika.
Cashier: Handikurudzireβ¦
Tressler: Uye ini handikurudzire kuti utambise nguva yangu. Ini handichada kunzwa zvimwe pamusoro peizvi kusvika wagadzirisa matambudziko enharembozha yako. Tingapedzisa dhiri iri here kana kuti kwete?
Cashier:β¦ Ehe. Fine. Unodei?
Tressler: Ndinoda kuendesa $20 kuna Lord Business Investments, account number...
Cashier: Ndapota miniti imwe. Ichi chinhu chikuru. Ndokumbira upe PIN yako yekutengeserana kukuru.
Tressler: Chii? O, chaizvo. 1234.
Heino kurwisa kwakadzika. Iyo isina kusimba protocol "ingotaura zvakananga" yaifungidzirwa se sarudzo kana paine emergency. Uye zvakadaro tiri pano.
Unogona kushamisika kuti ndiani mupfungwa dzavo chaidzo angagadzira chaiyo "yakachengeteka kusvika abvunzwa neimwe nzira" system seyatsanangurwa pamusoro. Asi sezvakangoita bhangi rekunyepedzera rinotora njodzi kuchengetedza vatengi vasingade cryptography, masisitimu kazhinji anowanzo kukwevera kune zvinodiwa izvo zvisina hanya kana kutonyanya kuvenga kuchengetedzeka.
Izvi ndizvo chaizvo zvakaitika neSSLv2 protocol muna 1995. Hurumende yeUS yakagara yatanga kuona cryptography sechombo chinochengetedzwa zvakanyanya kure nevavengi vekunze uye vepamba. Zvidimbu zvekodhi zvakabvumidzwa zvega zvekutengesa kunze kubva kuUnited States, kazhinji nemamiriro ekuti algorithm yakaderedzwa nemaune. Netscape, muvandudzi webrowser inonyanya kufarirwa, Netscape Navigator, yakapihwa mvumo yeSSLv2 chete nekiyi 512-bit RSA key (uye 40-bit yeRC4).
Pakazopera mireniyamu, mitemo yakanga yanyevenuka uye kuwana kwechimanjemanje encryption kwave kuwanika zvakanyanya. Nekudaro, vatengi uye maseva vakatsigira yakaneta "export" cryptography kwemakore nekuda kweiyo inertia inochengetedza tsigiro kune chero yenhaka system. Vatengi vaitenda kuti vanogona kusangana nesevha iyo isingatsigire chero chimwe chinhu. Maseva akaita zvimwe chetezvo. Ehe, iyo SSL protocol inoraira kuti vatengi nemaseva havafanirwe kushandisa isina simba protocol kana iri nani iripo. Asi chimiro chimwe chetecho chakashanda kuna Tressler nebhanga rake.
Dzidziso iyi yakawana nzira yayo mukurwiswa kuviri kwepamusoro-soro kwakazunungusa kuchengetedzeka kweSSL protocol muna 2015, zvese zvakawanikwa nevatsvagiri veMicrosoft uye. . Chekutanga, ruzivo rwekurwiswa kweFREAK rwakaratidzwa muna Kukadzi, ndokuteverwa nemwedzi mitatu gare gare nekumwe kurwiswa kwakafanana kunonzi Logjam, iyo yatichakurukura zvakadzama kana taenderera mberi nekurwisa paruzhinji kiyi cryptography.
Kunetseka (inozivikanwawo se "Smack TLS") yakazobuda pachena apo vaongorori vakaongorora mashandisirwo eTLS mutengi/sevha ndokuona tsikidzi inoda kuziva. Mukuita uku, kana mutengi asina kana kubvunza kushandisa isina kusimba kunze kwenyika cryptography, asi sevha ichiri kupindura nemakiyi akadaro, mutengi anoti "Ah zvakanaka" uye anochinja kune isina kusimba cipher suite.
Panguva iyoyo, kunze kwenyika cryptography yaionekwa zvakanyanya seyechinyakare uye isingabvumirwe, saka kurwiswa kwakauya sekukatyamadza kwakazara uye kwakakanganisa akawanda akakosha madomasi, kusanganisira iyo White House, IRS, uye NSA nzvimbo. Zvakatonyanya kuipa, zvakazoitika kuti maseva mazhinji ari munjodzi aikwenenzvera kuita nekushandisazve makiyi mamwe chete pane kugadzira matsva pachikamu chega chega. Izvi zvakaita kuti zvigoneke, mushure mekudzikisa pasi pasi, kuita pre-computation kurwisa: kupaza imwe kiyi yakaramba ichidhura ($ 100 nemaawa 12 panguva yekubudiswa), asi mari inoshanda yekurwisa kubatana yakaderedzwa zvakanyanya. Zvakakwana kuti usarudze kiyi yeseva kamwe uye kutsemura encryption kune ese anotevera anobatana kubva panguva iyoyo zvichienda mberi.
Uye tisati taenderera mberi, pane kumwe kurwiswa kwepamberi kunoda kutaurwa...
Oracle attack
vanonyanya kuzivikanwa sababa ve-cross-platform crypto messaging app Signal; asi isu pachedu semumwe weake asingazivikanwe hunyanzvi - (Cryptographic Doom Principle). Kutsanangura zvishoma, tinogona kutaura izvi: "Kana protocol ichiita chero inoita cryptographic oparesheni pane meseji kubva kune inogona kuve yakaipa sosi uye inoita zvakasiyana zvichienderana nemhedzisiro, inoparara." Kana nenzira yakapinza: "Usatore ruzivo kubva kumuvengi kuti ugadzirise, uye kana uchifanira kudaro, saka usaratidze mhedzisiro."
Ngatisiye parutivi buffer inofashukira, majekiseni ekuraira, nezvimwe zvakadaro; vari kunze kwechikamu chehurukuro iyi. Kutyora kwe "doom musimboti" kunotungamira kune yakakomba cryptography hacks nekuda kwekuti iyo protocol inoita chaizvo sezvaitarisirwa.
Semuenzaniso, ngatitorei dhizaini yekunyepedzera ine isina njodzi inotsiva cipher, tobva taratidza kurwisa kunobvira. Nepo isu takatoona kurwiswa pane inotsiva cipher uchishandisa frequency kuongororwa, haisi "imwe nzira yekutyora imwechete cipher." Kusiyana neizvi, kurwiswa kweoracle chinhu chakanyanya kugadzirwa, chinoshanda kune akawanda mamiriro apo frequency kuongororwa inotadza, uye isu tichaona kuratidzwa kweizvi muchikamu chinotevera. Pano cipher iri nyore inosarudzwa chete kuti muenzaniso ujeke.
Saka Alice naBob vanotaurirana vachishandisa chinyoreso cipher vachishandisa kiyi inongozivikanwa kwavari chete. Iwo akanyanya kuomesesa nezvehurefu hwemeseji: iwo chaiwo mabhii makumi maviri kureba. Saka vakabvumirana kuti kana munhu achida kutumira meseji ipfupi, aifanira kuwedzera mamwe mameseji ekugumira meseji kuti aite mavara makumi maviri chaiwo. Mushure mekurukurirano yakati, vakasarudza kuti vaizogamuchira chete zvinyorwa zvenhema zvinotevera: a, bb, ccc, dddd etc. Nokudaro, dummy text yehurefu hupi hupi hunodiwa inozivikanwa.
Kana Alice kana Bob agamuchira meseji, vanotanga vatarisa kuti meseji yacho ndeyakareba here (mavara makumi maviri) uye kuti suffix ndiyo chaiyo dummy mavara. Kana zvisina kudaro, ivo vanopindura nemhosho yakakodzera meseji. Kana kureba kwemavara uye dummy zvinyorwa zvakanaka, mugamuchiri anoverenga meseji pachayo uye otumira mhinduro yakavharidzirwa.
Munguva yekurwiswa, anorwisa anotevedzera Bob uye anotumira mameseji emanyepo kuna Alice. Iwo mameseji haana maturo chose - anorwisa haana kiyi, saka haakwanise kugadzira meseji ine musoro. Asi sezvo protocol ichityora mutemo wedoom, anorwisa anogona kuramba achiteya Alice kuti aburitse ruzivo rwakakosha, sezvakaratidzwa pazasi.
Mbavha:
PREWF ZHJKL MMMN. LAAlice: Mavara asina kufanira.
Mbavha:
PREWF ZHJKL MMMN. LBAlice: Mavara asina kufanira.
Mbavha:
PREWF ZHJKL MMMN. LCAlice:
ILCT? TLCT RUWO PUT KCAW CPS OWPOW!
Mbavha haazive zvabva kutaurwa naAlice, asi anocherekedza kuti chiratidzo C inofanira kuenderana a, sezvo Alice akagamuchira rugwaro rwedummy.
Mbavha:
REWF ZHJKL MMMN. LAAAlice: Mavara asina kufanira.
Mbavha:
REWF ZHJKL MMMN. LBBAlice: Mavara asina kufanira.
Mushure mekuedza kunoverengeka...
Mbavha:
REWF ZHJKL MMMN. LGGAlice: Mavara asina kufanira.
Mbavha:
REWF ZHJKL MMMN. LHHAlice:
TLQO JWCRO FQAW SUY LCR C OWQXYJW. IW PWWR TU TCFA CHUYT TLQO JWFCTQUPOLQZ.
Zvekare, anorwisa haazive zvakangotaurwa naAlice, asi anocherekedza kuti H inofanirwa kuenderana b kubvira Alice akagamuchira dummy chinyorwa.
Uye zvichingodaro kusvika anorwisa aziva zvinoreva chimiro chega chega.
Pakutanga kuona, nzira yacho yakafanana neakasarudzwa akajeka kurwisa. Pakupedzisira, anorwisa anosarudza ciphertexts, uye sevha inoteerera inoagadzirisa. Musiyano mukuru unoita kuti kurwiswa uku kuvepo munyika chaiyo ndeyekuti munhu anorwisa haadi kuwana iyo chaiyo chinyorwa-mhinduro yeseva, kunyangwe imwe isina mhosva se "Invalid dummy text," yakakwana.
Nepo kurwiswa uku kuri kudzidzisa, usanyanya kusungirirwa pane zvakatemwa zve "dummy text" chirongwa, chaiyo cryptosystem inoshandiswa, kana kutevedzana chaiko kwemameseji anotumirwa neanorwisa. Pfungwa huru ndeye mabatiro anoita Alice zvakasiyana zvichienderana nehunhu hwechinyorwa, uye anozviita pasina kuratidza kuti inoenderana ciphertext yakabva kune akavimbika bato. Saka, Alice anobvumira anorwisa kusvina ruzivo rwakavanzika kubva mumhinduro dzake.
Pane zvakawanda zvinogona kuchinjwa mumamiriro ezvinhu aya. Zviratidzo izvo Alice anozvibata nazvo, kana mutsauko chaiwo muhunhu hwake, kana kunyange cryptosystem inoshandiswa. Asi musimboti ucharamba wakangofanana, uye kurwisa kwese kucharamba kuchibudirira mune imwe nzira kana imwe. Kuitwa kwekutanga kwekurwiswa uku kwakabatsira kufumura akati wandei ekuchengetedza tsikidzi, izvo zvatichatarisa munguva pfupi; asi kutanga pane zvidzidzo zvetioreti zvinofanirwa kudzidzwa. Nzira yekushandisa sei iyi yenhema "Alice script" mukurwiswa kunogona kushanda pane chaiyo cipher yemazuva ano? Izvi zvinotogoneka here, kunyangwe mudzidziso?
Muna 1998, munyori wezvinyorwa zveSwitzerland Daniel Bleichenbacher akapindura mubvunzo uyu nenzira inosimbisa. Akaratidza kurwiswa kwechirevo pane yakashandiswa zvakanyanya yeruzhinji kiyi cryptosystem RSA, achishandisa yakananga meseji chirongwa. Mune mamwe mashandisirwo eRSA, sevha inopindura nemamwe mameseji ekukanganisa zvichienderana nekuti iwo akajeka anowirirana nechirongwa here kana kwete; izvi zvakanga zvakakwana kuti ndiite kurwisa.
Makore mana gare gare, muna 2002, French cryptographer Serge Vaudenay akaratidza oracle kurwisa kwakada kufanana neinotsanangurwa Alice mamiriro pamusoro - kunze kuti panzvimbo yekunyepedzera cipher, akatyora yose inoremekedzwa kirasi ciphers ano kuti vanhu chaizvoizvo kushandiswa. Kunyanya, kurwisa kwaVaudenay kunonangana neyakagadziriswa saizi ciphers ("block ciphers") kana ichishandiswa mune inonzi "CBC encryption mode" uye neimwe yakakurumbira padding scheme, yakaenzana neiyo iri muAlice mamiriro.
Zvakare muna 2002, American cryptographer John Kelsey - co-munyori - yakakurudzira kwakasiyana-siyana kurwiswa kweanoracle pane masisitimu anomanikidza mameseji uye obva aavharira. Chikurusa pakati paikoku idenho yakatora mukana weidi rokuti kazhinji kazhinji kunobvira kutaura kureba kwapakuvamba kwechinyorwa kubva paurefu hwemashoko akanyorwa. Mupfungwa, izvi zvinobvumira kurwiswa kweshoko rinotorazve zvikamu zvemashoko akajeka epakutanga.
Pazasi tinopa tsananguro yakadzama yekurwiswa kwaVaudenay naKelsey (tichapa tsananguro yakadzama yekurwisa kweBleichenbacher patinoenderera mberi nekurwisa paruzhinji kiyi cryptography). Pasinei nekuedza kwedu kwese, chinyorwa chinova chakati hunyanzvi; saka kana zviri pamusoro zvakakukwanira, svetuka zvikamu zviviri zvinotevera.
Kurwiswa kweVodene
Kuti tinzwisise kurwiswa kweVaudenay, isu chekutanga tinoda kutaura zvishoma nezve block ciphers uye encryption modes. A "block cipher" ndeye, sezvakataurwa, cipher inotora kiyi uye yekuisa yeimwe yakagadziriswa kureba ("block urefu") uye inoburitsa yakavharidzirwa yehurefu hwakafanana. Block ciphers anoshandiswa zvakanyanya uye anoonekwa seakachengeteka. Iyo DES yave pamudyandigere, inoonekwa seyekutanga cipher yemazuva ano, yaive block cipher. Sezvataurwa pamusoro apa, zvakafanana ndezvechokwadi kune AES, iyo inoshandiswa zvakanyanya nhasi.
Nehurombo, block ciphers ine imwe kushaya simba. Iyo yakajairika block saizi ndeye 128 bits, kana 16 mavara. Zviripachena, cryptography yemazuva ano inoda kushanda nedata hombe rekuisa, uye apa ndipo panopinda nzira dzekunyorera. Encryption mode ndeyekubira: inzira neimwe nzira yekushandisa block cipher iyo inongogamuchira kuiswa kweimwe saizi yekuisa yehurefu hwekupokana.
Kurwiswa kwaVodene kwakanangana neiyo yakakurumbira CBC (Cipher Block Chaining) maitiro ekushanda. Kurwiswa kwacho kunobata iyo yepasi block cipher semashiripiti, isingapindike bhokisi dema uye inonzvenga zvachose kuchengetedzeka kwayo.
Heino dhayagiramu inoratidza mashandiro anoita CBC modhi:
Iyo yakatenderedzwa plus inomiririra XOR (yakasarudzika OR) mashandiro. Semuenzaniso, yechipiri block ye ciphertext inogamuchirwa:
- Nekuita XOR oparesheni pane yechipiri plaintext block ine yekutanga ciphertext block.
- Kuvharidzira iyo mhedzisiro block ne block cipher uchishandisa kiyi.
Sezvo CBC ichishandisa zvinorema kudaro zvebhinari XOR oparesheni, ngatitorei chinguva tiyeuke zvimwe zvezvivakwa zvayo:
- Idempotency:
- Commutativity:
- Associativity:
- Self-reversibility:
- Byte size: byte n ye = (byte n ye ) (byte n ye )
Kazhinji, zvivakwa izvi zvinoreva kuti kana isu tine equation inosanganisira XOR mashandiro uye imwe isingazivikanwe, inogona kugadziriswa. Somuenzaniso, kana tichiziva izvozvo nevasingazivikanwi uye ane mukurumbira ΠΈ , tobva tavimba nezvataurwa pamusoro apa kugadzirisa equation . Nekushandisa XOR pamativi ese equation ne , tinowana . Izvi zvese zvichave zvakakosha munguva pfupi.
Pane misiyano miviri midiki uye musiyano mukuru pakati pemamiriro edu Alice uye kurwiswa kwaVaudenay. Zvidiki zviviri:
- Muzvinyorwa, Alice aitarisira kuti zvinyorwa zvichapera nemavara
a,bb,ccczvichingoenda zvakadaro. Mukurwiswa kweWodene, munhu akabatwa anotarisira kuti zvinyorwa zvichapera N nguva neN byte (kureva, hexadecimal 01 kana 02 02, kana 03 03 03, zvichingodaro). Uyu ndiwo musiyano wecosmetic. - Muchiitiko chaAlice, zvaive nyore kutaura kana Alice agamuchira meseji nemhinduro "Mashoko asina kururama." Mukurwisa kwaVodene, kuongororwa kwakawanda kunodiwa uye kunyatsoita kudivi reanobatwa kwakakosha; asi nekuda kwekupfupika, ngatitorei sekupihwa kuti ongororo iyi ichiri kugona.
Musiyano mukuru:
- Sezvo isu tisiri kushandisa imwechete cryptosystem, hukama pakati peanorwisa-anodzorwa ciphertext bytes uye zvakavanzika (kiyi uye plaintext) zvichave pachena kuti zvakasiyana. Naizvozvo, anorwisa achafanira kushandisa imwe nzira pakugadzira ciphertexts uye kududzira server mhinduro.
Musiyano mukuru uyu ndicho chikamu chekupedzisira chepikicha kuti tinzwisise kurwiswa kwaVaudenay, saka ngatitorei nguva yekufunga kuti sei uye sei kurwiswa kwechirevo paCBC kunogona kuiswa pekutanga.
Ngatitii tapihwa CBC ciphertext ye247 blocks, uye tinoda kuibvisa. Isu tinogona kutumira mameseji ekunyepedzera kune sevha, sezvataigona kutumira mameseji enhema kuna Alice kare. Sevha inobvisa mameseji kwatiri, asi haizoratidze kudhirowa - pachinzvimbo, zvakare, sezvakaita Alice, sevha inongotaura zvishoma chete ruzivo: ingave iyo plaintext ine padding inoshanda kana kwete.
Funga kuti mumamiriro ezvinhu aAlice takava nehukama hunotevera:
$$display$$text{SIMPLE_SUBSTITUTION}(chinyorwa{ciphertext},mavara{kiyi}) = chinyorwa{plaintext}$$ratidza$$
Ngatidaidze iyi "Equation yaAlice." Takadzora ciphertext; sevha (Alice) yakaburitsa ruzivo rusina kujeka nezve yakagamuchirwa plaintext; uye izvi zvakatibvumira kuti titore ruzivo nezve yekupedzisira chinhu - kiyi. Nekuenzanisa, kana tikakwanisa kuwana kubatana kwakadaro kweCBC script, tinogona kukwanisa kutora mamwe mashoko epachivande imomo zvakare.
Sezvineiwo, pane chaizvo hukama kunze uko kwatinogona kushandisa. Funga nezvekubuda kwekufona kwekupedzisira kuti udzikise block cipher uye kuratidza inobuda se . Isu tinoratidzawo mabhuroko ezvinyorwa zvisina tsarukano uye ciphertext blocks . Tarisa zvakare dhayagiramu yeCBC uone zvinoitika:
Ngatidaidze iyi "CBC equation."
Mumamiriro ezvinhu aAlice, nekutarisa manyorerwo akaitwa uye kuona magwaro asina kujeka akabuda, takakwanisa kukwidza kurwisa kwakatorazve chikamu chechitatu muequation β kiyi. Muchiitiko cheCBC, tinotarisisawo ciphertext uye tinoona kubuda kweruzivo pamagwaro anoenderana nawo. Kana fananidzo iripo, tinogona kuwana ruzivo nezve .
Ngatifungei kuti takadzoreredza chaizvo , ko zvino? Zvakanaka, saka tinokwanisa kudhinda iyo yekupedzisira bhuroka yezvakajeka kamwechete (), nokungopinda (zvatinazvo) uye
kugamuchirwa muCBC equation.
Izvozvi zvatine tarisiro nezvehurongwa hwese hwekurwisa, yave nguva yekugadzira iyo mamiriro. Ndokumbira utarise kuti ruzivo rwusina tsarukano rwunoburitswa sei paserver. Muzvinyorwa zvaAlice, zvabuda nekuti Alice aizopindura nemeseji chaiyo kana $inline$text{SIMPLE_SUBSTITUTION}(text{ciphertext},text{key})$inline$ yapera nemutsara. a (kana bb, uye zvichingodaro, asi mikana yemamiriro ezvinhu aya akakonzerwa nemukana aive madiki kwazvo). Zvakafanana neCBC, sevha inogamuchira padding kana uye chete kana inopera nehexadecimal 01. Saka ngatiedzei hunyengeri humwe chete: kutumira zvinyorwa zvenhema nehunhu hwedu hwekunyepera kusvikira server yagamuchira kuzadza.
Kana sevha ikagamuchira padding kune imwe yenhema meseji, zvinoreva kuti:
Iye zvino isu tinoshandisa iyo byte-byte XOR pfuma:
Tinoziva mazwi ekutanga neetatu. Uye isu takatoona kuti izvi zvinotitendera kudzoreredza temu yasara - yekupedzisira byte kubva :
Izvi zvinotipawo yekupedzisira byte yekupedzisira plaintext block kuburikidza neCBC equation uye byte-by-byte pfuma.
Tinogona kuzvisiya zvakadaro uye kugutsikana kuti takaita kurwiswa kwechirevo chakasimba checipher. Asi kutaura zvazviri tinogona kuita zvakawanda: tinogona kudzoreredza zvinyorwa zvese. Izvi zvinoda hunyengeri hwanga husiri mugwaro rekutanga raAlice uye haadiwe kurwiswa kweshoko, asi zvichiri kukosha kudzidza.
Kuti uzvinzwisise, tanga cherechedza kuti mhedzisiro yekuburitsa kukosha kwayo kweiyo yekupedzisira byte ndeye tine mano matsva. Iye zvino, kana tichigadzira ciphertexts, tinogona kushandisa biti yekupedzisira yemagwaro akajeka anowirirana. Zvekare, izvi zvine chekuita neCBC equation uye byte-by-byte pfuma:
Sezvo tave kuziva temu yechipiri, tinogona kushandisa kutonga kwedu pamusoro pekutanga kudzora yechitatu. Isu tinongoverenga chete:
Hatina kukwanisa kuita izvi kare nekuti takanga tisati tava nebhaiti yekupedzisira .
Izvi zvichatibatsira sei? Ngatitii isu zvino tagadzira ese ciphertexts zvekuti mumagwaro anoenderana iyo yekupedzisira byte yakaenzana 02. Sevha ikozvino inobvuma padding chete kana plaintext ichipera na 02 02. Sezvo isu takagadzirisa iyo yekupedzisira byte, izvi zvichaitika chete kana iyo penultimate byte ye plaintext iriwo 02. Tinoramba tichitumira fake ciphertext blocks, tichishandura penultimate byte, kusvikira sevha inogamuchira padding kune imwe yadzo. Panguva ino tinowana:
Uye isu tinodzosera iyo penultimate byte sokudzorerwa kwakaita wokupedzisira. Tinoenderera mberi mumweya mumwechete: tinogadzirisa mabheti maviri ekupedzisira echinyorwa kuti 03 03, tinodzokorora kurwisa uku kwechitatu byte kubva kumagumo uye zvichingodaro, pakupedzisira kudzorera zvachose .
Zvakadini nemamwe mashoko ose? Ndapota cherechedza kuti kukosha chaizvoizvo $inline$text{BLOCK_DECRYPT}(text{key},C_{247})$inline$. Tinogona kuisa chero imwe block pachinzvimbo , uye kurwisa kwacho kuchabudirira. Isu tinogona kukumbira sevha kuti iite $inline$text{BLOCK_DECRYPT}$inline$pa data chero ripi zvaro. Panguva ino, mutambo wapera - tinogona kubvisa chero ciphertext (tora imwezve kutarisa kuCBC decryption diagram kuti uone izvi; uye ona kuti IV ndeyeruzhinji).
Iyi chaiyo nzira inoita basa rakakosha mukurwiswa kwatichasangana nako gare gare.
Kurwisa kwaKelsey
Wedu congenial John Kelsey akatara misimboti inokonzeresa kurwiswa kwakawanda kunobvira, kwete chete ruzivo rwekurwiswa kwakananga pane chaiyo cipher. Yake chidzidzo chekurwiswa kunobvira pane encrypted compressed data. Iwe waifunga here kuti ruzivo rwekuti iyo data yakamanikidzwa isati yavharidzirwa yakanga isina kukwana kuita kurwisa? Zvinoratidza kuti zvakwana.
Ichi chigumisiro chinoshamisa chinokonzerwa nemisimboti miviri. Kutanga, pane wirirano yakasimba pakati pourefu hwechinyorwa chiri nyore nourefu hwemashoko akanyorwa; nekuti maciphers mazhinji anotoita kuenzana. Chechipiri, kana kudzvinyirirwa kuchiitwa, kunewo kuwirirana kwakasimba pakati pehurefu hweshoko rakamanikidzwa uye chiyero che "ruzha" rwemashoko akajeka, ndiko kuti, chikamu chemashoko asina kudzokorora (izwi rehunyanzvi "high entropy" )
Kuti uone musimboti uchishanda, funga zvinyorwa zviviri zviri pachena:
Chinyorwa 1:
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAChinyorwa 2:
ATVXCAGTRSVPTVVULSJQHGEYCMQPCRQBGCYIXCFJGJ
Ngatifungei ese ari maviri plaintext akamanikidzwa uye obva avharirwa. Iwe unowana maviri anokonzeresa ciphertexts uye unofanirwa kufungidzira kuti ndeipi ciphertext inoenderana nepi plaintext:
Chinyorwa 1:
PVOVEYBPJDPVANEAWVGCIUWAABCIYIKOOURMYDTAChinyorwa 2:
DWKJZXYU
Mhinduro yakajeka. Pakati pezvinyorwa zvakapfava, mashoko akapfava chete 1 aikwanisa kutsikirirwa muurefu hushoma hwemashoko echipiri. Isu takafunga izvi tisingazive chero chinhu nezve compression algorithm, kiyi yekuvharidzira, kana kunyange cipher pachayo. Kuenzaniswa neiyo hierarchy yezvinobvira cryptographic kurwisa, iyi imhando yekupenga.
Kelsey anonongedzazve kuti mune mamwe mamiriro asina kujairika musimboti uyu unogona kushandiswa kuita kurwisa kweshoko. Kunyanya, inotsanangura kuti munhu anorwisa anogona sei kudzoreredza chakavanzika chinyorwa kana achikwanisa kumanikidza sevha kuti encrypt iyo fomu data (iyo yakajeka inoteverwa ne paanenge achitonga uye inogona neimwe nzira kutarisa kureba kweiyo encrypted mhedzisiro.
Zvekare, sekumwe kurwiswa kweoracle, isu tine hukama:
Zvakare, isu tinodzora imwe nguva (), tinoona kudonha kudiki kweruzivo nezve imwe nhengo (ciphertext) uye edza kudzoreredza yekupedzisira (plaintext). Zvisinei nekufananidza, aya ndiwo mamiriro asina kujairika kana achienzaniswa nekumwe kurwiswa kwatakaona.
Kuratidza kuti kurwiswa kwakadai kungashande sei, ngatishandisei manyepo ekumanikidza chirongwa chatichangobva kuuya nacho: TOYZIP. Inotarisa mitsetse yezvinyorwa zvakamboonekwa muzvinyorwa uye inoitsiva nemabhayiti matatu echibatiso anoratidza pekuwana muenzaniso wekutanga wemutsara uye kangani painooneka ipapo. Somuenzaniso, mutsara helloworldhello inogona kumanikidzwa kupinda helloworld[00][00][05] 13 bytes kureba zvichienzaniswa neyekutanga 15 bytes.
Ngatitii munhu anorwisa aedza kudzoreredza zviri pachena zvefomu password=..., uko password pachayo isingazivikanwe. Zvinoenderana nerudzi rwekurwisa kwaKelsey, munhu anorwisa anogona kukumbira sevha kuti isimbise uye obva anyora mameseji emafomu (plaintext inoteverwa na. ), kupi - mavara emahara. Kana sevha yapedza kushanda, inoshuma kureba kwechigumisiro. Kurwisa kunoenda seizvi:
Mbavha: Ndokumbirawo compress uye encrypt iyo yakajeka pasina chero padding.
Sevha: Mhedzisiro hurefu 14.
Mbavha: Ndokumbirawo compress uye encrypt iyo plaintext iyo inowedzerwa
password=a.Sevha: Mhedzisiro hurefu 18.
Iyo cracker manotsi: [yekutanga 14] + [mabhaiti matatu akatsiva password=] + a
Mbavha: Ndokumbira dzvanya uye encrypt iyo yakajeka iyo inowedzerwa
password=b.Sevha: Mhedzisiro hurefu 18.
Mbavha: Ndokumbira dzvanya uye encrypt iyo yakajeka iyo inowedzerwa
password=Ρ.Sevha: Mhedzisiro hurefu 17.
Iyo cracker manotsi: [yekutanga 14] + [mabhaiti matatu akatsiva password=c]. Izvi zvinotora kuti chinyorwa chepakutanga chine tambo password=c. Ndiko kuti, password inotanga netsamba c
Mbavha: Ndokumbira dzvanya uye encrypt iyo yakajeka iyo inowedzerwa
password=Ρa.Sevha: Mhedzisiro hurefu 18.
Iyo cracker manotsi: [yekutanga 14] + [mabhaiti matatu akatsiva password=Ρ] + a
Mbavha: Ndokumbira dzvanya uye encrypt iyo yakajeka iyo inowedzerwa
password=Ρb.Sevha: Mhedzisiro hurefu 18.
(β¦ Imwe nguva gare gareβ¦)
Mbavha: Ndokumbira dzvanya uye encrypt iyo yakajeka iyo inowedzerwa
password=ΡΠΎ.Sevha: Mhedzisiro hurefu 17.
Iyo cracker manotsi: [yekutanga 14] + [mabhaiti matatu akatsiva password=co]. Uchishandisa pfungwa imwechete, anorwisa anopedzisa kuti password inotanga nemabhii co
Uye zvichingodaro kusvika password yese yadzorerwa.
Muverengi anoregererwa nekufunga kuti ichi chiitwa chedzidzo chete uye kuti mamiriro ekurwisa akadai haambofa akamuka munyika chaiyo. Maiwe, sezvatichaona munguva pfupi iri kutevera, zviri nani kuti usakanda mapfumo pasi pa cryptography.
Kusagadzikana kweBrand: MHOSVA, POODLE, DROWN
Chekupedzisira, mushure mekudzidza dzidziso zvakadzama, tinogona kuona kuti matekiniki aya anoshandiswa sei mune chaiyo-yehupenyu cryptographic kurwisa.
MHOSVA
Kana kurwiswa kwakanangana nebrowser yeakabatwa uye network, zvimwe zvichave nyore uye zvimwe zvichanyanya kuoma. Semuenzaniso, zviri nyore kuona traffic yemunhu akabatwa: ingogara naye mune imwechete cafe neWiFi. Nechikonzero ichi, vangangove vakabatwa (kureva munhu wese) vanowanzorairwa kushandisa yakavharidzirwa yekubatanidza. Zvichanyanya kuoma, asi zvichigoneka, kuita zvikumbiro zveHTTP pachinzvimbo chemunhu akabatwa kune imwe yechitatu-bato saiti (semuenzaniso, Google). Anorwisa anofanira kukwezvera munhu anenge abatwa pawebhu peji ine script inoita chikumbiro. Webhurawuza inozopa otomatiki iyo inoenderana chikamu cookie.
Izvi zvinoratidzika zvinoshamisa. Kana Bob akaenda evil.com, zvingave zviri pasaiti ino zvinongokumbira Google kuti itumire email password yaBob [email protected]? Zvakanaka, muchirevo hongu, asi chaizvoizvo kwete. Mamiriro ezvinhu aya anonzi kuyambuka-saiti chikumbiro chekunyepedzera kurwiswa (, CSRF), uye yaive yakakurumbira pakati pema90s. Nhasi kana evil.com inoedza hunyengeri uhwu, Google (kana chero webhusaiti inozviremekedza) inowanzopindura: "Zvakanaka, asi chiratidzo chako cheCSRF chekutengeserana uku chichava... um... ΡΡΠΈ ΡΡΠΈΠ»Π»ΠΈΠΎΠ½Π° ΠΈ ΡΠ΅ΠΌΡ. Dzokorora nhamba iyi." Mabhurawuza emazuva ano ane chinhu chinonzi "same-origin policy" apo zvinyorwa zvepasaiti A hazvikwanise kuwana ruzivo rwunotumirwa newebhusaiti B. Saka script pa evil.com inogona kutumira zvikumbiro ku google.com, asi haugone kuverenga mhinduro kana kupedzisa kutengeserana.
Tinofanira kusimbisa kuti kunze kwekunge Bob ari kushandisa chinongedzo chakavharidzirwa, zvidziviriro izvi zvese hazvina zvazvinoreva. Anorwisa anogona kungoverenga traffic yaBob uye kudzoreredza Google's session cookie. Nekuki iyi, anongovhura tebhu itsva yeGoogle asingasiye bhurawuza rake uye oedzesera Bob asingasangane nezvinonetsa mabviro akafanana. Asi, zvinosuwisa kuti mbavha, izvi zviri kuramba zvichinyanya kuwanda. Iyo Internet yakazara yakagara ichizivisa hondo yekubatanidza isina kuvharwa, uye traffic yaBob inobuda ingangove yakavharidzirwa, angave achiida kana kuti kwete. Mukuwedzera, kubva pakutanga kwekushandiswa kweprotocol, traffic yaive zvakare shrink before encryption; iyi yaive tsika yakajairika kuderedza latency.
Apa ndipo pazvinobuda (Compression Ratio Infoleak Yakagadzirwa Nyore, yakapusa kuvuza kuburikidza neiyo compression reshiyo). Kusagadzikana kwakaratidzwa munaGunyana 2012 nevaongorori vezvekuchengetedza Juliano Rizzo naThai Duong. Takatoongorora hwaro hwese hwedzidziso, izvo zvinotitendera kuti tinzwisise zvavakaita uye sei. Anorwisa anogona kumanikidza bhurawuza yaBob kuti itumire zvikumbiro kuGoogle uye ozoteerera mhinduro panetiweki yemunharaunda nenzira yakamanikidzwa, yakavharidzirwa. Naizvozvo tine:
Pano anorwisa anodzora chikumbiro uye anokwanisa kuwana traffic sniffer, kusanganisira saizi yepakiti. Chiitiko chaKelsey chekunyepedzera chakaitika.
Tichinzwisisa dzidziso, vanyori veCRIME vakagadzira hunyanzvi hunogona kuba makuki emusangano kune dzakasiyana siyana masaiti, kusanganisira Gmail, Twitter, Dropbox uye Github. Kusagadzikana kwakanganisa mabhurawuza mazhinji emazuva ano, zvichiita kuti zvigamba zviburitswe izvo zvakaviga chinyararire chimiro chekumanikidza muSSL kuti chisazoshandiswa zvachose. Iyo chete yakadzivirirwa kubva mukusagadzikana yaive yairemekedzwa Internet Explorer, iyo isina kumbobvira yashandisa SSL compression zvachose.
POODLE
Muna Gumiguru 2014, Google kuchengetedza timu yakaita mafungu munharaunda yekuchengetedza. Vakakwanisa kushandisa kusadzivirirwa muSSL protocol yaive yakavharwa makore anopfuura gumi apfuura.
Zvinoitika kuti nepo maseva ari kufambisa iyo inopenya TLSv1.2 itsva, vazhinji vakasiya tsigiro yenhaka SSLv3 yekudzokera kumashure kunoenderana neInternet Explorer 6. Takatotaura nezve kurwisa kwekudzikisa, saka unogona kufungidzira zviri kuitika. Iyo yakanyatso kurongeka sabotage yekubata maoko protocol uye maseva akagadzirira kudzokera kune yakanaka yekare SSLv3, zvichinyatso gadzirisa makore gumi nemashanu ekupedzisira ekutsvaga kuchengetedza.
Nezve nhoroondo, :
Transport Layer Security (TLS) ndiyo inonyanya kukosha kuchengetedza protocol paInternet. [..] kunenge kwese kutengeserana kwaunoita paIndaneti kunoenderana neTLS. [..] Asi TLS yanga isiri TLS nguva dzose. Iyo protocol yakatanga hupenyu hwayo mukati inonzi "Secure Sockets Layer" kana SSL. Runyerekupe rune kuti vhezheni yekutanga yeSSL yaityisa zvekuti vagadziri vakaunganidza zvese zvakadhindwa zvekodhi ndokuvigwa munzvimbo yakavanzika muNew Mexico. Nekuda kweizvozvo, yekutanga inowanikwa pachena vhezheni yeSSL ndeyechokwadi . Zvinotyisa chaizvo, uye [..] chaive chigadzirwa chepakati pe-90s, iyo yemazuva ano cryptographers inoona se "" Kurwiswa kwakawanda kwakaipisisa kwatinoziva nezvako nhasi hakusati kwawanikwa. Nekuda kweizvozvo, vagadziri veSSLv2 protocol vakanyanya kusiiwa kuti varove nzira murima, uye vakatarisana. -kusuwa kwavo uye nekubatsirwa kwedu, sezvo kurwiswa kweSSLv2 kwakasiya zvidzidzo zvakakosha kuchizvarwa chinotevera chezvibvumirano.
Kutevera zviitiko izvi, muna 1996, Netscape yakagumbuka yakagadzirazve SSL protocol kubva kutanga. Mhedzisiro yacho yaive SSL vhezheni 3, iyo .
Sezvineiwo mbavha, βvashomaβ hazvirevi βvose.β Pakazere, SSLv3 yakapa ese anodiwa zvivharo zvekuvaka kuti atange kurwisa kweVodene. Iyo protocol yakashandisa CBC mode block cipher uye isina kuchengetedzeka padding scheme (izvi zvakagadziriswa muTLS; saka kudiwa kwekudzikisa kurwisa). Kana iwe ukarangarira padding chirongwa mune yedu yekutanga tsananguro yekurwiswa kweVaudenay, iyo SSLv3 chirongwa chakafanana.
Asi, zvinosuruvarisa kumakororo, βzvakafananaβ hazvirevi βzvakafanana.β Iyo SSLv3 padding scheme ndeye "N random bytes inoteverwa nenhamba N". Edza, pasi pemamiriro ezvinhu aya, kusarudza yekufungidzira block ye ciphertext uye uende nematanho ese ekutanga chirongwa chaVaudene: iwe uchaona kuti kurwiswa kunobudirira kuburitsa iyo yekupedzisira byte kubva kune inoenderana block yemavara, asi haiendi mberi. Decrypting yega yega 16th byte yeciphertext izano rakakura, asi hakusi kukunda.
Vakatarisana nekutadza, timu yeGoogle yakaita sarudzo yekupedzisira: vakachinjira kune imwe yakasimba yekutyisidzira modhi - iyo inoshandiswa muCRIME. Tichifunga kuti anorwisa i script inomhanya mubrowser yemunhu akabatwa uye inogona kubvisa makuki emusangano, kurwiswa kuchiri kunakidza. Kunyange iyo yakakura yekutyisidzira modhi isiri yechokwadi, takaona muchikamu chakapfuura kuti iyi modhi inogoneka.
Tichipihwa aya masimba ane simba ekurwisa, kurwisa kwacho kunogona kuenderera. Ziva kuti anorwisa anoziva panowanikwa iyo encrypted session cookie mumusoro uye inodzora kureba kweHTTP chikumbiro chiri pamberi payo. Naizvozvo, inokwanisa kushandura chikumbiro cheHTTP kuitira kuti iyo yekupedzisira byte yecookie ienderane nekuguma kwechivharo. Iye zvino iyi byte yakakodzera decryption. Iwe unogona kungowedzera chimiro chimwe kuchikumbiro, uye iyo penultimate byte yecookie icharamba iri munzvimbo imwechete uye yakakodzera kusarudzwa uchishandisa nzira imwechete. Kurwiswa kunoenderera nenzira iyi kusvika iyo cookie file yadzoserwa zvachose. Inonzi POODLE: Padding Oracle paDowngraded Legacy Encryption.
NYORA
Sezvatakataura, SSLv3 yakanga ine zvikanganiso zvayo, asi yakanga yakasiyana zvakanyanya neyakatangira, sezvo iyo inodonha SSLv2 yakanga iri chigadzirwa cheimwe nguva yakasiyana. Ikoko unogona kukanganisa meseji pakati: ΡΠΎΠ³Π»Π°ΡΡΡΡ Π½Π° ΡΡΠΎ ΡΠΎΠ»ΡΠΊΠΎ ΡΠ΅ΡΠ΅Π· ΠΌΠΎΠΉ ΡΡΡΠΏ yakashanduka kuita ΡΠΎΠ³Π»Π°ΡΡΡΡ Π½Π° ΡΡΠΎ; mutengi uye sevha vanogona kusangana pamhepo, kumisa kuvimba uye kuchinjana zvakavanzika pamberi peanorwisa, anogona kutevedzera zviri nyore zviri zviviri. Kune zvakare dambudziko neexport cryptography, yatakataura tichifunga FREAK. Idzi dzaive nhema dzeSodhoma neGomora.
Muna Kurume 2016, timu yevatsvaguri kubva kwakasiyana hunyanzvi minda vakaungana ndokuwana zvinoshamisa: SSLv2 ichiri kushandiswa mukuchengetedza masisitimu. Ehe, vapambi havachakwanisa kudzikisa masevhisi emazuva ano eTLS kuenda kuSSLv2 sezvo gomba iro rakavharwa mushure meFREAK nePOODLE, asi vanogona kuramba vachibatana nemaseva uye kutanga SSLv2 zvikamu pachavo.
Unogona kubvunza, nei tine hanya nezvavanoita ikoko? Ivo vane chikamu chisina njodzi, asi haifanirwe kukanganisa zvimwe zvikamu kana kuchengetedzeka kweseva - handiti? Zvakanaka, kwete chaizvo. Hongu, ndizvo zvazvinofanira kunge zviri mudzidziso. Asi kwete - nekuti kugadzira zvitupa zveSSL kunoremedza mumwe mutoro, zvichikonzera kuti maseva mazhinji ashandise zvitupa zvakafanana uye, semhedzisiro, makiyi eRSA akafanana eTLS uye SSLv2 kubatana. Kuita kuti zvinhu zvinyanye, nekuda kweiyo OpenSSL bug, iyo "Disable SSLv2" sarudzo mune iyi yakakurumbira SSL kuita haina kunyatsoshanda.
Izvi zvakaita kuti kurwisa-protocol kurwiswe paTLS, kunonzi (Decrypting RSA neObsolete uye Weakened encryption, decrypting RSA ine yakare uye isina simba encryption). Yeuka kuti izvi hazvina kufanana nekurwisa kwenguva pfupi; anorwisa haafanire kuita se "murume ari pakati" uye haafanire kubatanidza mutengi kuti atore chikamu muchikamu chisina kuchengeteka. Vanorwisa vanongotanga iyo isina kuchengeteka SSLv2 musangano neseva pachayo, kurwisa iyo isina kusimba protocol, uye kudzoreredza server's RSA kiyi yakavanzika. Kiyi iyi inoshandawo kune TLS yekubatanidza, uye kubva panguva ino zvichienda mberi, hapana huwandu hwe TLS chengetedzo inodzivirira kuti irege kukanganisa.
Asi kuti uiparadze, unoda kushanda kwekurwisa SSLv2, iyo inokutendera kuti udzore kwete chete traffic chaiyo, asiwo yakavanzika RSA server kiyi. Kunyangwe uku kuri kugadzika kwakaoma, vaongorori vanogona kusarudza chero kusagadzikana kwakavharwa zvachose mushure meSSLv2. Vakazowana sarudzo yakakodzera: kurwisa kweBleichenbacher, kwatakambotaura uye izvo zvatichatsanangura zvakadzama munyaya inotevera. SSL neTLS zvinodzivirirwa kubva mukurwiswa uku, asi mamwe maficha eSSL, akasanganiswa nemakiyi mapfupi mukuburitsa-giredhi cryptography, akaita kuti zvikwanisike. .
Panguva yekuburitswa, 25% yemasaiti epamusoro eInternet akabatwa nekusagadzikana kweDROWN, uye kurwiswa kwacho kwaigona kuitwa nezviwanikwa zvine mwero zvinowanikwa kune vanobira vega. Kudzora kiyi yeRSA yeserver kwaida maawa masere ekuverenga uye madhora mazana mana nemakumi mana, uye SSLv440 yakabva pakusashanda kuenda kune radioactive.
Mirira, ko Heartbleed?
Uku hakusi kurwiswa kwecryptographic mupfungwa inotsanangurwa pamusoro; Iyi ibuffer mafashama.
Ngatimbozororai
Takatanga nemamwe maitiro ekutanga: brute force, interpolation, downgrading, cross-protocol, uye precomputation. Ipapo takatarisa imwe nzira yepamusoro, pamwe chikamu chikuru chemazuva ano cryptographic kurwisa: iyo oracle kurwisa. Isu takatora nguva yakati rebei tichizvifunga - uye takanzwisisa kwete chete musimboti wepasi, asiwo ruzivo rwehunyanzvi rwekuita maviri chaiwo: kurwiswa kweVaudenay paCBC encryption mode uye Kelsey kurwisa kwepre-compression encryption protocol.
Mukuongorora kuderedzwa uye precomputation kurwiswa, isu takatsanangura muchidimbu kurwiswa kweFREAK, iyo inoshandisa nzira mbiri nekuita kuti nzvimbo dzakanangwa dzidzikire kusvika kumakiyi asina simba uyezve kushandisa makiyi mamwe chete. Kune chinyorwa chinotevera, isu tichachengetedza iyo (yakafanana) Logjam kurwisa, iyo inonangana neruzhinji kiyi algorithms.
Takazotarisa mimwe mienzaniso mitatu yekushandiswa kwemisimboti iyi. Kutanga, CRIME uye POODLE: kurwiswa kuviri kwaivimba nekugona kweanorwisa kupinza zvinyorwa zvisina tsarukano padivi pechinongedzerwa, wozoongorora mhinduro dzeseva uye ipapo,uchishandisa oracle kurwisa nzira, shandisa iyi ruzivo rushoma kuti, zvishoma kudzorera zviri pachena. MHOSVA yakaenda nenzira yakarwiswa naKelsey paSSL compression, ukuwo POODLE akashandisa mutsauko wekurwisa kwaVaudenay paCBC nemhedzisiro imwe chete.
Isu takabva taisa pfungwa dzedu kumuchinjika-protocol DROWN kurwisa, iyo inomisikidza chinongedzo kune server uchishandisa iyo legacy SSLv2 protocol uye todzoreredza makiyi akavanzika evhavha uchishandisa Bleichenbacher kurwisa. Isu tasvetuka ruzivo rwehunyanzvi hwekurwiswa uku ikozvino; kufanana neLogjam, ichafanirwa kumirira kusvika tave nekunzwisisa kwakanaka kweruzhinji kiyi cryptosystems nekusagadzikana kwavo.
Muchinyorwa chinotevera tichataura nezve kurwiswa kwepamberi senge kusangana-mukati-kati, kusiyanisa cryptanalysis uye kurwiswa kwekuzvarwa. Ngatitorei kukurumidza kupinda mudivi-chiteshi kurwisa, uye tozoenda kune iyo inonakidza chikamu: yeruzhinji kiyi cryptosystems.
Source: www.habr.com